Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Iwa8u0SnFe-pnoeAEduAcxriw7k.roa
File: Iwa8u0SnFe-pnoeAEduAcxriw7k.roa (raw, json)
Hash identifier: Q75viGNYHopwZAJXdplD6W85GtvcWOKA29uB8p+F9Uk=
Subject key identifier: 23:06:BC:BB:44:A7:15:EF:A9:9E:87:80:11:DB:80:73:1A:E2:C3:B9
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: FB3D51
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Iwa8u0SnFe-pnoeAEduAcxriw7k.roa
Signing time: Sat 01 Jan 2022 00:59:23 +0000
ROA not before: Sat 01 Jan 2022 00:59:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24239
IP address blocks: 2a0c:b641:570::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16465233 (0xfb3d51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2306bcbb44a715efa99e878011db80731ae2c3b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f8:f5:19:3e:ab:53:e6:53:30:ed:36:f9:e8:
6a:28:d9:1e:9b:44:40:f8:5a:ab:32:5a:ab:0e:f3:
c2:96:c0:c2:a7:0a:c2:89:1e:4a:e3:67:d3:ff:81:
92:19:c0:ef:01:f6:04:0f:1f:e3:a7:d5:5e:9b:10:
56:20:ec:28:39:55:e5:c8:00:c9:03:3a:bb:f9:b2:
17:64:71:fc:51:2a:b9:b9:7d:6a:11:7a:95:97:54:
bd:56:c9:ca:1b:cf:f6:e4:3e:59:3b:5d:67:3f:d3:
fe:7b:5b:c7:78:bd:37:a2:30:2a:b9:a4:aa:b1:74:
e8:aa:40:fc:fa:d8:0c:84:82:a8:8f:f5:2d:7e:34:
ca:c0:0c:e8:4c:39:4f:8c:69:be:b8:ee:91:cd:cc:
22:2a:c8:8a:ab:db:10:d9:f3:2d:d6:63:05:f3:c0:
af:c3:3d:8c:bf:4b:d0:93:52:5e:c7:8a:b0:eb:05:
fd:21:95:82:cd:fa:99:fe:fa:01:31:35:b6:73:0f:
c4:24:f4:b1:5e:69:43:d8:71:78:6c:09:a0:03:a1:
00:6f:76:fc:e1:bd:96:df:e5:8a:a8:2a:09:59:14:
51:dc:48:8a:03:04:96:c5:ce:18:1b:f3:a2:f2:21:
93:2e:8a:a7:bd:47:04:2e:d1:8f:1a:e5:b0:a1:e6:
91:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:06:BC:BB:44:A7:15:EF:A9:9E:87:80:11:DB:80:73:1A:E2:C3:B9
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Iwa8u0SnFe-pnoeAEduAcxriw7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:570::/44
Signature Algorithm: sha256WithRSAEncryption
93:13:bb:ec:b0:85:09:6e:d6:94:d0:b3:19:81:0b:41:a4:b4:
9b:7e:f6:85:21:c3:f5:e2:c7:ac:58:8c:ac:98:6f:53:0d:7b:
dc:0b:8c:1a:ea:48:d2:bf:a0:24:e4:84:a8:7b:89:f7:84:dc:
fe:88:5a:9b:a0:ee:d2:65:1b:5b:8e:63:14:33:4e:38:0a:54:
49:56:8e:cd:6f:27:4b:af:34:57:ba:29:a3:df:b2:bd:f3:2e:
4d:5f:23:95:07:05:02:fe:a7:29:05:48:38:5d:32:ff:12:00:
f5:a3:a8:6d:a6:2d:1d:12:56:bc:ca:55:03:a0:7e:27:27:1d:
d6:49:73:7a:4f:83:2c:96:96:f1:88:17:6e:16:06:bd:80:05:
a6:a8:89:38:9a:6a:89:67:40:6e:8b:60:b1:b9:fc:b4:e1:48:
bd:35:2b:7c:cf:b7:1c:9a:7b:0d:fd:f5:99:5a:92:a9:81:e9:
07:58:37:ab:88:aa:76:ce:00:29:af:53:01:45:ba:e6:4e:9c:
a5:21:f3:e0:25:d7:b3:3e:5f:ad:77:3d:d7:1d:ec:2b:5c:77:
44:4c:58:1f:1e:63:de:1f:e3:83:03:10:77:cb:a2:d0:67:ba:
67:83:fc:af:e0:6a:fc:c3:16:37:e2:06:f9:3b:1f:fd:ec:85:
53:9f:e6:e1
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAPs9UTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTkyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjMwNmJjYmI0NGE3
MTVlZmE5OWU4NzgwMTFkYjgwNzMxYWUyYzNiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALf49Rk+q1PmUzDtNvnoaijZHptEQPhaqzJaqw7zwpbAwqcK
wokeSuNn0/+BkhnA7wH2BA8f46fVXpsQViDsKDlV5cgAyQM6u/myF2Rx/FEqubl9
ahF6lZdUvVbJyhvP9uQ+WTtdZz/T/ntbx3i9N6IwKrmkqrF06KpA/PrYDISCqI/1
LX40ysAM6Ew5T4xpvrjukc3MIirIiqvbENnzLdZjBfPAr8M9jL9L0JNSXseKsOsF
/SGVgs36mf76ATE1tnMPxCT0sV5pQ9hxeGwJoAOhAG92/OG9lt/liqgqCVkUUdxI
igMElsXOGBvzovIhky6Kp71HBC7RjxrlsKHmkdECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQjBry7RKcV76meh4AR24BzGuLDuTAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L0l3YTh1MFNuRmUtcG5vZUFFZHVBY3hyaXc3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEFcDANBgkqhkiG9w0BAQsF
AAOCAQEAkxO77LCFCW7WlNCzGYELQaS0m372hSHD9eLHrFiMrJhvUw173AuMGupI
0r+gJOSEqHuJ94Tc/oham6Du0mUbW45jFDNOOApUSVaOzW8nS680V7opo9+yvfMu
TV8jlQcFAv6nKQVIOF0y/xIA9aOobaYtHRJWvMpVA6B+Jycd1klzek+DLJaW8YgX
bhYGvYAFpqiJOJpqiWdAbotgsbn8tOFIvTUrfM+3HJp7Df31mVqSqYHpB1g3q4iq
ds4AKa9TAUW65k6cpSHz4CXXsz5frXc91x3sK1x3RExYHx5j3h/jgwMQd8ui0Ge6
Z4P8r+Bq/MMWN+IG+Tsf/eyFU5/m4Q==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:06:44 2025 by rpki-client