Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/012FP0o--cdCuZL60Bsj4nw_FkM.roa
File: 012FP0o--cdCuZL60Bsj4nw_FkM.roa (raw, json)
Hash identifier: SfCzookJn0ufm24ggh6fHTESuQXvU7VYjGB4AfD6HOw=
Subject key identifier: D3:5D:85:3F:4A:3E:F9:C7:42:B9:92:FA:D0:1B:23:E2:7C:3F:16:43
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01898DF2124B7487674D8C466307C9D1AF28
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/012FP0o--cdCuZL60Bsj4nw_FkM.roa
Signing time: Tue 25 Jul 2023 16:46:39 +0000
ROA not before: Tue 25 Jul 2023 16:46:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197606
IP address blocks: 2a0c:b641:a70::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8d:f2:12:4b:74:87:67:4d:8c:46:63:07:c9:d1:af:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jul 25 16:46:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d35d853f4a3ef9c742b992fad01b23e27c3f1643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:dc:25:15:16:32:62:39:ce:02:df:94:7a:5b:
bb:f7:38:fe:06:5d:05:42:32:65:ac:db:5e:6d:79:
13:34:a3:21:3f:2d:9a:4e:ac:61:c1:46:23:16:82:
f8:35:a0:c4:7a:5c:9f:f3:f9:2d:ab:01:42:f0:01:
52:70:a2:69:b5:78:89:fb:f7:8f:a1:1e:f9:80:f3:
7d:50:ac:87:b4:05:fd:29:6d:ce:48:3b:67:5c:1d:
ff:81:74:06:d0:a6:f6:78:3b:c1:2c:ff:6f:dc:11:
84:c9:c2:b2:b0:75:38:f4:a0:57:6d:65:58:c2:5d:
05:69:02:ca:57:e4:00:55:eb:8a:6a:6f:73:5f:d2:
d9:13:f1:1b:21:ad:15:a2:26:63:d5:a1:19:bc:51:
f9:3a:e6:85:1d:1d:48:e2:e8:d1:40:cd:4a:31:a5:
7b:f6:c5:37:54:b1:c2:d6:61:c1:df:e4:bd:84:63:
35:b4:7e:d5:81:a2:75:c1:ae:d6:7b:81:63:36:d1:
10:f9:25:5a:bd:c1:15:af:32:ee:88:bc:f0:b5:e4:
23:b3:56:86:b0:49:d4:a8:77:b6:04:55:61:59:ea:
3a:d8:97:b6:84:12:35:04:c9:ca:3e:b0:19:71:63:
de:ba:a0:fa:83:02:ea:4d:48:e0:35:ae:34:9a:60:
c8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:5D:85:3F:4A:3E:F9:C7:42:B9:92:FA:D0:1B:23:E2:7C:3F:16:43
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/012FP0o--cdCuZL60Bsj4nw_FkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:a70::/44
Signature Algorithm: sha256WithRSAEncryption
8d:37:d8:5c:9a:8f:e7:f4:f0:42:60:fd:97:50:e4:0a:75:c1:
d2:c3:aa:23:8f:02:d8:0d:d7:9c:a0:eb:b7:07:83:0b:8e:ac:
76:f5:a7:c8:34:32:bc:81:62:36:75:3d:38:0b:40:5c:02:db:
34:fe:cd:72:22:13:35:db:18:f3:c5:1f:e4:e2:6f:56:09:96:
92:cc:81:e1:bd:58:18:6b:46:50:64:ad:de:21:44:21:b3:7b:
a5:d0:e7:bb:36:12:d3:f6:d8:49:3b:2b:82:36:a2:a2:a8:82:
56:fd:50:04:1e:18:10:c6:14:02:d8:8f:39:5d:e7:3c:19:90:
5f:c8:f3:89:d3:a3:13:82:88:0e:99:76:0d:be:f7:52:69:89:
ce:e2:c8:2b:dd:42:ba:50:1b:2c:24:fd:87:68:59:e8:f8:66:
85:19:01:a2:d5:54:ac:b7:ea:a1:e0:ba:62:d7:f8:85:28:5d:
bf:3f:aa:25:9a:7a:4a:bc:e5:e2:18:8d:2a:f3:5c:d3:f3:7c:
4c:7a:5a:bb:50:09:64:67:6b:62:91:85:0f:9f:a7:53:ad:ec:
87:12:06:79:05:cc:de:02:72:cd:f2:7c:f3:f4:cb:68:bb:51:
ac:87:86:a0:86:12:0b:12:cd:44:3d:65:57:b9:16:0c:a1:94:
63:f6:30:64
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYmN8hJLdIdnTYxGYwfJ0a8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwNzI1MTY0NjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzVkODUzZjRhM2VmOWM3NDJiOTkyZmFkMDFiMjNlMjdjM2YxNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNwlFRYyYjnOAt+Uelu79zj+Bl0F
QjJlrNtebXkTNKMhPy2aTqxhwUYjFoL4NaDEelyf8/ktqwFC8AFScKJptXiJ+/eP
oR75gPN9UKyHtAX9KW3OSDtnXB3/gXQG0Kb2eDvBLP9v3BGEycKysHU49KBXbWVY
wl0FaQLKV+QAVeuKam9zX9LZE/EbIa0VoiZj1aEZvFH5OuaFHR1I4ujRQM1KMaV7
9sU3VLHC1mHB3+S9hGM1tH7VgaJ1wa7We4FjNtEQ+SVavcEVrzLuiLzwteQjs1aG
sEnUqHe2BFVhWeo62Je2hBI1BMnKPrAZcWPeuqD6gwLqTUjgNa40mmDIBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNNdhT9KPvnHQrmS+tAbI+J8PxZDMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvMDEyRlAwby0tY2RDdVpMNjBCc2o0bndfRmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQpw
MA0GCSqGSIb3DQEBCwUAA4IBAQCNN9hcmo/n9PBCYP2XUOQKdcHSw6ojjwLYDdec
oOu3B4MLjqx29afINDK8gWI2dT04C0BcAts0/s1yIhM12xjzxR/k4m9WCZaSzIHh
vVgYa0ZQZK3eIUQhs3ul0Oe7NhLT9thJOyuCNqKiqIJW/VAEHhgQxhQC2I85Xec8
GZBfyPOJ06MTgogOmXYNvvdSaYnO4sgr3UK6UBssJP2HaFno+GaFGQGi1VSst+qh
4Lpi1/iFKF2/P6olmnpKvOXiGI0q81zT83xMelq7UAlkZ2tikYUPn6dTreyHEgZ5
BczeAnLN8nzz9Mtou1Gsh4aghhILEs1EPWVXuRYMoZRj9jBk
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:16:39 2025 by rpki-client