Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/DHMwtKJ5IpHy-deT4TrL7fVoT5s.roa
File: DHMwtKJ5IpHy-deT4TrL7fVoT5s.roa (raw, json)
Hash identifier: /vNLla6lSJ11ZO4ffGwlIMKCVxVd6hMPOfrOCxdjpkU=
Subject key identifier: 0C:73:30:B4:A2:79:22:91:F2:F9:D7:93:E1:3A:CB:ED:F5:68:4F:9B
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E987B45F2AAEE3BC6D7E40A0FEB2D
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/DHMwtKJ5IpHy-deT4TrL7fVoT5s.roa
Signing time: Mon 02 Jan 2023 06:15:08 +0000
ROA not before: Mon 02 Jan 2023 06:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398646
IP address blocks: 2a0c:b642:1a0d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:98:7b:45:f2:aa:ee:3b:c6:d7:e4:0a:0f:eb:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c7330b4a2792291f2f9d793e13acbedf5684f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:26:f3:13:11:b8:b8:84:f0:0a:04:60:65:10:
16:e9:25:c4:16:eb:a3:15:54:8e:81:4a:fb:43:4c:
64:55:30:c8:8c:94:9e:0d:60:95:8f:bd:60:f7:13:
22:b0:20:3f:7b:76:1c:8b:70:95:22:28:25:aa:83:
d2:78:de:e5:1f:70:30:0c:6a:db:00:c2:1a:ca:dc:
40:a6:07:fb:02:30:7a:54:9f:27:05:83:e4:a4:8a:
8f:3a:55:a5:2d:cd:ba:80:62:09:55:04:f6:ec:fa:
14:67:99:08:c6:2f:98:e2:76:d3:12:96:4e:2e:2c:
ae:63:85:4b:f1:8f:9f:4a:ea:29:95:c9:68:c3:b8:
53:74:56:46:97:c1:22:dd:43:f5:02:40:e9:99:f2:
a0:71:fb:77:01:3e:b6:bc:4e:78:e3:36:30:14:8c:
5a:ad:f5:4d:8f:6a:c5:44:2e:5d:5f:c5:22:79:d4:
96:a4:f4:88:17:fa:41:f3:3c:b5:33:17:b8:89:5c:
30:fa:d1:ec:2f:22:21:94:d3:b5:6a:2d:ee:96:ec:
bb:11:8c:6f:53:b0:da:b4:b6:fd:13:a7:ea:ae:29:
92:a5:ff:d9:36:0b:73:9c:db:e1:90:4d:c0:ec:f8:
41:0b:22:79:6f:21:73:76:7b:50:6f:0c:72:7d:c3:
6e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:73:30:B4:A2:79:22:91:F2:F9:D7:93:E1:3A:CB:ED:F5:68:4F:9B
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/DHMwtKJ5IpHy-deT4TrL7fVoT5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:1a0d::/48
Signature Algorithm: sha256WithRSAEncryption
15:66:07:f3:f9:4e:e1:65:0c:14:c3:30:d8:6f:d1:14:e9:76:
64:e8:11:e1:a1:2b:d6:d8:25:c4:66:8c:02:d5:fd:bf:a6:5b:
8d:71:b7:b6:ed:b7:f9:46:3e:79:4d:71:6a:1d:46:c9:c2:31:
ed:ff:b3:d6:57:67:b7:2c:8f:38:50:fb:9f:bb:76:b2:8b:9b:
d9:06:7d:bc:61:ef:7c:71:b1:6a:06:2a:19:2e:2e:b8:fc:a3:
b6:e9:46:d3:5f:26:1d:13:be:a4:ab:c9:c9:1d:92:e9:de:73:
06:ef:09:fb:c4:0e:47:1b:29:41:d4:0f:55:b3:c7:2e:37:c1:
f9:96:98:97:97:4b:01:73:00:f2:1b:96:5f:bb:ef:85:ce:af:
60:b7:26:70:cb:c1:8e:ee:23:97:3c:07:57:cf:ba:a4:fa:a3:
a3:54:3b:2f:d4:3c:20:5a:56:60:04:ae:a8:5b:19:d5:fb:29:
2f:73:c7:c4:0f:b3:71:e1:e6:24:0a:6d:8d:ed:94:d9:de:14:
cc:5f:c3:a6:e5:7b:ba:9d:97:8f:2f:ff:d3:04:6f:9a:00:f0:
18:b6:e4:32:2e:e3:d3:42:20:dc:56:2a:ff:65:67:7c:53:57:
08:e0:34:ad:4a:24:66:98:52:2e:c6:b2:63:2a:40:fc:69:78:
24:43:9c:89
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHph7RfKq7jvG1+QKD+stMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzczMzBiNGEyNzkyMjkxZjJmOWQ3OTNlMTNhY2JlZGY1Njg0ZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwibzExG4uITwCgRgZRAW6SXEFuuj
FVSOgUr7Q0xkVTDIjJSeDWCVj71g9xMisCA/e3Yci3CVIiglqoPSeN7lH3AwDGrb
AMIaytxApgf7AjB6VJ8nBYPkpIqPOlWlLc26gGIJVQT27PoUZ5kIxi+Y4nbTEpZO
LiyuY4VL8Y+fSuoplclow7hTdFZGl8Ei3UP1AkDpmfKgcft3AT62vE544zYwFIxa
rfVNj2rFRC5dX8UiedSWpPSIF/pB8zy1Mxe4iVww+tHsLyIhlNO1ai3uluy7EYxv
U7DatLb9E6fqrimSpf/ZNgtznNvhkE3A7PhBCyJ5byFzdntQbwxyfcNuuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAxzMLSieSKR8vnXk+E6y+31aE+bMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvREhNd3RLSjVJcEh5LWRlVDRUckw3ZlZvVDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgy2QhoN
MA0GCSqGSIb3DQEBCwUAA4IBAQAVZgfz+U7hZQwUwzDYb9EU6XZk6BHhoSvW2CXE
ZowC1f2/pluNcbe27bf5Rj55TXFqHUbJwjHt/7PWV2e3LI84UPufu3ayi5vZBn28
Ye98cbFqBioZLi64/KO26UbTXyYdE76kq8nJHZLp3nMG7wn7xA5HGylB1A9Vs8cu
N8H5lpiXl0sBcwDyG5Zfu++Fzq9gtyZwy8GO7iOXPAdXz7qk+qOjVDsv1DwgWlZg
BK6oWxnV+ykvc8fED7Nx4eYkCm2N7ZTZ3hTMX8Om5Xu6nZePL//TBG+aAPAYtuQy
LuPTQiDcVir/ZWd8U1cI4DStSiRmmFIuxrJjKkD8aXgkQ5yJ
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:46:28 2025 by rpki-client