Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Po1F6fIHXM3b1SMaMZMTXhdXiH0.roa
File: Po1F6fIHXM3b1SMaMZMTXhdXiH0.roa (raw, json)
Hash identifier: FVJklPcywsYKGbOMrAO3qxyhqEzILrk4XJLdrIsh9M0=
Subject key identifier: 3E:8D:45:E9:F2:07:5C:CD:DB:D5:23:1A:31:93:13:5E:17:57:88:7D
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018BEDC87DFEDF1094EA9E24C02D0D9B8BF5
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Po1F6fIHXM3b1SMaMZMTXhdXiH0.roa
Signing time: Mon 20 Nov 2023 17:30:21 +0000
ROA not before: Mon 20 Nov 2023 17:30:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215970
IP address blocks: 2a0c:b641:b10::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ed:c8:7d:fe:df:10:94:ea:9e:24:c0:2d:0d:9b:8b:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Nov 20 17:30:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e8d45e9f2075ccddbd5231a3193135e1757887d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:97:21:21:7d:f9:2a:ee:45:d6:46:a1:7e:73:
61:6b:79:81:1a:7d:5b:45:f7:65:3b:9a:d6:f4:d3:
09:09:f7:75:2e:fe:af:b3:81:80:40:bd:b5:20:f1:
28:2c:76:4c:91:69:af:fd:98:55:c6:dc:61:be:51:
c5:d1:99:d8:df:9a:e7:05:dd:3b:d7:7d:71:2d:d8:
5d:cc:f6:bc:31:eb:7a:d6:8d:f7:71:1f:58:d5:8a:
76:31:e0:34:d1:30:a7:b1:7d:df:61:43:0a:2f:4d:
1e:1f:4c:c8:bd:8d:6d:c1:2f:5f:b2:5e:f5:84:a3:
25:81:43:a2:00:25:c3:05:46:76:d4:6a:c5:a6:71:
55:f1:ea:53:b3:ce:fd:6b:3b:f4:ee:38:59:f0:5a:
98:c0:cb:a6:15:08:8c:66:71:b0:0e:f7:9a:b3:65:
b4:52:5a:2e:23:22:75:82:37:9c:82:78:99:c8:5e:
7b:bb:05:df:9f:f3:c2:40:52:db:8e:0c:53:ba:9f:
28:41:f5:01:9a:8c:ea:04:82:cc:67:26:0c:8c:7d:
25:fb:2d:a9:32:41:5e:c0:d7:04:99:ea:16:b6:6d:
86:cd:62:50:67:08:73:3a:eb:28:55:fe:39:5c:b1:
40:cb:3c:53:b7:c2:85:e1:ec:d9:7f:f0:ad:dd:57:
48:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:8D:45:E9:F2:07:5C:CD:DB:D5:23:1A:31:93:13:5E:17:57:88:7D
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Po1F6fIHXM3b1SMaMZMTXhdXiH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:b10::/44
Signature Algorithm: sha256WithRSAEncryption
95:9d:42:04:6f:f0:8a:15:fe:cd:20:23:3d:a6:22:d7:e3:7a:
d2:4e:01:8a:a9:bb:a0:6a:cc:97:75:0a:48:b6:c7:9d:09:df:
f8:ed:00:76:c8:d4:19:7d:cf:ac:d9:3f:27:3f:37:f3:8d:1f:
da:cc:cb:12:50:ba:c0:a9:83:91:33:95:d8:b5:76:9e:95:62:
76:5c:82:c2:45:c6:13:cf:81:e0:78:59:ed:c9:c8:59:a5:46:
6d:d1:04:34:e2:d2:1b:26:d7:29:43:a4:77:b3:ca:47:ee:41:
63:ba:8d:11:3d:22:76:a0:e6:ff:c3:62:26:bf:f6:4b:fb:45:
be:d0:e7:63:a7:1f:47:cb:f1:d6:d9:ff:ea:1f:2c:2a:af:6d:
6a:b1:fc:98:af:f5:14:af:af:0d:b8:cd:32:ad:83:d3:93:50:
7e:44:28:03:35:49:cf:57:f4:01:aa:82:fc:25:85:83:4f:b5:
fa:93:70:2b:b6:86:95:8b:04:ad:75:3d:be:2d:fb:3f:15:c6:
66:10:0a:16:40:55:38:94:7b:41:22:80:0f:58:1d:1e:68:99:
e3:c7:08:6e:8c:ea:76:34:3a:e3:78:08:4d:f3:96:61:df:d3:
bb:f2:f4:76:81:a6:4d:9d:55:ac:8f:b4:33:60:15:94:40:29:
ec:93:cd:66
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYvtyH3+3xCU6p4kwC0Nm4v1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMxMTIwMTczMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZThkNDVlOWYyMDc1Y2NkZGJkNTIzMWEzMTkzMTM1ZTE3NTc4ODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5pchIX35Ku5F1kahfnNha3mBGn1b
RfdlO5rW9NMJCfd1Lv6vs4GAQL21IPEoLHZMkWmv/ZhVxtxhvlHF0ZnY35rnBd07
131xLdhdzPa8Met61o33cR9Y1Yp2MeA00TCnsX3fYUMKL00eH0zIvY1twS9fsl71
hKMlgUOiACXDBUZ21GrFpnFV8epTs879azv07jhZ8FqYwMumFQiMZnGwDveas2W0
UlouIyJ1gjecgniZyF57uwXfn/PCQFLbjgxTup8oQfUBmozqBILMZyYMjH0l+y2p
MkFewNcEmeoWtm2GzWJQZwhzOusoVf45XLFAyzxTt8KF4ezZf/Ct3VdIXwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD6NRenyB1zN29UjGjGTE14XV4h9MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvUG8xRjZmSUhYTTNiMVNNYU1aTVRYaGRYaUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQsQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCVnUIEb/CKFf7NICM9piLX43rSTgGKqbugasyX
dQpItsedCd/47QB2yNQZfc+s2T8nPzfzjR/azMsSULrAqYORM5XYtXaelWJ2XILC
RcYTz4HgeFntychZpUZt0QQ04tIbJtcpQ6R3s8pH7kFjuo0RPSJ2oOb/w2Imv/ZL
+0W+0Odjpx9Hy/HW2f/qHywqr21qsfyYr/UUr68NuM0yrYPTk1B+RCgDNUnPV/QB
qoL8JYWDT7X6k3ArtoaViwStdT2+Lfs/FcZmEAoWQFU4lHtBIoAPWB0eaJnjxwhu
jOp2NDrjeAhN85Zh39O78vR2gaZNnVWsj7QzYBWUQCnsk81m
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:23:38 2025 by rpki-client