Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1-5MgfY2j2__vUr95DNsjCloUPoQ.roa
File: 1-5MgfY2j2__vUr95DNsjCloUPoQ.roa (raw, json)
Hash identifier: 7ZEzl+clR5/JJilo6sUicmErL+rl0s80Dt/G0T3a3wY=
Subject key identifier: FB:93:20:7D:8D:A3:DB:FF:EF:52:BF:79:0C:DB:23:0A:5A:14:3E:84
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0187D260B723249B89F45E9FCAD6D08CCB72
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1-5MgfY2j2__vUr95DNsjCloUPoQ.roa
Signing time: Sun 30 Apr 2023 13:36:06 +0000
ROA not before: Sun 30 Apr 2023 13:36:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208029
IP address blocks: 2a0c:b642:5000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d2:60:b7:23:24:9b:89:f4:5e:9f:ca:d6:d0:8c:cb:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Apr 30 13:36:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb93207d8da3dbffef52bf790cdb230a5a143e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2b:55:8a:63:b5:32:08:a0:44:5f:c7:be:f1:
8e:63:4a:29:f5:a0:79:47:83:14:4d:4d:ba:9d:92:
7f:08:7e:8e:20:ee:03:c0:b7:ef:a2:d1:a2:7c:b9:
63:70:13:ca:95:55:d8:c0:30:ee:25:32:13:77:5c:
89:ed:31:df:81:33:f5:e2:0f:3d:6b:8d:26:52:29:
36:97:94:68:a0:fd:63:01:34:c6:31:f4:01:1a:17:
86:47:4a:04:a6:1f:e7:09:b7:8b:fa:60:b5:0d:c5:
10:b6:3f:e4:c8:60:08:69:90:50:e8:91:df:7f:d4:
91:cc:ea:c5:b2:a7:e8:de:49:bd:50:08:09:81:37:
c9:d9:d7:93:42:15:67:07:1d:30:78:f8:82:9a:79:
70:62:07:60:02:a2:d9:e7:ac:14:93:cc:43:51:46:
e4:c8:b7:96:fc:cb:e1:75:06:b0:b2:b0:c3:84:82:
c1:ae:56:f7:fc:cc:d6:95:28:12:dc:6e:f2:db:10:
48:5d:69:bf:25:d9:5f:81:86:38:0b:df:43:2d:30:
36:f9:07:32:50:79:ec:86:3c:09:bf:8f:8b:b3:f4:
eb:fa:cb:50:35:29:02:f3:6d:4d:74:a5:5b:7f:b5:
28:9d:34:5c:f2:5d:13:df:2c:7b:a1:c1:0c:f2:c5:
bf:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:93:20:7D:8D:A3:DB:FF:EF:52:BF:79:0C:DB:23:0A:5A:14:3E:84
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1-5MgfY2j2__vUr95DNsjCloUPoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:5000::/36
Signature Algorithm: sha256WithRSAEncryption
78:87:a5:c6:a3:dd:f4:ef:2d:14:6c:11:0b:7a:3f:e6:91:2d:
41:23:61:e2:c0:5b:3b:0d:04:3e:d8:79:0e:bc:32:67:77:69:
6b:dd:13:83:10:68:81:0d:6e:f0:a5:be:43:af:29:ec:fa:9f:
a7:16:a8:0e:6d:10:9b:16:b6:fe:6d:96:d4:2d:d3:6b:85:e9:
91:83:d8:51:16:bd:78:c7:0f:13:64:28:3a:64:48:7b:f5:80:
7c:e4:8e:31:3e:2e:4f:b8:4a:0a:bb:98:55:d7:97:a1:8b:04:
ff:54:8d:7e:97:bd:88:57:f1:02:d8:9c:41:c4:d9:53:a7:e6:
fc:04:5b:94:4a:7b:d7:db:83:de:d5:e0:51:9c:5e:c3:dd:00:
30:15:d6:42:5c:d2:f1:b7:25:4b:32:5f:93:b0:d0:42:b2:d9:
b1:76:88:61:b1:a5:21:4f:52:10:89:43:3e:70:a1:1f:e5:c6:
7c:e6:41:ed:d4:d5:f4:9f:c1:fa:27:fb:98:72:ba:da:1a:23:
84:48:5b:1a:9d:f7:29:1d:72:53:5a:b5:a5:2e:22:e6:9e:f8:
93:cb:ca:86:ac:b8:f6:24:ec:14:ea:48:58:fe:de:44:aa:b7:
13:fc:6b:df:ea:71:d6:7c:0c:e7:c8:83:34:52:2e:07:16:f5:
6a:57:95:ba
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYfSYLcjJJuJ9F6fytbQjMtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwNDMwMTMzNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjkzMjA3ZDhkYTNkYmZmZWY1MmJmNzkwY2RiMjMwYTVhMTQzZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0itVimO1MgigRF/HvvGOY0op9aB5
R4MUTU26nZJ/CH6OIO4DwLfvotGifLljcBPKlVXYwDDuJTITd1yJ7THfgTP14g89
a40mUik2l5RooP1jATTGMfQBGheGR0oEph/nCbeL+mC1DcUQtj/kyGAIaZBQ6JHf
f9SRzOrFsqfo3km9UAgJgTfJ2deTQhVnBx0wePiCmnlwYgdgAqLZ56wUk8xDUUbk
yLeW/MvhdQawsrDDhILBrlb3/MzWlSgS3G7y2xBIXWm/JdlfgYY4C99DLTA2+Qcy
UHnshjwJv4+Ls/Tr+stQNSkC821NdKVbf7UonTRc8l0T3yx7ocEM8sW/0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPuTIH2No9v/71K/eQzbIwpaFD6EMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvMS01TWdmWTJqMl9fdlVyOTVETnNqQ2xvVVBvUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBm
ZC8xL0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoMtkJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB4h6XGo9307y0UbBELej/mkS1BI2HiwFs7DQQ+
2HkOvDJnd2lr3RODEGiBDW7wpb5Dryns+p+nFqgObRCbFrb+bZbULdNrhemRg9hR
Fr14xw8TZCg6ZEh79YB85I4xPi5PuEoKu5hV15ehiwT/VI1+l72IV/EC2JxBxNlT
p+b8BFuUSnvX24Pe1eBRnF7D3QAwFdZCXNLxtyVLMl+TsNBCstmxdohhsaUhT1IQ
iUM+cKEf5cZ85kHt1NX0n8H6J/uYcrraGiOESFsanfcpHXJTWrWlLiLmnviTy8qG
rLj2JOwU6khY/t5EqrcT/Gvf6nHWfAznyIM0Ui4HFvVqV5W6
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:23:32 2025 by rpki-client