Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/VtCIopuLsNob4vZA4ZkurCd2Qe4.roa
File: VtCIopuLsNob4vZA4ZkurCd2Qe4.roa (raw, json)
Hash identifier: HOX8W7Nmxg5VKkizIQEbRq2GBtaiYDMOZAnJ3YiSVVg=
Subject key identifier: 56:D0:88:A2:9B:8B:B0:DA:1B:E2:F6:40:E1:99:2E:AC:27:76:41:EE
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E675218F54B65471DBEF787ADFC58
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/VtCIopuLsNob4vZA4ZkurCd2Qe4.roa
Signing time: Mon 02 Jan 2023 06:14:56 +0000
ROA not before: Mon 02 Jan 2023 06:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208753
IP address blocks: 2a0c:b642:ace::/48 maxlen: 48
2a0c:b642:a00::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:67:52:18:f5:4b:65:47:1d:be:f7:87:ad:fc:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56d088a29b8bb0da1be2f640e1992eac277641ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1b:36:71:08:aa:7b:e6:b6:f8:ee:43:dc:d4:
11:e6:e8:12:d2:07:e7:76:0d:aa:91:e5:90:37:fd:
c2:81:e4:a7:b3:32:7e:f1:01:a7:95:fc:6b:64:ec:
b2:8c:14:4a:93:af:0f:4c:b5:a3:aa:b5:29:a9:c2:
59:6b:77:e6:21:bc:80:30:b8:75:8e:ab:26:a4:fa:
f4:9f:79:53:4c:7c:01:e6:db:ea:70:c4:bb:d5:71:
63:fe:98:90:5c:93:d8:c1:9c:c7:f6:2c:24:98:ec:
55:4a:36:c4:ff:ae:89:55:e6:f5:59:76:66:fc:40:
36:61:8a:2e:3a:56:9a:cd:41:a4:58:69:c1:09:06:
f2:c4:69:74:79:9e:d2:32:81:3a:bb:25:79:fc:f1:
71:71:20:7f:ce:5c:34:f2:dc:64:72:78:72:82:79:
39:99:bf:f1:d8:71:01:86:14:af:27:76:d9:46:9d:
19:96:f4:90:af:ee:ea:32:73:d4:5c:98:a3:18:ad:
4f:9c:4a:1b:33:7d:3b:f8:d5:ba:6f:dd:92:90:38:
74:19:70:8e:c7:ce:03:38:36:af:ae:c6:18:08:f2:
f1:7f:4b:c9:24:a0:07:43:4d:5e:e2:a1:e0:40:94:
b3:a2:e6:dd:65:f3:7f:fe:4b:a5:08:02:9e:f2:c5:
17:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:D0:88:A2:9B:8B:B0:DA:1B:E2:F6:40:E1:99:2E:AC:27:76:41:EE
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/VtCIopuLsNob4vZA4ZkurCd2Qe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:a00::/44
2a0c:b642:ace::/48
Signature Algorithm: sha256WithRSAEncryption
04:d6:4e:a5:2c:9b:0f:a8:db:a8:7d:b1:11:53:a6:a8:9e:db:
6d:b6:ec:b5:6f:6d:a1:28:ed:09:9a:13:44:a5:1c:dc:79:06:
cc:0f:5c:1f:30:08:91:c6:35:d0:3c:a8:5b:80:a1:23:0a:99:
12:7e:c0:37:06:ee:f0:b3:00:6c:ed:ad:9e:6c:5a:54:76:dc:
8c:c9:3e:30:cd:63:d8:ba:32:67:98:44:4c:ae:e7:84:30:9c:
03:83:0b:fa:f2:c3:ee:ee:39:b1:b7:7c:ed:1b:53:2f:73:03:
67:98:b2:f5:2e:93:e6:36:3c:33:4e:79:7e:cd:5f:7e:ef:f5:
fb:1f:a0:ea:74:c5:36:24:6d:81:3c:8d:23:44:cb:6a:96:32:
68:55:c6:75:0b:42:58:92:53:4b:a7:be:f5:fa:5b:bf:57:a7:
62:02:c6:55:1f:25:18:bc:0d:4a:41:81:e9:4a:53:53:b5:8d:
90:28:01:14:b0:03:6f:3b:db:c0:8f:d8:f5:fa:b9:2f:3c:e1:
d0:4f:05:ea:08:5b:f5:1d:a4:ef:61:c0:11:14:76:f1:6c:58:
62:0f:99:9a:ec:e8:65:c9:2f:86:d9:68:74:23:e8:4d:d2:29:
8c:31:98:ee:c9:9c:1d:5a:ff:c0:67:d5:68:91:f6:4f:c1:6b:
61:3a:6c:12
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxHmdSGPVLZUcdvveHrfxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmQwODhhMjliOGJiMGRhMWJlMmY2NDBlMTk5MmVhYzI3NzY0MWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhs2cQiqe+a2+O5D3NQR5ugS0gfn
dg2qkeWQN/3CgeSnszJ+8QGnlfxrZOyyjBRKk68PTLWjqrUpqcJZa3fmIbyAMLh1
jqsmpPr0n3lTTHwB5tvqcMS71XFj/piQXJPYwZzH9iwkmOxVSjbE/66JVeb1WXZm
/EA2YYouOlaazUGkWGnBCQbyxGl0eZ7SMoE6uyV5/PFxcSB/zlw08txkcnhygnk5
mb/x2HEBhhSvJ3bZRp0ZlvSQr+7qMnPUXJijGK1PnEobM307+NW6b92SkDh0GXCO
x84DODavrsYYCPLxf0vJJKAHQ01e4qHgQJSzoubdZfN//kulCAKe8sUX2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFbQiKKbi7DaG+L2QOGZLqwndkHuMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvVnRDSW9wdUxzTm9iNHZaQTRaa3VyQ2QyUWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgy2QgoA
AwcAKgy2QgrOMA0GCSqGSIb3DQEBCwUAA4IBAQAE1k6lLJsPqNuofbERU6aonttt
tuy1b22hKO0JmhNEpRzceQbMD1wfMAiRxjXQPKhbgKEjCpkSfsA3Bu7wswBs7a2e
bFpUdtyMyT4wzWPYujJnmERMrueEMJwDgwv68sPu7jmxt3ztG1MvcwNnmLL1LpPm
NjwzTnl+zV9+7/X7H6DqdMU2JG2BPI0jRMtqljJoVcZ1C0JYklNLp771+lu/V6di
AsZVHyUYvA1KQYHpSlNTtY2QKAEUsANvO9vAj9j1+rkvPOHQTwXqCFv1HaTvYcAR
FHbxbFhiD5ma7OhlyS+G2Wh0I+hN0imMMZjuyZwdWv/AZ9VokfZPwWthOmwS
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:05:16 2025 by rpki-client