Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/4bR0zUWKRz6iyAesYN_8dkqdIPs.roa
File: 4bR0zUWKRz6iyAesYN_8dkqdIPs.roa (raw, json)
Hash identifier: 03hZ920eey8FdvTjG+8cm1xKMSpFIv2Pxc2vO1YfMoE=
Subject key identifier: E1:B4:74:CD:45:8A:47:3E:A2:C8:07:AC:60:DF:FC:76:4A:9D:20:FB
Certificate issuer: /CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5
Certificate serial: 0181EECA634A7B743DB560FB9BAB52559074
Authority key identifier: 57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/4bR0zUWKRz6iyAesYN_8dkqdIPs.roa
Signing time: Mon 11 Jul 2022 19:44:09 +0000
ROA not before: Mon 11 Jul 2022 19:44:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204901
IP address blocks: 2a10:a642:aa00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ee:ca:63:4a:7b:74:3d:b5:60:fb:9b:ab:52:55:90:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5
Validity
Not Before: Jul 11 19:44:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1b474cd458a473ea2c807ac60dffc764a9d20fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:87:79:59:e6:8c:b2:ba:69:ed:d8:03:0a:8e:
70:3b:23:ef:28:e6:96:36:54:3d:4d:1f:40:b0:89:
41:00:5c:fb:2b:a6:23:96:77:16:1c:40:59:65:b6:
2b:37:a7:99:39:98:ca:f3:d0:d2:96:ab:d8:89:a5:
d4:43:50:b7:21:34:76:11:7d:9d:2f:df:0c:f2:cf:
3a:23:13:07:d3:a8:17:ae:ce:d6:88:ed:09:f6:26:
f6:fa:a6:84:a2:c9:a8:7d:a5:c0:bd:80:b3:00:36:
04:27:04:df:08:1d:1f:6c:41:e3:93:39:da:de:a4:
44:61:b8:d8:fa:a9:eb:54:6e:28:81:54:18:af:1e:
37:72:7d:cd:e7:60:c2:6e:0a:c1:8e:30:fe:b8:64:
5f:64:24:40:1e:33:39:8b:ff:e2:08:d4:f6:53:4c:
2c:b8:48:fa:83:1d:5e:de:ef:68:63:bb:26:ed:20:
45:c9:a3:ba:60:d1:86:52:4e:40:3c:bf:9e:d7:9e:
ed:5f:a9:a9:8b:ac:58:c0:16:b6:96:45:c3:f7:9f:
5e:2a:af:74:a0:75:d3:a5:a7:cd:89:65:58:21:55:
e2:8d:1d:aa:da:09:ae:23:76:7b:bc:2f:76:9e:9a:
d2:2d:ca:f1:a7:45:de:67:bf:2f:bd:de:ce:0a:74:
b6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:B4:74:CD:45:8A:47:3E:A2:C8:07:AC:60:DF:FC:76:4A:9D:20:FB
X509v3 Authority Key Identifier:
keyid:57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/4bR0zUWKRz6iyAesYN_8dkqdIPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/V3bZoLVb1JWhvjxcA_olHT3ouMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:a642:aa00::/48
Signature Algorithm: sha256WithRSAEncryption
22:a0:87:dc:19:92:04:b3:04:9f:4f:a6:48:10:84:7b:3f:e0:
30:f6:65:57:29:8f:50:d9:75:5d:55:dd:5b:99:d1:3a:22:54:
93:6e:99:e3:a4:a3:86:4e:c6:a4:0f:b6:67:57:93:2b:d2:43:
d9:14:b1:b2:69:a1:dc:b0:96:af:87:08:a4:23:12:86:0f:33:
a0:ea:99:d6:f5:b4:97:2f:39:70:fc:41:bd:1f:dd:67:5c:74:
25:33:a5:8e:3a:28:36:60:5f:3e:be:2a:4a:1c:d9:02:34:ed:
e3:92:be:d6:7f:c7:ee:83:e9:af:fd:2e:55:c6:39:78:68:cf:
13:ae:43:a3:40:89:bc:7d:88:17:7e:7d:77:8e:4c:06:6a:fe:
b7:59:e2:12:05:79:26:b1:cf:d2:a6:da:6c:f0:f3:5d:7c:f5:
0c:40:f5:3a:ef:94:cb:ec:42:83:1b:e4:c9:15:b0:e4:c3:79:
af:a1:ea:99:01:08:0d:3a:e3:59:f0:31:61:4e:40:9b:5a:c9:
89:d1:37:ff:88:fb:b0:2b:0f:cd:4d:a9:c6:16:43:de:7a:d4:
b5:f9:54:3d:b2:d6:de:d4:5b:2b:07:44:bc:9f:5a:c3:47:a0:
49:4d:7f:f0:fb:b3:40:72:d9:d2:ce:f6:00:c5:6c:8a:76:dc:
03:5e:8b:3e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYHuymNKe3Q9tWD7m6tSVZB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzZkOWEwYjU1YmQ0OTVhMWJlM2M1YzAzZmEyNTFkM2Rl
OGI4YzUwHhcNMjIwNzExMTk0NDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWI0NzRjZDQ1OGE0NzNlYTJjODA3YWM2MGRmZmM3NjRhOWQyMGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYd5WeaMsrpp7dgDCo5wOyPvKOaW
NlQ9TR9AsIlBAFz7K6YjlncWHEBZZbYrN6eZOZjK89DSlqvYiaXUQ1C3ITR2EX2d
L98M8s86IxMH06gXrs7WiO0J9ib2+qaEosmofaXAvYCzADYEJwTfCB0fbEHjkzna
3qREYbjY+qnrVG4ogVQYrx43cn3N52DCbgrBjjD+uGRfZCRAHjM5i//iCNT2U0ws
uEj6gx1e3u9oY7sm7SBFyaO6YNGGUk5APL+e157tX6mpi6xYwBa2lkXD959eKq90
oHXTpafNiWVYIVXijR2q2gmuI3Z7vC92nprSLcrxp0XeZ78vvd7OCnS20QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOG0dM1Fikc+osgHrGDf/HZKnSD7MB8GA1UdIwQY
MBaAFFd22aC1W9SVob48XAP6JR096LjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUt
YzBiYTJmM2ZjNzJhLzEvNGJSMHpVV0tSejZpeUFlc1lOXzhka3FkSVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUtYzBiYTJmM2ZjNzJh
LzEvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhCmQqoA
MA0GCSqGSIb3DQEBCwUAA4IBAQAioIfcGZIEswSfT6ZIEIR7P+Aw9mVXKY9Q2XVd
Vd1bmdE6IlSTbpnjpKOGTsakD7ZnV5Mr0kPZFLGyaaHcsJavhwikIxKGDzOg6pnW
9bSXLzlw/EG9H91nXHQlM6WOOig2YF8+vipKHNkCNO3jkr7Wf8fug+mv/S5Vxjl4
aM8TrkOjQIm8fYgXfn13jkwGav63WeISBXkmsc/Sptps8PNdfPUMQPU675TL7EKD
G+TJFbDkw3mvoeqZAQgNOuNZ8DFhTkCbWsmJ0Tf/iPuwKw/NTanGFkPeetS1+VQ9
stbe1FsrB0S8n1rDR6BJTX/w+7NActnSzvYAxWyKdtwDXos+
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:21:26 2025 by rpki-client