Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2JbrUntYYldwoJmWVvwT0uqjias.roa
File: 2JbrUntYYldwoJmWVvwT0uqjias.roa (raw, json)
Hash identifier: X+XNEhf/ggX66YvD7XpMdfL6ZbOuvXtPosxaUbK2tes=
Subject key identifier: D8:96:EB:52:7B:58:62:57:70:A0:99:96:56:FC:13:D2:EA:A3:89:AB
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E4D06F7AD919795288613706E5D5F
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2JbrUntYYldwoJmWVvwT0uqjias.roa
Signing time: Mon 02 Jan 2023 06:14:49 +0000
ROA not before: Mon 02 Jan 2023 06:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201671
IP address blocks: 2a0c:b641:3b0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:4d:06:f7:ad:91:97:95:28:86:13:70:6e:5d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d896eb527b58625770a0999656fc13d2eaa389ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a1:f4:42:c3:42:f5:c2:e5:c6:61:76:3d:52:
59:1d:fe:8b:b4:a2:e5:8d:4e:4b:3f:e4:8d:40:7d:
23:dd:3b:d9:0b:2c:57:a6:10:51:0f:df:e0:43:c5:
20:ef:11:f5:7f:a0:96:16:4c:2c:29:ab:dd:35:46:
70:34:63:74:26:44:41:ee:34:32:9a:ef:5e:e6:c7:
30:25:30:c8:28:cf:e8:95:08:3f:35:b9:e8:2c:a4:
a8:da:73:6c:e0:af:1a:13:a7:a7:ed:d3:18:95:c0:
ae:c5:db:c1:ea:ed:27:59:75:ba:75:16:0a:a5:2d:
2d:83:26:eb:8c:da:81:b1:83:0c:f7:ba:ae:3c:97:
02:49:42:85:ed:b3:9f:aa:f8:99:2d:85:ba:e4:40:
1b:e2:35:c9:ab:af:a7:51:1e:fd:23:2e:2b:36:1c:
34:df:69:bc:87:6d:3f:02:7e:f1:ac:e3:28:a9:c4:
2c:3f:6b:34:c7:43:08:90:b1:bc:07:62:37:94:81:
6e:65:2d:e3:d0:9f:15:2e:f3:fc:4b:63:a2:6b:28:
cb:77:ad:40:a8:85:3e:c7:e9:81:23:49:2b:c9:3a:
30:db:06:5a:9d:55:53:5f:d1:74:29:2d:df:29:16:
ad:03:5f:db:eb:19:02:be:91:61:61:f1:ce:b2:c0:
17:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:96:EB:52:7B:58:62:57:70:A0:99:96:56:FC:13:D2:EA:A3:89:AB
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2JbrUntYYldwoJmWVvwT0uqjias.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:3b0::/44
Signature Algorithm: sha256WithRSAEncryption
10:fe:93:e5:99:a1:cf:24:fe:3e:94:10:49:1e:21:dc:5a:51:
16:f3:0b:d7:ee:bb:ff:6a:f2:e7:01:83:8f:cb:e6:a5:dd:ff:
a9:8f:4f:8b:a2:7d:ae:87:7d:5c:f2:d2:06:77:27:2d:3d:bf:
a3:ff:1e:4d:e6:9f:41:40:ef:85:c5:70:05:5d:15:dc:3a:71:
91:d1:be:b2:3d:dd:6a:fc:95:7d:ee:52:c1:55:0c:1e:9b:b3:
bb:8b:5d:ea:d0:61:52:12:16:fa:2a:91:72:0e:e4:95:ab:c5:
8a:ee:da:27:c1:15:2c:e1:a0:29:16:1b:85:c3:03:df:f9:45:
21:ce:e4:20:73:74:99:5c:42:b4:9b:b0:e9:4c:87:f4:f4:32:
dd:7d:71:ce:31:c5:94:26:7e:81:d8:c1:c9:cd:6c:ef:2e:84:
3b:ae:1c:72:c9:24:53:70:12:42:79:20:5f:d0:2d:da:20:0b:
4c:a6:aa:85:02:a6:e0:7f:00:fb:04:8c:aa:dd:da:3f:19:e3:
6d:7c:57:30:d6:a5:0b:d4:e5:8f:e7:bf:e7:3a:f5:a3:c2:91:
32:75:26:2d:94:bd:54:ef:fe:cc:26:66:a6:e3:e1:c8:71:5a:
8f:1c:7d:46:ae:e2:a5:36:c2:8a:e7:d3:48:9c:ae:79:82:73:
3e:63:f6:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHk0G962Rl5UohhNwbl1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODk2ZWI1MjdiNTg2MjU3NzBhMDk5OTY1NmZjMTNkMmVhYTM4OWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6H0QsNC9cLlxmF2PVJZHf6LtKLl
jU5LP+SNQH0j3TvZCyxXphBRD9/gQ8Ug7xH1f6CWFkwsKavdNUZwNGN0JkRB7jQy
mu9e5scwJTDIKM/olQg/NbnoLKSo2nNs4K8aE6en7dMYlcCuxdvB6u0nWXW6dRYK
pS0tgybrjNqBsYMM97quPJcCSUKF7bOfqviZLYW65EAb4jXJq6+nUR79Iy4rNhw0
32m8h20/An7xrOMoqcQsP2s0x0MIkLG8B2I3lIFuZS3j0J8VLvP8S2OiayjLd61A
qIU+x+mBI0kryTow2wZanVVTX9F0KS3fKRatA1/b6xkCvpFhYfHOssAXpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNiW61J7WGJXcKCZllb8E9Lqo4mrMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvMkpiclVudFlZbGR3b0ptV1Z2d1QwdXFqaWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQOw
MA0GCSqGSIb3DQEBCwUAA4IBAQAQ/pPlmaHPJP4+lBBJHiHcWlEW8wvX7rv/avLn
AYOPy+al3f+pj0+Lon2uh31c8tIGdyctPb+j/x5N5p9BQO+FxXAFXRXcOnGR0b6y
Pd1q/JV97lLBVQwem7O7i13q0GFSEhb6KpFyDuSVq8WK7tonwRUs4aApFhuFwwPf
+UUhzuQgc3SZXEK0m7DpTIf09DLdfXHOMcWUJn6B2MHJzWzvLoQ7rhxyySRTcBJC
eSBf0C3aIAtMpqqFAqbgfwD7BIyq3do/GeNtfFcw1qUL1OWP57/nOvWjwpEydSYt
lL1U7/7MJmam4+HIcVqPHH1GruKlNsKK59NInK55gnM+Y/ZX
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:09:35 2025 by rpki-client