Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/clem-U6DDPMi8erdpqOty8VDaSc.roa
File: clem-U6DDPMi8erdpqOty8VDaSc.roa (raw, json)
Hash identifier: kVnletzmbFnAxbisRSg/6gSduEYCUMwUHUiqdxcb1C4=
Subject key identifier: 72:57:A6:F9:4E:83:0C:F3:22:F1:EA:DD:A6:A3:AD:CB:C5:43:69:27
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018C2082568580612D8387367752E9832FDB
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/clem-U6DDPMi8erdpqOty8VDaSc.roa
Signing time: Thu 30 Nov 2023 13:54:21 +0000
ROA not before: Thu 30 Nov 2023 13:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215931
IP address blocks: 2a0c:b641:b40::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:20:82:56:85:80:61:2d:83:87:36:77:52:e9:83:2f:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Nov 30 13:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7257a6f94e830cf322f1eadda6a3adcbc5436927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d3:6d:2b:4d:e5:f4:c0:d1:ee:76:35:53:00:
d7:99:7f:f8:d1:56:ad:6a:e8:dd:69:6f:51:88:de:
16:9d:c0:49:79:f8:42:3c:7e:b4:84:b4:8e:6e:21:
3d:c2:ed:fd:91:a8:54:57:78:1f:9c:a6:fa:d7:4e:
6c:9b:62:16:85:1e:54:09:f3:c7:51:7b:f7:a8:60:
9d:57:01:9e:92:2a:16:14:7c:d2:af:fd:1b:52:3e:
27:a1:a5:59:86:7b:94:ce:77:fc:c5:da:37:52:c3:
88:d6:ec:a5:6b:41:38:8a:9c:47:ea:05:c0:f4:20:
1a:57:7d:31:44:fd:5c:1e:e2:27:87:8d:84:14:d8:
6e:21:30:ce:61:21:5b:50:2c:57:ab:6a:0c:de:ed:
bf:9e:11:06:82:0c:e2:c9:d9:07:ac:b6:5e:e6:d3:
3f:0d:60:8f:20:60:61:d2:39:0a:38:b7:3a:c5:ce:
98:16:e3:b6:5f:f9:ad:79:52:84:c2:f1:c3:15:23:
e5:6a:89:82:40:6b:bf:da:4e:6f:83:cd:ee:32:f2:
35:95:21:dc:67:e3:e6:f4:e5:56:12:ed:2c:eb:ce:
0c:b7:cb:83:d0:00:8b:80:04:5b:98:54:c4:e9:1d:
1a:5f:11:de:9e:1e:91:16:e0:e0:5b:67:4e:c2:5b:
91:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:57:A6:F9:4E:83:0C:F3:22:F1:EA:DD:A6:A3:AD:CB:C5:43:69:27
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/clem-U6DDPMi8erdpqOty8VDaSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:b40::/44
Signature Algorithm: sha256WithRSAEncryption
19:6c:3c:44:21:23:74:84:2b:0d:86:d8:54:d2:cf:80:65:0f:
df:eb:c0:f0:fe:19:44:d5:7b:15:ab:1d:cf:b8:df:1f:cc:32:
51:24:66:12:45:bf:a7:d5:0b:6a:7e:91:37:7f:3d:3c:39:43:
e1:dd:15:e4:cc:3b:01:82:f8:f9:ae:37:2f:39:46:34:66:1a:
e4:7a:05:bf:31:61:6a:68:6b:47:cb:4b:a6:9b:f0:60:82:ca:
e3:d8:2a:4d:08:a1:63:70:06:f7:8d:2b:56:1d:94:c2:90:de:
e0:5a:48:d8:83:37:be:0b:47:9f:d0:c1:44:93:09:ad:e2:e7:
09:2a:3e:9c:dc:7c:5f:45:25:7e:13:91:c4:5e:06:a3:76:34:
de:a3:ce:4e:2f:e0:d6:2b:da:3c:66:69:0a:87:03:4a:58:09:
89:ed:4c:ed:e3:e9:ea:00:70:d4:6c:4c:7c:b2:fb:83:f9:58:
5d:27:5e:fa:3b:3a:ea:ee:bf:22:91:45:79:01:f7:ce:30:fa:
21:4c:42:28:93:6f:63:21:1a:86:65:82:c2:80:c2:a4:de:80:
5b:46:e1:69:4a:2e:9c:36:ef:8c:55:3f:13:1f:a1:24:d1:14:
68:ca:a3:8a:97:a4:05:2f:0d:69:da:af:f3:95:d2:18:da:7d:
ec:f8:d8:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYwgglaFgGEtg4c2d1Lpgy/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMxMTMwMTM1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjU3YTZmOTRlODMwY2YzMjJmMWVhZGRhNmEzYWRjYmM1NDM2OTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtNtK03l9MDR7nY1UwDXmX/40Vat
aujdaW9RiN4WncBJefhCPH60hLSObiE9wu39kahUV3gfnKb6105sm2IWhR5UCfPH
UXv3qGCdVwGekioWFHzSr/0bUj4noaVZhnuUznf8xdo3UsOI1uyla0E4ipxH6gXA
9CAaV30xRP1cHuInh42EFNhuITDOYSFbUCxXq2oM3u2/nhEGggziydkHrLZe5tM/
DWCPIGBh0jkKOLc6xc6YFuO2X/mteVKEwvHDFSPlaomCQGu/2k5vg83uMvI1lSHc
Z+Pm9OVWEu0s684Mt8uD0ACLgARbmFTE6R0aXxHenh6RFuDgW2dOwluRpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHJXpvlOgwzzIvHq3aajrcvFQ2knMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvY2xlbS1VNkREUE1pOGVyZHBxT3R5OFZEYVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQtA
MA0GCSqGSIb3DQEBCwUAA4IBAQAZbDxEISN0hCsNhthU0s+AZQ/f68Dw/hlE1XsV
qx3PuN8fzDJRJGYSRb+n1QtqfpE3fz08OUPh3RXkzDsBgvj5rjcvOUY0ZhrkegW/
MWFqaGtHy0umm/Bggsrj2CpNCKFjcAb3jStWHZTCkN7gWkjYgze+C0ef0MFEkwmt
4ucJKj6c3HxfRSV+E5HEXgajdjTeo85OL+DWK9o8ZmkKhwNKWAmJ7Uzt4+nqAHDU
bEx8svuD+VhdJ176Ozrq7r8ikUV5AffOMPohTEIok29jIRqGZYLCgMKk3oBbRuFp
Si6cNu+MVT8TH6Ek0RRoyqOKl6QFLw1p2q/zldIY2n3s+Nge
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:33:55 2025 by rpki-client