Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/NeaB7fye8lQFX9xan_KPoHmDQZc.roa
File: NeaB7fye8lQFX9xan_KPoHmDQZc.roa (raw, json)
Hash identifier: Nrj2227DgcZ74kxURDwK3GeR1FDwqlkxSzRBZHdoYE0=
Subject key identifier: 35:E6:81:ED:FC:9E:F2:54:05:5F:DC:5A:9F:F2:8F:A0:79:83:41:97
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: FD7F12
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/NeaB7fye8lQFX9xan_KPoHmDQZc.roa
Signing time: Sat 01 Jan 2022 00:59:24 +0000
ROA not before: Sat 01 Jan 2022 00:59:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34681
IP address blocks: 2a0c:b641:60::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16613138 (0xfd7f12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35e681edfc9ef254055fdc5a9ff28fa079834197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:91:bc:21:e5:32:9b:35:89:ab:8a:21:2e:03:
78:98:ea:59:8e:75:a5:20:e7:fb:80:38:8a:27:3e:
2d:a9:54:f4:0b:12:af:5a:93:e8:dc:7a:45:9f:c2:
0c:1a:72:ef:ee:5e:f5:bb:6d:01:b6:3f:ed:77:2a:
15:50:28:e7:f3:ce:12:a3:e1:58:f8:e8:17:a7:a2:
f8:47:4b:15:ca:0a:db:65:f0:de:48:7d:48:fb:10:
e8:7c:33:50:ab:5e:3b:ad:47:4e:82:f1:0a:de:72:
84:83:87:18:09:1e:f3:11:44:45:9a:5e:68:51:76:
01:3c:81:97:e4:d7:d9:ce:95:2f:af:e4:2d:64:77:
b5:a4:79:cd:22:50:0d:75:45:e1:03:96:58:aa:e5:
d1:b8:c4:d4:18:e7:6b:9b:3d:92:e7:65:fb:5c:ef:
6d:17:ae:84:f2:18:c0:a3:e8:a0:64:60:10:44:a6:
4e:b5:a9:ac:b7:d9:1c:ca:cc:08:7f:29:b1:59:50:
dd:9a:cd:7f:51:08:6a:e7:59:3e:9e:70:e7:84:ca:
45:e4:05:95:e2:37:8f:1b:d9:96:64:53:cf:5c:f5:
1e:3e:8b:a5:5e:39:1a:2a:66:7b:3f:a1:87:bd:8e:
ca:4e:1c:a1:cf:21:b1:d1:cd:6b:84:9b:62:ba:97:
19:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E6:81:ED:FC:9E:F2:54:05:5F:DC:5A:9F:F2:8F:A0:79:83:41:97
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/NeaB7fye8lQFX9xan_KPoHmDQZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:60::/44
Signature Algorithm: sha256WithRSAEncryption
0a:2a:61:02:c9:aa:c5:19:ca:b7:37:96:53:5a:06:45:3b:f6:
fd:0d:46:cb:c8:ac:2a:d0:ed:11:c4:f4:96:65:67:ef:2a:e1:
c5:a7:32:0e:a2:8b:0e:bb:b0:bd:6e:73:06:bd:41:c7:4a:76:
03:48:72:27:21:31:86:d2:d0:0a:9e:be:e4:f9:22:37:6b:02:
fc:88:9d:23:80:fb:1e:fa:09:4f:2d:9d:5b:26:7a:7b:26:7d:
37:95:51:e9:c0:d3:1a:94:b7:0c:6e:16:82:b3:d6:19:c4:cd:
07:06:ea:f9:00:74:75:95:03:9a:78:43:96:33:18:d4:79:d3:
82:4a:a7:28:d6:ea:1e:35:48:cf:18:91:f3:9b:9c:77:e5:ad:
68:88:51:15:d9:4a:91:49:27:2d:8c:a6:e5:21:82:a1:c4:44:
20:81:ec:0b:f7:b5:cd:79:43:70:1f:c6:d5:e1:a1:02:a9:32:
3b:c8:e6:0a:62:ce:18:2f:19:77:06:de:b2:cf:84:f2:af:ea:
cd:d5:0d:af:e4:0c:d0:44:6e:67:c9:3f:0a:41:f4:5a:6c:75:
83:6e:e3:22:f8:c1:08:ef:56:bf:e5:c3:85:69:65:4a:3e:94:
df:ac:de:a3:de:d4:30:7b:79:6f:39:e5:0e:aa:83:9b:dd:96:
4d:71:e4:13
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAP1/EjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTkyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzVlNjgxZWRmYzll
ZjI1NDA1NWZkYzVhOWZmMjhmYTA3OTgzNDE5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWRvCHlMps1iauKIS4DeJjqWY51pSDn+4A4iic+LalU9AsS
r1qT6Nx6RZ/CDBpy7+5e9bttAbY/7XcqFVAo5/POEqPhWPjoF6ei+EdLFcoK22Xw
3kh9SPsQ6HwzUKteO61HToLxCt5yhIOHGAke8xFERZpeaFF2ATyBl+TX2c6VL6/k
LWR3taR5zSJQDXVF4QOWWKrl0bjE1Bjna5s9kudl+1zvbReuhPIYwKPooGRgEESm
TrWprLfZHMrMCH8psVlQ3ZrNf1EIaudZPp5w54TKReQFleI3jxvZlmRTz1z1Hj6L
pV45Gipmez+hh72Oyk4coc8hsdHNa4SbYrqXGasCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ15oHt/J7yVAVf3Fqf8o+geYNBlzAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L05lYUI3ZnllOGxRRlg5eGFuX0tQb0htRFFaYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEAYDANBgkqhkiG9w0BAQsF
AAOCAQEACiphAsmqxRnKtzeWU1oGRTv2/Q1Gy8isKtDtEcT0lmVn7yrhxacyDqKL
DruwvW5zBr1Bx0p2A0hyJyExhtLQCp6+5PkiN2sC/IidI4D7HvoJTy2dWyZ6eyZ9
N5VR6cDTGpS3DG4WgrPWGcTNBwbq+QB0dZUDmnhDljMY1HnTgkqnKNbqHjVIzxiR
85ucd+WtaIhRFdlKkUknLYym5SGCocREIIHsC/e1zXlDcB/G1eGhAqkyO8jmCmLO
GC8Zdwbess+E8q/qzdUNr+QM0ERuZ8k/CkH0Wmx1g27jIvjBCO9Wv+XDhWllSj6U
36zeo97UMHt5bznlDqqDm92WTXHkEw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:37 2023 by rpki-client on console-fra.rpki-client.org