Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1-N6jW6p2Qn0jBR09MKMk3xss2dQ.roa
File: 1-N6jW6p2Qn0jBR09MKMk3xss2dQ.roa (raw, json)
Hash identifier: +6rRVpIKm/YTlAbJjvRjj8qQ8QZ2tcOCVx4pGD3ANCA=
Subject key identifier: F8:DE:A3:5B:AA:76:42:7D:23:05:1D:3D:30:A3:24:DF:1B:2C:D9:D4
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E560A53AD6BB01830CB529ABCFCF8
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1-N6jW6p2Qn0jBR09MKMk3xss2dQ.roa
Signing time: Mon 02 Jan 2023 06:14:51 +0000
ROA not before: Mon 02 Jan 2023 06:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205523
IP address blocks: 2a0f:8400::/32 maxlen: 48
2a0c:b641:10::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:56:0a:53:ad:6b:b0:18:30:cb:52:9a:bc:fc:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8dea35baa76427d23051d3d30a324df1b2cd9d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f6:25:bd:77:b7:be:1a:2a:1b:0d:06:a0:c6:
c4:36:41:e0:49:f7:2a:8e:3a:5f:8e:a9:23:dc:cf:
d2:a6:0a:7c:ef:86:64:e6:c4:51:60:b1:58:d5:9e:
51:f6:5d:c4:de:ea:39:a5:06:08:e6:96:c7:6d:ab:
2f:8d:c9:51:06:55:13:10:85:43:61:07:6f:4b:2e:
a7:15:9e:1c:5e:83:e6:44:f1:01:10:b4:26:09:56:
5f:0a:9f:73:3d:c4:35:70:ba:0a:1f:ec:f2:6a:d1:
41:34:53:7a:a2:6c:a3:6d:ee:34:e6:16:6f:68:71:
30:71:ea:35:a0:8e:21:64:9c:70:dd:be:7f:f3:5e:
b7:9d:c2:d8:41:eb:04:4c:1d:4d:33:43:7b:ed:10:
d8:db:6b:c8:0c:e8:26:d8:31:db:0a:26:1d:ed:27:
e5:5c:88:2f:56:2b:d6:e2:aa:98:99:51:5b:15:26:
15:7c:3e:54:bf:d1:39:ef:5e:2f:94:35:a4:3f:72:
20:d0:17:1e:60:d1:2b:ca:f9:44:ea:7b:96:76:2a:
c6:5f:ca:fd:d4:60:1b:3e:68:f4:bd:2f:16:24:7d:
cb:42:01:70:cb:af:50:2a:12:bc:d4:cc:d3:c6:9f:
43:bc:09:41:7d:1a:8c:14:85:21:c9:5b:27:7a:dc:
77:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:DE:A3:5B:AA:76:42:7D:23:05:1D:3D:30:A3:24:DF:1B:2C:D9:D4
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1-N6jW6p2Qn0jBR09MKMk3xss2dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:10::/44
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
62:8b:ce:81:98:86:e3:c5:76:98:02:71:6f:3a:59:5e:c7:ad:
c5:1f:99:87:91:d9:e6:a1:94:25:42:2b:5f:6e:86:c5:c6:f6:
1e:42:17:08:22:48:ba:a5:eb:a2:e0:52:e8:0e:77:5c:ca:7d:
85:ec:50:38:d7:f6:4f:0e:68:01:4b:44:5f:a3:d7:f6:65:2a:
1a:e8:e2:40:52:db:76:b5:a3:2e:bd:7a:17:8a:f8:9f:bd:5a:
dd:2d:c1:f5:f0:57:6e:83:90:06:81:92:56:2e:01:62:a7:95:
e8:6f:49:75:78:6e:25:0f:00:9d:9f:64:f8:3f:9e:8f:37:98:
98:a1:b2:0b:44:d3:a4:70:90:65:86:5d:fe:7d:29:2c:64:38:
42:b9:b0:f4:c7:3e:62:83:ac:35:6a:22:97:14:06:83:45:58:
d5:c1:51:3a:3f:89:8c:54:84:29:16:09:a0:c3:4f:db:59:58:
55:d0:01:6e:54:7e:ed:e8:f3:76:fe:c6:ab:ef:70:86:25:51:
f9:a9:34:64:c4:ed:0d:f3:db:db:80:ab:37:a7:80:91:0d:29:
a1:b6:d0:e0:a2:fc:1f:43:80:9f:9c:e3:3e:bd:ca:2f:39:33:
1b:3f:5a:d1:1c:40:59:5c:d6:3e:eb:a9:af:a0:35:ac:fb:81:
b8:5e:fa:74
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVxHlYKU61rsBgwy1KavPz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGRlYTM1YmFhNzY0MjdkMjMwNTFkM2QzMGEzMjRkZjFiMmNkOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPYlvXe3vhoqGw0GoMbENkHgSfcq
jjpfjqkj3M/Spgp874Zk5sRRYLFY1Z5R9l3E3uo5pQYI5pbHbasvjclRBlUTEIVD
YQdvSy6nFZ4cXoPmRPEBELQmCVZfCp9zPcQ1cLoKH+zyatFBNFN6omyjbe405hZv
aHEwceo1oI4hZJxw3b5/8163ncLYQesETB1NM0N77RDY22vIDOgm2DHbCiYd7Sfl
XIgvVivW4qqYmVFbFSYVfD5Uv9E5714vlDWkP3Ig0BceYNEryvlE6nuWdirGX8r9
1GAbPmj0vS8WJH3LQgFwy69QKhK81MzTxp9DvAlBfRqMFIUhyVsnetx3hQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFPjeo1uqdkJ9IwUdPTCjJN8bLNnUMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvMS1ONmpXNnAyUW4wakJSMDlNS01rM3hzczJkUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBm
ZC8xL0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjApBggrBgEFBQcBBwEB/wQaMBgwFgQCAAIwEAMHBCoMtkEA
EAMFACoPhAAwDQYJKoZIhvcNAQELBQADggEBAGKLzoGYhuPFdpgCcW86WV7HrcUf
mYeR2eahlCVCK19uhsXG9h5CFwgiSLql66LgUugOd1zKfYXsUDjX9k8OaAFLRF+j
1/ZlKhro4kBS23a1oy69eheK+J+9Wt0twfXwV26DkAaBklYuAWKnlehvSXV4biUP
AJ2fZPg/no83mJihsgtE06RwkGWGXf59KSxkOEK5sPTHPmKDrDVqIpcUBoNFWNXB
UTo/iYxUhCkWCaDDT9tZWFXQAW5Ufu3o83b+xqvvcIYlUfmpNGTE7Q3z29uAqzen
gJENKaG20OCi/B9DgJ+c4z69yi85Mxs/WtEcQFlc1j7rqa+gNaz7gbhe+nQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:16:31 2025 by rpki-client