Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/cx6UD3qidovCM3SUqN7PDfATj0o.roa
File: cx6UD3qidovCM3SUqN7PDfATj0o.roa (raw, json)
Hash identifier: HQi9UfAfHJuylhMLGDTjkPkQetrfZrYJyUs9zTBL2BA=
Subject key identifier: 73:1E:94:0F:7A:A2:76:8B:C2:33:74:94:A8:DE:CF:0D:F0:13:8F:4A
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0145F209
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/cx6UD3qidovCM3SUqN7PDfATj0o.roa
Signing time: Sat 01 Jan 2022 01:00:16 +0000
ROA not before: Sat 01 Jan 2022 01:00:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211227
IP address blocks: 2a0c:b641:1d0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21361161 (0x145f209)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=731e940f7aa2768bc2337494a8decf0df0138f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ee:90:80:1b:33:7f:17:36:bb:03:e5:bb:cc:
7b:07:66:be:bf:73:d7:4d:ff:12:4e:31:4e:48:17:
2c:da:4e:23:d3:c5:db:81:c7:8c:32:f4:78:26:83:
42:94:2f:e9:28:ab:09:22:d3:4e:65:5b:f7:df:12:
6f:34:56:e8:87:42:f9:eb:37:85:8f:36:4e:77:6e:
87:ad:26:23:95:66:fa:71:10:65:1e:81:32:f5:50:
c7:bd:0e:6d:9f:bc:b8:9c:80:d9:b7:31:69:b2:8f:
bc:ba:78:97:c8:56:33:62:e6:32:b1:bd:6c:70:e2:
01:57:ed:4f:d1:40:be:d9:8a:00:97:36:c8:f6:ae:
28:10:bc:46:46:56:82:6e:8b:dc:dc:41:7e:58:5d:
ae:d7:8f:08:18:29:59:15:1b:60:7e:58:ab:8d:b6:
f9:d0:14:78:29:ce:c2:c2:2a:d9:3c:45:e2:81:e6:
98:02:4d:4d:1a:a4:0c:ef:7b:78:23:87:2c:38:28:
d9:dc:4e:5a:d0:8f:39:3a:ba:92:9a:92:f9:7f:ab:
10:38:81:86:1a:ab:4b:a3:7f:9b:e7:14:1e:be:83:
9d:df:39:bb:b4:5a:31:2f:03:22:ea:46:25:17:d6:
73:d1:b3:08:03:42:e5:1c:05:a5:3e:94:09:06:5e:
db:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:1E:94:0F:7A:A2:76:8B:C2:33:74:94:A8:DE:CF:0D:F0:13:8F:4A
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/cx6UD3qidovCM3SUqN7PDfATj0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:1d0::/44
Signature Algorithm: sha256WithRSAEncryption
75:3d:bd:0f:ee:23:91:9e:06:6f:6d:51:00:f7:0e:c1:4d:55:
40:a5:09:cb:ef:a2:21:f7:48:7f:0b:bb:e3:1d:50:47:78:63:
df:a2:76:ce:cd:0d:0c:63:b8:4c:6c:0a:73:bd:7b:4c:76:b4:
3e:aa:c4:9f:62:11:20:a9:85:73:54:1c:4d:78:96:3a:04:3b:
81:80:26:65:0a:92:1e:82:b1:f6:66:69:61:ca:33:fe:6d:cd:
ec:23:19:b4:16:d1:19:f7:be:2c:38:af:9c:e2:61:f8:6b:da:
19:6d:c9:bf:11:75:58:ab:78:ea:cb:60:34:df:09:35:40:07:
aa:e8:28:56:a7:41:81:3b:8d:89:76:a8:f8:86:c4:c9:d3:a0:
ed:22:16:ed:f2:ec:4a:87:87:18:92:a3:b9:b5:70:93:6c:69:
2c:76:86:38:40:59:e2:7c:fe:9c:16:4c:fa:5f:14:10:16:4a:
30:c7:3f:20:70:2a:a9:46:ab:33:70:fd:d3:ef:0c:1f:40:7a:
7b:2a:d4:05:e1:d4:db:5e:a0:9a:03:38:be:b7:13:9a:0c:d6:
50:7e:59:50:29:e4:c7:9e:a7:83:5c:ef:b2:d4:d5:22:46:90:
62:04:7d:8d:64:1e:61:82:13:c6:e2:c7:62:6b:a8:2f:e2:75:
6c:41:7b:a6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAUXyCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzMxZTk0MGY3YWEy
NzY4YmMyMzM3NDk0YThkZWNmMGRmMDEzOGY0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANLukIAbM38XNrsD5bvMewdmvr9z103/Ek4xTkgXLNpOI9PF
24HHjDL0eCaDQpQv6SirCSLTTmVb998SbzRW6IdC+es3hY82Tnduh60mI5Vm+nEQ
ZR6BMvVQx70ObZ+8uJyA2bcxabKPvLp4l8hWM2LmMrG9bHDiAVftT9FAvtmKAJc2
yPauKBC8RkZWgm6L3NxBflhdrtePCBgpWRUbYH5Yq422+dAUeCnOwsIq2TxF4oHm
mAJNTRqkDO97eCOHLDgo2dxOWtCPOTq6kpqS+X+rEDiBhhqrS6N/m+cUHr6Dnd85
u7RaMS8DIupGJRfWc9GzCANC5RwFpT6UCQZe25sCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRzHpQPeqJ2i8IzdJSo3s8N8BOPSjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L2N4NlVEM3FpZG92Q00zU1VxTjdQRGZBVGowby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEB0DANBgkqhkiG9w0BAQsF
AAOCAQEAdT29D+4jkZ4Gb21RAPcOwU1VQKUJy++iIfdIfwu74x1QR3hj36J2zs0N
DGO4TGwKc717THa0PqrEn2IRIKmFc1QcTXiWOgQ7gYAmZQqSHoKx9mZpYcoz/m3N
7CMZtBbRGfe+LDivnOJh+GvaGW3JvxF1WKt46stgNN8JNUAHqugoVqdBgTuNiXao
+IbEydOg7SIW7fLsSoeHGJKjubVwk2xpLHaGOEBZ4nz+nBZM+l8UEBZKMMc/IHAq
qUarM3D90+8MH0B6eyrUBeHU216gmgM4vrcTmgzWUH5ZUCnkx56ng1zvstTVIkaQ
YgR9jWQeYYITxuLHYmuoL+J1bEF7pg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:37 2023 by rpki-client on console-fra.rpki-client.org