Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/VnEM6GmjdDsbv9vTy8ZhQ-iXQAw.roa
File: VnEM6GmjdDsbv9vTy8ZhQ-iXQAw.roa (raw, json)
Hash identifier: cxlnR6klfxD3wSRrKlOIOCs+UMkzFhLZWZn7bhT3VOc=
Subject key identifier: 56:71:0C:E8:69:A3:74:3B:1B:BF:DB:D3:CB:C6:61:43:E8:97:40:0C
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E4ED3EC6D018393BB823B80D0E143
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/VnEM6GmjdDsbv9vTy8ZhQ-iXQAw.roa
Signing time: Mon 02 Jan 2023 06:14:49 +0000
ROA not before: Mon 02 Jan 2023 06:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202905
IP address blocks: 2a0c:b641:370::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:4e:d3:ec:6d:01:83:93:bb:82:3b:80:d0:e1:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56710ce869a3743b1bbfdbd3cbc66143e897400c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:de:be:a6:d3:dd:dc:ef:6d:e0:55:ff:c5:92:
16:d4:db:c9:ec:b0:d0:d9:f1:33:dd:93:a3:0e:08:
d6:17:15:f1:25:c4:c7:4e:87:73:c6:39:da:95:e1:
3b:ca:0b:73:76:05:ee:83:26:f9:84:a5:d1:5c:95:
46:e8:be:c7:6e:eb:d0:ab:6e:c5:15:01:51:b4:7c:
c1:dd:24:dc:33:25:92:67:ad:b6:c6:4d:84:0f:ef:
d6:08:9a:27:b4:d0:70:01:c8:50:05:f8:c9:2e:61:
af:b0:13:1c:90:88:e7:ce:68:30:1e:1d:5e:79:76:
3d:dc:49:63:10:e2:6e:fa:09:f7:62:d6:7b:b2:81:
a2:99:67:08:aa:82:43:f6:8e:0e:40:86:17:16:a7:
7b:2e:9f:9a:49:f6:0c:5e:7a:5c:8e:7c:f6:ea:94:
ab:ab:2c:fb:0d:df:3e:bf:4c:ec:a4:33:27:94:cb:
b6:06:09:b7:af:13:b1:4c:84:61:b7:7c:c6:eb:55:
04:b7:29:9d:85:e3:90:15:07:f1:ba:9f:65:a2:8c:
c7:68:b0:64:94:92:d9:a5:61:15:07:51:54:d4:6b:
4d:60:21:11:82:bc:cd:3e:b1:c1:7f:00:15:a2:84:
03:1c:19:21:07:83:d1:ca:37:af:18:c5:89:23:85:
06:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:71:0C:E8:69:A3:74:3B:1B:BF:DB:D3:CB:C6:61:43:E8:97:40:0C
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/VnEM6GmjdDsbv9vTy8ZhQ-iXQAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:370::/44
Signature Algorithm: sha256WithRSAEncryption
0a:05:6c:46:c5:b6:48:7e:83:42:9e:ab:89:cf:ec:39:c2:9d:
71:5b:12:91:2f:23:ca:87:e5:19:34:5a:a5:0c:eb:46:ea:49:
99:5d:73:33:43:02:47:0c:57:db:b1:40:c7:ba:5e:e1:47:b3:
58:93:a7:ed:7e:d9:50:60:16:0b:cc:c4:e1:19:56:c8:0a:d5:
3c:fd:cb:a9:48:02:44:49:c0:f6:bc:96:5b:65:47:c4:52:10:
36:1a:17:01:7c:32:59:01:79:de:37:45:d9:8e:be:cb:5e:f1:
78:e1:29:0e:53:f0:66:fe:b1:73:b1:0f:47:1d:91:ce:b7:92:
fd:3b:bd:f2:e6:92:60:e7:1c:ae:d9:14:57:3a:4f:65:cf:22:
61:72:b3:2b:48:98:1d:24:92:3c:d2:b6:b4:a2:58:58:b0:7a:
f6:86:51:03:48:ff:e6:86:57:41:06:df:67:98:df:ff:fd:37:
c1:a0:44:d1:19:59:49:6a:07:10:90:3f:22:47:4e:e3:aa:26:
7b:d6:46:11:d8:52:1d:12:c5:2a:29:79:17:64:93:50:69:ca:
e3:d9:4d:4f:70:8b:3b:3f:64:b9:60:bb:53:2e:b3:da:8c:f4:
47:7d:4b:1f:9f:94:86:5d:7b:a3:f0:6e:8b:55:f3:e8:05:87:
f2:c6:b9:3d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHk7T7G0Bg5O7gjuA0OFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjcxMGNlODY5YTM3NDNiMWJiZmRiZDNjYmM2NjE0M2U4OTc0MDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd6+ptPd3O9t4FX/xZIW1NvJ7LDQ
2fEz3ZOjDgjWFxXxJcTHTodzxjnaleE7ygtzdgXugyb5hKXRXJVG6L7HbuvQq27F
FQFRtHzB3STcMyWSZ622xk2ED+/WCJontNBwAchQBfjJLmGvsBMckIjnzmgwHh1e
eXY93EljEOJu+gn3YtZ7soGimWcIqoJD9o4OQIYXFqd7Lp+aSfYMXnpcjnz26pSr
qyz7Dd8+v0zspDMnlMu2Bgm3rxOxTIRht3zG61UEtymdheOQFQfxup9loozHaLBk
lJLZpWEVB1FU1GtNYCERgrzNPrHBfwAVooQDHBkhB4PRyjevGMWJI4UGaQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFZxDOhpo3Q7G7/b08vGYUPol0AMMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvVm5FTTZHbWpkRHNidjl2VHk4WmhRLWlYUUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQNw
MA0GCSqGSIb3DQEBCwUAA4IBAQAKBWxGxbZIfoNCnquJz+w5wp1xWxKRLyPKh+UZ
NFqlDOtG6kmZXXMzQwJHDFfbsUDHul7hR7NYk6ftftlQYBYLzMThGVbICtU8/cup
SAJEScD2vJZbZUfEUhA2GhcBfDJZAXneN0XZjr7LXvF44SkOU/Bm/rFzsQ9HHZHO
t5L9O73y5pJg5xyu2RRXOk9lzyJhcrMrSJgdJJI80ra0olhYsHr2hlEDSP/mhldB
Bt9nmN///TfBoETRGVlJagcQkD8iR07jqiZ71kYR2FIdEsUqKXkXZJNQacrj2U1P
cIs7P2S5YLtTLrPajPRHfUsfn5SGXXuj8G6LVfPoBYfyxrk9
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:18:36 2025 by rpki-client