Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/UFU4D7kCT7HgvmngigyXAApRpXM.roa
File: UFU4D7kCT7HgvmngigyXAApRpXM.roa (raw, json)
Hash identifier: LZl93zKI4/83zC0xRWBevbQb+pnQ8i5+Pf8C4AW+KiY=
Subject key identifier: 50:55:38:0F:B9:02:4F:B1:E0:BE:69:E0:8A:0C:97:00:0A:51:A5:73
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: FC8475
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/UFU4D7kCT7HgvmngigyXAApRpXM.roa
Signing time: Sat 01 Jan 2022 00:59:24 +0000
ROA not before: Sat 01 Jan 2022 00:59:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34641
IP address blocks: 2a0c:b642:2000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16548981 (0xfc8475)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5055380fb9024fb1e0be69e08a0c97000a51a573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:33:43:ae:5b:df:84:f3:11:de:5b:14:42:96:
b0:b5:12:53:f0:ed:c8:72:fc:8d:7a:d7:96:f0:46:
1a:f0:df:fb:19:a8:50:b6:bc:e0:95:83:c1:2c:1c:
60:6f:dc:f8:ab:00:14:86:3e:a7:7e:cf:8c:ff:68:
41:10:27:df:2b:38:21:97:d1:de:f4:0f:ee:10:19:
23:72:ff:09:b1:08:82:31:2b:f2:06:c6:7f:7a:34:
7d:8b:f0:75:ed:2f:68:6c:23:b7:b7:05:8b:84:16:
79:4a:15:e2:69:1e:5b:84:cc:cc:c7:06:4d:c7:23:
5c:40:c7:8b:44:e2:a0:a8:25:98:35:fc:90:5a:67:
1c:4b:0d:9f:7a:84:1c:2e:65:a1:74:45:a9:bf:4b:
38:1f:77:c3:82:1a:30:0b:71:d7:24:ee:2d:86:f7:
14:33:97:09:54:ee:7d:d6:59:31:5a:8c:3f:e0:b1:
97:ce:a1:68:fd:e3:a7:ff:a7:01:35:77:ba:77:dc:
1f:1e:f2:1c:8c:1a:ce:90:e2:46:31:42:8a:3b:a3:
93:bc:81:97:2b:bf:80:19:ca:d7:32:8c:1f:06:95:
3d:bb:bc:72:4c:89:56:24:4d:12:4e:c0:90:6c:57:
62:59:d3:5d:63:73:f0:33:65:de:f0:e5:58:e5:28:
1f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:55:38:0F:B9:02:4F:B1:E0:BE:69:E0:8A:0C:97:00:0A:51:A5:73
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/UFU4D7kCT7HgvmngigyXAApRpXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:2000::/36
Signature Algorithm: sha256WithRSAEncryption
26:d3:cf:09:5d:14:c6:6b:3d:b2:a8:0b:b2:49:a0:5e:88:b9:
42:c7:f5:c3:39:98:8a:88:fa:4d:a8:1b:c3:7c:fa:98:c0:9b:
be:ef:2a:7f:4a:85:ed:d1:ee:97:5b:d4:ba:2c:b8:34:ef:ea:
42:c6:ca:ef:24:5e:dc:bd:00:5c:ab:8f:4b:51:20:df:51:d0:
16:83:8a:06:8c:92:41:4e:b3:d7:33:83:46:5d:c6:32:4f:e0:
c5:3c:55:7f:9a:46:31:19:1f:d1:04:e9:cb:fe:e7:97:61:c0:
48:e1:17:eb:2c:35:8e:b3:5e:42:a2:2f:1d:ea:6f:64:ce:d1:
b7:1a:c9:ac:47:1f:01:16:bf:8d:34:cc:2e:91:81:2d:1b:5a:
9c:2a:9e:12:50:53:a6:e1:f7:d7:3f:ce:ce:55:88:a2:79:8c:
e8:9b:25:c5:de:f9:c4:2e:98:5b:c2:a8:d1:57:5a:8c:3d:30:
d5:a7:9d:b3:ca:7c:9e:68:2c:4b:5c:51:ef:28:80:7e:99:d4:
2c:8a:04:3e:02:32:e5:2c:b9:d5:83:b0:1e:a2:d5:d5:85:d0:
52:40:71:36:69:80:93:5c:65:8d:f5:27:d4:28:6d:66:a2:c0:
ac:db:c6:90:1a:92:b2:37:55:b7:12:a6:b5:88:15:05:36:47:
7f:ee:99:45
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAPyEdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTkyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTA1NTM4MGZiOTAy
NGZiMWUwYmU2OWUwOGEwYzk3MDAwYTUxYTU3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUzQ65b34TzEd5bFEKWsLUSU/DtyHL8jXrXlvBGGvDf+xmo
ULa84JWDwSwcYG/c+KsAFIY+p37PjP9oQRAn3ys4IZfR3vQP7hAZI3L/CbEIgjEr
8gbGf3o0fYvwde0vaGwjt7cFi4QWeUoV4mkeW4TMzMcGTccjXEDHi0TioKglmDX8
kFpnHEsNn3qEHC5loXRFqb9LOB93w4IaMAtx1yTuLYb3FDOXCVTufdZZMVqMP+Cx
l86haP3jp/+nATV3unfcHx7yHIwazpDiRjFCijujk7yBlyu/gBnK1zKMHwaVPbu8
ckyJViRNEk7AkGxXYlnTXWNz8DNl3vDlWOUoH6cCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRQVTgPuQJPseC+aeCKDJcAClGlczAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L1VGVTREN2tDVDdIZ3ZtbmdpZ3lYQUFwUnBYTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoMtkIgMA0GCSqGSIb3DQEBCwUA
A4IBAQAm088JXRTGaz2yqAuySaBeiLlCx/XDOZiKiPpNqBvDfPqYwJu+7yp/SoXt
0e6XW9S6LLg07+pCxsrvJF7cvQBcq49LUSDfUdAWg4oGjJJBTrPXM4NGXcYyT+DF
PFV/mkYxGR/RBOnL/ueXYcBI4RfrLDWOs15Coi8d6m9kztG3GsmsRx8BFr+NNMwu
kYEtG1qcKp4SUFOm4ffXP87OVYiieYzomyXF3vnELphbwqjRV1qMPTDVp52zynye
aCxLXFHvKIB+mdQsigQ+AjLlLLnVg7AeotXVhdBSQHE2aYCTXGWN9SfUKG1mosCs
28aQGpKyN1W3Eqa1iBUFNkd/7plF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:37 2023 by rpki-client on console-fra.rpki-client.org