Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/cKFHmAoDOoZc0sQxOUyZq8gRAbs.roa
File: cKFHmAoDOoZc0sQxOUyZq8gRAbs.roa (raw, json)
Hash identifier: PiUpaLskRGWV3H9WW7m864I6BtHS9ZtQPE4lACrClNg=
Subject key identifier: 70:A1:47:98:0A:03:3A:86:5C:D2:C4:31:39:4C:99:AB:C8:11:01:BB
Certificate issuer: /CN=0d23064e3c27ec92b7eab667649d204e5673838e
Certificate serial: 02228A8E
Authority key identifier: 0D:23:06:4E:3C:27:EC:92:B7:EA:B6:67:64:9D:20:4E:56:73:83:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSMGTjwn7JK36rZnZJ0gTlZzg44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/cKFHmAoDOoZc0sQxOUyZq8gRAbs.roa
Signing time: Sat 01 Jan 2022 10:54:06 +0000
ROA not before: Sat 01 Jan 2022 10:54:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50178
IP address blocks: 2a11:f00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35818126 (0x2228a8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d23064e3c27ec92b7eab667649d204e5673838e
Validity
Not Before: Jan 1 10:54:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70a147980a033a865cd2c431394c99abc81101bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:44:46:9e:70:e2:6b:69:44:14:e9:7b:e6:49:
8f:46:f2:a8:de:19:68:48:93:76:9c:b8:fa:ee:b6:
24:c6:c5:82:1c:a2:bf:66:8f:64:17:16:f5:60:57:
77:f3:10:a0:3e:35:a4:7a:12:d4:de:23:a7:9d:bc:
fb:59:bc:71:0f:5f:6f:d2:c6:67:5e:c7:b8:ba:3e:
96:76:82:43:cc:21:a0:c2:84:fb:ef:e0:60:07:8e:
03:da:2b:3d:45:a6:af:5f:13:37:18:7f:52:f4:68:
43:86:b5:1e:6c:08:92:43:d3:d2:37:10:8d:ba:bd:
52:a4:12:dc:a6:ce:63:49:4d:b0:ba:37:22:8c:02:
99:7b:83:da:ab:1c:12:8d:6e:be:c8:7b:a3:36:c4:
01:e3:b5:de:33:ff:a8:74:a0:ba:18:b7:e5:8a:a0:
76:7a:8f:3e:be:aa:f6:f9:99:77:50:8e:30:df:74:
b7:ca:6b:71:08:1b:4b:65:c8:46:12:33:f0:98:d4:
a1:c1:d8:b1:78:b8:30:a4:b8:bb:57:a5:fe:9d:29:
9c:76:67:2e:bb:ac:47:5d:6f:24:e4:16:d8:dd:af:
5f:b3:10:72:7b:e8:7c:3a:f1:b9:cd:ba:e7:a0:6c:
0e:aa:8e:a4:3b:25:7a:34:cd:43:f8:0e:24:12:ba:
77:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A1:47:98:0A:03:3A:86:5C:D2:C4:31:39:4C:99:AB:C8:11:01:BB
X509v3 Authority Key Identifier:
keyid:0D:23:06:4E:3C:27:EC:92:B7:EA:B6:67:64:9D:20:4E:56:73:83:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSMGTjwn7JK36rZnZJ0gTlZzg44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/cKFHmAoDOoZc0sQxOUyZq8gRAbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/72faed-a8f8-4a33-8ddc-5cef04b79737/1/DSMGTjwn7JK36rZnZJ0gTlZzg44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f00::/29
Signature Algorithm: sha256WithRSAEncryption
1f:4d:b2:9b:01:78:52:2f:13:e1:04:36:cb:1f:a3:d1:e7:81:
88:f4:d3:9a:11:76:4d:86:b3:c2:78:90:2f:8d:17:59:85:d4:
1b:b3:cf:2c:fc:b1:12:65:ed:b8:ad:ec:8e:3c:e4:ba:cb:71:
65:95:ed:4f:54:13:54:9b:a0:df:6f:84:48:c4:8d:1b:60:ab:
9c:c9:85:7d:b6:3b:55:ac:8a:84:5e:56:2b:13:47:2f:85:71:
78:91:f0:88:d4:d4:07:40:66:dc:81:63:92:72:dd:5a:1e:8b:
10:7d:b8:60:82:4f:49:60:01:80:e0:7b:3e:2e:d8:ce:d0:15:
4c:c1:5f:d9:52:59:b6:d3:2d:dd:65:e1:6f:7e:58:e6:69:9e:
17:50:b4:fa:9f:0f:83:b0:ce:2e:58:d7:7a:20:91:af:50:63:
f6:c4:af:47:67:9e:22:a2:e2:9a:fd:5c:4c:95:a9:4c:0e:e2:
78:8c:88:e9:8f:f2:2e:cd:3c:3d:35:b9:31:35:06:ca:33:69:
92:59:e1:3d:70:9b:b7:4f:ce:60:95:4b:4e:ee:fa:f4:da:bb:
36:16:e8:e3:8d:43:52:f0:27:a8:cf:91:24:e2:bf:48:b9:bd:
56:9f:e2:ca:6f:0d:6b:f3:5f:c2:2b:3d:2c:9c:b9:7d:ae:0b:
3b:6c:16:d3
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAiKKjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDIzMDY0ZTNjMjdlYzkyYjdlYWI2Njc2NDlkMjA0ZTU2NzM4MzhlMB4XDTIyMDEw
MTEwNTQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBhMTQ3OTgwYTAz
M2E4NjVjZDJjNDMxMzk0Yzk5YWJjODExMDFiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdERp5w4mtpRBTpe+ZJj0byqN4ZaEiTdpy4+u62JMbFghyi
v2aPZBcW9WBXd/MQoD41pHoS1N4jp528+1m8cQ9fb9LGZ17HuLo+lnaCQ8whoMKE
++/gYAeOA9orPUWmr18TNxh/UvRoQ4a1HmwIkkPT0jcQjbq9UqQS3KbOY0lNsLo3
IowCmXuD2qscEo1uvsh7ozbEAeO13jP/qHSguhi35YqgdnqPPr6q9vmZd1COMN90
t8prcQgbS2XIRhIz8JjUocHYsXi4MKS4u1el/p0pnHZnLrusR11vJOQW2N2vX7MQ
cnvofDrxuc2656BsDqqOpDslejTNQ/gOJBK6dyECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRwoUeYCgM6hlzSxDE5TJmryBEBuzAfBgNVHSMEGDAWgBQNIwZOPCfskrfq
tmdknSBOVnODjjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RTTUdUanduN0pLMzZyWm5aSjBnVGxaemc0NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvNzJmYWVkLWE4ZjgtNGEzMy04ZGRjLTVjZWYwNGI3OTczNy8x
L2NLRkhtQW9ET29aYzBzUXhPVXlacThnUkFicy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
NzJmYWVkLWE4ZjgtNGEzMy04ZGRjLTVjZWYwNGI3OTczNy8xL0RTTUdUanduN0pL
MzZyWm5aSjBnVGxaemc0NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRDwAwDQYJKoZIhvcNAQELBQAD
ggEBAB9NspsBeFIvE+EENssfo9HngYj005oRdk2Gs8J4kC+NF1mF1Buzzyz8sRJl
7bit7I485LrLcWWV7U9UE1SboN9vhEjEjRtgq5zJhX22O1WsioReVisTRy+FcXiR
8IjU1AdAZtyBY5Jy3VoeixB9uGCCT0lgAYDgez4u2M7QFUzBX9lSWbbTLd1l4W9+
WOZpnhdQtPqfD4Owzi5Y13ogka9QY/bEr0dnniKi4pr9XEyVqUwO4niMiOmP8i7N
PD01uTE1BsozaZJZ4T1wm7dPzmCVS07u+vTauzYW6OONQ1LwJ6jPkSTiv0i5vVaf
4spvDWvzX8IrPSycuX2uCztsFtM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:57 2025 by rpki-client