Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4iNjasqZEmSeO7JIV2BcUsFm0Fg.roa
File: 4iNjasqZEmSeO7JIV2BcUsFm0Fg.roa (raw, json)
Hash identifier: 1i4UlwjqRAevQrH+O30Wzk2TG7/KG+lXrrsM/TiT7lU=
Subject key identifier: E2:23:63:6A:CA:99:12:64:9E:3B:B2:48:57:60:5C:52:C1:66:D0:58
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0159444F
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4iNjasqZEmSeO7JIV2BcUsFm0Fg.roa
Signing time: Sat 01 Jan 2022 01:00:29 +0000
ROA not before: Sat 01 Jan 2022 01:00:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213015
IP address blocks: 2a0c:b641:5b0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22627407 (0x159444f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e223636aca9912649e3bb24857605c52c166d058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fd:40:c1:c0:e2:c3:70:60:8e:2c:90:be:8a:
2f:3f:24:8c:82:8a:e2:04:f4:66:50:9f:9e:33:e8:
85:80:c0:5a:df:7b:ec:c2:43:c9:61:0d:4f:32:e6:
da:dd:da:a9:e7:45:8e:5c:59:25:af:50:de:84:96:
8a:e6:d1:12:40:54:82:02:1c:7f:62:61:8e:d2:1e:
02:b4:f6:05:9a:23:9a:84:d4:ce:3c:f0:3d:83:9a:
f1:c2:f1:19:9c:12:71:2b:d2:ed:42:7c:23:c8:e4:
68:2f:20:2d:3e:b2:06:48:e1:3e:10:41:e0:99:26:
4c:ec:b0:3c:54:0f:a4:41:2f:e0:cb:af:f2:89:c9:
52:2a:45:10:82:3a:e7:5a:4f:f1:b5:45:79:95:11:
5a:f2:f6:a8:ad:10:db:3e:14:92:88:92:03:55:5e:
b6:89:e6:83:e0:15:d8:97:2a:0a:bd:1b:4a:cf:1b:
9d:d1:40:cc:53:a5:6a:76:d6:05:63:86:22:ab:6d:
00:dc:7d:ef:14:32:31:5a:21:6d:b0:6c:09:2f:74:
fe:d5:2f:9d:1a:43:52:ff:0c:8a:85:92:b6:d0:22:
c4:79:72:fe:c4:74:1f:2a:f0:fc:e3:a2:11:dc:51:
b7:df:e5:a6:00:a8:90:da:83:56:75:07:a9:51:b6:
12:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:23:63:6A:CA:99:12:64:9E:3B:B2:48:57:60:5C:52:C1:66:D0:58
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4iNjasqZEmSeO7JIV2BcUsFm0Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:5b0::/44
Signature Algorithm: sha256WithRSAEncryption
7e:d1:5c:9d:f1:83:9b:2d:16:b6:6a:dc:8d:1e:da:a9:23:aa:
db:fc:c9:37:81:b4:8d:4a:7b:1b:9f:57:37:1c:20:96:66:72:
b1:47:f3:2a:91:f7:a0:3b:51:92:3f:66:3c:44:69:35:d9:04:
9c:eb:cb:dc:4d:50:f3:a2:55:03:50:80:67:5b:c1:aa:74:59:
af:1e:77:36:63:5a:d0:b6:d6:8d:aa:f5:ae:94:1c:d8:27:f7:
4f:37:77:5d:09:7e:ae:6b:05:56:6d:a0:05:ce:63:f5:08:00:
11:c8:ab:bc:4c:e1:ef:58:77:41:9a:6a:79:86:21:e7:37:56:
a2:ac:88:65:4c:e5:eb:4e:4a:20:09:08:d2:10:bf:2d:90:f3:
ec:89:1e:52:a1:02:43:1b:1c:96:58:a3:47:b2:f3:b6:35:31:
f1:e0:f2:aa:df:e6:2e:d6:60:b4:28:c0:b3:c6:aa:f5:34:6b:
42:19:51:90:e5:fa:83:02:dc:d7:75:da:0c:84:7a:72:5c:2d:
a9:92:6d:c0:5e:a0:d2:1c:54:6f:83:89:71:4e:d0:bb:33:61:
f5:fb:c3:2e:59:61:8c:b6:47:ed:4e:a1:fb:e7:7e:f1:ea:9f:
07:ac:28:cc:24:ce:6e:da:9b:98:01:52:46:8d:0b:db:eb:4b:
db:69:d4:0e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAVlETzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTIyMzYzNmFjYTk5
MTI2NDllM2JiMjQ4NTc2MDVjNTJjMTY2ZDA1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK39QMHA4sNwYI4skL6KLz8kjIKK4gT0ZlCfnjPohYDAWt97
7MJDyWENTzLm2t3aqedFjlxZJa9Q3oSWiubREkBUggIcf2JhjtIeArT2BZojmoTU
zjzwPYOa8cLxGZwScSvS7UJ8I8jkaC8gLT6yBkjhPhBB4JkmTOywPFQPpEEv4Muv
8onJUipFEII651pP8bVFeZURWvL2qK0Q2z4UkoiSA1Vetonmg+AV2JcqCr0bSs8b
ndFAzFOlanbWBWOGIqttANx97xQyMVohbbBsCS90/tUvnRpDUv8MioWSttAixHly
/sR0Hyrw/OOiEdxRt9/lpgCokNqDVnUHqVG2Er0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTiI2NqypkSZJ47skhXYFxSwWbQWDAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzRpTmphc3FaRW1TZU83SklWMkJjVXNGbTBGZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEFsDANBgkqhkiG9w0BAQsF
AAOCAQEAftFcnfGDmy0WtmrcjR7aqSOq2/zJN4G0jUp7G59XNxwglmZysUfzKpH3
oDtRkj9mPERpNdkEnOvL3E1Q86JVA1CAZ1vBqnRZrx53NmNa0LbWjar1rpQc2Cf3
Tzd3XQl+rmsFVm2gBc5j9QgAEcirvEzh71h3QZpqeYYh5zdWoqyIZUzl605KIAkI
0hC/LZDz7IkeUqECQxscllijR7LztjUx8eDyqt/mLtZgtCjAs8aq9TRrQhlRkOX6
gwLc13XaDIR6clwtqZJtwF6g0hxUb4OJcU7QuzNh9fvDLllhjLZH7U6h++d+8eqf
B6wozCTObtqbmAFSRo0L2+tL22nUDg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:26:45 2025 by rpki-client