Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/fK5BYdIio3xS34gxT5Lc-QG17sw.roa
File: fK5BYdIio3xS34gxT5Lc-QG17sw.roa (raw, json)
Hash identifier: KOKS9NGcl7RJg0mI2AkrrcxM1n2lvKtI9+KNoxyraJk=
Subject key identifier: 7C:AE:41:61:D2:22:A3:7C:52:DF:88:31:4F:92:DC:F9:01:B5:EE:CC
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E96ACD5AFC9A3642122CB5BB7292C
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/fK5BYdIio3xS34gxT5Lc-QG17sw.roa
Signing time: Mon 02 Jan 2023 06:15:08 +0000
ROA not before: Mon 02 Jan 2023 06:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213201
IP address blocks: 2a0c:b641:6e0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:96:ac:d5:af:c9:a3:64:21:22:cb:5b:b7:29:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cae4161d222a37c52df88314f92dcf901b5eecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:48:32:d7:9a:59:cb:c4:98:23:a7:38:8f:dd:
1a:f6:b8:d5:5c:62:c0:de:89:2c:53:9f:a5:a2:a1:
8e:ce:3e:47:bb:25:aa:8a:c5:ad:8c:4a:f5:a2:ea:
6e:bc:58:29:d5:32:fe:e5:a1:32:ec:2b:73:d2:2b:
f1:66:bf:7a:e9:bd:50:ea:66:49:d3:81:60:18:b2:
d9:c5:fa:2a:09:cd:4e:a9:2e:26:b0:dd:7c:78:87:
73:68:e8:d1:b9:82:c3:d8:6f:c1:12:b0:5c:ca:0d:
ff:57:7c:14:77:e4:1d:e0:73:35:ff:b9:42:f2:5b:
27:be:d7:07:3d:3c:f3:fc:2f:80:4f:11:84:bb:cd:
7c:e8:ba:ee:2c:10:bd:fc:de:1e:76:54:a8:94:f2:
b4:90:f3:cf:36:17:68:b4:ac:1e:e0:27:dc:ba:02:
a5:09:ae:5a:e9:b7:81:35:a0:48:21:92:05:c5:88:
28:fc:64:33:3c:cc:89:b6:20:9a:a5:7d:0d:ce:b9:
b2:91:93:67:bb:39:ca:89:c5:7d:16:83:66:c0:ff:
fd:08:59:59:8e:97:39:b8:4d:45:cb:af:7a:30:28:
a8:3d:d9:99:4b:fe:6c:93:da:3f:6c:ed:ca:63:02:
dc:6f:74:a3:55:91:ea:0e:57:91:97:bb:33:f6:40:
68:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:AE:41:61:D2:22:A3:7C:52:DF:88:31:4F:92:DC:F9:01:B5:EE:CC
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/fK5BYdIio3xS34gxT5Lc-QG17sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:6e0::/44
Signature Algorithm: sha256WithRSAEncryption
75:50:e4:b5:9a:58:ba:ee:b5:8f:18:8e:f3:91:b0:87:8b:6a:
f9:a7:6d:8b:f1:8a:66:1c:a9:91:ac:85:69:2a:38:72:ff:46:
5b:4e:9b:94:be:99:bd:e2:c7:19:59:6a:1e:02:d7:6c:dc:8c:
62:c9:9e:e5:62:df:41:ed:ae:cb:b9:5f:96:96:ce:2d:04:d6:
e7:9e:b7:19:44:4d:1f:77:c5:59:6a:7b:18:2e:38:3d:15:ed:
11:9e:4e:30:73:d0:04:e6:54:79:73:c6:ad:d4:70:7c:7d:dc:
ee:18:cc:0c:6a:58:43:85:4d:8c:59:e0:48:73:da:8b:60:6d:
ce:01:c5:1b:0e:aa:a1:e6:07:2f:3e:6a:db:70:b1:25:5d:79:
29:38:93:f3:c4:3d:37:60:bf:bd:3d:be:5d:ce:41:0b:e1:ab:
9d:e2:a9:28:3b:c4:8b:d3:14:19:d0:8d:0c:9b:37:13:30:bb:
e2:0b:ca:8c:13:49:e8:9a:3e:a4:f9:e9:bc:79:c8:0a:ef:63:
08:4f:af:a0:9b:25:b5:44:da:3a:69:87:ef:71:be:8e:cd:78:
cb:f4:48:30:0c:45:29:ca:32:15:b1:d0:ec:42:c2:68:73:d7:
6d:30:77:7b:47:58:be:58:89:ab:78:4b:87:e5:44:5e:c2:f5:
ae:39:7f:0b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHpas1a/Jo2QhIstbtyksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2FlNDE2MWQyMjJhMzdjNTJkZjg4MzE0ZjkyZGNmOTAxYjVlZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUgy15pZy8SYI6c4j90a9rjVXGLA
3oksU5+loqGOzj5HuyWqisWtjEr1oupuvFgp1TL+5aEy7Ctz0ivxZr966b1Q6mZJ
04FgGLLZxfoqCc1OqS4msN18eIdzaOjRuYLD2G/BErBcyg3/V3wUd+Qd4HM1/7lC
8lsnvtcHPTzz/C+ATxGEu8186LruLBC9/N4edlSolPK0kPPPNhdotKwe4CfcugKl
Ca5a6beBNaBIIZIFxYgo/GQzPMyJtiCapX0NzrmykZNnuznKicV9FoNmwP/9CFlZ
jpc5uE1Fy696MCioPdmZS/5sk9o/bO3KYwLcb3SjVZHqDleRl7sz9kBo+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHyuQWHSIqN8Ut+IMU+S3PkBte7MMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvZks1QllkSWlvM3hTMzRneFQ1TGMtUUcxN3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQbg
MA0GCSqGSIb3DQEBCwUAA4IBAQB1UOS1mli67rWPGI7zkbCHi2r5p22L8YpmHKmR
rIVpKjhy/0ZbTpuUvpm94scZWWoeAtds3IxiyZ7lYt9B7a7LuV+Wls4tBNbnnrcZ
RE0fd8VZansYLjg9Fe0Rnk4wc9AE5lR5c8at1HB8fdzuGMwMalhDhU2MWeBIc9qL
YG3OAcUbDqqh5gcvPmrbcLElXXkpOJPzxD03YL+9Pb5dzkEL4aud4qkoO8SL0xQZ
0I0MmzcTMLviC8qME0nomj6k+em8ecgK72MIT6+gmyW1RNo6aYfvcb6OzXjL9Egw
DEUpyjIVsdDsQsJoc9dtMHd7R1i+WImreEuH5URewvWuOX8L
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:09:32 2025 by rpki-client