Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/JzS-Q1lxPg19jNG0vJPwDqTjz6g.roa
File: JzS-Q1lxPg19jNG0vJPwDqTjz6g.roa (raw, json)
Hash identifier: UMuZjDt4kWYn5zVn6Jz5mNKsRvSsQYoS05d2W747XU0=
Subject key identifier: 27:34:BE:43:59:71:3E:0D:7D:8C:D1:B4:BC:93:F0:0E:A4:E3:CF:A8
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 014F02F1
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/JzS-Q1lxPg19jNG0vJPwDqTjz6g.roa
Signing time: Sat 01 Jan 2022 01:00:22 +0000
ROA not before: Sat 01 Jan 2022 01:00:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212424
IP address blocks: 2a0c:b641:2f0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21955313 (0x14f02f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2734be4359713e0d7d8cd1b4bc93f00ea4e3cfa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0c:0e:d2:46:4b:7c:58:ef:b1:9e:73:e7:ac:
56:be:c2:4c:b3:e0:65:00:2f:da:a6:a1:ce:49:0a:
6c:c1:09:f1:79:1d:83:85:92:48:b1:c0:24:74:89:
71:83:13:e1:c1:c8:a2:56:da:ca:f2:88:c1:29:0c:
d1:a1:78:f0:86:d8:50:2a:e6:66:02:0e:04:ee:0b:
f8:a2:d1:dc:85:9c:ce:27:9d:9b:f6:6a:a8:ee:5d:
3c:f6:46:dc:a1:67:be:56:5e:6d:29:69:33:5d:7a:
a9:7f:85:87:e7:10:41:7c:27:c2:93:a6:a6:d5:bc:
48:38:61:05:e3:75:71:9e:4e:fa:70:00:0b:dd:b5:
c3:27:90:2a:fe:1d:1a:1f:28:f3:a4:b9:fc:ea:af:
c9:4c:2f:43:2d:cb:75:a8:d0:e8:ff:41:fe:3a:c3:
1b:50:49:c8:1f:f8:e0:3b:cf:00:10:f5:f6:d0:e1:
39:b7:22:ed:3e:12:e4:c5:cc:a2:3a:ce:d5:65:9c:
9f:15:5e:87:cb:e4:a4:7b:04:f7:f6:1b:40:67:ee:
67:f5:32:79:4d:15:dd:49:70:01:89:ec:88:01:3a:
75:1b:7e:fc:72:5f:b2:c1:64:db:82:ac:99:5a:77:
fc:cb:53:1a:78:38:f2:f3:ca:df:ba:68:5c:6c:7d:
67:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:34:BE:43:59:71:3E:0D:7D:8C:D1:B4:BC:93:F0:0E:A4:E3:CF:A8
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/JzS-Q1lxPg19jNG0vJPwDqTjz6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:2f0::/44
Signature Algorithm: sha256WithRSAEncryption
4b:2a:01:96:07:ed:2c:6f:cc:c1:4d:c9:6d:83:0b:a0:b3:b8:
8a:36:54:6d:fc:5f:92:6c:d1:55:ea:17:47:c8:d6:c5:e6:61:
b8:91:88:39:7c:cc:31:e3:9a:ce:5e:3a:bf:c3:5b:31:3b:74:
9f:c6:25:32:07:f0:70:cd:e2:15:66:48:e2:ca:00:b6:0d:55:
15:03:55:36:ca:42:01:8d:5e:7b:9a:f8:87:fd:3a:f1:72:95:
5a:bc:18:e5:ce:e5:51:ef:40:d3:66:0f:f3:bf:3a:1b:d4:e8:
b5:77:b4:d6:16:cd:44:7b:94:a3:98:44:92:49:df:e1:b6:66:
08:49:75:b9:b2:ad:66:25:e4:81:6c:66:04:ae:9c:d7:aa:01:
a3:c2:a9:43:2d:4a:67:de:d0:5e:81:e6:43:84:f2:c0:f7:68:
14:19:73:2f:62:ee:65:03:b7:c1:69:64:25:74:ba:a6:26:17:
81:73:68:7a:f7:c3:8d:27:43:c0:23:a9:9d:9d:0f:cf:21:7e:
19:9e:8f:67:d9:12:24:6f:a4:6b:51:55:7c:d4:6f:a6:4d:e7:
41:90:4a:30:c7:92:d5:4d:e6:45:2c:e3:af:2d:aa:57:38:2a:
9c:a8:7d:45:0e:33:c3:c5:32:63:f8:7b:af:be:23:35:f8:24:
e0:fd:5e:a0
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAU8C8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjczNGJlNDM1OTcx
M2UwZDdkOGNkMWI0YmM5M2YwMGVhNGUzY2ZhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoMDtJGS3xY77Gec+esVr7CTLPgZQAv2qahzkkKbMEJ8Xkd
g4WSSLHAJHSJcYMT4cHIolbayvKIwSkM0aF48IbYUCrmZgIOBO4L+KLR3IWczied
m/ZqqO5dPPZG3KFnvlZebSlpM116qX+Fh+cQQXwnwpOmptW8SDhhBeN1cZ5O+nAA
C921wyeQKv4dGh8o86S5/OqvyUwvQy3LdajQ6P9B/jrDG1BJyB/44DvPABD19tDh
Obci7T4S5MXMojrO1WWcnxVeh8vkpHsE9/YbQGfuZ/UyeU0V3UlwAYnsiAE6dRt+
/HJfssFk24KsmVp3/MtTGng48vPK37poXGx9Z9sCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQnNL5DWXE+DX2M0bS8k/AOpOPPqDAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L0p6Uy1RMWx4UGcxOWpORzB2SlB3RHFUano2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEC8DANBgkqhkiG9w0BAQsF
AAOCAQEASyoBlgftLG/MwU3JbYMLoLO4ijZUbfxfkmzRVeoXR8jWxeZhuJGIOXzM
MeOazl46v8NbMTt0n8YlMgfwcM3iFWZI4soAtg1VFQNVNspCAY1ee5r4h/068XKV
WrwY5c7lUe9A02YP8786G9TotXe01hbNRHuUo5hEkknf4bZmCEl1ubKtZiXkgWxm
BK6c16oBo8KpQy1KZ97QXoHmQ4TywPdoFBlzL2LuZQO3wWlkJXS6piYXgXNoevfD
jSdDwCOpnZ0PzyF+GZ6PZ9kSJG+ka1FVfNRvpk3nQZBKMMeS1U3mRSzjry2qVzgq
nKh9RQ4zw8UyY/h7r74jNfgk4P1eoA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:25 2023 by rpki-client on console-ams.rpki-client.org