Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/X3wj8w5AKaWJ0xMIHfXMVMaXGT8.roa
File: X3wj8w5AKaWJ0xMIHfXMVMaXGT8.roa (raw, json)
Hash identifier: 1KWDXm2RhaR69E2LvaSETDmUz/b/2lUdgZNWpHkLJ14=
Subject key identifier: 5F:7C:23:F3:0E:40:29:A5:89:D3:13:08:1D:F5:CC:54:C6:97:19:3F
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 015B3CCD
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/X3wj8w5AKaWJ0xMIHfXMVMaXGT8.roa
Signing time: Sat 01 Jan 2022 01:00:30 +0000
ROA not before: Sat 01 Jan 2022 01:00:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213190
IP address blocks: 2a0c:b642:fc0::/43 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22756557 (0x15b3ccd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f7c23f30e4029a589d313081df5cc54c697193f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:32:16:f1:23:a4:23:04:fc:0c:41:5e:a2:a9:
60:51:99:ec:b5:72:cb:6a:ab:4b:b7:5e:62:75:1c:
48:11:84:b4:3e:3d:8d:72:36:df:2e:d6:8b:ea:54:
41:1f:d8:f2:8a:3b:d4:8a:9f:c5:be:36:a5:35:4b:
17:64:cd:2d:de:a7:6f:43:24:f0:b9:24:97:ea:8b:
df:9a:22:73:12:e7:1d:77:28:a6:b1:34:f0:f8:85:
48:e8:0a:9a:05:1e:4b:d9:d0:b9:f6:28:e3:ff:d1:
f2:73:d1:fa:da:cc:04:0d:9f:d6:8a:16:a7:45:eb:
a1:77:f5:51:2c:30:ee:8b:f4:54:c0:5d:f3:9e:5f:
20:43:cf:3f:8c:4d:2a:2e:f7:e5:69:39:28:37:7b:
97:b8:ac:1b:da:08:a7:fd:30:b9:1f:bf:ab:e3:6f:
5b:33:df:d9:31:54:2a:88:33:6d:03:38:8c:17:e0:
5a:b4:cd:75:9e:df:90:e0:20:a6:63:07:66:0e:54:
13:60:08:7a:86:6a:21:2d:aa:bc:c6:b5:b2:ba:a3:
8c:a3:ad:b1:94:5c:6c:6e:06:41:9f:99:be:47:e0:
f7:86:7c:ea:01:cc:74:af:91:c6:18:84:f3:3d:d8:
b0:79:af:01:73:b8:71:b9:06:b3:c8:40:57:9b:13:
e0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:7C:23:F3:0E:40:29:A5:89:D3:13:08:1D:F5:CC:54:C6:97:19:3F
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/X3wj8w5AKaWJ0xMIHfXMVMaXGT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:fc0::/43
Signature Algorithm: sha256WithRSAEncryption
91:89:93:8d:8f:49:e2:2a:eb:4b:93:4c:9a:b0:cd:7e:0b:8a:
31:ee:28:75:bb:98:a2:90:94:da:c1:33:ba:c4:d9:3e:57:03:
f4:b6:e5:47:d6:cd:50:8a:90:30:e8:a3:11:70:96:92:33:99:
6a:b9:13:82:09:95:2e:5a:d5:ba:f4:f7:23:68:59:b6:5d:50:
f6:23:ba:bc:88:97:69:cf:5c:55:c1:5d:8d:6d:e2:d3:80:a5:
c0:8e:76:82:6d:47:bd:0c:03:7c:18:f1:bb:d7:25:28:aa:d2:
e6:c1:3f:2d:65:f4:1b:d7:d1:6a:75:38:a8:7f:28:34:97:e1:
23:e9:4e:8f:97:d0:f4:13:d2:ac:5c:7c:62:13:dc:62:97:3f:
33:cf:14:ab:45:2d:fd:f3:86:b0:fd:8e:70:a3:ff:e8:89:24:
dd:96:eb:3e:0b:4f:bc:e4:56:72:e0:16:bd:cd:e4:1e:e4:ee:
da:93:76:d2:9e:5e:66:cb:b6:a1:a8:8b:ea:a4:b0:d5:b5:d6:
9b:21:0a:dd:18:e6:66:36:8e:bc:b4:27:17:af:f2:e2:c7:e4:
5d:59:b6:aa:00:fc:68:30:c0:08:a6:0e:b8:18:e9:28:45:dc:
24:5c:e1:2a:7d:58:4a:d1:79:4c:06:10:c8:14:7f:11:5f:cd:
f5:fe:b4:fb
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAVs8zTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY3YzIzZjMwZTQw
MjlhNTg5ZDMxMzA4MWRmNWNjNTRjNjk3MTkzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkyFvEjpCME/AxBXqKpYFGZ7LVyy2qrS7deYnUcSBGEtD49
jXI23y7Wi+pUQR/Y8oo71Iqfxb42pTVLF2TNLd6nb0Mk8Lkkl+qL35oicxLnHXco
prE08PiFSOgKmgUeS9nQufYo4//R8nPR+trMBA2f1ooWp0XroXf1USww7ov0VMBd
855fIEPPP4xNKi735Wk5KDd7l7isG9oIp/0wuR+/q+NvWzPf2TFUKogzbQM4jBfg
WrTNdZ7fkOAgpmMHZg5UE2AIeoZqIS2qvMa1srqjjKOtsZRcbG4GQZ+Zvkfg94Z8
6gHMdK+RxhiE8z3YsHmvAXO4cbkGs8hAV5sT4EsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRffCPzDkAppYnTEwgd9cxUxpcZPzAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L1gzd2o4dzVBS2FXSjB4TUlIZlhNVk1hWEdUOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBSoMtkIPwDANBgkqhkiG9w0BAQsF
AAOCAQEAkYmTjY9J4irrS5NMmrDNfguKMe4odbuYopCU2sEzusTZPlcD9LblR9bN
UIqQMOijEXCWkjOZarkTggmVLlrVuvT3I2hZtl1Q9iO6vIiXac9cVcFdjW3i04Cl
wI52gm1HvQwDfBjxu9clKKrS5sE/LWX0G9fRanU4qH8oNJfhI+lOj5fQ9BPSrFx8
YhPcYpc/M88Uq0Ut/fOGsP2OcKP/6Ikk3ZbrPgtPvORWcuAWvc3kHuTu2pN20p5e
Zsu2oaiL6qSw1bXWmyEK3RjmZjaOvLQnF6/y4sfkXVm2qgD8aDDACKYOuBjpKEXc
JFzhKn1YStF5TAYQyBR/EV/N9f60+w==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:13:11 2025 by rpki-client