Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/65zDzq016BocoTlEl3KuNk5y-iE.roa
File: 65zDzq016BocoTlEl3KuNk5y-iE.roa (raw, json)
Hash identifier: vd0r/UQTUbMLsuWWKYDJw2iSl8LtyuGZBjqUtQF5JEc=
Subject key identifier: EB:9C:C3:CE:AD:35:E8:1A:1C:A1:39:44:97:72:AE:36:4E:72:FA:21
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01481987
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/65zDzq016BocoTlEl3KuNk5y-iE.roa
Signing time: Sat 01 Jan 2022 01:00:18 +0000
ROA not before: Sat 01 Jan 2022 01:00:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211367
IP address blocks: 2a0c:b641:180::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21502343 (0x1481987)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb9cc3cead35e81a1ca139449772ae364e72fa21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:55:d2:af:43:2d:dc:97:3d:ab:7c:c5:07:9f:
6f:e9:e9:2a:77:ee:7e:62:ce:7b:6f:da:b5:7d:18:
d1:59:bf:e2:ac:8b:6b:7d:ed:bc:4b:53:88:f7:84:
9f:43:9e:83:19:a3:a5:3e:a6:a6:a3:e4:ed:19:e3:
01:b1:4a:e7:44:ec:75:f8:1c:f5:b5:a3:1b:6d:a9:
99:17:f0:41:c5:2e:e3:8f:71:b4:15:a1:b3:5e:c8:
e0:78:44:79:b5:b7:e0:0f:dc:43:2d:3c:b8:de:54:
51:69:82:ea:29:9f:7d:81:96:0e:7e:5b:57:df:66:
74:d9:85:5e:0c:19:b1:22:87:f5:c1:3d:51:8e:d6:
ec:d0:12:c5:4a:a0:08:b8:17:9b:3f:c2:f2:c1:af:
6f:76:1e:89:eb:05:15:45:ff:a4:e4:d3:26:0d:cc:
45:bb:b4:54:e5:11:4f:e6:53:3d:cf:1b:4a:ca:1b:
5d:79:90:ec:36:4f:26:44:61:79:57:8c:99:5f:d5:
6e:08:52:51:92:ec:47:25:8e:bd:79:b8:10:2a:4b:
f8:37:9f:0f:44:cc:21:3d:9d:f8:58:cd:47:bd:89:
05:d5:61:f1:16:b5:47:65:a3:0b:1f:29:af:f0:7b:
77:b1:10:48:6f:d8:e3:58:48:5a:ec:91:ec:49:ba:
06:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:9C:C3:CE:AD:35:E8:1A:1C:A1:39:44:97:72:AE:36:4E:72:FA:21
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/65zDzq016BocoTlEl3KuNk5y-iE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:180::/44
Signature Algorithm: sha256WithRSAEncryption
37:a4:67:0b:0d:6f:9e:1b:94:eb:ff:1b:af:a0:5d:9d:92:8a:
22:83:77:96:16:e5:1e:cb:d6:a2:46:50:aa:2e:05:d6:be:c7:
2a:a7:a8:64:04:8f:7b:88:52:95:df:97:8f:fe:7c:2e:30:82:
15:a2:e7:48:2a:0f:a4:41:96:4f:d5:4e:6f:86:c9:e3:7a:37:
6f:93:e7:c0:42:7c:a2:6f:35:e8:86:29:ce:f2:3b:89:bf:0c:
07:f5:08:68:2c:07:f2:59:b7:65:87:3f:4f:4b:17:c3:e5:91:
6c:85:c8:11:88:4e:b6:86:0e:87:ed:61:29:1f:26:10:1a:5e:
5d:86:0f:48:e7:5c:63:eb:59:8b:0d:09:b7:fb:30:07:92:82:
d3:c2:bf:a8:a3:16:2d:eb:0a:82:2c:35:7f:8a:2a:e4:a8:90:
f0:9a:5b:d1:55:2a:42:8d:16:8f:d6:e2:0f:5a:c7:8b:9b:20:
ff:b5:23:9f:91:06:24:36:89:80:f5:30:c4:00:81:3c:5e:81:
3a:a3:be:4f:36:9a:57:d7:3c:72:9d:ec:93:1d:27:07:2e:79:
10:2d:57:88:a4:79:04:5d:e0:37:3b:0a:86:8f:5b:31:f1:ea:
61:80:81:72:19:5f:ca:77:bf:2b:4b:9f:f3:cd:65:73:cf:e7:
96:53:7f:35
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAUgZhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWI5Y2MzY2VhZDM1
ZTgxYTFjYTEzOTQ0OTc3MmFlMzY0ZTcyZmEyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANtV0q9DLdyXPat8xQefb+npKnfufmLOe2/atX0Y0Vm/4qyL
a33tvEtTiPeEn0OegxmjpT6mpqPk7RnjAbFK50Tsdfgc9bWjG22pmRfwQcUu449x
tBWhs17I4HhEebW34A/cQy08uN5UUWmC6imffYGWDn5bV99mdNmFXgwZsSKH9cE9
UY7W7NASxUqgCLgXmz/C8sGvb3YeiesFFUX/pOTTJg3MRbu0VOURT+ZTPc8bSsob
XXmQ7DZPJkRheVeMmV/VbghSUZLsRyWOvXm4ECpL+DefD0TMIT2d+FjNR72JBdVh
8Ra1R2WjCx8pr/B7d7EQSG/Y41hIWuyR7Em6BqMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTrnMPOrTXoGhyhOUSXcq42TnL6ITAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzY1ekR6cTAxNkJvY29UbEVsM0t1Tms1eS1pRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEBgDANBgkqhkiG9w0BAQsF
AAOCAQEAN6RnCw1vnhuU6/8br6BdnZKKIoN3lhblHsvWokZQqi4F1r7HKqeoZASP
e4hSld+Xj/58LjCCFaLnSCoPpEGWT9VOb4bJ43o3b5PnwEJ8om816IYpzvI7ib8M
B/UIaCwH8lm3ZYc/T0sXw+WRbIXIEYhOtoYOh+1hKR8mEBpeXYYPSOdcY+tZiw0J
t/swB5KC08K/qKMWLesKgiw1f4oq5KiQ8Jpb0VUqQo0Wj9biD1rHi5sg/7Ujn5EG
JDaJgPUwxACBPF6BOqO+TzaaV9c8cp3skx0nBy55EC1XiKR5BF3gNzsKho9bMfHq
YYCBchlfyne/K0uf881lc8/nllN/NQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:04:08 2025 by rpki-client