Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/6c5wc3ulY9IcSo4Y-MJ9j90v7U0.roa
File: 6c5wc3ulY9IcSo4Y-MJ9j90v7U0.roa (raw, json)
Hash identifier: qrpi53D6q08vucBGT5ZROvBPTn1m0em9CsSpcKHLm98=
Subject key identifier: E9:CE:70:73:7B:A5:63:D2:1C:4A:8E:18:F8:C2:7D:8F:DD:2F:ED:4D
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E41364C051A9EE95C2231E538A44D
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/6c5wc3ulY9IcSo4Y-MJ9j90v7U0.roa
Signing time: Mon 02 Jan 2023 06:14:46 +0000
ROA not before: Mon 02 Jan 2023 06:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49519
IP address blocks: 2a0c:b641:8a0::/44 maxlen: 48
2a0c:b641:470::/44 maxlen: 48
2a0c:b642:5000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:41:36:4c:05:1a:9e:e9:5c:22:31:e5:38:a4:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9ce70737ba563d21c4a8e18f8c27d8fdd2fed4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:58:cc:d2:f2:88:18:a2:7d:57:5d:19:5a:35:
f5:82:04:31:18:9c:a0:6b:5a:0c:63:60:42:47:c6:
a5:69:a4:57:a2:85:01:06:ba:13:07:cc:87:a6:b5:
12:aa:01:e0:f5:e3:21:83:0d:b8:f4:ed:78:82:f1:
9a:79:bf:e7:90:78:5d:3c:62:84:a9:a4:54:7c:12:
f1:70:b5:7a:78:97:41:2c:ad:49:8e:b1:80:0b:c7:
ab:31:8c:05:af:d6:80:3c:d1:53:78:95:a9:aa:ec:
be:1b:76:3d:d1:6b:2e:d9:65:de:aa:15:1e:ba:e6:
67:48:5e:65:21:7c:fe:56:d4:c1:46:ba:5b:a7:30:
1c:f9:2d:79:27:7f:05:21:1a:76:97:1c:78:35:af:
76:0c:cd:96:dd:be:b3:e1:b4:67:dd:ca:d2:48:c1:
50:e1:78:6b:ed:05:93:1d:d2:a9:5a:f5:d5:c6:db:
08:1f:4a:cb:58:06:d7:a4:62:e8:ba:da:a2:de:59:
3c:18:4c:c5:2e:a5:43:78:bf:86:9c:e8:fb:d0:9c:
fd:55:21:f6:a7:8f:20:43:de:d3:e9:70:91:b2:fe:
ea:8f:0f:a7:32:bc:b6:6a:e7:7b:3c:df:e4:4a:08:
c2:6d:fe:92:65:49:51:ea:15:42:c2:41:d7:d7:8f:
ad:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:CE:70:73:7B:A5:63:D2:1C:4A:8E:18:F8:C2:7D:8F:DD:2F:ED:4D
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/6c5wc3ulY9IcSo4Y-MJ9j90v7U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:470::/44
2a0c:b641:8a0::/44
2a0c:b642:5000::/36
Signature Algorithm: sha256WithRSAEncryption
47:3d:2f:0a:ce:24:81:96:20:2f:20:5a:e1:9e:6c:68:cb:17:
b7:88:b9:d6:a7:f5:d9:49:e4:5b:b1:7e:e8:98:8a:2e:d2:f5:
fa:3e:9a:64:a0:95:1e:47:f8:08:e5:2f:57:b8:b4:89:c2:dc:
48:e4:93:b3:92:f3:c8:45:81:0e:9b:56:1a:a8:c7:7c:59:b7:
45:cc:0c:18:6e:b8:e6:6e:50:95:e2:89:92:a3:98:23:0d:9a:
0c:09:f9:88:8f:20:d6:22:42:3a:ce:9e:ab:a8:12:73:d7:fe:
e2:46:24:6c:87:36:8e:2c:10:3b:db:55:f9:bb:93:9d:c0:a2:
9d:98:9f:0b:ea:ed:ef:bf:c6:02:6a:36:a5:0d:b5:49:dc:d4:
6c:41:f0:01:d9:27:30:f9:20:38:e6:88:61:4b:9f:e9:a6:18:
d8:85:ef:7d:80:fa:39:dc:2e:d8:7f:58:0d:d6:be:bf:9d:ef:
fc:a2:04:68:50:3b:c6:93:47:63:53:28:57:55:fc:18:7d:88:
27:bc:cd:a6:1e:ef:df:3c:dc:86:84:14:02:57:db:04:3c:a1:
42:29:f1:22:9b:b1:fa:b5:05:21:3a:b0:bc:c5:2d:39:49:1f:
c4:0d:2c:40:21:6d:59:5d:a6:1e:8d:74:db:5a:fa:35:3c:45:
41:c9:08:37
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVxHkE2TAUanulcIjHlOKRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWNlNzA3MzdiYTU2M2QyMWM0YThlMThmOGMyN2Q4ZmRkMmZlZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1jM0vKIGKJ9V10ZWjX1ggQxGJyg
a1oMY2BCR8alaaRXooUBBroTB8yHprUSqgHg9eMhgw249O14gvGaeb/nkHhdPGKE
qaRUfBLxcLV6eJdBLK1JjrGAC8erMYwFr9aAPNFTeJWpquy+G3Y90Wsu2WXeqhUe
uuZnSF5lIXz+VtTBRrpbpzAc+S15J38FIRp2lxx4Na92DM2W3b6z4bRn3crSSMFQ
4Xhr7QWTHdKpWvXVxtsIH0rLWAbXpGLoutqi3lk8GEzFLqVDeL+GnOj70Jz9VSH2
p48gQ97T6XCRsv7qjw+nMry2aud7PN/kSgjCbf6SZUlR6hVCwkHX14+t/wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOnOcHN7pWPSHEqOGPjCfY/dL+1NMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvNmM1d2MzdWxZOUljU280WS1NSjlqOTB2N1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwcEKgy2QQRw
AwcEKgy2QQigAwYEKgy2QlAwDQYJKoZIhvcNAQELBQADggEBAEc9LwrOJIGWIC8g
WuGebGjLF7eIudan9dlJ5FuxfuiYii7S9fo+mmSglR5H+AjlL1e4tInC3Ejkk7OS
88hFgQ6bVhqox3xZt0XMDBhuuOZuUJXiiZKjmCMNmgwJ+YiPINYiQjrOnquoEnPX
/uJGJGyHNo4sEDvbVfm7k53Aop2Ynwvq7e+/xgJqNqUNtUnc1GxB8AHZJzD5IDjm
iGFLn+mmGNiF732A+jncLth/WA3Wvr+d7/yiBGhQO8aTR2NTKFdV/Bh9iCe8zaYe
79883IaEFAJX2wQ8oUIp8SKbsfq1BSE6sLzFLTlJH8QNLEAhbVldph6NdNta+jU8
RUHJCDc=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:04:01 2025 by rpki-client