Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4OvVuVEGtp8Qdj5Fix6VlgCKjRk.roa
File: 4OvVuVEGtp8Qdj5Fix6VlgCKjRk.roa (raw, json)
Hash identifier: gJVtlEMlYomWQAFCfzOrdpauZb5JFRuT1reLYz9/eKo=
Subject key identifier: E0:EB:D5:B9:51:06:B6:9F:10:76:3E:45:8B:1E:95:96:00:8A:8D:19
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 012AD1B7
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4OvVuVEGtp8Qdj5Fix6VlgCKjRk.roa
Signing time: Sat 01 Jan 2022 00:59:47 +0000
ROA not before: Sat 01 Jan 2022 00:59:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208753
IP address blocks: 2a0c:b642:ace::/48 maxlen: 48
2a0c:b642:a00::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19583415 (0x12ad1b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0ebd5b95106b69f10763e458b1e9596008a8d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:fa:4d:60:4f:e7:e6:73:cf:73:e7:ae:2b:57:
ce:2a:5e:07:3b:04:60:ce:90:4c:64:c3:c3:de:ee:
86:68:33:71:a0:b6:d2:ba:a9:58:97:2b:cf:76:08:
b2:ab:11:e3:62:41:97:d5:f7:99:15:cd:ab:9d:ef:
b4:65:e4:32:cb:da:86:70:7f:2e:c7:05:92:a0:cb:
b9:de:0a:17:26:98:9a:81:0d:bc:70:a8:77:fb:96:
c6:cb:ec:0e:48:29:6e:d1:46:e9:6f:0e:c2:89:ec:
a0:58:de:7f:88:fa:b8:d4:75:11:8e:c4:99:eb:c2:
36:d4:33:a4:81:ee:7d:95:a9:55:c1:b1:87:03:6b:
e9:97:69:67:cd:b1:13:de:57:90:87:24:60:08:2b:
99:b5:2e:8e:1b:03:1e:33:11:df:af:b0:40:21:e6:
41:75:8f:2b:de:37:e7:a4:cb:b1:6d:8f:ad:13:cd:
38:99:38:45:29:22:57:e0:2a:65:c3:1d:c8:48:5a:
05:46:d0:55:5a:a4:54:b9:aa:43:e3:5f:4f:08:09:
77:cb:c0:a1:2a:79:0d:85:5d:dd:ba:f1:f6:06:0b:
04:fa:92:61:cc:0d:e5:f8:43:84:3d:5a:79:21:12:
d9:2a:81:e4:7b:36:24:86:33:59:d2:23:36:64:fd:
41:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:EB:D5:B9:51:06:B6:9F:10:76:3E:45:8B:1E:95:96:00:8A:8D:19
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4OvVuVEGtp8Qdj5Fix6VlgCKjRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:a00::/44
2a0c:b642:ace::/48
Signature Algorithm: sha256WithRSAEncryption
1f:99:a7:35:85:49:95:cd:8a:4c:a9:de:8e:14:b1:d9:9f:8a:
92:1d:8b:bb:10:26:58:28:62:f3:72:e9:5d:0a:f8:8b:62:03:
c5:59:36:c5:e7:b1:ed:1f:47:d7:e7:09:69:38:3a:66:61:37:
a9:45:3a:b2:0b:1b:a1:28:45:be:c8:06:05:ee:f5:ba:d6:e8:
58:2f:1f:6c:63:24:07:c9:61:7e:43:01:5d:b7:27:d7:43:77:
14:66:3c:44:e7:63:e4:5d:95:d9:2c:40:53:2a:1c:56:57:47:
a8:e3:40:0e:89:0f:ec:18:4b:16:f3:13:de:de:1b:b3:4b:1b:
ac:22:f9:00:98:e9:e1:e3:df:88:fb:c3:be:e4:22:2d:bd:dd:
07:5b:20:3c:79:a6:82:14:6a:dd:5a:7f:c1:bf:3d:5d:54:19:
26:1a:e3:06:06:52:55:88:3c:df:2a:22:12:de:92:43:8c:0e:
bc:c5:ad:bc:1c:3f:78:8e:02:93:14:20:f7:f7:f2:04:67:b1:
e5:19:8e:90:8e:d0:f6:91:18:20:cf:3e:a7:bc:74:8f:5f:36:
04:67:de:00:06:37:9f:de:6d:df:45:b0:71:36:2d:70:74:12:
67:c5:ef:27:ce:c9:55:f3:37:df:3e:dd:1f:41:0b:f4:f7:e5:
8e:48:ec:52
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEASrRtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTk0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBlYmQ1Yjk1MTA2
YjY5ZjEwNzYzZTQ1OGIxZTk1OTYwMDhhOGQxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANz6TWBP5+Zzz3PnritXzipeBzsEYM6QTGTDw97uhmgzcaC2
0rqpWJcrz3YIsqsR42JBl9X3mRXNq53vtGXkMsvahnB/LscFkqDLud4KFyaYmoEN
vHCod/uWxsvsDkgpbtFG6W8OwonsoFjef4j6uNR1EY7EmevCNtQzpIHufZWpVcGx
hwNr6ZdpZ82xE95XkIckYAgrmbUujhsDHjMR36+wQCHmQXWPK94356TLsW2PrRPN
OJk4RSkiV+AqZcMdyEhaBUbQVVqkVLmqQ+NfTwgJd8vAoSp5DYVd3brx9gYLBPqS
YcwN5fhDhD1aeSES2SqB5Hs2JIYzWdIjNmT9Qf0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTg69W5UQa2nxB2PkWLHpWWAIqNGTAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzRPdlZ1VkVHdHA4UWRqNUZpeDZWbGdDS2pSay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoMtkIKAAMHACoMtkIKzjANBgkq
hkiG9w0BAQsFAAOCAQEAH5mnNYVJlc2KTKnejhSx2Z+Kkh2LuxAmWChi83LpXQr4
i2IDxVk2xeex7R9H1+cJaTg6ZmE3qUU6sgsboShFvsgGBe71utboWC8fbGMkB8lh
fkMBXbcn10N3FGY8ROdj5F2V2SxAUyocVldHqONADokP7BhLFvMT3t4bs0sbrCL5
AJjp4ePfiPvDvuQiLb3dB1sgPHmmghRq3Vp/wb89XVQZJhrjBgZSVYg83yoiEt6S
Q4wOvMWtvBw/eI4CkxQg9/fyBGex5RmOkI7Q9pEYIM8+p7x0j182BGfeAAY3n95t
30WwcTYtcHQSZ8XvJ87JVfM33z7dH0EL9PfljkjsUg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:20:55 2025 by rpki-client