Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ASmnJe8ovaLlRbkAAJYvgHnrgao.roa
File: ASmnJe8ovaLlRbkAAJYvgHnrgao.roa (raw, json)
Hash identifier: U6jobPmdkEb37ZOxbF2L1Dz105WynpwoHDu18adxd1M=
Subject key identifier: 01:29:A7:25:EF:28:BD:A2:E5:45:B9:00:00:96:2F:80:79:EB:81:AA
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01567757
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ASmnJe8ovaLlRbkAAJYvgHnrgao.roa
Signing time: Sat 01 Jan 2022 01:00:27 +0000
ROA not before: Sat 01 Jan 2022 01:00:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212912
IP address blocks: 2a0c:b641:5e0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22443863 (0x1567757)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0129a725ef28bda2e545b90000962f8079eb81aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2e:e2:b3:54:da:28:87:aa:1a:0b:0e:48:1f:
4c:ef:0e:c1:9b:8c:50:6d:90:f8:10:67:c3:8a:9b:
ec:0c:b2:ea:71:46:47:0b:2e:d4:84:ba:43:84:89:
56:5b:63:29:b0:d1:44:34:0c:db:38:44:84:90:2f:
a5:29:7e:a0:fe:22:b5:28:04:fb:82:ba:36:bd:ef:
07:c1:6a:86:92:3e:85:e7:58:f2:6c:4f:e3:03:e4:
9f:b7:ff:07:61:d1:79:f9:32:ba:7b:96:62:61:76:
8b:ef:62:6a:f3:9e:47:6b:d9:7e:25:a4:22:ff:aa:
81:2d:f5:34:0a:35:64:dd:3c:50:01:21:70:d5:7c:
f2:6e:8b:ac:59:4f:5b:8a:ad:96:d1:e0:6e:69:e4:
dc:bd:95:c8:d4:a1:71:fb:4c:5d:69:bf:32:e0:88:
8a:c1:99:9c:e7:7b:9b:2c:df:58:3c:3d:dc:1c:1a:
bd:b8:dd:f2:82:2f:50:f3:0a:fb:f6:88:64:41:a1:
b6:8a:d4:fc:ec:51:cb:52:ab:36:42:70:3d:13:61:
73:c8:02:8c:72:d9:7f:36:16:73:44:74:c4:c1:c1:
54:a3:46:47:e8:e2:e8:30:84:14:de:57:10:2a:bb:
f4:d2:6f:d1:c1:08:7e:2e:81:39:d6:06:da:e7:32:
dd:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:29:A7:25:EF:28:BD:A2:E5:45:B9:00:00:96:2F:80:79:EB:81:AA
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ASmnJe8ovaLlRbkAAJYvgHnrgao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:5e0::/44
Signature Algorithm: sha256WithRSAEncryption
5b:2d:44:05:2a:9c:06:54:d6:2b:96:4b:de:9f:3a:db:0b:9b:
c9:58:8f:47:cc:86:3b:c4:36:ba:2e:a7:41:7d:05:2b:be:36:
de:bf:90:c2:24:5c:d4:af:14:93:b4:bc:3d:60:87:97:10:b3:
e1:c5:e7:25:3d:29:37:0b:eb:82:0b:62:78:8f:40:21:1f:fb:
84:7c:d4:b2:c1:47:66:2f:77:e6:73:b4:ba:76:3f:3d:55:e0:
a1:7c:aa:d6:06:e9:d7:33:8b:23:b6:ff:e7:9b:e9:db:f6:69:
a4:e9:73:4f:d7:67:17:ee:2e:b1:0f:1a:d0:d9:8a:d7:78:8b:
65:73:30:08:79:1a:6f:68:e5:27:04:5c:01:6e:5b:84:b0:40:
cd:58:b4:b5:4e:ba:1c:73:d4:a8:d2:e2:40:6c:16:b8:ce:20:
8a:ff:3b:67:5d:c7:55:b0:fb:0c:3d:e2:b5:82:60:ea:67:22:
c9:40:96:0a:00:65:72:16:a3:50:8c:2f:86:0f:9c:51:2f:e7:
a9:18:42:fe:1e:3b:d2:51:b9:97:50:0a:af:e4:62:83:5a:0f:
ab:80:1d:5d:78:05:36:da:8c:08:76:de:72:d4:50:8b:c9:81:
39:7f:60:84:17:52:59:da:09:b7:f2:e5:41:43:67:01:6c:6a:
36:29:e0:cc
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAVZ3VzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDEyOWE3MjVlZjI4
YmRhMmU1NDViOTAwMDA5NjJmODA3OWViODFhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwu4rNU2iiHqhoLDkgfTO8OwZuMUG2Q+BBnw4qb7Ayy6nFG
Rwsu1IS6Q4SJVltjKbDRRDQM2zhEhJAvpSl+oP4itSgE+4K6Nr3vB8FqhpI+hedY
8mxP4wPkn7f/B2HRefkyunuWYmF2i+9iavOeR2vZfiWkIv+qgS31NAo1ZN08UAEh
cNV88m6LrFlPW4qtltHgbmnk3L2VyNShcftMXWm/MuCIisGZnOd7myzfWDw93Bwa
vbjd8oIvUPMK+/aIZEGhtorU/OxRy1KrNkJwPRNhc8gCjHLZfzYWc0R0xMHBVKNG
R+ji6DCEFN5XECq79NJv0cEIfi6BOdYG2ucy3RcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQBKacl7yi9ouVFuQAAli+AeeuBqjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L0FTbW5KZThvdmFMbFJia0FBSll2Z0hucmdhby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEF4DANBgkqhkiG9w0BAQsF
AAOCAQEAWy1EBSqcBlTWK5ZL3p862wubyViPR8yGO8Q2ui6nQX0FK7423r+QwiRc
1K8Uk7S8PWCHlxCz4cXnJT0pNwvrggtieI9AIR/7hHzUssFHZi935nO0unY/PVXg
oXyq1gbp1zOLI7b/55vp2/ZppOlzT9dnF+4usQ8a0NmK13iLZXMwCHkab2jlJwRc
AW5bhLBAzVi0tU66HHPUqNLiQGwWuM4giv87Z13HVbD7DD3itYJg6mciyUCWCgBl
chajUIwvhg+cUS/nqRhC/h470lG5l1AKr+Rig1oPq4AdXXgFNtqMCHbectRQi8mB
OX9ghBdSWdoJt/LlQUNnAWxqNingzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org