Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ayhtkrO5QLkepsOw9T2g2qaTL30.roa
File: ayhtkrO5QLkepsOw9T2g2qaTL30.roa (raw, json)
Hash identifier: WEw9cDlOycgvvezT9ukvmxmKpkd9edOIqmt2vhEZnAU=
Subject key identifier: 6B:28:6D:92:B3:B9:40:B9:1E:A6:C3:B0:F5:3D:A0:DA:A6:93:2F:7D
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018872BDF6B1336516E8C017717BD830FFDF
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ayhtkrO5QLkepsOw9T2g2qaTL30.roa
Signing time: Wed 31 May 2023 16:57:12 +0000
ROA not before: Wed 31 May 2023 16:57:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49519
IP address blocks: 2a0c:b642:5000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:72:bd:f6:b1:33:65:16:e8:c0:17:71:7b:d8:30:ff:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: May 31 16:57:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b286d92b3b940b91ea6c3b0f53da0daa6932f7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0b:19:e6:24:3a:a5:3e:b5:18:61:87:f2:91:
55:a7:a4:27:d1:77:c1:15:a7:45:60:d0:50:d4:c0:
7c:76:61:53:5b:0e:8b:c5:29:c9:63:35:65:60:dd:
7c:b6:d6:7d:17:e6:3b:99:93:36:7f:fa:29:a7:1f:
75:fe:92:80:48:14:0f:3e:ef:d8:fe:1b:24:b5:d2:
f6:45:c6:f6:47:fb:6d:4a:36:ea:af:8d:96:12:37:
76:cd:27:8b:52:dd:af:1c:d3:33:f6:d5:98:41:ca:
f4:15:de:fb:fc:98:07:3c:22:7c:3d:03:c0:e1:69:
28:96:e4:ed:06:6e:05:c1:97:10:b4:33:a8:04:61:
75:da:54:64:2c:9c:8a:a6:bf:98:6d:30:23:f3:7a:
2e:f6:c8:4a:49:a2:bb:91:c3:44:79:61:28:bf:4b:
4d:e9:01:85:6c:04:87:19:71:ee:2d:98:ea:5d:e1:
37:c6:79:57:63:45:e3:06:09:68:23:69:6e:18:09:
6e:e4:ca:16:8d:70:01:83:fa:77:9f:26:10:cf:df:
05:43:65:57:d7:91:0c:6a:15:57:38:39:4e:4b:92:
56:f9:5b:78:61:f2:68:fc:66:0c:35:66:2a:96:1f:
14:88:bb:81:2a:d6:fd:1a:33:63:e1:ad:ba:96:ad:
44:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:28:6D:92:B3:B9:40:B9:1E:A6:C3:B0:F5:3D:A0:DA:A6:93:2F:7D
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ayhtkrO5QLkepsOw9T2g2qaTL30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:5000::/36
Signature Algorithm: sha256WithRSAEncryption
79:0c:3b:a7:8c:31:93:67:bf:83:7a:be:b9:b6:8a:89:af:0f:
6a:39:a5:7e:59:9f:28:65:3f:e3:bd:96:e0:c5:f7:8a:1a:01:
55:9b:e4:47:57:87:7d:60:ea:38:c9:e5:f6:eb:8a:e0:1c:30:
2d:3c:37:ab:b0:02:01:c6:e2:f8:c3:10:4e:af:5c:eb:16:13:
06:92:47:49:e9:88:c7:77:c8:c0:4d:51:f6:01:06:38:ac:09:
0e:9e:fb:9b:e3:3e:78:78:89:72:0f:53:d3:72:19:45:81:af:
8b:56:bf:60:8d:57:6f:10:2a:b0:68:ba:1c:f0:11:f9:c0:ed:
b5:2c:06:f5:bf:95:10:5f:47:19:40:c8:b7:55:20:66:f2:d9:
64:4f:cf:8e:26:d3:e7:ab:2c:97:c4:e1:f9:d2:57:28:79:ba:
e7:e5:bd:bb:44:4c:e5:f8:10:57:f8:f0:49:5b:87:1c:f8:cf:
4d:1d:f6:b3:b2:e9:da:96:36:c6:f5:8a:11:12:71:6e:e5:b8:
fc:92:74:10:5d:cb:92:cc:19:56:f7:fb:84:f2:71:76:b8:e8:
90:d8:65:16:8b:e7:9c:88:d5:ea:7a:e7:7f:d1:0d:92:fe:27:
db:d9:89:1c:90:42:47:0a:d3:84:0e:44:66:5a:c9:bd:f6:20:
0e:bf:90:7b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYhyvfaxM2UW6MAXcXvYMP/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwNTMxMTY1NzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjI4NmQ5MmIzYjk0MGI5MWVhNmMzYjBmNTNkYTBkYWE2OTMyZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAsZ5iQ6pT61GGGH8pFVp6Qn0XfB
FadFYNBQ1MB8dmFTWw6LxSnJYzVlYN18ttZ9F+Y7mZM2f/oppx91/pKASBQPPu/Y
/hsktdL2Rcb2R/ttSjbqr42WEjd2zSeLUt2vHNMz9tWYQcr0Fd77/JgHPCJ8PQPA
4WkoluTtBm4FwZcQtDOoBGF12lRkLJyKpr+YbTAj83ou9shKSaK7kcNEeWEov0tN
6QGFbASHGXHuLZjqXeE3xnlXY0XjBgloI2luGAlu5MoWjXABg/p3nyYQz98FQ2VX
15EMahVXODlOS5JW+Vt4YfJo/GYMNWYqlh8UiLuBKtb9GjNj4a26lq1ENQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGsobZKzuUC5HqbDsPU9oNqmky99MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvYXlodGtyTzVRTGtlcHNPdzlUMmcycWFUTDMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgy2QlAw
DQYJKoZIhvcNAQELBQADggEBAHkMO6eMMZNnv4N6vrm2iomvD2o5pX5ZnyhlP+O9
luDF94oaAVWb5EdXh31g6jjJ5fbriuAcMC08N6uwAgHG4vjDEE6vXOsWEwaSR0np
iMd3yMBNUfYBBjisCQ6e+5vjPnh4iXIPU9NyGUWBr4tWv2CNV28QKrBouhzwEfnA
7bUsBvW/lRBfRxlAyLdVIGby2WRPz44m0+erLJfE4fnSVyh5uuflvbtETOX4EFf4
8Elbhxz4z00d9rOy6dqWNsb1ihEScW7luPySdBBdy5LMGVb3+4TycXa46JDYZRaL
55yI1ep653/RDZL+J9vZiRyQQkcK04QORGZayb32IA6/kHs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:09:30 2025 by rpki-client