Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/92QtGfhcusGrOtw-J63QgD7iR8o.roa
File: 92QtGfhcusGrOtw-J63QgD7iR8o.roa (raw, json)
Hash identifier: g7l9Gn4drx6/3I2AinIOeDqzIgX9ghegeO1/3zEyr98=
Subject key identifier: F7:64:2D:19:F8:5C:BA:C1:AB:3A:DC:3E:27:AD:D0:80:3E:E2:47:CA
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01170013
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/92QtGfhcusGrOtw-J63QgD7iR8o.roa
Signing time: Sat 01 Jan 2022 00:59:39 +0000
ROA not before: Sat 01 Jan 2022 00:59:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206499
IP address blocks: 2a0c:b642::/36 maxlen: 48
2a0c:b642:a00::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18284563 (0x1170013)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7642d19f85cbac1ab3adc3e27add0803ee247ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:41:b2:6e:4f:cd:60:e2:ea:ad:6c:6d:7c:fe:
6d:09:31:45:2b:a1:da:21:37:e7:62:24:03:c2:e9:
07:2a:e8:79:3f:b3:78:1c:14:81:37:bd:15:03:09:
06:ac:24:ef:f8:45:4c:0a:a0:54:42:64:e1:da:31:
ef:ee:9e:6a:45:fb:41:b7:9e:03:c9:cf:b5:d6:05:
4f:94:e3:0c:eb:ab:23:ad:cb:ec:59:44:da:45:02:
62:d6:1b:45:28:76:db:64:4d:48:3f:35:57:3b:77:
49:c3:f8:14:74:98:c9:32:64:5d:b8:56:73:f0:1e:
fb:b9:82:13:7c:23:49:e9:d9:93:06:65:d2:7c:22:
2e:46:d6:5a:e8:ed:06:6e:af:51:88:87:c3:8c:8e:
18:c5:b1:1a:d4:a6:60:c0:85:79:de:7f:11:c2:53:
11:5e:d8:bd:94:60:05:08:07:b5:d6:0a:2d:94:fa:
6d:a9:d4:ce:0f:9b:ff:b4:de:f0:06:7b:ac:77:e6:
0c:7a:99:ec:75:80:54:ac:7a:4f:7c:0f:58:7c:81:
fc:a4:98:81:f6:d5:92:98:e4:9b:15:d7:4d:4c:91:
f6:1e:17:b3:10:ab:77:98:10:75:0c:c0:cf:8e:13:
76:0d:0f:aa:0f:84:88:aa:18:7c:3f:8f:b1:42:2b:
15:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:64:2D:19:F8:5C:BA:C1:AB:3A:DC:3E:27:AD:D0:80:3E:E2:47:CA
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/92QtGfhcusGrOtw-J63QgD7iR8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642::/36
Signature Algorithm: sha256WithRSAEncryption
07:a6:87:4e:a6:53:1c:ee:97:05:0d:91:b3:02:22:4d:b3:dc:
79:6f:e8:70:b6:34:0a:1f:58:28:de:ed:ed:34:53:c5:68:52:
7b:fc:c7:94:1e:85:cd:d6:d9:23:f5:46:eb:37:ed:0f:0f:e9:
75:92:5a:5d:55:7e:33:ca:14:40:44:28:96:36:15:af:97:ce:
54:5c:06:dd:7d:67:c8:0a:04:a7:9e:54:e6:f6:4c:09:8d:01:
92:60:64:08:27:60:8c:3b:7c:a9:33:5f:15:5e:10:08:fa:76:
64:f1:c4:8f:15:83:c8:c0:4f:5f:6c:4e:0c:e7:bd:62:04:7c:
a8:65:61:74:e0:0c:dd:c1:c3:76:bf:ee:05:82:32:ae:b2:f3:
ea:29:95:74:f9:13:4d:36:9c:f1:bb:d3:d9:00:cb:ee:b2:e1:
49:c8:92:ce:66:f6:50:db:63:5b:ff:ac:fd:83:99:64:a4:79:
2d:d8:d7:ea:92:e6:4f:51:b5:e1:5c:84:bb:50:65:37:7b:ef:
2b:a3:09:06:e8:19:3c:f8:45:42:b6:ec:18:d7:cb:6a:34:79:
a5:4e:77:9c:87:2b:31:ab:4f:66:9c:53:a5:44:13:43:c5:3a:
77:2a:1d:fa:3f:2f:34:b8:fc:f6:e3:92:5c:3b:2e:6a:af:fb:
3e:5e:e9:2c
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEARcAEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjc2NDJkMTlmODVj
YmFjMWFiM2FkYzNlMjdhZGQwODAzZWUyNDdjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxBsm5PzWDi6q1sbXz+bQkxRSuh2iE352IkA8LpByroeT+z
eBwUgTe9FQMJBqwk7/hFTAqgVEJk4dox7+6eakX7QbeeA8nPtdYFT5TjDOurI63L
7FlE2kUCYtYbRSh222RNSD81Vzt3ScP4FHSYyTJkXbhWc/Ae+7mCE3wjSenZkwZl
0nwiLkbWWujtBm6vUYiHw4yOGMWxGtSmYMCFed5/EcJTEV7YvZRgBQgHtdYKLZT6
banUzg+b/7Te8AZ7rHfmDHqZ7HWAVKx6T3wPWHyB/KSYgfbVkpjkmxXXTUyR9h4X
sxCrd5gQdQzAz44Tdg0Pqg+EiKoYfD+PsUIrFWUCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBT3ZC0Z+Fy6was63D4nrdCAPuJHyjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzkyUXRHZmhjdXNHck90dy1KNjNRZ0Q3aVI4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoMtkIAMA0GCSqGSIb3DQEBCwUA
A4IBAQAHpodOplMc7pcFDZGzAiJNs9x5b+hwtjQKH1go3u3tNFPFaFJ7/MeUHoXN
1tkj9UbrN+0PD+l1klpdVX4zyhRARCiWNhWvl85UXAbdfWfICgSnnlTm9kwJjQGS
YGQIJ2CMO3ypM18VXhAI+nZk8cSPFYPIwE9fbE4M571iBHyoZWF04AzdwcN2v+4F
gjKusvPqKZV0+RNNNpzxu9PZAMvusuFJyJLOZvZQ22Nb/6z9g5lkpHkt2NfqkuZP
UbXhXIS7UGU3e+8rowkG6Bk8+EVCtuwY18tqNHmlTnechysxq09mnFOlRBNDxTp3
Kh36Py80uPz245JcOy5qr/s+Xuks
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org