Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/LH5Eb4Zke2H3jnDlbuBYr8ZNI0s.roa
File: LH5Eb4Zke2H3jnDlbuBYr8ZNI0s.roa (raw, json)
Hash identifier: BHFgc36i9fDnpnMoRlSCpE8xKcC+yMmmVXqbBp6JqoA=
Subject key identifier: 2C:7E:44:6F:86:64:7B:61:F7:8E:70:E5:6E:E0:58:AF:C6:4D:23:4B
Certificate issuer: /CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00
Certificate serial: 018A4BDF5E226A682D772D37CAE3EBF4B1B0
Authority key identifier: 67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/LH5Eb4Zke2H3jnDlbuBYr8ZNI0s.roa
Signing time: Thu 31 Aug 2023 13:54:04 +0000
ROA not before: Thu 31 Aug 2023 13:54:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60672
IP address blocks: 2a10:c883::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:df:5e:22:6a:68:2d:77:2d:37:ca:e3:eb:f4:b1:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00
Validity
Not Before: Aug 31 13:54:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c7e446f86647b61f78e70e56ee058afc64d234b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6f:85:b1:c5:ce:24:7b:41:3d:cf:02:fc:ed:
6e:5e:b7:09:cf:c3:bb:41:0e:33:d9:54:48:59:27:
48:cc:ae:23:a3:6d:59:61:8b:b5:de:5f:7d:84:82:
86:25:c2:a2:5c:7a:3d:49:32:b0:53:76:20:ac:60:
b7:73:f9:2c:48:43:75:43:3a:b3:9b:12:08:fa:51:
90:56:71:93:74:62:58:72:f4:29:55:63:80:23:50:
a9:be:05:8e:fb:e7:fd:cd:e9:b5:47:b9:88:3f:29:
f0:54:59:2f:cb:fb:57:4b:d1:85:f1:f0:30:45:94:
ba:ea:1f:7e:25:76:03:b8:44:67:9e:c6:d4:3d:0c:
ca:85:64:b9:e7:88:00:f3:6e:fa:11:0a:d5:02:5e:
67:c2:04:21:56:74:7d:b9:e1:5c:0b:77:36:d3:9a:
f9:fb:67:b5:45:35:64:8d:68:14:f8:95:4d:0f:b6:
43:e6:a4:f2:24:f7:32:60:aa:4d:2a:e9:1a:34:bc:
c8:12:49:e6:cf:cf:53:25:34:67:98:d6:d4:50:e1:
7e:e3:6d:da:09:9f:fe:c4:95:cd:5e:6f:fd:98:84:
ca:14:f6:22:6e:65:bc:f8:ee:1c:b6:d4:b3:5e:e8:
8f:89:20:47:be:ba:1b:b3:49:fa:6d:7d:b8:e9:4b:
dc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7E:44:6F:86:64:7B:61:F7:8E:70:E5:6E:E0:58:AF:C6:4D:23:4B
X509v3 Authority Key Identifier:
keyid:67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/LH5Eb4Zke2H3jnDlbuBYr8ZNI0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:c883::/32
Signature Algorithm: sha256WithRSAEncryption
88:4c:76:59:f8:01:49:c8:96:76:4c:88:d7:54:e0:d4:e2:47:
e3:72:5f:dc:15:ef:b7:f0:49:66:6a:dc:0d:c5:6c:fa:51:d7:
a8:03:86:6a:d4:76:c0:bc:5d:46:0d:8b:8e:e4:f2:54:e7:10:
f1:d4:ef:14:c8:62:ee:b5:4e:44:e0:54:95:fe:6d:a6:96:51:
76:16:ef:07:d8:92:3c:ae:b4:64:06:58:43:cb:7d:ae:9e:25:
a4:96:88:f1:46:07:ed:b3:56:7b:46:8c:66:3a:34:bf:1d:4c:
6b:d9:c2:71:eb:ee:92:ed:23:15:71:8f:53:5e:0c:23:ba:28:
6b:c9:07:f9:c7:40:a8:56:1f:ee:a5:7b:1d:6a:6e:f7:f9:bf:
d3:f3:a8:c1:97:b2:27:10:7a:bc:34:80:4d:01:c2:1b:c0:1c:
4f:60:d9:40:16:40:2e:c1:ac:b5:7a:f7:1a:ec:4b:c8:02:34:
37:b7:47:87:7a:68:12:ec:a5:e8:8d:8e:5a:eb:89:70:d1:98:
1b:94:f8:cf:f3:2c:28:31:cf:01:4c:94:03:c4:a3:6e:46:00:
3e:58:2c:cb:93:ad:bd:e4:cb:c3:0e:00:7c:cd:d1:80:ac:99:
e5:06:99:d2:c8:a0:c9:40:6d:d2:69:29:28:44:55:4e:0c:58:
4b:b7:ed:9f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYpL314iamgtdy03yuPr9LGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZTI0YzcyODRlZjQ4ODdlNDVkNGNjZDliZGU2NzljZDlh
YjRmMDAwHhcNMjMwODMxMTM1NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzdlNDQ2Zjg2NjQ3YjYxZjc4ZTcwZTU2ZWUwNThhZmM2NGQyMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqW+FscXOJHtBPc8C/O1uXrcJz8O7
QQ4z2VRIWSdIzK4jo21ZYYu13l99hIKGJcKiXHo9STKwU3YgrGC3c/ksSEN1Qzqz
mxII+lGQVnGTdGJYcvQpVWOAI1CpvgWO++f9zem1R7mIPynwVFkvy/tXS9GF8fAw
RZS66h9+JXYDuERnnsbUPQzKhWS554gA8276EQrVAl5nwgQhVnR9ueFcC3c205r5
+2e1RTVkjWgU+JVND7ZD5qTyJPcyYKpNKukaNLzIEknmz89TJTRnmNbUUOF+423a
CZ/+xJXNXm/9mITKFPYibmW8+O4cttSzXuiPiSBHvrobs0n6bX246UvczQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCx+RG+GZHth945w5W7gWK/GTSNLMB8GA1UdIwQY
MBaAFGfiTHKE70iH5F1MzZveZ5zZq08AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzct
MDM3NWE5YzMyYjAwLzEvTEg1RWI0WmtlMkgzam5EbGJ1QllyOFpOSTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzctMDM3NWE5YzMyYjAw
LzEvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhDIgzAN
BgkqhkiG9w0BAQsFAAOCAQEAiEx2WfgBSciWdkyI11Tg1OJH43Jf3BXvt/BJZmrc
DcVs+lHXqAOGatR2wLxdRg2LjuTyVOcQ8dTvFMhi7rVOROBUlf5tppZRdhbvB9iS
PK60ZAZYQ8t9rp4lpJaI8UYH7bNWe0aMZjo0vx1Ma9nCcevuku0jFXGPU14MI7oo
a8kH+cdAqFYf7qV7HWpu9/m/0/OowZeyJxB6vDSATQHCG8AcT2DZQBZALsGstXr3
GuxLyAI0N7dHh3poEuyl6I2OWuuJcNGYG5T4z/MsKDHPAUyUA8SjbkYAPlgsy5Ot
veTLww4AfM3RgKyZ5QaZ0sigyUBt0mkpKERVTgxYS7ftnw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:42 2025 by rpki-client