Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/RK_DkJ0e7NhyrEKKbLNjLfhgfiM.roa
File: RK_DkJ0e7NhyrEKKbLNjLfhgfiM.roa (raw, json)
Hash identifier: mlgzJQsP7+bhB6UqWcaUxtxG2cex5QiSx7w2+VD4N1E=
Subject key identifier: 44:AF:C3:90:9D:1E:EC:D8:72:AC:42:8A:6C:B3:63:2D:F8:60:7E:23
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E3BFD04AA309389585C515B6FC7E9
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/RK_DkJ0e7NhyrEKKbLNjLfhgfiM.roa
Signing time: Mon 02 Jan 2023 06:14:44 +0000
ROA not before: Mon 02 Jan 2023 06:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41108
IP address blocks: 2a0c:b642:1a0f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:3b:fd:04:aa:30:93:89:58:5c:51:5b:6f:c7:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44afc3909d1eecd872ac428a6cb3632df8607e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ff:14:fd:83:78:a8:13:a8:72:5c:24:14:6d:
3c:d8:58:26:64:71:8f:2e:c7:d5:db:c3:33:e2:cc:
68:ad:00:a9:0c:82:e6:78:5a:22:90:21:d8:b1:76:
cf:49:65:39:80:2f:52:ea:db:be:0c:8e:16:05:bc:
4e:d8:a8:54:56:0d:e0:dc:b8:25:e1:9a:07:ed:18:
86:d1:19:29:bb:25:bf:66:c1:37:dc:2c:89:18:70:
6a:32:56:a4:65:d5:2e:d9:7c:59:c5:a7:aa:ac:15:
1d:02:21:43:0c:9e:f2:3f:1b:6e:88:71:c5:8a:89:
c0:9e:e4:0c:ca:12:ed:d4:24:f2:bf:a3:92:9c:e0:
e1:c2:f6:41:31:14:2f:8a:f2:bc:b0:18:99:d7:38:
13:6f:14:ae:29:bf:b1:4b:2d:e3:8e:94:15:a0:47:
40:68:5a:84:a8:0c:b1:83:c8:ed:cb:e8:f0:60:bf:
33:47:50:a7:8b:c0:4d:3d:6e:89:e6:72:e7:b0:14:
20:93:5f:89:aa:96:96:ab:05:e6:7a:14:03:35:c1:
2b:87:bf:6f:7d:00:85:48:32:0b:78:e6:88:6d:81:
7d:33:f2:e0:1e:4a:9f:a8:ea:09:87:0f:83:99:36:
42:0d:1f:cd:d5:d9:cd:ba:99:03:a9:7d:1d:ea:63:
7b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AF:C3:90:9D:1E:EC:D8:72:AC:42:8A:6C:B3:63:2D:F8:60:7E:23
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/RK_DkJ0e7NhyrEKKbLNjLfhgfiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:1a0f::/48
Signature Algorithm: sha256WithRSAEncryption
90:4a:41:0b:4a:1d:fd:5f:9c:3b:90:af:84:c9:91:c5:76:17:
f1:e4:67:9c:84:9d:cd:f0:19:44:98:0d:d2:7f:d2:dc:78:53:
e8:b5:6e:04:9d:35:24:7a:a9:33:57:3c:10:de:76:52:b1:7b:
8e:36:5f:22:05:95:79:3d:7b:0e:d6:d7:96:a3:ba:90:86:8e:
79:5e:18:d9:9f:b7:28:31:ff:42:a3:c9:23:b0:13:71:64:94:
4f:62:6b:4a:b1:73:db:f3:c2:fb:f9:0e:ea:eb:dd:29:b5:53:
5f:7a:50:91:d2:d9:2c:fb:7f:bd:95:4d:1f:54:b4:62:63:28:
d3:f4:0e:18:b5:c0:a3:bc:e7:73:e1:04:33:29:e8:d4:d6:83:
de:55:b1:a4:02:71:fb:e9:98:97:af:fe:65:c0:58:3f:8c:8c:
7a:4e:f6:e9:20:58:1c:9c:32:28:71:15:d9:ed:99:e4:ea:81:
2b:1d:77:51:38:1d:ee:25:cc:ed:2a:f0:af:bb:25:3b:5f:3f:
ec:83:02:b6:04:a4:7f:67:dd:78:4d:f1:01:c6:1b:12:7c:20:
15:6e:0d:f5:86:f0:08:25:f7:9a:2e:fe:bb:89:e1:08:7f:b8:
54:19:61:7e:0e:86:4f:2c:be:74:73:62:47:26:2e:15:a2:36:
1a:9a:cb:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHjv9BKowk4lYXFFbb8fpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGFmYzM5MDlkMWVlY2Q4NzJhYzQyOGE2Y2IzNjMyZGY4NjA3ZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/8U/YN4qBOoclwkFG082FgmZHGP
LsfV28Mz4sxorQCpDILmeFoikCHYsXbPSWU5gC9S6tu+DI4WBbxO2KhUVg3g3Lgl
4ZoH7RiG0RkpuyW/ZsE33CyJGHBqMlakZdUu2XxZxaeqrBUdAiFDDJ7yPxtuiHHF
ionAnuQMyhLt1CTyv6OSnODhwvZBMRQvivK8sBiZ1zgTbxSuKb+xSy3jjpQVoEdA
aFqEqAyxg8jty+jwYL8zR1Cni8BNPW6J5nLnsBQgk1+JqpaWqwXmehQDNcErh79v
fQCFSDILeOaIbYF9M/LgHkqfqOoJhw+DmTZCDR/N1dnNupkDqX0d6mN7BQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFESvw5CdHuzYcqxCimyzYy34YH4jMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvUktfRGtKMGU3Tmh5ckVLS2JMTmpMZmhnZmlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgy2QhoP
MA0GCSqGSIb3DQEBCwUAA4IBAQCQSkELSh39X5w7kK+EyZHFdhfx5GechJ3N8BlE
mA3Sf9LceFPotW4EnTUkeqkzVzwQ3nZSsXuONl8iBZV5PXsO1teWo7qQho55XhjZ
n7coMf9Co8kjsBNxZJRPYmtKsXPb88L7+Q7q690ptVNfelCR0tks+3+9lU0fVLRi
YyjT9A4YtcCjvOdz4QQzKejU1oPeVbGkAnH76ZiXr/5lwFg/jIx6TvbpIFgcnDIo
cRXZ7Znk6oErHXdROB3uJcztKvCvuyU7Xz/sgwK2BKR/Z914TfEBxhsSfCAVbg31
hvAIJfeaLv67ieEIf7hUGWF+DoZPLL50c2JHJi4VojYamsvJ
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:26:48 2025 by rpki-client