Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/X2rhWlJx175uuMzY7q1puQbHLxI.roa
File: X2rhWlJx175uuMzY7q1puQbHLxI.roa (raw, json)
Hash identifier: t4cBsUXRVaqFSnRk18hRDVy3MAx8XDU5/uVAEDvhzu4=
Subject key identifier: 5F:6A:E1:5A:52:71:D7:BE:6E:B8:CC:D8:EE:AD:69:B9:06:C7:2F:12
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0128C09C
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/X2rhWlJx175uuMzY7q1puQbHLxI.roa
Signing time: Sat 01 Jan 2022 00:59:46 +0000
ROA not before: Sat 01 Jan 2022 00:59:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208505
IP address blocks: 2a0c:b641:610::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19447964 (0x128c09c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f6ae15a5271d7be6eb8ccd8eead69b906c72f12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:26:98:bf:75:be:e1:a4:4a:74:18:05:f5:90:
18:90:dd:eb:1e:52:d6:f6:82:37:02:f2:3f:f3:b5:
e2:9c:30:b0:16:99:3e:03:3b:c9:b1:6a:35:7f:f7:
8b:36:8d:36:af:60:9c:7e:48:5c:54:70:66:28:a4:
35:0f:b4:a4:8a:5a:bd:34:7f:58:8d:ec:24:3a:ca:
40:38:f9:99:84:d0:f9:77:53:07:cf:1d:fb:14:c2:
c9:14:20:c4:1b:43:67:a9:e9:80:de:3e:fa:42:c7:
f9:3f:5f:10:4b:ba:11:f5:8f:da:69:1e:f6:a3:cd:
5d:9a:8b:0c:4d:d5:fe:47:3f:25:30:a8:06:18:16:
e9:ff:6f:43:46:8b:fe:07:69:60:4a:8b:99:5b:ec:
0a:2f:47:c7:51:6a:48:08:b1:c0:71:ed:6a:b4:ce:
6b:3a:6f:5c:6d:38:25:96:3c:4f:c0:80:11:e9:eb:
f2:48:70:70:b1:3f:fb:81:e8:18:a8:7c:4d:fc:81:
62:50:93:78:47:5c:a4:e1:7f:73:40:4e:5a:ef:31:
e8:2c:9d:8a:f4:ec:c5:81:47:6b:e1:6f:05:8f:5a:
8d:44:11:f7:b6:1a:97:b8:2d:1c:d4:c6:89:3a:cd:
b1:e5:28:26:20:aa:fc:d8:5f:ef:ea:d2:82:41:8c:
1b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6A:E1:5A:52:71:D7:BE:6E:B8:CC:D8:EE:AD:69:B9:06:C7:2F:12
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/X2rhWlJx175uuMzY7q1puQbHLxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:610::/44
Signature Algorithm: sha256WithRSAEncryption
91:39:21:db:a7:5d:b7:15:1a:4c:7d:65:db:25:d4:42:d1:ab:
97:38:1b:07:e3:24:18:17:5d:8c:2e:35:81:c8:33:6c:0c:fc:
d6:c9:40:98:55:e4:76:94:a6:f6:2f:69:c7:bc:b5:41:3a:93:
13:85:a7:4f:9d:7f:40:76:28:f9:2e:64:4e:bf:2c:23:ed:90:
86:28:1f:13:d7:22:0e:ff:e8:7a:c9:44:0c:26:43:f5:15:0f:
b0:bb:f0:58:30:61:0c:e8:4e:c4:a3:1e:8e:f8:ff:f9:20:1e:
0a:65:70:22:9b:9a:71:24:ed:6b:7e:e7:7c:6c:78:66:53:25:
f4:6b:7d:a2:08:ad:bb:94:bc:ef:d7:9b:78:a4:16:73:1d:3b:
1e:78:32:65:3e:24:0b:3d:b9:55:71:2e:85:2b:0c:76:15:a7:
c2:16:aa:86:75:d2:b6:31:8c:c8:20:89:fe:0e:9b:9f:79:8c:
61:a8:46:2f:1c:8e:50:7f:2b:ea:68:23:d1:04:4a:bf:c6:3d:
02:6b:ca:70:61:b2:63:30:bd:a5:35:30:d3:ac:73:0b:20:38:
dc:5a:ef:7d:90:4a:ca:3e:55:b9:82:0f:77:1c:09:bd:64:84:
fa:ba:6a:58:9b:66:de:c5:ad:7d:7c:8d:7a:c0:56:68:37:c2:
7e:e2:9f:6f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEASjAnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTk0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY2YWUxNWE1Mjcx
ZDdiZTZlYjhjY2Q4ZWVhZDY5YjkwNmM3MmYxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgmmL91vuGkSnQYBfWQGJDd6x5S1vaCNwLyP/O14pwwsBaZ
PgM7ybFqNX/3izaNNq9gnH5IXFRwZiikNQ+0pIpavTR/WI3sJDrKQDj5mYTQ+XdT
B88d+xTCyRQgxBtDZ6npgN4++kLH+T9fEEu6EfWP2mke9qPNXZqLDE3V/kc/JTCo
BhgW6f9vQ0aL/gdpYEqLmVvsCi9Hx1FqSAixwHHtarTOazpvXG04JZY8T8CAEenr
8khwcLE/+4HoGKh8TfyBYlCTeEdcpOF/c0BOWu8x6CydivTsxYFHa+FvBY9ajUQR
97Yal7gtHNTGiTrNseUoJiCq/Nhf7+rSgkGMGysCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRfauFaUnHXvm64zNjurWm5BscvEjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L1gycmhXbEp4MTc1dXVNelk3cTFwdVFiSEx4SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEGEDANBgkqhkiG9w0BAQsF
AAOCAQEAkTkh26ddtxUaTH1l2yXUQtGrlzgbB+MkGBddjC41gcgzbAz81slAmFXk
dpSm9i9px7y1QTqTE4WnT51/QHYo+S5kTr8sI+2QhigfE9ciDv/oeslEDCZD9RUP
sLvwWDBhDOhOxKMejvj/+SAeCmVwIpuacSTta37nfGx4ZlMl9Gt9ogitu5S879eb
eKQWcx07HngyZT4kCz25VXEuhSsMdhWnwhaqhnXStjGMyCCJ/g6bn3mMYahGLxyO
UH8r6mgj0QRKv8Y9AmvKcGGyYzC9pTUw06xzCyA43FrvfZBKyj5VuYIPdxwJvWSE
+rpqWJtm3sWtfXyNesBWaDfCfuKfbw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:37 2023 by rpki-client on console-fra.rpki-client.org