Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/YOFr6Izt-ZCp8Y75jGTJZWBE7G8.roa
File: YOFr6Izt-ZCp8Y75jGTJZWBE7G8.roa (raw, json)
Hash identifier: kBS0hS7ThMdQ+byq0UN12YMRmIqAZhytLyNIMrbhkhU=
Subject key identifier: 60:E1:6B:E8:8C:ED:F9:90:A9:F1:8E:F9:8C:64:C9:65:60:44:EC:6F
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01146DE8
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/YOFr6Izt-ZCp8Y75jGTJZWBE7G8.roa
Signing time: Sat 01 Jan 2022 00:59:38 +0000
ROA not before: Sat 01 Jan 2022 00:59:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204625
IP address blocks: 2a0c:b642:900::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18116072 (0x1146de8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60e16be88cedf990a9f18ef98c64c9656044ec6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d4:c3:fc:67:9c:d6:c5:df:d8:40:d6:f4:09:
ca:c0:ac:24:f0:ee:de:45:b2:95:c9:31:67:9c:b0:
59:47:92:c5:38:fb:cf:9a:ee:f6:70:a7:7a:85:e9:
a1:56:50:12:51:3a:8a:d6:1d:6e:b6:3d:d2:af:19:
d8:16:3e:22:5c:41:92:de:85:40:da:95:eb:94:2f:
5d:d7:b3:a0:69:36:95:55:bf:73:e9:d8:04:c6:51:
45:31:54:82:0e:b9:ad:b6:6a:d5:29:64:1d:ef:d9:
0c:f1:b8:08:4b:94:d2:14:1f:04:8e:76:1c:37:56:
31:fe:03:90:a9:5e:48:9e:d9:d8:97:7c:13:98:16:
b5:98:53:2c:4e:d4:7f:1e:5a:89:b4:bd:80:c6:7f:
07:b8:1a:6b:fa:22:82:6d:7d:71:4d:06:06:39:ab:
77:e0:86:29:df:3e:39:62:f8:42:74:f4:1a:63:c2:
c1:f8:06:6b:2d:8e:5b:a3:fa:db:75:b8:6c:d7:1b:
93:8e:71:19:89:80:16:95:47:59:40:fe:38:06:98:
c3:b0:9d:49:3e:33:7f:26:8d:04:6f:2b:0e:67:33:
d6:28:0d:46:b4:bb:8d:d7:6a:4f:df:b7:26:5b:7d:
f4:d0:33:f3:cd:e6:76:c4:b8:97:e4:fa:fd:e1:38:
80:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E1:6B:E8:8C:ED:F9:90:A9:F1:8E:F9:8C:64:C9:65:60:44:EC:6F
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/YOFr6Izt-ZCp8Y75jGTJZWBE7G8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:900::/40
Signature Algorithm: sha256WithRSAEncryption
28:33:af:90:88:f4:5d:98:a9:27:44:cc:01:22:c1:85:d5:56:
39:df:67:df:9a:8a:d8:22:f1:76:b6:fa:3a:35:9c:7a:a8:19:
65:f7:0e:de:57:b8:51:78:f4:a8:0e:54:13:ad:2b:fd:2d:21:
23:e1:ce:8a:1f:45:ba:47:e1:08:31:4c:09:8e:ff:94:8e:89:
41:96:3b:c7:c7:53:1b:d8:be:19:e1:8f:43:2d:3c:e8:8e:b8:
ad:d2:c3:ec:84:1a:62:9d:80:1f:66:08:e7:55:9d:39:8e:e2:
aa:ec:72:52:f6:cc:b0:8d:40:51:04:ea:6d:68:ce:e3:41:3f:
5c:d6:41:2d:d9:da:5e:01:8e:1a:47:64:17:b3:2f:58:6a:5f:
13:07:e8:05:10:58:81:e2:02:84:f4:f5:de:80:5c:e0:4d:0f:
cc:ba:50:b2:aa:20:4c:10:4e:11:e7:67:cd:c5:06:a6:f5:59:
0c:3f:e8:91:d0:9d:4e:50:da:2e:b5:2f:a2:8e:a5:44:99:e9:
61:5d:cc:62:d0:02:6d:ea:7c:c1:cb:00:ce:cf:ed:56:b0:6c:
c7:bb:c7:69:a3:2a:c7:20:d0:6d:c5:2b:a9:02:ab:ce:0a:6e:
a7:74:0f:80:9c:04:00:55:ef:28:f5:3c:1b:05:21:f6:b4:83:
fb:03:fc:04
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEARRt6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTkzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBlMTZiZTg4Y2Vk
Zjk5MGE5ZjE4ZWY5OGM2NGM5NjU2MDQ0ZWM2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLUw/xnnNbF39hA1vQJysCsJPDu3kWylckxZ5ywWUeSxTj7
z5ru9nCneoXpoVZQElE6itYdbrY90q8Z2BY+IlxBkt6FQNqV65QvXdezoGk2lVW/
c+nYBMZRRTFUgg65rbZq1SlkHe/ZDPG4CEuU0hQfBI52HDdWMf4DkKleSJ7Z2Jd8
E5gWtZhTLE7Ufx5aibS9gMZ/B7gaa/oigm19cU0GBjmrd+CGKd8+OWL4QnT0GmPC
wfgGay2OW6P623W4bNcbk45xGYmAFpVHWUD+OAaYw7CdST4zfyaNBG8rDmcz1igN
RrS7jddqT9+3Jlt99NAz883mdsS4l+T6/eE4gKMCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRg4WvojO35kKnxjvmMZMllYETsbzAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L1lPRnI2SXp0LVpDcDhZNzVqR1RKWldCRTdHOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoMtkIJMA0GCSqGSIb3DQEBCwUA
A4IBAQAoM6+QiPRdmKknRMwBIsGF1VY532ffmorYIvF2tvo6NZx6qBll9w7eV7hR
ePSoDlQTrSv9LSEj4c6KH0W6R+EIMUwJjv+UjolBljvHx1Mb2L4Z4Y9DLTzojrit
0sPshBpinYAfZgjnVZ05juKq7HJS9sywjUBRBOptaM7jQT9c1kEt2dpeAY4aR2QX
sy9Yal8TB+gFEFiB4gKE9PXegFzgTQ/MulCyqiBMEE4R52fNxQam9VkMP+iR0J1O
UNoutS+ijqVEmelhXcxi0AJt6nzBywDOz+1WsGzHu8dpoyrHINBtxSupAqvOCm6n
dA+AnAQAVe8o9TwbBSH2tIP7A/wE
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:18:37 2025 by rpki-client