Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/9G2GaKWgaH_kjSTidcu2e9QNym8.roa
File: 9G2GaKWgaH_kjSTidcu2e9QNym8.roa (raw, json)
Hash identifier: BJAQPn1kj6FkXMfs97TMm3F2Erl2/pn06B9c2O9TRbc=
Subject key identifier: F4:6D:86:68:A5:A0:68:7F:E4:8D:24:E2:75:CB:B6:7B:D4:0D:CA:6F
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 015248C7
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/9G2GaKWgaH_kjSTidcu2e9QNym8.roa
Signing time: Sat 01 Jan 2022 01:00:23 +0000
ROA not before: Sat 01 Jan 2022 01:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212624
IP address blocks: 2a0c:b641:2a0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22169799 (0x15248c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f46d8668a5a0687fe48d24e275cbb67bd40dca6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:da:a4:03:df:26:f5:f4:34:e2:f2:16:15:7f:
ae:00:5c:ba:64:90:29:85:31:37:bc:87:66:98:7d:
f4:8f:ff:23:e5:54:8f:c0:5d:8b:fb:f8:e9:b9:df:
fb:28:9a:24:cc:9a:42:20:6b:b5:a9:32:74:12:f0:
0f:61:14:31:f6:0f:46:0b:98:0c:9c:1b:43:a3:97:
6f:12:9c:dd:54:fc:65:5b:a4:83:01:4b:71:93:d4:
55:87:24:a9:9c:e6:56:af:90:3e:5d:6b:98:38:55:
90:10:82:bc:e6:52:32:e5:39:f0:cd:35:3d:03:74:
db:a9:13:76:08:78:e2:1a:ae:7a:fb:f3:ca:bd:08:
e6:77:a8:b6:a4:ac:2b:95:8b:55:fa:7c:1c:a6:19:
21:af:dc:c8:94:9d:ac:b9:7c:42:65:36:fb:23:df:
37:1f:79:64:30:0e:20:a6:19:32:4c:c2:6a:52:45:
12:4a:bc:58:98:9d:88:0c:a9:2a:e0:64:e1:ee:2e:
69:67:44:94:71:48:04:08:7f:79:3a:ac:ca:c1:c3:
dc:a2:5d:d8:9f:a2:d9:25:12:c0:ea:a1:bd:2c:74:
a0:05:3f:f7:52:91:f0:a3:d4:e8:c6:06:41:26:7e:
b3:78:86:02:ef:5b:96:db:a3:c3:6c:70:c9:43:8e:
31:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6D:86:68:A5:A0:68:7F:E4:8D:24:E2:75:CB:B6:7B:D4:0D:CA:6F
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/9G2GaKWgaH_kjSTidcu2e9QNym8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:2a0::/44
Signature Algorithm: sha256WithRSAEncryption
80:1b:da:18:fc:f4:4f:da:b5:8d:14:72:06:e2:62:c0:81:cf:
33:17:10:24:39:c5:20:a5:6a:b8:50:83:1b:a1:b2:5d:4c:fb:
a7:a8:95:14:6a:b4:58:c7:77:64:a5:92:c9:73:0f:5c:7f:a0:
c3:92:4c:a4:eb:38:5f:3c:ff:bd:e2:97:80:ac:a4:d0:3a:8e:
c5:8d:55:03:09:23:98:c4:69:9e:a7:bd:04:35:7d:18:41:d0:
eb:7e:f8:d9:d4:0f:e6:cf:e6:c2:d3:dd:81:18:bb:8c:ad:d9:
a3:b0:ff:94:8f:28:2d:05:0a:ec:ec:d2:1a:d3:99:75:0c:53:
ce:de:4f:0d:50:b1:3e:90:74:9c:64:95:b9:3e:c4:3e:c9:53:
aa:08:3b:f0:b4:1f:b0:ae:c0:0d:c2:22:59:12:52:04:f1:76:
e4:4a:32:5d:79:f1:8b:b2:37:23:02:82:ec:32:ba:f9:a4:30:
d1:b2:c7:c6:1e:e1:2f:60:f5:aa:7a:75:a1:51:1b:20:3a:4f:
66:8e:af:3f:99:62:6a:ea:55:0b:68:f8:78:35:28:59:77:cb:
16:7b:c9:26:8c:97:57:d6:41:ad:63:1f:9b:b2:9f:c6:40:79:
10:cd:a5:09:6b:df:3f:86:de:a5:40:03:7c:7b:e0:33:75:bd:
70:c1:8e:69
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAVJIxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ2ZDg2NjhhNWEw
Njg3ZmU0OGQyNGUyNzVjYmI2N2JkNDBkY2E2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrapAPfJvX0NOLyFhV/rgBcumSQKYUxN7yHZph99I//I+VU
j8Bdi/v46bnf+yiaJMyaQiBrtakydBLwD2EUMfYPRguYDJwbQ6OXbxKc3VT8ZVuk
gwFLcZPUVYckqZzmVq+QPl1rmDhVkBCCvOZSMuU58M01PQN026kTdgh44hquevvz
yr0I5neotqSsK5WLVfp8HKYZIa/cyJSdrLl8QmU2+yPfNx95ZDAOIKYZMkzCalJF
Ekq8WJidiAypKuBk4e4uaWdElHFIBAh/eTqsysHD3KJd2J+i2SUSwOqhvSx0oAU/
91KR8KPU6MYGQSZ+s3iGAu9bltujw2xwyUOOMdsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBT0bYZopaBof+SNJOJ1y7Z71A3KbzAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzlHMkdhS1dnYUhfa2pTVGlkY3UyZTlRTnltOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkECoDANBgkqhkiG9w0BAQsF
AAOCAQEAgBvaGPz0T9q1jRRyBuJiwIHPMxcQJDnFIKVquFCDG6GyXUz7p6iVFGq0
WMd3ZKWSyXMPXH+gw5JMpOs4Xzz/veKXgKyk0DqOxY1VAwkjmMRpnqe9BDV9GEHQ
63742dQP5s/mwtPdgRi7jK3Zo7D/lI8oLQUK7OzSGtOZdQxTzt5PDVCxPpB0nGSV
uT7EPslTqgg78LQfsK7ADcIiWRJSBPF25EoyXXnxi7I3IwKC7DK6+aQw0bLHxh7h
L2D1qnp1oVEbIDpPZo6vP5liaupVC2j4eDUoWXfLFnvJJoyXV9ZBrWMfm7KfxkB5
EM2lCWvfP4bepUADfHvgM3W9cMGOaQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:25 2023 by rpki-client on console-ams.rpki-client.org