Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/MUBcDTxjYOAO2XwGb4ODeUts0dU.roa
File: MUBcDTxjYOAO2XwGb4ODeUts0dU.roa (raw, json)
Hash identifier: FdY+IlyOEOx61aa3hu8XzzsYuAV8MT9Pw0leBpRzmLQ=
Subject key identifier: 31:40:5C:0D:3C:63:60:E0:0E:D9:7C:06:6F:83:83:79:4B:6C:D1:D5
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0189FFA18D8B1163EF32DA699E9A20FFB8AA
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/MUBcDTxjYOAO2XwGb4ODeUts0dU.roa
Signing time: Wed 16 Aug 2023 18:35:24 +0000
ROA not before: Wed 16 Aug 2023 18:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212144
IP address blocks: 2a10:aa40::/29 maxlen: 29
2a10:b540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ff:a1:8d:8b:11:63:ef:32:da:69:9e:9a:20:ff:b8:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Aug 16 18:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31405c0d3c6360e00ed97c066f8383794b6cd1d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:93:ad:ae:80:bc:65:e5:23:42:0d:6d:fd:
d1:85:18:13:04:fc:4a:a5:5e:1c:ab:71:eb:dc:5d:
84:38:5b:23:bb:ee:af:10:8c:0b:c2:fd:3e:f9:57:
fb:86:37:15:5b:0f:8f:52:be:1d:e3:a2:6e:da:0c:
26:dc:d6:47:f4:1b:d9:b3:ff:d8:82:2c:f2:8d:f3:
21:f8:30:09:c5:7a:07:1a:ef:68:52:09:2f:66:1f:
62:39:0e:4c:6b:31:80:64:47:fe:17:dc:a9:87:46:
28:ba:65:d5:34:82:8b:87:e9:cc:7d:de:f7:b0:1a:
f6:a7:6b:5f:05:2b:d0:86:a0:ef:3d:a7:23:57:95:
1f:63:65:40:fb:7f:34:20:69:b0:7b:82:79:f6:76:
a0:6d:29:2a:6b:e1:b0:55:16:e4:50:f9:54:10:71:
b8:3d:bd:2e:26:48:9a:ac:b2:59:0e:9a:28:e6:e1:
18:5c:f9:91:ee:f1:03:5c:56:fc:8b:b1:89:c1:ed:
f2:56:31:ed:62:69:36:a7:80:08:e8:bb:fc:7b:cb:
02:de:20:00:cb:c3:ae:53:6c:ab:3d:e4:53:52:10:
42:ff:cf:aa:19:30:56:c9:98:df:b6:08:95:f0:be:
5d:f7:bf:65:a1:5b:d4:1b:b0:9d:c3:9f:41:11:b8:
13:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:40:5C:0D:3C:63:60:E0:0E:D9:7C:06:6F:83:83:79:4B:6C:D1:D5
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/MUBcDTxjYOAO2XwGb4ODeUts0dU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:aa40::/29
2a10:b540::/29
Signature Algorithm: sha256WithRSAEncryption
8f:ac:1d:d5:d0:84:11:e5:4a:3e:78:dd:b5:08:3a:c8:46:7b:
d7:e7:77:13:81:90:4e:19:ab:5f:3e:69:b8:58:c7:63:72:e4:
f0:34:75:6d:65:ff:8d:0c:0c:6e:38:3d:66:a9:ec:d8:78:d4:
b4:dd:f1:72:a6:2c:de:d6:f8:6a:9a:96:6b:a3:cf:45:b0:49:
db:84:04:67:9c:64:ef:82:8b:01:91:13:00:09:48:f3:0a:30:
91:4a:09:8d:20:74:80:fe:1e:73:1d:69:bb:0b:7c:ac:4d:25:
82:fb:51:02:70:bc:bf:30:2a:60:0d:f4:ac:08:e9:a1:e3:60:
d8:fc:8a:96:a3:d8:42:18:8f:b9:ff:72:57:0f:91:62:99:d7:
e1:5c:87:82:2d:15:09:b2:d1:f0:54:0a:a9:97:76:ef:18:e6:
1a:a0:fc:92:15:88:06:52:a3:82:8f:cb:f4:5e:0c:a2:7d:f6:
cd:75:71:97:6b:ea:0d:f1:60:29:f6:0d:f7:01:04:2d:9e:29:
5a:ae:7d:fa:25:29:41:01:84:e4:19:44:67:b0:21:58:d6:66:
fb:dc:f7:37:d4:01:0f:ed:f4:e0:3d:f4:ae:b3:5b:b8:ea:14:
09:f5:ce:34:2c:33:a7:ca:02:6a:11:2e:db:cd:5e:29:1c:d3:
57:f8:5c:d6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYn/oY2LEWPvMtppnpog/7iqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMwODE2MTgzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTQwNWMwZDNjNjM2MGUwMGVkOTdjMDY2ZjgzODM3OTRiNmNkMWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1OTra6AvGXlI0INbf3RhRgTBPxK
pV4cq3Hr3F2EOFsju+6vEIwLwv0++Vf7hjcVWw+PUr4d46Ju2gwm3NZH9BvZs//Y
gizyjfMh+DAJxXoHGu9oUgkvZh9iOQ5MazGAZEf+F9yph0YoumXVNIKLh+nMfd73
sBr2p2tfBSvQhqDvPacjV5UfY2VA+380IGmwe4J59nagbSkqa+GwVRbkUPlUEHG4
Pb0uJkiarLJZDpoo5uEYXPmR7vEDXFb8i7GJwe3yVjHtYmk2p4AI6Lv8e8sC3iAA
y8OuU2yrPeRTUhBC/8+qGTBWyZjftgiV8L5d979loVvUG7Cdw59BEbgTdQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDFAXA08Y2DgDtl8Bm+Dg3lLbNHVMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvTVVCY0RUeGpZT0FPMlh3R2I0T0RlVXRzMGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhCqQAMF
AyoQtUAwDQYJKoZIhvcNAQELBQADggEBAI+sHdXQhBHlSj543bUIOshGe9fndxOB
kE4Zq18+abhYx2Ny5PA0dW1l/40MDG44PWap7Nh41LTd8XKmLN7W+Gqalmujz0Ww
SduEBGecZO+CiwGREwAJSPMKMJFKCY0gdID+HnMdabsLfKxNJYL7UQJwvL8wKmAN
9KwI6aHjYNj8ipaj2EIYj7n/clcPkWKZ1+Fch4ItFQmy0fBUCqmXdu8Y5hqg/JIV
iAZSo4KPy/ReDKJ99s11cZdr6g3xYCn2DfcBBC2eKVquffolKUEBhOQZRGewIVjW
Zvvc9zfUAQ/t9OA99K6zW7jqFAn1zjQsM6fKAmoRLtvNXikc01f4XNY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:58:02 2025 by rpki-client