Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ZSEz1_LbqlBSQNMmSrieDIoKBc4.roa
File: ZSEz1_LbqlBSQNMmSrieDIoKBc4.roa (raw, json)
Hash identifier: dlbwqgovERh0iuUHMnBVlobiPYrKlV9Y/our/6YDSSE=
Subject key identifier: 65:21:33:D7:F2:DB:AA:50:52:40:D3:26:4A:B8:9E:0C:8A:0A:05:CE
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01551838
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ZSEz1_LbqlBSQNMmSrieDIoKBc4.roa
Signing time: Sat 01 Jan 2022 01:00:25 +0000
ROA not before: Sat 01 Jan 2022 01:00:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212740
IP address blocks: 2a0c:b641:4d0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22353976 (0x1551838)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=652133d7f2dbaa505240d3264ab89e0c8a0a05ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c2:c0:70:64:2a:47:df:b2:ce:fc:52:be:f5:
cb:69:2b:e4:86:08:21:3a:e0:bc:11:b1:99:d4:e1:
61:ea:69:df:78:a9:48:00:88:4f:0f:d9:bd:c9:1c:
5e:38:d2:6f:f3:29:27:01:01:bf:72:e8:f5:c3:fe:
87:fe:d9:a6:c4:69:21:da:b2:e8:f7:70:b7:34:30:
92:ac:62:9a:62:cf:b1:b2:50:46:57:e5:48:fc:0c:
dd:1a:58:74:c7:e7:5b:49:3b:10:8b:35:0e:35:f0:
6d:38:13:6a:9b:39:37:22:33:a6:f8:24:f4:1c:77:
f0:83:93:2d:6c:3d:4b:56:18:f6:56:ac:44:72:e9:
2c:10:e4:7c:c3:67:bb:aa:bd:f8:9c:9e:b7:53:a7:
fb:2e:ff:58:e4:1f:d9:79:0d:3f:60:16:a7:52:1b:
e6:ad:ea:d4:78:10:d6:18:8b:27:14:51:c8:6c:89:
63:37:bd:94:d4:08:05:fa:04:e4:a1:67:cc:8b:68:
32:6a:17:7b:1e:2b:9f:ee:21:71:32:2d:42:64:f3:
1a:48:da:fa:8e:a0:e7:b2:15:59:92:f2:d0:5d:8e:
ad:a3:67:1e:4c:4d:f4:c2:a6:5b:84:0f:03:dd:f5:
c5:44:1d:24:db:ca:3d:70:0b:04:a0:23:82:f3:d6:
e8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:21:33:D7:F2:DB:AA:50:52:40:D3:26:4A:B8:9E:0C:8A:0A:05:CE
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ZSEz1_LbqlBSQNMmSrieDIoKBc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:4d0::/44
Signature Algorithm: sha256WithRSAEncryption
0a:10:3d:7c:1d:d9:90:7f:f5:31:13:54:df:c6:79:2d:8c:51:
59:77:eb:7a:c1:82:eb:f5:ea:9a:f5:2a:a6:10:8e:2f:85:bb:
27:22:c4:1d:31:ff:c5:c0:41:3b:f9:95:37:65:af:1a:8e:51:
58:e6:73:d6:7f:cb:5c:2d:a7:c0:d6:3c:75:5c:dd:e8:d9:e5:
cc:fb:ca:70:71:85:07:20:45:e3:20:c5:1f:d0:dc:ca:5a:60:
18:b5:7e:c2:68:ba:fb:2d:23:d8:6c:ed:df:91:dc:b6:bf:c1:
86:d7:43:9f:45:71:74:c8:ab:23:e6:a1:08:38:24:fd:4a:4b:
60:70:61:b8:fa:d9:57:95:47:25:77:e7:be:8e:dd:b1:1e:33:
b3:04:6f:77:e9:bf:35:e3:9c:81:ef:78:e2:0b:83:90:eb:b6:
d7:48:ea:d0:34:36:83:22:a3:d5:2b:0d:72:4b:62:f6:df:cf:
5d:0d:c9:79:34:24:a6:22:00:7e:ea:a6:0f:6f:e0:be:b9:1c:
98:06:c4:ba:e1:91:60:dd:02:11:5c:53:98:dd:2f:68:58:7c:
ae:67:f3:2d:8f:de:84:c8:d2:17:20:ba:a0:bb:21:d2:c8:d8:
21:04:ee:f7:27:e8:d7:51:61:73:37:3a:03:16:74:5a:1e:eb:
17:d5:8f:8a
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAVUYODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjUyMTMzZDdmMmRi
YWE1MDUyNDBkMzI2NGFiODllMGM4YTBhMDVjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOXCwHBkKkffss78Ur71y2kr5IYIITrgvBGxmdThYepp33ip
SACITw/ZvckcXjjSb/MpJwEBv3Lo9cP+h/7ZpsRpIdqy6PdwtzQwkqximmLPsbJQ
RlflSPwM3RpYdMfnW0k7EIs1DjXwbTgTaps5NyIzpvgk9Bx38IOTLWw9S1YY9las
RHLpLBDkfMNnu6q9+Jyet1On+y7/WOQf2XkNP2AWp1Ib5q3q1HgQ1hiLJxRRyGyJ
Yze9lNQIBfoE5KFnzItoMmoXex4rn+4hcTItQmTzGkja+o6g57IVWZLy0F2OraNn
HkxN9MKmW4QPA931xUQdJNvKPXALBKAjgvPW6JUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRlITPX8tuqUFJA0yZKuJ4MigoFzjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L1pTRXoxX0xicWxCU1FOTW1TcmllRElvS0JjNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEE0DANBgkqhkiG9w0BAQsF
AAOCAQEAChA9fB3ZkH/1MRNU38Z5LYxRWXfresGC6/XqmvUqphCOL4W7JyLEHTH/
xcBBO/mVN2WvGo5RWOZz1n/LXC2nwNY8dVzd6NnlzPvKcHGFByBF4yDFH9Dcylpg
GLV+wmi6+y0j2Gzt35Hctr/BhtdDn0VxdMirI+ahCDgk/UpLYHBhuPrZV5VHJXfn
vo7dsR4zswRvd+m/NeOcge944guDkOu210jq0DQ2gyKj1SsNckti9t/PXQ3JeTQk
piIAfuqmD2/gvrkcmAbEuuGRYN0CEVxTmN0vaFh8rmfzLY/ehMjSFyC6oLsh0sjY
IQTu9yfo11Fhczc6AxZ0Wh7rF9WPig==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:29 2025 by rpki-client