Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/4hYxJ5JupiCqHHds9dOV2KZ8DxU.roa
File: 4hYxJ5JupiCqHHds9dOV2KZ8DxU.roa (raw, json)
Hash identifier: 5FsufFaOOTl9CQZEY00lZZLBIFz7sRwWntoHrYKZ1CM=
Subject key identifier: E2:16:31:27:92:6E:A6:20:AA:1C:77:6C:F5:D3:95:D8:A6:7C:0F:15
Certificate issuer: /CN=96b377644e414101db6dead0eb5821063f588e8c
Certificate serial: 018B14EB6FBA3BB9C204BABF10CA48438FB0
Authority key identifier: 96:B3:77:64:4E:41:41:01:DB:6D:EA:D0:EB:58:21:06:3F:58:8E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrN3ZE5BQQHbberQ61ghBj9Yjow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/4hYxJ5JupiCqHHds9dOV2KZ8DxU.roa
Signing time: Mon 09 Oct 2023 14:50:55 +0000
ROA not before: Mon 09 Oct 2023 14:50:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43006
IP address blocks: 2a10:3200::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:eb:6f:ba:3b:b9:c2:04:ba:bf:10:ca:48:43:8f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b377644e414101db6dead0eb5821063f588e8c
Validity
Not Before: Oct 9 14:50:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2163127926ea620aa1c776cf5d395d8a67c0f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:52:3f:88:6e:47:fa:b7:21:cb:b3:d4:80:44:
38:50:c3:5d:c6:a9:ed:9e:94:55:02:09:bc:c3:fe:
cb:7a:e6:86:eb:74:4b:29:08:89:e3:2d:1b:cb:a1:
6a:2c:2f:55:50:11:91:13:0f:69:18:f1:a5:fe:d2:
69:3e:1c:f5:1d:c8:37:df:43:a2:b0:63:87:1e:0d:
93:4a:08:36:98:c2:e2:0b:d2:b7:94:05:6b:07:26:
c2:69:d3:be:52:2b:fd:db:6a:5a:be:19:85:d4:c3:
41:37:99:2b:79:1c:10:11:4f:0f:6f:67:0d:47:4c:
93:56:98:c0:78:9f:b5:f6:69:34:66:18:a5:66:6e:
4e:dc:6c:aa:a0:54:a1:89:59:26:2a:bc:60:2c:00:
99:50:0a:33:ac:1a:5f:2e:bc:19:89:fd:fb:31:4a:
47:ef:28:8c:36:b0:7e:29:19:33:c6:4d:5f:34:b3:
2e:63:2b:51:27:10:e3:7b:38:3e:66:89:6e:65:da:
63:45:8b:48:6b:04:32:4a:9a:2f:d0:84:4b:90:6e:
d4:c7:48:85:94:d6:6b:ef:b8:11:51:74:15:6b:eb:
8d:ed:6d:62:df:e4:ff:17:01:92:4a:a1:15:66:bc:
87:34:eb:91:fa:53:c7:88:43:52:bc:1d:68:ca:d0:
44:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:16:31:27:92:6E:A6:20:AA:1C:77:6C:F5:D3:95:D8:A6:7C:0F:15
X509v3 Authority Key Identifier:
keyid:96:B3:77:64:4E:41:41:01:DB:6D:EA:D0:EB:58:21:06:3F:58:8E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrN3ZE5BQQHbberQ61ghBj9Yjow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/4hYxJ5JupiCqHHds9dOV2KZ8DxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/lrN3ZE5BQQHbberQ61ghBj9Yjow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3200::/32
Signature Algorithm: sha256WithRSAEncryption
36:c6:29:53:41:39:5f:15:d1:1d:1c:fe:94:af:e9:bc:48:8b:
cc:85:ec:26:8f:95:8b:81:7b:27:71:08:26:1d:e7:52:01:eb:
d2:fa:59:ca:52:c1:cb:c0:dd:fc:9a:4e:a3:12:2a:09:3a:7f:
f4:e2:41:0c:01:57:33:a2:de:08:34:a1:8a:0c:bd:3a:56:17:
4c:6a:72:d2:f5:8d:c3:d4:35:a2:92:51:8d:61:d2:2e:b8:48:
51:e7:0d:cd:3a:15:39:23:65:e1:d1:f6:14:f5:ae:42:19:af:
86:14:99:d2:70:24:64:85:cb:3d:36:37:0d:7d:4e:41:db:9f:
d0:2d:1d:45:de:19:e0:86:d8:53:1e:a3:55:bf:f3:bb:39:9b:
17:0d:e7:0e:65:4f:c0:ad:95:53:d2:4d:b9:9a:60:f0:c3:e7:
15:54:66:d0:34:5b:3f:1b:2b:37:e1:3a:13:51:01:11:c2:f2:
6d:69:02:c1:6e:37:ea:75:93:2b:cd:25:3a:40:05:7b:8c:e7:
8e:0d:00:9b:1b:2d:29:f4:0d:4f:7d:59:08:19:09:1f:d8:f6:
6b:56:fd:68:94:b0:92:07:f6:a5:77:f3:b7:ce:d9:b6:39:19:
24:ae:66:8a:00:8a:bb:31:e1:ad:7d:e6:f1:ad:05:00:b6:52:
37:a6:15:32
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYsU62+6O7nCBLq/EMpIQ4+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YjM3NzY0NGU0MTQxMDFkYjZkZWFkMGViNTgyMTA2M2Y1
ODhlOGMwHhcNMjMxMDA5MTQ1MDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjE2MzEyNzkyNmVhNjIwYWExYzc3NmNmNWQzOTVkOGE2N2MwZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1I/iG5H+rchy7PUgEQ4UMNdxqnt
npRVAgm8w/7LeuaG63RLKQiJ4y0by6FqLC9VUBGREw9pGPGl/tJpPhz1Hcg330Oi
sGOHHg2TSgg2mMLiC9K3lAVrBybCadO+Uiv922pavhmF1MNBN5kreRwQEU8Pb2cN
R0yTVpjAeJ+19mk0ZhilZm5O3GyqoFShiVkmKrxgLACZUAozrBpfLrwZif37MUpH
7yiMNrB+KRkzxk1fNLMuYytRJxDjezg+ZoluZdpjRYtIawQySpov0IRLkG7Ux0iF
lNZr77gRUXQVa+uN7W1i3+T/FwGSSqEVZryHNOuR+lPHiENSvB1oytBEiwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOIWMSeSbqYgqhx3bPXTldimfA8VMB8GA1UdIwQY
MBaAFJazd2ROQUEB223q0OtYIQY/WI6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJOM1pFNUJRUUhiYmVyUTYxZ2hCajlZam93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84OWU0ZTItYjhhYi00ODE0LTkzYzEt
MjhlNmM1YmEyZWFlLzEvNGhZeEo1SnVwaUNxSEhkczlkT1YyS1o4RHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84OWU0ZTItYjhhYi00ODE0LTkzYzEtMjhlNmM1YmEyZWFl
LzEvbHJOM1pFNUJRUUhiYmVyUTYxZ2hCajlZam93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhAyADAN
BgkqhkiG9w0BAQsFAAOCAQEANsYpU0E5XxXRHRz+lK/pvEiLzIXsJo+Vi4F7J3EI
Jh3nUgHr0vpZylLBy8Dd/JpOoxIqCTp/9OJBDAFXM6LeCDShigy9OlYXTGpy0vWN
w9Q1opJRjWHSLrhIUecNzToVOSNl4dH2FPWuQhmvhhSZ0nAkZIXLPTY3DX1OQduf
0C0dRd4Z4IbYUx6jVb/zuzmbFw3nDmVPwK2VU9JNuZpg8MPnFVRm0DRbPxsrN+E6
E1EBEcLybWkCwW436nWTK80lOkAFe4znjg0AmxstKfQNT31ZCBkJH9j2a1b9aJSw
kgf2pXfzt87ZtjkZJK5migCKuzHhrX3m8a0FALZSN6YVMg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:19 2025 by rpki-client