Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/0DHrPH3d2rw0IeYneerKSKaE7ao.roa
File: 0DHrPH3d2rw0IeYneerKSKaE7ao.roa (raw, json)
Hash identifier: Yy7noj6l4kfN0vlQ1YsR5ynbUZAZguSrc7uLkDZLQog=
Subject key identifier: D0:31:EB:3C:7D:DD:DA:BC:34:21:E6:27:79:EA:CA:48:A6:84:ED:AA
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0105635C
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/0DHrPH3d2rw0IeYneerKSKaE7ao.roa
Signing time: Sat 01 Jan 2022 00:59:28 +0000
ROA not before: Sat 01 Jan 2022 00:59:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48646
IP address blocks: 2a0c:b642:1a09::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17130332 (0x105635c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d031eb3c7ddddabc3421e62779eaca48a684edaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d6:a6:10:9f:1d:c0:73:41:c4:3a:f2:c3:3e:
48:92:a7:0d:e5:45:26:5e:94:1c:c0:22:64:28:a2:
00:9c:ce:32:30:e9:c0:93:56:15:08:f7:30:a0:2b:
ef:b7:d6:9e:35:94:3e:b9:22:0c:bb:ec:35:d6:f7:
e4:dc:8d:13:cc:cc:2c:15:64:34:a3:34:65:e8:bb:
98:2b:de:88:04:d0:18:a3:8e:c1:95:33:20:96:07:
bd:48:67:14:bd:90:a2:e2:c3:99:5b:c4:7e:52:fa:
0f:0e:b1:f3:bc:a7:b3:1c:45:a8:3a:b0:04:48:39:
a9:8a:d0:79:9a:40:71:72:4f:89:ab:ac:aa:0c:3b:
fa:50:51:9e:54:23:7d:fa:f8:c4:ca:cf:23:23:8d:
3e:7b:46:79:d3:bb:84:5a:72:42:52:8f:b6:6e:7b:
04:53:6f:8a:d3:23:0b:8c:d9:7c:2c:b7:32:6c:80:
52:9a:53:50:b3:88:1a:36:75:4d:10:13:7c:5c:e4:
eb:3b:c1:49:9a:c1:04:d7:1c:84:71:df:3e:03:4c:
5b:04:d8:23:6f:58:5f:aa:b4:f3:ad:a7:1d:f9:c1:
d2:38:b0:4f:f5:b0:e3:8a:ea:c2:b4:97:a8:3f:06:
cf:35:36:86:c9:17:38:8e:1b:4b:fd:04:85:ad:9a:
f9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:31:EB:3C:7D:DD:DA:BC:34:21:E6:27:79:EA:CA:48:A6:84:ED:AA
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/0DHrPH3d2rw0IeYneerKSKaE7ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:1a09::/48
Signature Algorithm: sha256WithRSAEncryption
8d:ff:65:65:2d:9f:02:73:d5:87:22:6a:e4:ee:e8:be:5f:b2:
0e:3b:bd:45:91:3c:61:62:bc:b0:92:f2:f8:d3:fc:a5:b1:1a:
ca:b5:e3:a0:a0:6c:22:d3:df:f2:bf:45:0d:41:eb:50:4f:65:
66:13:89:70:24:c3:21:65:73:d4:31:53:f8:22:0a:03:e9:96:
50:37:b2:99:77:25:51:16:fb:73:6f:b6:ed:18:c4:d0:ca:7f:
ce:f8:18:22:b7:8b:77:64:a4:e6:8a:2b:92:1e:14:47:48:a1:
f9:f9:62:e5:9c:78:6c:02:10:cc:5a:30:bc:62:1d:a5:c3:43:
84:25:30:94:f3:78:ee:ec:a7:0a:4c:ce:df:1d:97:06:4f:21:
85:ba:d9:95:ea:62:49:db:a5:0a:69:9a:42:94:3d:5a:d1:a4:
ff:c4:91:36:2c:6a:f9:e5:b7:3f:a9:a9:00:b4:cf:96:d6:06:
15:6b:09:d3:fd:a9:12:cd:89:92:9c:ce:bd:e2:63:9d:15:65:
27:28:a4:c5:56:18:23:15:8c:22:4e:e3:02:ff:8a:b2:73:8e:
b3:12:2b:bd:48:a7:f5:51:1b:47:93:37:c1:6d:80:89:e5:3e:
b7:43:16:1f:f5:60:e1:2c:63:e0:9b:02:9f:6f:eb:14:b2:9c:
39:23:d5:2f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAQVjXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTkyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDAzMWViM2M3ZGRk
ZGFiYzM0MjFlNjI3NzllYWNhNDhhNjg0ZWRhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzWphCfHcBzQcQ68sM+SJKnDeVFJl6UHMAiZCiiAJzOMjDp
wJNWFQj3MKAr77fWnjWUPrkiDLvsNdb35NyNE8zMLBVkNKM0Zei7mCveiATQGKOO
wZUzIJYHvUhnFL2QouLDmVvEflL6Dw6x87ynsxxFqDqwBEg5qYrQeZpAcXJPiaus
qgw7+lBRnlQjffr4xMrPIyONPntGedO7hFpyQlKPtm57BFNvitMjC4zZfCy3MmyA
UppTULOIGjZ1TRATfFzk6zvBSZrBBNcchHHfPgNMWwTYI29YX6q0862nHfnB0jiw
T/Ww44rqwrSXqD8GzzU2hskXOI4bS/0Eha2a+VkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTQMes8fd3avDQh5id56spIpoTtqjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzBESHJQSDNkMnJ3MEllWW5lZXJLU0thRTdhby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoMtkIaCTANBgkqhkiG9w0BAQsF
AAOCAQEAjf9lZS2fAnPVhyJq5O7ovl+yDju9RZE8YWK8sJLy+NP8pbEayrXjoKBs
ItPf8r9FDUHrUE9lZhOJcCTDIWVz1DFT+CIKA+mWUDeymXclURb7c2+27RjE0Mp/
zvgYIreLd2Sk5oorkh4UR0ih+fli5Zx4bAIQzFowvGIdpcNDhCUwlPN47uynCkzO
3x2XBk8hhbrZlepiSdulCmmaQpQ9WtGk/8SRNixq+eW3P6mpALTPltYGFWsJ0/2p
Es2JkpzOveJjnRVlJyikxVYYIxWMIk7jAv+KsnOOsxIrvUin9VEbR5M3wW2AieU+
t0MWH/Vg4Sxj4JsCn2/rFLKcOSPVLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org