Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/O0fOVxbMyL9BZYpgt1kZWWya1cw.roa
File: O0fOVxbMyL9BZYpgt1kZWWya1cw.roa (raw, json)
Hash identifier: VBcK+M/xsfBBuU+mqMJSBLH/cOrEZPboYY868ETXYUs=
Subject key identifier: 3B:47:CE:57:16:CC:C8:BF:41:65:8A:60:B7:59:19:59:6C:9A:D5:CC
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0132B356
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/O0fOVxbMyL9BZYpgt1kZWWya1cw.roa
Signing time: Sat 01 Jan 2022 00:59:53 +0000
ROA not before: Sat 01 Jan 2022 00:59:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210020
IP address blocks: 2a0c:b642:1030::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20099926 (0x132b356)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b47ce5716ccc8bf41658a60b75919596c9ad5cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a2:9d:8c:ba:68:13:99:b1:14:00:8e:8d:de:
e3:14:6b:51:d6:be:be:20:d3:35:26:bc:bc:d3:48:
56:4b:19:e4:00:60:39:3f:8c:90:a6:0e:00:1b:b4:
c9:0d:9b:22:ec:04:d0:05:53:64:58:57:f8:9c:4d:
4c:ec:86:1d:bf:b9:18:3d:64:d4:e3:08:95:e5:f1:
61:48:8f:b7:57:54:05:d5:d6:fc:1d:69:2c:bb:bc:
3a:4a:16:94:b8:f3:85:c7:c2:a6:89:26:b3:8e:11:
f1:8d:6b:8f:84:e6:92:77:28:bb:93:16:86:64:a6:
56:0c:85:a8:b4:27:03:32:aa:e8:0e:93:f5:00:73:
e3:b7:80:9b:6f:4e:71:df:cb:40:26:6c:38:bc:af:
92:a0:32:d8:f8:06:61:19:98:0d:5c:05:dd:87:38:
04:1f:20:79:6c:df:45:3b:d2:69:f2:c1:5c:ea:ea:
01:b4:8c:86:3f:95:2e:c9:e9:9d:8f:d6:2d:93:66:
c6:1b:e7:c2:f0:54:c5:b5:04:be:0c:51:7c:97:55:
1c:ad:40:18:b0:8f:f7:1c:64:16:86:70:b8:cb:ab:
40:1e:8c:f1:b0:6f:7d:f7:3c:76:f5:26:a0:f2:4a:
95:eb:93:d5:c5:e8:c7:63:bf:1e:ae:04:56:a9:55:
da:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:47:CE:57:16:CC:C8:BF:41:65:8A:60:B7:59:19:59:6C:9A:D5:CC
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/O0fOVxbMyL9BZYpgt1kZWWya1cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:1030::/44
Signature Algorithm: sha256WithRSAEncryption
60:c7:61:05:99:33:67:85:4a:c0:6b:b7:f1:a1:18:8d:83:55:
58:71:7a:38:c5:da:8f:f0:3b:02:93:5e:db:65:4c:e0:1c:bb:
7a:7d:21:1f:a6:f7:b4:b7:77:d8:24:f8:57:b4:6b:e0:ed:dd:
28:fd:0b:a2:a6:80:d5:f3:0d:bb:b0:e4:84:09:b9:76:57:cf:
ba:69:03:44:5a:e7:0a:5b:30:7e:e5:c6:85:00:9f:21:e2:52:
e5:2e:1d:d2:0e:9e:7b:6b:29:4f:27:2f:8b:df:92:3e:e5:7d:
7a:91:f6:27:12:37:25:83:65:54:1a:d5:5e:ca:d9:dc:23:9f:
a5:9b:33:d2:c5:ef:ce:cc:52:f7:e0:4a:c8:a4:80:8e:b1:ad:
d4:1c:b3:de:da:10:ea:48:eb:06:63:2d:81:b6:40:ef:c2:67:
ed:f2:79:e5:a8:47:26:79:b3:2e:9c:7d:9f:af:aa:20:6b:1f:
27:b1:ea:e5:e8:f1:1c:f9:36:9c:3c:e0:75:52:62:9b:a6:d9:
4b:36:53:e9:51:d1:da:13:68:0d:8e:67:c0:27:52:20:fd:63:
63:77:32:11:29:45:91:47:25:e8:bb:83:8e:35:83:98:31:fc:
9d:b0:5f:f9:09:3c:da:a5:33:be:88:29:62:55:9d:79:dd:3c:
ee:4e:9f:3e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEATKzVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTk1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2I0N2NlNTcxNmNj
YzhiZjQxNjU4YTYwYjc1OTE5NTk2YzlhZDVjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKinYy6aBOZsRQAjo3e4xRrUda+viDTNSa8vNNIVksZ5ABg
OT+MkKYOABu0yQ2bIuwE0AVTZFhX+JxNTOyGHb+5GD1k1OMIleXxYUiPt1dUBdXW
/B1pLLu8OkoWlLjzhcfCpokms44R8Y1rj4Tmkncou5MWhmSmVgyFqLQnAzKq6A6T
9QBz47eAm29Ocd/LQCZsOLyvkqAy2PgGYRmYDVwF3Yc4BB8geWzfRTvSafLBXOrq
AbSMhj+VLsnpnY/WLZNmxhvnwvBUxbUEvgxRfJdVHK1AGLCP9xxkFoZwuMurQB6M
8bBvffc8dvUmoPJKleuT1cXox2O/Hq4EVqlV2ncCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ7R85XFszIv0FlimC3WRlZbJrVzDAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L08wZk9WeGJNeUw5QlpZcGd0MWtaV1d5YTFjdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkIQMDANBgkqhkiG9w0BAQsF
AAOCAQEAYMdhBZkzZ4VKwGu38aEYjYNVWHF6OMXaj/A7ApNe22VM4By7en0hH6b3
tLd32CT4V7Rr4O3dKP0LoqaA1fMNu7DkhAm5dlfPumkDRFrnClswfuXGhQCfIeJS
5S4d0g6ee2spTycvi9+SPuV9epH2JxI3JYNlVBrVXsrZ3COfpZsz0sXvzsxS9+BK
yKSAjrGt1Byz3toQ6kjrBmMtgbZA78Jn7fJ55ahHJnmzLpx9n6+qIGsfJ7Hq5ejx
HPk2nDzgdVJim6bZSzZT6VHR2hNoDY5nwCdSIP1jY3cyESlFkUcl6LuDjjWDmDH8
nbBf+Qk82qUzvogpYlWded087k6fPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org