Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/68C9In5rANfZo8GijQfz47H-AAI.roa
File: 68C9In5rANfZo8GijQfz47H-AAI.roa (raw, json)
Hash identifier: 6AAH5NaDujy4gyHP60Na9iq8UQYl+Dz7YrQG2Te2lrg=
Subject key identifier: EB:C0:BD:22:7E:6B:00:D7:D9:A3:C1:A2:8D:07:F3:E3:B1:FE:00:02
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0146AC74
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/68C9In5rANfZo8GijQfz47H-AAI.roa
Signing time: Sat 01 Jan 2022 01:00:16 +0000
ROA not before: Sat 01 Jan 2022 01:00:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211248
IP address blocks: 2a0c:b641:1e0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21408884 (0x146ac74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ebc0bd227e6b00d7d9a3c1a28d07f3e3b1fe0002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ee:cc:1f:ca:77:bb:64:7f:41:fc:69:af:40:
6c:ed:11:1a:07:56:45:fe:f6:2c:ca:b8:ec:1b:82:
21:48:c1:22:88:ef:e0:6b:f9:ae:70:fa:30:d2:64:
ea:5f:78:8e:29:d4:3d:66:3b:b0:e8:08:32:5b:9a:
31:44:2a:9d:3f:94:c5:03:e8:e1:1e:b4:7f:3d:41:
a5:b8:96:0f:78:10:74:14:53:4a:cd:ef:e2:48:3e:
fa:a0:ff:b6:8c:77:ce:82:74:1b:fb:b3:da:07:35:
ed:3a:4a:5c:0a:5b:20:35:8c:9b:aa:70:4e:5f:bf:
6b:d2:07:b7:8a:46:f6:9c:6e:08:31:62:f5:10:db:
80:ea:1d:5f:48:ec:b9:55:c9:05:13:6b:8a:0b:ef:
6d:d2:7b:4a:c6:ee:65:70:0b:f5:7e:c9:dd:88:ed:
43:86:d3:f7:34:c5:b4:ff:d1:d2:8b:ae:b9:27:a6:
42:7b:72:17:6d:8c:d9:73:ab:3e:c5:df:a2:eb:81:
13:3b:6c:17:5d:27:de:07:00:13:c5:cf:e3:d5:f9:
80:60:5f:27:ad:92:cd:cb:20:84:e4:00:e8:7f:82:
15:76:aa:e0:d7:f7:78:95:0d:f2:bb:bd:57:a9:2d:
ae:22:ad:36:1a:1e:10:ea:50:ef:89:ff:65:44:d3:
57:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C0:BD:22:7E:6B:00:D7:D9:A3:C1:A2:8D:07:F3:E3:B1:FE:00:02
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/68C9In5rANfZo8GijQfz47H-AAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:1e0::/44
Signature Algorithm: sha256WithRSAEncryption
36:bf:44:64:93:c3:aa:65:c6:77:d1:87:0c:a4:02:d9:04:2c:
3f:f7:07:f2:af:5b:a4:a3:35:61:ab:67:88:93:7d:3d:39:bd:
cb:d6:84:7c:6a:8e:7a:5a:ff:65:bb:de:fa:b5:38:22:6a:ca:
8f:14:39:94:0d:52:9e:7c:2e:fd:33:b8:bd:57:14:86:8a:89:
8a:fc:5e:1b:9f:eb:ac:75:30:11:61:03:ce:68:6c:3f:af:9a:
5a:90:0b:af:f1:3f:83:07:7b:ea:55:1a:61:38:6b:d0:af:86:
0f:39:65:2e:b0:a3:87:0c:ef:2f:20:04:dd:c2:21:7a:ff:61:
7a:fb:1d:a0:04:5d:4a:b3:a1:22:75:50:77:4e:0e:7f:c0:2f:
93:17:97:66:f8:8c:b1:70:22:80:56:01:cc:a4:71:54:57:c9:
63:59:cc:c0:1e:a3:b6:d7:f7:68:da:73:30:d6:cf:89:22:c5:
aa:cc:dd:ea:dc:a7:e3:5e:80:9c:7e:99:73:c3:56:ae:a3:e6:
63:0e:ca:ab:8f:89:e5:ef:6d:6c:c9:02:4d:61:bf:8c:13:3c:
5c:26:b8:95:63:99:81:8f:7a:e6:b8:34:3b:a0:ff:f3:29:aa:
cc:f6:27:df:bc:c1:7e:79:0a:ce:76:97:b9:78:f6:03:08:4e:
fe:ce:52:06
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAUasdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWJjMGJkMjI3ZTZi
MDBkN2Q5YTNjMWEyOGQwN2YzZTNiMWZlMDAwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbuzB/Kd7tkf0H8aa9AbO0RGgdWRf72LMq47BuCIUjBIojv
4Gv5rnD6MNJk6l94jinUPWY7sOgIMluaMUQqnT+UxQPo4R60fz1BpbiWD3gQdBRT
Ss3v4kg++qD/tox3zoJ0G/uz2gc17TpKXApbIDWMm6pwTl+/a9IHt4pG9pxuCDFi
9RDbgOodX0jsuVXJBRNrigvvbdJ7SsbuZXAL9X7J3YjtQ4bT9zTFtP/R0ouuuSem
QntyF22M2XOrPsXfouuBEztsF10n3gcAE8XP49X5gGBfJ62SzcsghOQA6H+CFXaq
4Nf3eJUN8ru9V6ktriKtNhoeEOpQ74n/ZUTTVzECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTrwL0ifmsA19mjwaKNB/Pjsf4AAjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzY4QzlJbjVyQU5mWm84R2lqUWZ6NDdILUFBSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEB4DANBgkqhkiG9w0BAQsF
AAOCAQEANr9EZJPDqmXGd9GHDKQC2QQsP/cH8q9bpKM1YatniJN9PTm9y9aEfGqO
elr/Zbve+rU4ImrKjxQ5lA1Snnwu/TO4vVcUhoqJivxeG5/rrHUwEWEDzmhsP6+a
WpALr/E/gwd76lUaYThr0K+GDzllLrCjhwzvLyAE3cIhev9hevsdoARdSrOhInVQ
d04Of8AvkxeXZviMsXAigFYBzKRxVFfJY1nMwB6jttf3aNpzMNbPiSLFqszd6tyn
416AnH6Zc8NWrqPmYw7Kq4+J5e9tbMkCTWG/jBM8XCa4lWOZgY965rg0O6D/8ymq
zPYn37zBfnkKznaXuXj2AwhO/s5SBg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:25 2023 by rpki-client on console-ams.rpki-client.org