Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/6jIiG7OUzXrQnHLt30C_OjKBWws.roa
File: 6jIiG7OUzXrQnHLt30C_OjKBWws.roa (raw, json)
Hash identifier: 9NNrV70YdtAnGk4qQtqKXuGXPGZhJXv9B4UKQhEFSfY=
Subject key identifier: EA:32:22:1B:B3:94:CD:7A:D0:9C:72:ED:DF:40:BF:3A:32:81:5B:0B
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0184FA7F579D0AAD7532C4BAF0E4EC96BCD1
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/6jIiG7OUzXrQnHLt30C_OjKBWws.roa
Signing time: Sat 10 Dec 2022 05:26:00 +0000
ROA not before: Sat 10 Dec 2022 05:26:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24750
IP address blocks: 2a05:4c00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:fa:7f:57:9d:0a:ad:75:32:c4:ba:f0:e4:ec:96:bc:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Dec 10 05:26:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ea32221bb394cd7ad09c72eddf40bf3a32815b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:79:d1:c6:98:fb:ef:e3:65:89:3a:19:f0:3d:
52:e8:43:2e:c5:10:17:42:b9:01:03:18:a7:cb:ab:
d7:41:05:f0:8d:b1:b0:61:a9:ac:39:7a:5d:16:fa:
94:de:ca:50:97:19:61:e9:2c:89:e3:c5:ff:20:45:
84:3e:b2:8c:22:07:32:bb:6d:6b:05:49:0d:5e:2f:
f6:fa:67:ef:3a:27:e8:af:80:8f:a0:6b:44:ee:d4:
3d:de:77:77:89:68:19:f6:d1:9b:7d:aa:f4:1a:62:
e1:c6:b4:c2:5c:48:95:9d:cd:d4:6e:8e:61:84:93:
91:aa:c9:31:89:f1:99:f2:35:50:d2:51:08:13:77:
62:a6:42:c7:73:bc:fc:37:25:6d:6b:4e:58:91:df:
32:da:0f:81:0b:12:b0:92:1a:a6:e4:76:53:ca:b9:
47:b5:98:ef:ce:ae:9a:46:4b:f2:7d:3c:8e:80:3b:
ab:a5:25:16:c3:cc:94:52:50:f1:03:99:bb:86:35:
ab:47:00:bb:79:b5:e8:20:0d:9d:da:e5:d8:ba:75:
1c:03:b1:b0:08:bc:4b:cb:4c:2c:e8:9a:c9:07:89:
45:68:5f:6f:be:fe:06:48:ef:5b:cc:7a:a2:29:6a:
6b:ec:3e:55:ea:37:81:c5:9c:d3:c4:66:14:73:b1:
e2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:32:22:1B:B3:94:CD:7A:D0:9C:72:ED:DF:40:BF:3A:32:81:5B:0B
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/6jIiG7OUzXrQnHLt30C_OjKBWws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
b6:19:96:78:d0:af:0f:ca:52:7d:4e:03:65:82:9b:e0:f9:b6:
02:9a:7b:b5:b1:88:58:fa:6e:59:9c:eb:19:ab:db:82:08:72:
5c:0d:00:2a:3b:b0:b9:3c:1b:6a:f5:fd:2d:fb:76:e7:58:ed:
84:ed:34:64:28:3d:19:6d:0b:84:12:1f:de:c1:13:48:6b:8b:
ff:31:78:4a:1f:ce:e6:58:eb:60:9c:90:ce:5d:df:98:36:56:
db:64:7c:3f:f3:39:9d:a6:09:3b:b6:33:61:83:d3:58:3b:77:
46:2e:5a:cf:cc:41:0c:61:b4:81:2e:7b:00:98:f7:42:89:b7:
d6:34:a0:d1:c9:67:0c:21:eb:33:b8:46:39:c4:c4:0f:c8:e7:
aa:5b:00:fb:ad:95:1f:f7:53:f5:47:e7:7d:41:ef:4f:1d:66:
31:b5:32:d9:67:20:03:6c:99:c9:ef:78:0f:11:1d:f3:32:6d:
54:6c:a4:a9:f6:2b:7a:a1:31:13:82:b0:d9:d7:05:c2:ea:a6:
3e:8b:9c:d2:d6:8c:a3:cc:89:71:bb:a0:e3:b0:ed:88:d6:9e:
cc:f4:eb:81:4c:e4:32:48:a3:67:80:ed:78:eb:93:1b:fc:7b:
c2:ce:aa:3f:31:47:cb:2f:86:78:55:0e:a1:1b:a1:bf:a2:85:
e1:45:cd:1d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYT6f1edCq11MsS68OTslrzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjIxMjEwMDUyNjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTMyMjIxYmIzOTRjZDdhZDA5YzcyZWRkZjQwYmYzYTMyODE1YjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnnRxpj77+NliToZ8D1S6EMuxRAX
QrkBAxiny6vXQQXwjbGwYamsOXpdFvqU3spQlxlh6SyJ48X/IEWEPrKMIgcyu21r
BUkNXi/2+mfvOifor4CPoGtE7tQ93nd3iWgZ9tGbfar0GmLhxrTCXEiVnc3Ubo5h
hJORqskxifGZ8jVQ0lEIE3dipkLHc7z8NyVta05Ykd8y2g+BCxKwkhqm5HZTyrlH
tZjvzq6aRkvyfTyOgDurpSUWw8yUUlDxA5m7hjWrRwC7ebXoIA2d2uXYunUcA7Gw
CLxLy0ws6JrJB4lFaF9vvv4GSO9bzHqiKWpr7D5V6jeBxZzTxGYUc7HipQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOoyIhuzlM160Jxy7d9AvzoygVsLMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvNmpJaUc3T1V6WHJRbkhMdDMwQ19PaktCV3dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgVMADAN
BgkqhkiG9w0BAQsFAAOCAQEAthmWeNCvD8pSfU4DZYKb4Pm2App7tbGIWPpuWZzr
GavbgghyXA0AKjuwuTwbavX9Lft251jthO00ZCg9GW0LhBIf3sETSGuL/zF4Sh/O
5ljrYJyQzl3fmDZW22R8P/M5naYJO7YzYYPTWDt3Ri5az8xBDGG0gS57AJj3Qom3
1jSg0clnDCHrM7hGOcTED8jnqlsA+62VH/dT9UfnfUHvTx1mMbUy2WcgA2yZye94
DxEd8zJtVGykqfYreqExE4Kw2dcFwuqmPouc0taMo8yJcbug47DtiNaezPTrgUzk
MkijZ4DteOuTG/x7ws6qPzFHyy+GeFUOoRuhv6KF4UXNHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org