Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3KrXVx0e7ekfJ9pauSA4bcIhZYg.roa
File: 3KrXVx0e7ekfJ9pauSA4bcIhZYg.roa (raw, json)
Hash identifier: vqLlPMeOcafBP9P6LtnL/Au66RDxGO0t5iK3CzgzFBw=
Subject key identifier: DC:AA:D7:57:1D:1E:ED:E9:1F:27:DA:5A:B9:20:38:6D:C2:21:65:88
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0130DFC8
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3KrXVx0e7ekfJ9pauSA4bcIhZYg.roa
Signing time: Sat 01 Jan 2022 00:59:51 +0000
ROA not before: Sat 01 Jan 2022 00:59:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209661
IP address blocks: 2a0c:b641:210::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19980232 (0x130dfc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcaad7571d1eede91f27da5ab920386dc2216588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d5:ef:0c:02:4a:96:d6:04:3a:70:cf:d9:3a:
91:95:31:51:69:dd:48:24:94:74:c6:0e:e2:e9:4e:
b7:f9:fe:89:e0:0c:1f:0d:44:06:72:6d:9e:f4:15:
05:6a:93:08:55:94:0d:4c:df:3a:f2:7f:81:9d:b1:
45:28:51:3f:29:cf:ee:d1:25:48:b5:52:a8:d9:84:
66:71:c0:ef:95:8d:da:5a:ad:d9:db:09:47:cd:b5:
9b:fc:f0:dd:39:39:28:00:eb:7c:d0:fd:1b:06:03:
1c:b9:28:db:43:01:37:66:63:65:2d:6f:83:72:55:
6e:c3:03:26:dd:e9:c8:28:2d:df:bb:79:b3:97:86:
41:2d:f5:97:2b:dd:3a:38:ab:90:a4:04:e3:ef:f1:
df:6c:9b:bd:64:f4:f4:50:6d:04:6a:14:55:0e:80:
b9:1b:5b:1c:13:05:e8:ba:2e:ac:b6:4c:f0:1a:12:
4b:04:28:df:0a:5b:0f:3d:d3:12:c6:70:cf:f8:d1:
33:9c:d9:c5:73:e8:72:e1:6a:55:e0:62:4a:8c:71:
29:d3:d7:70:87:95:8a:14:17:73:47:8e:fd:e1:55:
e1:15:81:1e:c0:75:99:4b:c2:0a:54:aa:93:44:9b:
5f:af:e1:60:01:4b:e9:27:5c:fc:29:03:1b:cb:48:
36:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AA:D7:57:1D:1E:ED:E9:1F:27:DA:5A:B9:20:38:6D:C2:21:65:88
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3KrXVx0e7ekfJ9pauSA4bcIhZYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:210::/44
Signature Algorithm: sha256WithRSAEncryption
05:b0:1f:d5:9c:80:7f:43:78:30:58:1e:7f:a3:47:5a:51:8e:
62:ed:bd:ce:38:9c:e1:b0:52:28:b7:32:21:c5:9a:68:90:94:
32:2f:82:9f:1a:b6:54:10:85:ba:85:84:44:07:3c:a2:eb:de:
9b:55:44:7a:4e:cb:d9:fe:91:33:e3:02:6a:f2:49:97:21:61:
73:a7:9a:ec:9a:fe:35:46:87:5f:9b:91:e1:9f:b4:bb:7d:70:
a1:67:b8:d6:3d:ae:ce:ed:48:5b:75:71:c3:2a:09:c1:e9:f3:
5c:28:04:21:39:98:61:1d:0f:c3:49:90:95:88:8f:17:eb:c8:
00:ad:a0:b7:66:82:97:56:eb:25:20:16:5e:d1:57:b2:f3:e3:
96:9d:97:f3:84:ab:6a:4b:49:50:0b:d8:f7:b6:9f:8f:16:0e:
3c:a0:75:2a:fb:d6:42:19:ba:c3:d1:36:37:e3:c3:4a:f7:23:
d2:9d:60:9a:67:89:c6:d9:38:09:24:c6:87:47:1d:0a:b4:4f:
17:31:18:1b:ea:dd:c5:e4:c3:07:e5:ed:3b:f6:55:fe:b2:5f:
f0:66:c4:0a:b8:84:7d:86:9b:a7:0b:f3:fa:48:d2:f5:b4:08:
16:d7:08:92:ba:29:0b:15:bb:97:2d:76:58:d5:3d:45:f2:80:
3c:3b:a2:23
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEATDfyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTk1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNhYWQ3NTcxZDFl
ZWRlOTFmMjdkYTVhYjkyMDM4NmRjMjIxNjU4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLV7wwCSpbWBDpwz9k6kZUxUWndSCSUdMYO4ulOt/n+ieAM
Hw1EBnJtnvQVBWqTCFWUDUzfOvJ/gZ2xRShRPynP7tElSLVSqNmEZnHA75WN2lqt
2dsJR821m/zw3Tk5KADrfND9GwYDHLko20MBN2ZjZS1vg3JVbsMDJt3pyCgt37t5
s5eGQS31lyvdOjirkKQE4+/x32ybvWT09FBtBGoUVQ6AuRtbHBMF6LourLZM8BoS
SwQo3wpbDz3TEsZwz/jRM5zZxXPocuFqVeBiSoxxKdPXcIeVihQXc0eO/eFV4RWB
HsB1mUvCClSqk0SbX6/hYAFL6Sdc/CkDG8tINoUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTcqtdXHR7t6R8n2lq5IDhtwiFliDAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzNLclhWeDBlN2VrZko5cGF1U0E0YmNJaFpZZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkECEDANBgkqhkiG9w0BAQsF
AAOCAQEABbAf1ZyAf0N4MFgef6NHWlGOYu29zjic4bBSKLcyIcWaaJCUMi+Cnxq2
VBCFuoWERAc8ouvem1VEek7L2f6RM+MCavJJlyFhc6ea7Jr+NUaHX5uR4Z+0u31w
oWe41j2uzu1IW3VxwyoJwenzXCgEITmYYR0Pw0mQlYiPF+vIAK2gt2aCl1brJSAW
XtFXsvPjlp2X84SraktJUAvY97afjxYOPKB1KvvWQhm6w9E2N+PDSvcj0p1gmmeJ
xtk4CSTGh0cdCrRPFzEYG+rdxeTDB+XtO/ZV/rJf8GbECriEfYabpwvz+kjS9bQI
FtcIkropCxW7ly12WNU9RfKAPDuiIw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:36 2023 by rpki-client on console-fra.rpki-client.org