Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/ZtUzesLutFnm2uNdraWxJs99oDA.roa
File: ZtUzesLutFnm2uNdraWxJs99oDA.roa (raw, json)
Hash identifier: h9VO+Qk0Dei/83PqODbiGW3r7pfKN5O0kvi/rO+iciA=
Subject key identifier: 66:D5:33:7A:C2:EE:B4:59:E6:DA:E3:5D:AD:A5:B1:26:CF:7D:A0:30
Certificate issuer: /CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5
Certificate serial: 01856DAF4D059FC4CA427173787FC45FEE3B
Authority key identifier: 57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/ZtUzesLutFnm2uNdraWxJs99oDA.roa
Signing time: Sun 01 Jan 2023 14:14:43 +0000
ROA not before: Sun 01 Jan 2023 14:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204901
IP address blocks: 2a10:a642:aa00::/40 maxlen: 48
2a10:a642:aa00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:4d:05:9f:c4:ca:42:71:73:78:7f:c4:5f:ee:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5
Validity
Not Before: Jan 1 14:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66d5337ac2eeb459e6dae35dada5b126cf7da030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c3:4b:7b:fb:b3:28:66:9e:28:a0:17:0e:0d:
5d:c4:7d:1d:54:9f:e6:e2:c1:d8:39:95:fe:be:17:
af:94:b5:af:7a:7a:ca:69:1d:aa:1b:a4:b7:06:0b:
00:fb:06:a7:b8:4d:7c:5a:1b:91:a0:c7:17:85:78:
35:05:03:94:18:4f:49:7b:4c:6d:58:2d:d2:c8:65:
a3:aa:09:1b:f5:79:73:5c:c1:35:7e:da:28:28:0b:
e1:38:db:82:53:a2:74:09:bf:37:4f:66:5f:cb:37:
00:36:60:2e:7a:8e:34:7a:26:46:94:1e:58:46:8e:
fe:97:80:cb:79:5c:d4:bf:a3:aa:c1:24:cd:8a:24:
59:5b:8f:67:05:1f:42:8b:aa:6d:79:85:ce:5c:a0:
e3:78:fa:52:cf:e7:3a:a3:be:a2:b4:2a:bd:df:ef:
c0:17:74:f0:ef:95:47:99:e0:f0:3f:8b:a3:b0:46:
14:50:01:ee:26:55:28:43:df:e4:86:40:ab:81:68:
dc:59:20:5e:7c:98:3b:5a:71:a4:3f:ad:31:40:22:
79:c9:9b:f7:5e:c1:61:34:8a:13:1f:0b:1d:75:c3:
f9:6c:be:03:76:16:8a:f7:10:5f:95:d8:d4:33:8d:
93:e8:57:92:db:92:b4:b4:82:63:ee:cc:52:54:b9:
9d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D5:33:7A:C2:EE:B4:59:E6:DA:E3:5D:AD:A5:B1:26:CF:7D:A0:30
X509v3 Authority Key Identifier:
keyid:57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/ZtUzesLutFnm2uNdraWxJs99oDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/V3bZoLVb1JWhvjxcA_olHT3ouMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:a642:aa00::/40
Signature Algorithm: sha256WithRSAEncryption
03:9d:e7:5a:8c:84:0f:d6:49:45:5e:a3:6e:0c:67:b9:c0:f4:
db:4c:d9:e5:10:4b:00:b1:28:98:7a:29:1b:5f:68:fa:3c:24:
73:fa:72:bd:15:c6:77:a6:d2:fc:80:87:ca:79:1a:44:e5:72:
9e:40:d4:a4:3b:36:e8:f6:d0:7e:d1:3e:c0:90:fd:bf:3f:bd:
8f:61:bb:b4:31:08:36:b7:6d:f8:3c:3b:d0:89:d1:33:71:0f:
79:70:a8:29:bd:07:0f:07:e1:70:55:19:bc:ef:aa:e4:4e:a7:
2f:91:48:7a:c2:de:5b:58:67:9c:6f:3c:b9:7f:b9:d5:e3:6e:
e4:31:ce:67:7b:da:cf:14:cd:89:37:70:6a:06:97:98:4e:b7:
58:53:7a:d9:06:6a:b5:36:f2:43:51:a8:13:26:7b:26:ff:62:
bc:da:28:fe:a5:f2:ec:3b:e7:4f:c4:e9:76:22:24:1e:80:0a:
a8:fc:b4:a9:22:49:b7:df:74:b0:d2:38:36:59:d2:a4:c2:40:
d3:5d:0e:98:c1:84:f8:6b:ee:d5:f8:cb:79:5e:f7:55:56:d7:
32:a8:56:2e:fd:16:df:08:8e:c4:c0:d1:b7:b3:98:8b:f4:6f:
c4:45:ff:6c:70:17:20:5b:30:3b:68:d3:2c:8e:89:7c:a1:f8:
bc:a4:3f:17
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtr00Fn8TKQnFzeH/EX+47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzZkOWEwYjU1YmQ0OTVhMWJlM2M1YzAzZmEyNTFkM2Rl
OGI4YzUwHhcNMjMwMTAxMTQxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmQ1MzM3YWMyZWViNDU5ZTZkYWUzNWRhZGE1YjEyNmNmN2RhMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsNLe/uzKGaeKKAXDg1dxH0dVJ/m
4sHYOZX+vhevlLWvenrKaR2qG6S3BgsA+wanuE18WhuRoMcXhXg1BQOUGE9Je0xt
WC3SyGWjqgkb9XlzXME1ftooKAvhONuCU6J0Cb83T2ZfyzcANmAueo40eiZGlB5Y
Ro7+l4DLeVzUv6OqwSTNiiRZW49nBR9Ci6pteYXOXKDjePpSz+c6o76itCq93+/A
F3Tw75VHmeDwP4ujsEYUUAHuJlUoQ9/khkCrgWjcWSBefJg7WnGkP60xQCJ5yZv3
XsFhNIoTHwsddcP5bL4DdhaK9xBfldjUM42T6FeS25K0tIJj7sxSVLmd4QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGbVM3rC7rRZ5trjXa2lsSbPfaAwMB8GA1UdIwQY
MBaAFFd22aC1W9SVob48XAP6JR096LjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUt
YzBiYTJmM2ZjNzJhLzEvWnRVemVzTHV0Rm5tMnVOZHJhV3hKczk5b0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUtYzBiYTJmM2ZjNzJh
LzEvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhCmQqow
DQYJKoZIhvcNAQELBQADggEBAAOd51qMhA/WSUVeo24MZ7nA9NtM2eUQSwCxKJh6
KRtfaPo8JHP6cr0Vxnem0vyAh8p5GkTlcp5A1KQ7Nuj20H7RPsCQ/b8/vY9hu7Qx
CDa3bfg8O9CJ0TNxD3lwqCm9Bw8H4XBVGbzvquROpy+RSHrC3ltYZ5xvPLl/udXj
buQxzmd72s8UzYk3cGoGl5hOt1hTetkGarU28kNRqBMmeyb/YrzaKP6l8uw750/E
6XYiJB6ACqj8tKkiSbffdLDSODZZ0qTCQNNdDpjBhPhr7tX4y3le91VW1zKoVi79
Ft8IjsTA0bezmIv0b8RF/2xwFyBbMDto0yyOiXyh+LykPxc=
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:16:32 2025 by rpki-client