Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/f3MipUfhUCxJBA2yaUZazUeuy6I.roa
File: f3MipUfhUCxJBA2yaUZazUeuy6I.roa (raw, json)
Hash identifier: GeGNhDveI0xMifv9XD0XwMLaAvNvALsgxHhpLAe62qY=
Subject key identifier: 7F:73:22:A5:47:E1:50:2C:49:04:0D:B2:69:46:5A:CD:47:AE:CB:A2
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 014EAA80
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/f3MipUfhUCxJBA2yaUZazUeuy6I.roa
Signing time: Sat 01 Jan 2022 01:00:22 +0000
ROA not before: Sat 01 Jan 2022 01:00:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212299
IP address blocks: 2a0c:b641:a0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21932672 (0x14eaa80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f7322a547e1502c49040db269465acd47aecba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:e0:5d:d4:72:c7:1d:fa:6a:54:42:12:11:34:
1c:fd:77:1f:14:c6:26:bf:db:a7:25:04:c0:d5:eb:
50:f1:aa:ff:4d:0d:a3:13:cc:2a:1f:3c:7e:4d:23:
92:1a:26:35:35:f4:7c:5b:82:12:5c:76:c2:b3:2e:
f7:3a:0c:2d:0f:40:42:6e:2c:e6:7c:ab:8d:a1:41:
e4:41:0b:05:e7:f4:a6:d3:d3:6c:be:7d:fb:43:84:
f9:86:16:a8:75:cf:4b:f0:e1:37:d0:82:51:e5:b4:
c2:13:62:b8:d5:90:11:7e:2b:9c:31:76:bb:ab:22:
f1:18:08:a0:74:d1:81:9a:db:9a:c6:19:64:68:76:
fe:48:07:13:20:43:cc:ae:b7:c8:c7:97:10:3e:00:
8a:c4:09:04:6f:db:9b:b8:c8:79:8e:26:ef:41:91:
f7:f7:58:72:1b:f9:b8:38:9f:ff:7c:f2:8a:47:38:
2c:16:b7:45:7b:28:52:e9:f5:4d:75:6a:da:be:c1:
34:85:63:ed:ce:73:c9:7b:70:59:c0:39:68:f1:eb:
23:a1:c6:48:d9:8d:f3:98:e6:c2:84:55:01:16:6f:
c1:c2:1c:6c:fa:9f:3f:d6:0a:31:a2:ef:b9:de:49:
96:1e:af:76:19:59:02:ad:a8:3f:99:f0:1b:32:ab:
3c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:73:22:A5:47:E1:50:2C:49:04:0D:B2:69:46:5A:CD:47:AE:CB:A2
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/f3MipUfhUCxJBA2yaUZazUeuy6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:a0::/44
Signature Algorithm: sha256WithRSAEncryption
8c:3f:6a:a1:69:8b:29:f1:13:0a:bf:2c:34:31:5d:be:54:48:
4f:d6:4a:1d:eb:11:cf:25:b3:f7:52:28:08:ef:85:46:9a:32:
e8:38:da:c4:33:a7:9c:89:57:92:bc:6f:5e:f8:0b:e0:7a:b9:
52:c9:77:d4:93:47:9d:17:b0:55:b0:4a:a1:8a:d0:7f:b4:81:
a2:cc:27:2b:2a:04:f4:0c:e3:29:a0:04:69:3a:20:16:5b:bc:
30:77:2a:d7:9e:1c:0b:0c:50:e4:f6:31:2f:c8:f8:6f:33:93:
af:95:2d:44:dd:a9:51:7d:55:39:a3:c9:39:18:5a:74:2a:e9:
a8:e4:70:93:46:54:ef:81:4a:d6:64:b9:a7:65:7c:3e:1e:2c:
ff:10:4d:f0:9e:bb:b7:73:20:ac:ad:3e:45:33:65:c4:2d:a0:
f5:4c:95:fa:cf:47:d2:06:68:45:94:87:6e:a8:4d:59:72:69:
32:45:98:c0:41:ae:40:e1:d5:a8:01:ab:97:2f:79:96:70:c2:
d9:31:7f:4f:9c:65:e4:d4:29:6e:3e:16:43:c6:c6:b0:24:be:
8a:e7:46:09:63:f2:c6:52:60:78:91:c5:01:cb:b3:00:3d:23:
82:ab:c0:3f:f0:2b:a9:10:b5:d9:e6:ba:34:3a:57:ba:cc:09:
39:f1:40:00
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAU6qgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Y3MzIyYTU0N2Ux
NTAyYzQ5MDQwZGIyNjk0NjVhY2Q0N2FlY2JhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPXgXdRyxx36alRCEhE0HP13HxTGJr/bpyUEwNXrUPGq/00N
oxPMKh88fk0jkhomNTX0fFuCElx2wrMu9zoMLQ9AQm4s5nyrjaFB5EELBef0ptPT
bL59+0OE+YYWqHXPS/DhN9CCUeW0whNiuNWQEX4rnDF2u6si8RgIoHTRgZrbmsYZ
ZGh2/kgHEyBDzK63yMeXED4AisQJBG/bm7jIeY4m70GR9/dYchv5uDif/3zyikc4
LBa3RXsoUun1TXVq2r7BNIVj7c5zyXtwWcA5aPHrI6HGSNmN85jmwoRVARZvwcIc
bPqfP9YKMaLvud5Jlh6vdhlZAq2oP5nwGzKrPM0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBR/cyKlR+FQLEkEDbJpRlrNR67LojAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L2YzTWlwVWZoVUN4SkJBMnlhVVphelVldXk2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEAoDANBgkqhkiG9w0BAQsF
AAOCAQEAjD9qoWmLKfETCr8sNDFdvlRIT9ZKHesRzyWz91IoCO+FRpoy6DjaxDOn
nIlXkrxvXvgL4Hq5Usl31JNHnRewVbBKoYrQf7SBoswnKyoE9AzjKaAEaTogFlu8
MHcq154cCwxQ5PYxL8j4bzOTr5UtRN2pUX1VOaPJORhadCrpqORwk0ZU74FK1mS5
p2V8Ph4s/xBN8J67t3MgrK0+RTNlxC2g9UyV+s9H0gZoRZSHbqhNWXJpMkWYwEGu
QOHVqAGrly95lnDC2TF/T5xl5NQpbj4WQ8bGsCS+iudGCWPyxlJgeJHFAcuzAD0j
gqvAP/ArqRC12ea6NDpXuswJOfFAAA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:07:58 2025 by rpki-client