Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/15zDCcVxzRIWNVofAeM5ky29FRU.roa
File: 15zDCcVxzRIWNVofAeM5ky29FRU.roa (raw, json)
Hash identifier: SMsFw0JHAe1xUU+A6jVb9yZ5VLEFjSRW0WZ6e2ntA0s=
Subject key identifier: D7:9C:C3:09:C5:71:CD:12:16:35:5A:1F:01:E3:39:93:2D:BD:15:15
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 011A53D2
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/15zDCcVxzRIWNVofAeM5ky29FRU.roa
Signing time: Sat 01 Jan 2022 00:59:41 +0000
ROA not before: Sat 01 Jan 2022 00:59:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207268
IP address blocks: 2a0c:b641:7a0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18502610 (0x11a53d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d79cc309c571cd1216355a1f01e339932dbd1515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c1:69:02:96:1e:57:d7:f7:f2:a0:16:5b:59:
3a:e7:b3:7b:18:1b:c2:aa:ef:35:d4:fd:a5:95:3f:
13:40:e0:10:0a:7b:c4:a7:00:b8:ce:f0:7b:33:b9:
67:56:0e:dd:46:37:05:2f:ef:98:2a:d1:a3:43:60:
55:f0:a5:1c:f6:12:5b:e7:ff:c5:1a:c1:9b:d9:cf:
f1:a2:87:e7:7e:76:e3:e4:ae:0a:35:25:8d:b6:f3:
b6:a7:2a:7d:20:7d:c7:cc:93:20:3a:33:fe:66:1e:
cd:b2:7c:51:9b:12:2f:8b:38:ed:eb:c1:89:05:e8:
ed:e3:d5:ac:eb:be:9c:de:ce:16:5a:b3:84:1c:17:
91:90:a0:b3:be:e4:d1:d5:61:d7:c0:94:82:5d:a1:
e9:ea:b8:bf:ac:2e:cb:b3:bc:20:b3:68:0f:77:ff:
0c:79:2d:cf:42:d6:53:2f:61:d4:cf:b7:c1:3c:83:
ed:7b:10:3a:5d:8a:82:e8:b4:55:8f:1d:50:dd:84:
6c:33:73:24:7d:7a:de:f0:49:3d:03:7f:2c:36:2e:
f8:be:5f:94:d8:82:22:ab:9f:25:27:10:c1:ec:54:
83:93:75:31:bc:65:9e:91:3e:f8:99:79:21:54:6e:
5e:0d:04:6b:46:25:26:d1:9b:5c:5f:04:5b:5a:d3:
e4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9C:C3:09:C5:71:CD:12:16:35:5A:1F:01:E3:39:93:2D:BD:15:15
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/15zDCcVxzRIWNVofAeM5ky29FRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:7a0::/44
Signature Algorithm: sha256WithRSAEncryption
1d:67:c9:cb:d5:f3:22:91:0a:f8:b3:13:51:86:27:51:84:f2:
9b:67:bd:1d:a6:5b:83:bf:9f:14:35:52:7a:e9:ec:1b:a7:a5:
16:fa:5c:ce:ea:a2:7a:da:80:78:64:df:94:a6:e1:96:b6:99:
16:73:45:f8:80:4a:50:c4:f3:99:03:5e:f8:7a:e2:eb:75:4a:
da:f9:80:37:4f:5d:f8:bd:bd:5a:fb:7e:d8:ce:75:f6:a7:eb:
01:8b:bb:9a:27:ae:d4:2c:27:c5:b7:0a:0c:e2:07:ee:5f:ce:
f3:38:6b:a0:23:0e:b9:04:0f:91:84:3d:00:9b:f3:7c:bd:7e:
a0:73:40:ef:38:9a:c9:0e:bb:84:1d:43:06:80:34:cd:d9:11:
ec:4b:f6:ff:b3:02:89:eb:e7:9c:00:4c:9a:12:d6:4e:48:b9:
34:93:8e:a0:bb:4f:d6:db:0e:ac:5b:e4:fa:3c:a4:5f:19:12:
ac:0d:bb:3d:0a:e0:52:0e:ef:dd:67:3b:52:7d:21:79:80:5d:
2a:34:b5:46:d2:1c:84:90:bd:3b:28:6a:86:7e:ac:33:47:d0:
23:3f:c6:ee:04:15:ce:a8:4a:83:e9:ba:dc:16:22:23:1b:75:
35:dd:f7:35:94:e6:61:c6:13:53:4e:dd:8d:ba:0a:38:7c:1a:
fe:18:ab:46
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEARpT0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTk0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc5Y2MzMDljNTcx
Y2QxMjE2MzU1YTFmMDFlMzM5OTMyZGJkMTUxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHBaQKWHlfX9/KgFltZOuezexgbwqrvNdT9pZU/E0DgEAp7
xKcAuM7wezO5Z1YO3UY3BS/vmCrRo0NgVfClHPYSW+f/xRrBm9nP8aKH53524+Su
CjUljbbztqcqfSB9x8yTIDoz/mYezbJ8UZsSL4s47evBiQXo7ePVrOu+nN7OFlqz
hBwXkZCgs77k0dVh18CUgl2h6eq4v6wuy7O8ILNoD3f/DHktz0LWUy9h1M+3wTyD
7XsQOl2Kgui0VY8dUN2EbDNzJH163vBJPQN/LDYu+L5flNiCIqufJScQwexUg5N1
MbxlnpE++Jl5IVRuXg0Ea0YlJtGbXF8EW1rT5I8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTXnMMJxXHNEhY1Wh8B4zmTLb0VFTAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzE1ekRDY1Z4elJJV05Wb2ZBZU01a3kyOUZSVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEHoDANBgkqhkiG9w0BAQsF
AAOCAQEAHWfJy9XzIpEK+LMTUYYnUYTym2e9HaZbg7+fFDVSeunsG6elFvpczuqi
etqAeGTflKbhlraZFnNF+IBKUMTzmQNe+Hri63VK2vmAN09d+L29Wvt+2M519qfr
AYu7mieu1CwnxbcKDOIH7l/O8zhroCMOuQQPkYQ9AJvzfL1+oHNA7ziayQ67hB1D
BoA0zdkR7Ev2/7MCievnnABMmhLWTki5NJOOoLtP1tsOrFvk+jykXxkSrA27PQrg
Ug7v3Wc7Un0heYBdKjS1RtIchJC9Oyhqhn6sM0fQIz/G7gQVzqhKg+m63BYiIxt1
Nd33NZTmYcYTU07djboKOHwa/hirRg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:09:26 2025 by rpki-client