Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/KrvH0b2Kgsd6skUHerSxB0mkjjE.roa
File: KrvH0b2Kgsd6skUHerSxB0mkjjE.roa (raw, json)
Hash identifier: nTraUDFX6tfnl36dBrgOvHOqBJIKmC1ThpNX7uKQfrs=
Subject key identifier: 2A:BB:C7:D1:BD:8A:82:C7:7A:B2:45:07:7A:B4:B1:07:49:A4:8E:31
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0108F41A
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/KrvH0b2Kgsd6skUHerSxB0mkjjE.roa
Signing time: Sat 01 Jan 2022 00:59:31 +0000
ROA not before: Sat 01 Jan 2022 00:59:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 53356
IP address blocks: 2a0c:b641:493::/48 maxlen: 48
2a0c:b642:1a0c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17363994 (0x108f41a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2abbc7d1bd8a82c77ab245077ab4b10749a48e31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:fa:e6:0a:78:29:8c:e3:2a:16:35:e4:4f:30:
ff:95:b6:11:03:b5:cd:20:08:2e:a9:be:ae:95:43:
1f:bd:b2:ca:fa:ab:b9:69:dc:41:73:01:b6:9e:88:
f6:95:e7:ed:ae:9c:0d:51:75:99:6c:1a:6f:ca:72:
81:ae:de:46:b6:02:f0:de:e7:7a:00:ea:10:53:82:
1c:07:b5:99:7e:88:c7:a8:4a:b7:b3:89:a1:be:6b:
97:8f:c0:3c:a9:4c:bf:f3:05:dc:94:87:2f:b2:b1:
0d:8e:d1:63:2c:21:33:ac:ac:23:47:bc:e1:af:d7:
86:fd:08:a4:fc:88:e1:57:84:95:a7:c2:91:90:0b:
64:5e:c4:e4:9c:91:89:c8:ca:01:29:7b:7b:67:25:
ee:e8:3d:9e:67:a8:ca:de:ad:0a:72:a9:8f:a0:92:
98:0a:eb:0d:a1:d6:88:04:8e:67:45:10:79:88:c2:
4e:a8:3e:b5:e8:cd:16:25:8c:1e:71:b7:a7:02:f2:
e5:29:53:32:3d:26:41:22:24:df:94:75:63:89:2b:
80:ed:22:2d:ec:68:e1:60:2c:26:cd:f4:2a:60:17:
d6:2f:94:29:1a:ff:b8:17:62:a8:27:64:17:b2:37:
fe:56:30:dc:d9:94:35:a2:fa:9b:51:b2:a0:97:60:
e8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BB:C7:D1:BD:8A:82:C7:7A:B2:45:07:7A:B4:B1:07:49:A4:8E:31
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/KrvH0b2Kgsd6skUHerSxB0mkjjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:493::/48
2a0c:b642:1a0c::/48
Signature Algorithm: sha256WithRSAEncryption
02:61:fa:ce:96:6d:2b:56:4c:ab:b4:a6:ac:b5:cc:9a:2d:4e:
1a:45:75:3c:5f:e5:a4:db:c7:c8:24:cd:d3:b9:c1:1a:9b:c0:
f6:12:e7:82:74:25:ab:0c:c9:65:60:3d:2f:73:cf:5a:df:11:
24:e9:a9:20:fe:be:6f:68:43:47:47:41:48:00:f6:60:ed:31:
27:76:5a:e3:42:ae:8d:a5:df:c6:10:15:90:e6:a5:b8:20:3f:
fa:e0:8b:8b:86:ad:6a:3c:39:1c:73:28:58:27:33:32:c6:e9:
02:db:78:06:10:10:26:c9:28:91:5c:bf:e6:d2:f3:30:32:41:
4a:89:a7:2a:41:8d:27:b5:92:b6:68:b3:c1:25:0d:16:06:1d:
4f:45:a1:c1:c1:97:4c:44:f1:41:be:d9:0f:7e:06:9e:94:a8:
d8:97:62:31:2a:87:fd:96:eb:e8:7a:f0:e6:71:7c:ef:44:8d:
24:1f:60:67:e9:78:79:e9:cd:3e:a0:67:6f:43:f9:42:04:d0:
2b:eb:78:b9:67:65:8d:b8:1a:e8:df:2e:a7:70:75:7a:cf:be:
ba:6a:c1:c8:19:67:d5:26:77:23:d0:96:b9:84:1a:0f:71:b2:
55:08:0c:c8:91:f4:25:bd:41:66:3d:f4:89:64:ba:f7:ef:b5:
ae:18:c1:f4
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAQj0GjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTkzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFiYmM3ZDFiZDhh
ODJjNzdhYjI0NTA3N2FiNGIxMDc0OWE0OGUzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOL65gp4KYzjKhY15E8w/5W2EQO1zSAILqm+rpVDH72yyvqr
uWncQXMBtp6I9pXn7a6cDVF1mWwab8pyga7eRrYC8N7negDqEFOCHAe1mX6Ix6hK
t7OJob5rl4/APKlMv/MF3JSHL7KxDY7RYywhM6ysI0e84a/Xhv0IpPyI4VeElafC
kZALZF7E5JyRicjKASl7e2cl7ug9nmeoyt6tCnKpj6CSmArrDaHWiASOZ0UQeYjC
Tqg+tejNFiWMHnG3pwLy5SlTMj0mQSIk35R1Y4krgO0iLexo4WAsJs30KmAX1i+U
KRr/uBdiqCdkF7I3/lYw3NmUNaL6m1GyoJdg6BECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQqu8fRvYqCx3qyRQd6tLEHSaSOMTAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L0tydkgwYjJLZ3NkNnNrVUhlclN4QjBta2pqRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoMtkEEkwMHACoMtkIaDDANBgkq
hkiG9w0BAQsFAAOCAQEAAmH6zpZtK1ZMq7SmrLXMmi1OGkV1PF/lpNvHyCTN07nB
GpvA9hLngnQlqwzJZWA9L3PPWt8RJOmpIP6+b2hDR0dBSAD2YO0xJ3Za40KujaXf
xhAVkOaluCA/+uCLi4atajw5HHMoWCczMsbpAtt4BhAQJskokVy/5tLzMDJBSomn
KkGNJ7WStmizwSUNFgYdT0WhwcGXTETxQb7ZD34GnpSo2JdiMSqH/Zbr6Hrw5nF8
70SNJB9gZ+l4eenNPqBnb0P5QgTQK+t4uWdljbga6N8up3B1es++umrByBln1SZ3
I9CWuYQaD3GyVQgMyJH0Jb1BZj30iWS69++1rhjB9A==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:09:24 2025 by rpki-client