Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/_dI4MrjX5G_QDimH6XG_q6Fmaao.roa
File: _dI4MrjX5G_QDimH6XG_q6Fmaao.roa (raw, json)
Hash identifier: DkkydYUgrBw63jIWXY1h/ehLsIan6PH6VLxY5IH1tUk=
Subject key identifier: FD:D2:38:32:B8:D7:E4:6F:D0:0E:29:87:E9:71:BF:AB:A1:66:69:AA
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018631A342E37A7182CAB1DC389B8D87439B
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/_dI4MrjX5G_QDimH6XG_q6Fmaao.roa
Signing time: Wed 08 Feb 2023 15:27:08 +0000
ROA not before: Wed 08 Feb 2023 15:27:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200118
IP address blocks: 2a0c:b641:960::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:31:a3:42:e3:7a:71:82:ca:b1:dc:38:9b:8d:87:43:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Feb 8 15:27:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdd23832b8d7e46fd00e2987e971bfaba16669aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:2b:0c:35:23:9f:b7:ed:42:72:d0:dc:8d:f7:
ae:dd:01:d9:28:68:4c:5b:6b:47:92:1e:1d:db:d0:
c5:9f:be:63:a4:6d:53:df:b1:a3:54:70:36:fd:85:
bd:ae:cd:ea:bc:e5:f1:9f:f3:8d:ed:34:70:b8:ba:
68:a8:33:74:f2:47:5b:84:f0:04:fa:2e:aa:a9:2e:
93:77:93:72:36:5b:bf:fa:1c:0c:39:97:9a:cc:ff:
79:ed:04:dd:4a:a1:92:76:13:33:0f:4f:0b:72:f2:
a9:10:b1:78:e0:86:f3:ee:53:17:a8:73:f0:cd:dd:
eb:a2:f6:47:18:33:69:4e:8f:69:12:98:7d:9d:71:
33:6f:28:9e:c5:65:31:de:81:46:e9:bd:63:2d:48:
4f:84:e3:e8:e6:53:26:e8:80:75:f3:14:08:90:51:
1f:82:66:6a:5e:05:b2:78:f2:7a:d5:d5:91:7f:de:
ed:8c:40:73:dc:32:40:6e:6a:bc:c0:5c:56:fe:86:
8d:91:a6:c9:d0:a5:2d:b5:94:1d:c4:c8:9c:b1:9e:
43:07:cf:44:0b:84:4b:81:33:b5:9c:cf:65:84:83:
5a:0a:c5:06:a3:43:d1:27:72:c5:1d:43:10:6b:93:
b2:28:7e:14:e0:28:78:bb:f2:0c:d3:74:19:17:b4:
9b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:D2:38:32:B8:D7:E4:6F:D0:0E:29:87:E9:71:BF:AB:A1:66:69:AA
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/_dI4MrjX5G_QDimH6XG_q6Fmaao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:960::/44
Signature Algorithm: sha256WithRSAEncryption
8f:23:e9:df:c8:8d:cf:92:f0:3b:c8:2a:b4:5d:82:53:c1:ad:
e4:14:47:94:69:f1:6d:4b:9f:23:23:ea:15:4c:c5:2b:10:53:
2a:35:f6:e3:78:ea:2f:96:e4:38:c4:7c:af:96:a7:4b:c8:14:
82:12:1c:a5:2c:54:56:16:04:58:6a:44:20:f9:b5:fc:a8:8b:
f9:f7:0f:8b:8f:61:57:05:ac:09:05:a3:d3:9d:df:93:a6:fb:
78:bb:24:ef:14:b5:9b:7b:5f:e4:b3:db:99:1b:cb:ee:fc:c0:
f5:6a:95:43:43:a1:27:87:00:e9:cb:c0:b7:1d:e1:fe:63:a5:
73:ef:ea:4b:23:83:9e:49:ef:50:36:23:df:24:b8:61:ed:73:
8a:3c:91:7e:2d:1a:4d:68:93:ee:24:7d:ea:de:e2:37:9d:17:
5e:8f:b1:57:65:54:e4:a4:15:f0:81:25:cc:89:b9:f6:a1:98:
2c:91:e0:11:8b:90:62:ea:ce:bb:ab:a2:24:30:7a:b3:af:a6:
43:4a:55:fd:18:e1:52:8e:94:28:8b:69:7b:37:d5:f3:f5:90:
fc:07:84:86:03:81:ac:5d:11:7d:05:08:07:51:3c:de:0c:92:
0f:47:be:fe:3e:bc:d6:73:97:bf:45:dd:7d:80:29:b7:d1:8b:
22:bb:20:44
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYYxo0LjenGCyrHcOJuNh0ObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMjA4MTUyNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGQyMzgzMmI4ZDdlNDZmZDAwZTI5ODdlOTcxYmZhYmExNjY2OWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgysMNSOft+1CctDcjfeu3QHZKGhM
W2tHkh4d29DFn75jpG1T37GjVHA2/YW9rs3qvOXxn/ON7TRwuLpoqDN08kdbhPAE
+i6qqS6Td5NyNlu/+hwMOZeazP957QTdSqGSdhMzD08LcvKpELF44Ibz7lMXqHPw
zd3rovZHGDNpTo9pEph9nXEzbyiexWUx3oFG6b1jLUhPhOPo5lMm6IB18xQIkFEf
gmZqXgWyePJ61dWRf97tjEBz3DJAbmq8wFxW/oaNkabJ0KUttZQdxMicsZ5DB89E
C4RLgTO1nM9lhINaCsUGo0PRJ3LFHUMQa5OyKH4U4Ch4u/IM03QZF7Sb2wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP3SODK41+Rv0A4ph+lxv6uhZmmqMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvX2RJNE1yalg1R19RRGltSDZYR19xNkZtYWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQlg
MA0GCSqGSIb3DQEBCwUAA4IBAQCPI+nfyI3PkvA7yCq0XYJTwa3kFEeUafFtS58j
I+oVTMUrEFMqNfbjeOovluQ4xHyvlqdLyBSCEhylLFRWFgRYakQg+bX8qIv59w+L
j2FXBawJBaPTnd+Tpvt4uyTvFLWbe1/ks9uZG8vu/MD1apVDQ6EnhwDpy8C3HeH+
Y6Vz7+pLI4OeSe9QNiPfJLhh7XOKPJF+LRpNaJPuJH3q3uI3nRdej7FXZVTkpBXw
gSXMibn2oZgskeARi5Bi6s67q6IkMHqzr6ZDSlX9GOFSjpQoi2l7N9Xz9ZD8B4SG
A4GsXRF9BQgHUTzeDJIPR77+PrzWc5e/Rd19gCm30YsiuyBE
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:15:47 2025 by rpki-client