Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Xc56noukBuLMSyDILCjxfyPu2WI.roa
File: Xc56noukBuLMSyDILCjxfyPu2WI.roa (raw, json)
Hash identifier: Q+cyoKj6hrAOBk8gKxlfY0gR5QLw3vDqeM/tgEp7x8c=
Subject key identifier: 5D:CE:7A:9E:8B:A4:06:E2:CC:4B:20:C8:2C:28:F1:7F:23:EE:D9:62
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 02D28A0F
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Xc56noukBuLMSyDILCjxfyPu2WI.roa
Signing time: Tue 24 May 2022 11:34:14 +0000
ROA not before: Tue 24 May 2022 11:34:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207957
IP address blocks: 2a0c:b641:880::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47352335 (0x2d28a0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: May 24 11:34:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dce7a9e8ba406e2cc4b20c82c28f17f23eed962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3c:01:36:3b:aa:28:a4:d3:61:72:f0:de:2c:
ea:fd:7f:b8:2f:50:b5:a3:c1:83:f9:ed:99:e5:41:
e4:97:ae:b4:b9:5d:bd:f3:39:ad:95:37:93:73:77:
7f:88:de:3d:92:c4:3d:04:de:93:e4:c2:bf:c9:57:
19:f6:3b:f7:59:02:c5:21:9a:9e:2c:e1:24:e0:f4:
4e:96:e8:b0:0f:e1:b2:f2:ab:62:24:16:c9:37:d7:
9b:77:62:7b:9a:9e:d1:0a:be:20:ba:a6:68:81:e3:
3d:47:1d:c3:56:54:53:c9:5e:39:c0:a2:55:20:46:
14:a2:96:10:8d:34:9c:89:4a:54:92:f4:ca:25:26:
9d:bb:2e:76:b3:4f:ff:22:25:3c:f6:b4:50:16:6d:
4e:76:e2:bb:ab:ad:2d:44:fb:6c:d9:f9:9c:bb:98:
19:f1:35:9e:f9:eb:3b:93:13:da:66:d4:4a:cc:c8:
0b:af:8f:83:5b:07:01:17:5e:65:8a:96:15:d5:87:
4b:b3:fe:e0:9c:54:ab:45:e6:0f:10:b4:87:86:39:
30:e3:f0:68:c0:38:4c:db:5f:e6:f8:70:aa:bd:ba:
65:5c:e7:dd:7d:b6:54:f6:f8:ee:34:87:a2:86:db:
3f:8f:56:a1:ea:51:50:36:db:47:e3:21:4c:f8:03:
1a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CE:7A:9E:8B:A4:06:E2:CC:4B:20:C8:2C:28:F1:7F:23:EE:D9:62
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Xc56noukBuLMSyDILCjxfyPu2WI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:880::/44
Signature Algorithm: sha256WithRSAEncryption
02:58:05:fc:da:59:c4:22:b3:df:35:8a:9a:36:7d:fa:17:a6:
b8:e2:29:98:24:1b:12:e8:b7:8f:f9:9b:1f:e4:37:46:00:3e:
5a:ae:45:5d:21:0b:92:a9:f5:79:92:da:fd:f6:94:a3:c9:48:
65:cd:45:f7:da:3d:a6:31:c4:52:3b:3c:6a:41:51:14:3d:87:
8f:12:7c:95:06:1a:07:3d:60:20:c4:e2:8c:81:29:c5:b9:ca:
0e:c7:61:dc:8e:3e:03:6d:68:28:e4:4c:68:26:fc:37:b3:23:
80:d6:b2:30:e3:9b:26:f5:09:b1:9e:13:9e:9b:ce:e4:db:f7:
8b:fd:7a:4a:6b:00:40:59:5a:4f:ba:64:bf:0d:bd:7c:7d:b4:
40:7e:4c:63:7b:59:1c:fb:df:19:04:1c:78:ae:65:e9:2c:bd:
c3:47:44:e2:46:ef:bf:90:86:12:57:8c:4d:40:45:ae:19:cb:
08:19:07:69:8d:be:d6:06:b5:ef:5c:dd:63:cb:cb:e3:87:a8:
fc:51:3a:06:b7:67:0f:1a:e8:18:17:53:a6:2b:5a:15:58:09:
d3:d3:26:8f:95:5e:4c:47:49:ae:e1:34:0b:3f:77:c1:f3:36:
e4:37:f2:76:ab:60:a6:dd:64:1e:6f:5e:83:0e:28:47:11:7e:
70:a2:bb:c8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAtKKDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDUy
NDExMzQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRjZTdhOWU4YmE0
MDZlMmNjNGIyMGM4MmMyOGYxN2YyM2VlZDk2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMc8ATY7qiik02Fy8N4s6v1/uC9QtaPBg/ntmeVB5JeutLld
vfM5rZU3k3N3f4jePZLEPQTek+TCv8lXGfY791kCxSGanizhJOD0TpbosA/hsvKr
YiQWyTfXm3die5qe0Qq+ILqmaIHjPUcdw1ZUU8leOcCiVSBGFKKWEI00nIlKVJL0
yiUmnbsudrNP/yIlPPa0UBZtTnbiu6utLUT7bNn5nLuYGfE1nvnrO5MT2mbUSszI
C6+Pg1sHARdeZYqWFdWHS7P+4JxUq0XmDxC0h4Y5MOPwaMA4TNtf5vhwqr26ZVzn
3X22VPb47jSHoobbP49WoepRUDbbR+MhTPgDGpECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRdznqei6QG4sxLIMgsKPF/I+7ZYjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L1hjNTZub3VrQnVMTVN5RElMQ2p4ZnlQdTJXSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEIgDANBgkqhkiG9w0BAQsF
AAOCAQEAAlgF/NpZxCKz3zWKmjZ9+hemuOIpmCQbEui3j/mbH+Q3RgA+Wq5FXSEL
kqn1eZLa/faUo8lIZc1F99o9pjHEUjs8akFRFD2HjxJ8lQYaBz1gIMTijIEpxbnK
Dsdh3I4+A21oKORMaCb8N7MjgNayMOObJvUJsZ4TnpvO5Nv3i/16SmsAQFlaT7pk
vw29fH20QH5MY3tZHPvfGQQceK5l6Sy9w0dE4kbvv5CGEleMTUBFrhnLCBkHaY2+
1ga171zdY8vL44eo/FE6BrdnDxroGBdTpitaFVgJ09Mmj5VeTEdJruE0Cz93wfM2
5Dfydqtgpt1kHm9egw4oRxF+cKK7yA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:37 2023 by rpki-client on console-fra.rpki-client.org