Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/IEaQ3T3Lb5xerFtTrgEPl4PJqsg.roa
File: IEaQ3T3Lb5xerFtTrgEPl4PJqsg.roa (raw, json)
Hash identifier: Qa4NKD+BQ7TvSzXOGM49EFLpS3almopEA51HE3CO3TU=
Subject key identifier: 20:46:90:DD:3D:CB:6F:9C:5E:AC:5B:53:AE:01:0F:97:83:C9:AA:C8
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 022318D5
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/IEaQ3T3Lb5xerFtTrgEPl4PJqsg.roa
Signing time: Wed 16 Mar 2022 18:23:21 +0000
ROA not before: Wed 16 Mar 2022 18:23:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213091
IP address blocks: 2a0c:b641:120::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35854549 (0x22318d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Mar 16 18:23:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=204690dd3dcb6f9c5eac5b53ae010f9783c9aac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7d:9a:84:f8:c0:db:aa:3a:86:c1:d3:02:07:
2b:c8:b0:a8:4b:a9:ed:73:6c:d9:37:00:3d:87:d5:
c7:ed:3c:75:f4:37:6f:be:08:f3:40:6b:26:56:6e:
35:e0:b2:bf:87:e6:68:80:44:5c:19:e9:9d:02:b2:
ec:3b:0a:e7:b7:f3:80:07:07:65:ed:9a:6e:9b:d0:
b3:ca:a6:2c:66:9b:de:12:ae:d0:9a:39:c7:b9:26:
1d:53:65:9b:a5:4e:c3:41:34:46:a2:8e:ca:4c:af:
6b:39:f5:3d:6f:9e:4c:15:f6:48:cf:b4:48:0b:d5:
73:93:c3:0c:9a:a5:e7:07:aa:58:32:24:17:fb:dc:
74:6f:fd:1e:21:5e:1b:ea:86:41:46:ab:d7:d9:42:
37:c6:b8:69:d4:e6:3f:8a:33:88:2c:8d:7a:4d:7f:
5d:86:4d:27:dc:06:9d:d1:8f:85:fb:28:10:3e:88:
73:13:97:e4:ba:ed:91:75:97:11:2f:2d:d6:1c:84:
6c:75:72:e8:d1:af:42:f0:0d:ea:5b:da:11:ef:61:
21:88:ca:63:f8:11:cb:8f:32:80:24:dc:e7:3a:e2:
6e:0f:7a:74:8e:21:d1:30:18:92:9b:e0:e5:10:d4:
6f:8f:6c:0b:43:d0:91:e9:5b:90:5d:05:ff:7d:00:
1c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:46:90:DD:3D:CB:6F:9C:5E:AC:5B:53:AE:01:0F:97:83:C9:AA:C8
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/IEaQ3T3Lb5xerFtTrgEPl4PJqsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:120::/44
Signature Algorithm: sha256WithRSAEncryption
4f:c1:e1:b9:8e:73:d8:e4:15:f2:d9:89:6b:10:22:b4:7c:a1:
6b:68:14:58:6d:f7:ac:63:7a:57:25:22:9c:07:2e:a8:e8:50:
c2:0d:2c:87:48:a1:c9:6f:d8:ec:51:ab:b1:3b:93:2f:ed:e5:
fe:48:96:bf:0d:f1:ae:32:06:96:25:bb:ab:d8:56:1f:e0:f6:
7f:9c:e3:eb:c1:84:1e:fa:6b:20:4c:be:e3:fc:a9:5c:94:dd:
cb:b1:5c:eb:30:49:fc:fe:d2:5f:fb:66:54:39:32:bf:26:95:
77:4d:4d:2e:fd:b5:4e:7c:3c:d7:fa:3f:23:75:0d:46:e9:4e:
67:79:36:de:6a:87:41:8c:0b:7a:b2:d3:00:bb:ba:f4:82:32:
3f:29:73:61:cc:86:35:f8:cc:2b:2e:d1:c1:bc:66:00:a0:12:
23:e9:c0:ce:94:a3:00:19:4c:6d:a2:12:b2:5c:ba:87:43:b0:
5d:26:42:07:71:35:9a:0c:c6:cf:56:47:f9:1a:a2:5d:9d:52:
e7:af:fc:19:fa:1d:52:b4:2d:fd:30:8c:d0:45:0b:6c:38:ed:
cc:5a:d0:14:46:2d:ec:47:18:10:25:97:79:d3:9c:4d:20:be:
b0:e7:b3:ce:3b:ed:a6:e7:39:01:18:c4:2c:80:ea:3c:d6:0c:
f2:37:fc:d0
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAiMY1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDMx
NjE4MjMyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjA0NjkwZGQzZGNi
NmY5YzVlYWM1YjUzYWUwMTBmOTc4M2M5YWFjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALd9moT4wNuqOobB0wIHK8iwqEup7XNs2TcAPYfVx+08dfQ3
b74I80BrJlZuNeCyv4fmaIBEXBnpnQKy7DsK57fzgAcHZe2abpvQs8qmLGab3hKu
0Jo5x7kmHVNlm6VOw0E0RqKOykyvazn1PW+eTBX2SM+0SAvVc5PDDJql5weqWDIk
F/vcdG/9HiFeG+qGQUar19lCN8a4adTmP4oziCyNek1/XYZNJ9wGndGPhfsoED6I
cxOX5LrtkXWXES8t1hyEbHVy6NGvQvAN6lvaEe9hIYjKY/gRy48ygCTc5zribg96
dI4h0TAYkpvg5RDUb49sC0PQkelbkF0F/30AHMsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQgRpDdPctvnF6sW1OuAQ+Xg8mqyDAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L0lFYVEzVDNMYjV4ZXJGdFRyZ0VQbDRQSnFzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEBIDANBgkqhkiG9w0BAQsF
AAOCAQEAT8HhuY5z2OQV8tmJaxAitHyha2gUWG33rGN6VyUinAcuqOhQwg0sh0ih
yW/Y7FGrsTuTL+3l/kiWvw3xrjIGliW7q9hWH+D2f5zj68GEHvprIEy+4/ypXJTd
y7Fc6zBJ/P7SX/tmVDkyvyaVd01NLv21Tnw81/o/I3UNRulOZ3k23mqHQYwLerLT
ALu69IIyPylzYcyGNfjMKy7RwbxmAKASI+nAzpSjABlMbaISsly6h0OwXSZCB3E1
mgzGz1ZH+RqiXZ1S56/8GfodUrQt/TCM0EULbDjtzFrQFEYt7EcYECWXedOcTSC+
sOezzjvtpuc5ARjELIDqPNYM8jf80A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:37 2023 by rpki-client on console-fra.rpki-client.org