Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/XMFEBYqEKP6cAlGo3UzQb6kyVyQ.roa
File: XMFEBYqEKP6cAlGo3UzQb6kyVyQ.roa (raw, json)
Hash identifier: CiDt2MVM7jodxaiQQ4hNBzidFGso7e5uau+RtRdbkTQ=
Subject key identifier: 5C:C1:44:05:8A:84:28:FE:9C:02:51:A8:DD:4C:D0:6F:A9:32:57:24
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018BA40C125DE08BC1E4CFC26651B176BC30
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/XMFEBYqEKP6cAlGo3UzQb6kyVyQ.roa
Signing time: Mon 06 Nov 2023 09:52:16 +0000
ROA not before: Mon 06 Nov 2023 09:52:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203511
IP address blocks: 2a0c:b641:6d0::/48 maxlen: 48
2a0c:b641:6d0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a4:0c:12:5d:e0:8b:c1:e4:cf:c2:66:51:b1:76:bc:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Nov 6 09:52:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cc144058a8428fe9c0251a8dd4cd06fa9325724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fb:4a:06:91:db:4c:5a:bd:20:06:ed:9d:2d:
b7:a8:13:49:fa:62:a2:16:8a:63:3d:3f:21:15:4b:
9a:df:bf:94:73:d3:70:c4:88:93:29:14:27:ca:8f:
66:ea:fc:78:bf:dd:8c:90:c9:e5:45:4c:ea:02:2f:
bd:8e:1e:22:92:24:c2:d5:be:42:a0:b0:8c:c5:c1:
c9:8c:fa:f2:e7:83:95:a0:71:25:af:42:b1:d0:91:
0c:a8:e7:d1:fe:6a:7c:c9:11:16:5f:e8:12:fe:9e:
0f:04:4e:81:06:4c:1c:97:7d:08:ca:fd:bc:c5:63:
65:f6:ec:a6:8f:dc:f6:97:03:64:7d:b4:c0:9d:13:
8c:e3:27:92:63:c8:e6:c2:7c:61:8d:c0:43:53:bc:
a6:d8:3c:32:7d:e4:9c:93:b7:7e:42:83:24:6d:5e:
bf:dd:ce:7e:5e:46:4d:d0:f3:36:96:ea:12:00:d2:
82:6e:43:e2:c7:7e:5e:ae:e4:05:95:2e:ea:be:d1:
22:83:2b:38:f1:51:48:17:d2:41:98:11:82:13:f7:
51:73:6d:f8:71:9d:59:d7:f1:17:a8:cf:6d:09:8d:
d0:d2:a7:a8:f9:db:9b:14:8b:b4:db:ed:33:b2:bf:
2c:e2:43:10:53:6b:13:9f:4a:db:d1:96:2e:c3:61:
ff:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C1:44:05:8A:84:28:FE:9C:02:51:A8:DD:4C:D0:6F:A9:32:57:24
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/XMFEBYqEKP6cAlGo3UzQb6kyVyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:6d0::/44
Signature Algorithm: sha256WithRSAEncryption
91:30:c3:0a:40:a8:a3:e4:01:6f:95:20:6b:c3:3f:73:66:9d:
fd:e3:bf:d8:37:39:6e:1b:8f:9c:df:80:93:23:6e:7e:eb:85:
b3:a9:d0:c2:11:39:48:c1:19:cd:a5:96:0e:a4:ea:b8:a2:d8:
82:90:47:36:63:b8:a5:21:00:aa:73:e7:fc:f5:97:f7:c5:23:
61:88:b2:51:27:ec:02:6d:9e:02:be:87:93:3c:d6:85:ec:c1:
65:ac:1e:6e:9d:f1:e4:95:fe:c7:79:41:c9:bb:33:d9:e7:74:
9b:ba:72:64:67:70:60:40:b5:fb:02:6a:78:ed:c0:3a:b1:a2:
f8:93:64:c8:e5:53:2a:d7:1b:28:e9:83:3d:f0:13:bd:99:3c:
28:83:04:88:fd:46:bd:36:bf:67:5e:3c:9e:37:c8:54:37:c5:
f0:03:75:ec:24:5d:72:ed:5a:9e:ea:9e:be:d9:84:22:2e:3f:
d6:01:f8:23:3d:ae:bb:24:d4:eb:be:1b:b0:3e:43:93:f4:e9:
01:da:cc:ae:ce:cf:a6:ed:40:a1:6a:19:32:ab:78:1e:fb:0a:
c4:54:f5:17:8d:f2:0a:ea:c3:bc:c3:bf:0c:81:7f:ac:12:38:
bb:c9:4b:4f:fb:65:0b:31:65:60:c1:03:91:b5:12:01:e6:7f:
66:64:7b:d2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYukDBJd4IvB5M/CZlGxdrwwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMxMTA2MDk1MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2MxNDQwNThhODQyOGZlOWMwMjUxYThkZDRjZDA2ZmE5MzI1NzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPtKBpHbTFq9IAbtnS23qBNJ+mKi
FopjPT8hFUua37+Uc9NwxIiTKRQnyo9m6vx4v92MkMnlRUzqAi+9jh4ikiTC1b5C
oLCMxcHJjPry54OVoHElr0Kx0JEMqOfR/mp8yREWX+gS/p4PBE6BBkwcl30Iyv28
xWNl9uymj9z2lwNkfbTAnROM4yeSY8jmwnxhjcBDU7ym2DwyfeSck7d+QoMkbV6/
3c5+XkZN0PM2luoSANKCbkPix35eruQFlS7qvtEigys48VFIF9JBmBGCE/dRc234
cZ1Z1/EXqM9tCY3Q0qeo+dubFIu02+0zsr8s4kMQU2sTn0rb0ZYuw2H/hQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFzBRAWKhCj+nAJRqN1M0G+pMlckMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvWE1GRUJZcUVLUDZjQWxHbzNVelFiNmt5VnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQbQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCRMMMKQKij5AFvlSBrwz9zZp3947/YNzluG4+c
34CTI25+64WzqdDCETlIwRnNpZYOpOq4otiCkEc2Y7ilIQCqc+f89Zf3xSNhiLJR
J+wCbZ4CvoeTPNaF7MFlrB5unfHklf7HeUHJuzPZ53SbunJkZ3BgQLX7Amp47cA6
saL4k2TI5VMq1xso6YM98BO9mTwogwSI/Ua9Nr9nXjyeN8hUN8XwA3XsJF1y7Vqe
6p6+2YQiLj/WAfgjPa67JNTrvhuwPkOT9OkB2syuzs+m7UChahkyq3ge+wrEVPUX
jfIK6sO8w78MgX+sEji7yUtP+2ULMWVgwQORtRIB5n9mZHvS
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:09:18 2025 by rpki-client