Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/hPU6xcpUYZUEC6byWVxPyYbL8nE.roa
File: hPU6xcpUYZUEC6byWVxPyYbL8nE.roa (raw, json)
Hash identifier: 0Dx5Oga7OTssP7+HwglYhZHRlNfMfWcDwZFnbOwMvzg=
Subject key identifier: 84:F5:3A:C5:CA:54:61:95:04:0B:A6:F2:59:5C:4F:C9:86:CB:F2:71
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 013CFAD7
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/hPU6xcpUYZUEC6byWVxPyYbL8nE.roa
Signing time: Sat 01 Jan 2022 01:00:02 +0000
ROA not before: Sat 01 Jan 2022 01:00:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210697
IP address blocks: 2a0c:b641:4b0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20773591 (0x13cfad7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84f53ac5ca546195040ba6f2595c4fc986cbf271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ee:96:af:fe:47:20:e7:a6:13:c0:84:14:59:
84:dd:73:dc:03:c6:9e:71:8d:5b:77:d8:29:5b:15:
91:5e:49:5c:80:c6:94:11:25:cc:df:0e:e8:54:f1:
4b:d4:c4:9e:7d:1a:ae:2f:89:0a:6f:42:ab:e2:25:
7f:e6:93:9a:03:f3:a3:1c:e3:39:47:95:fd:51:41:
3a:13:26:03:07:e7:dd:02:4d:b4:fc:f2:d2:b1:fe:
b2:d0:a0:f5:4d:67:8e:e5:48:33:5d:d6:0c:08:f8:
89:5e:b2:da:43:9e:fd:c5:4e:1c:3a:d2:35:58:2a:
2d:e0:89:c7:ad:32:5d:86:ec:bf:14:93:59:b6:d0:
fe:9e:f2:93:ef:38:39:18:22:d7:15:55:d4:b8:93:
00:7b:aa:d7:9e:b6:df:bd:53:6b:71:f4:95:54:0e:
dd:11:8b:9a:64:61:30:ae:9c:3a:ba:3c:9b:8e:0b:
fc:20:61:c3:1e:b7:05:93:33:25:0d:7d:a7:7d:4c:
9f:45:b6:5c:ec:ee:66:62:b4:6c:18:97:bf:3a:4b:
40:0b:59:c3:33:dc:02:d5:39:9c:71:57:f5:53:e9:
33:7f:df:0e:0e:05:c2:20:6c:53:14:a1:d7:d1:1f:
66:90:1d:af:fa:98:b5:64:77:81:70:86:ef:11:1f:
bd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F5:3A:C5:CA:54:61:95:04:0B:A6:F2:59:5C:4F:C9:86:CB:F2:71
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/hPU6xcpUYZUEC6byWVxPyYbL8nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:4b0::/44
Signature Algorithm: sha256WithRSAEncryption
67:c6:ef:3b:e5:be:be:5c:aa:f2:04:c2:38:79:7c:43:b7:20:
d9:35:85:8c:33:41:94:26:5b:59:4d:e5:69:86:fc:53:bc:da:
43:ea:c7:af:30:7b:c6:c9:02:73:04:dd:e0:f7:36:99:bb:f6:
ae:8e:4e:3c:a3:88:df:bf:ed:b4:dc:97:7f:ae:6b:10:ad:a3:
7e:cc:49:e9:8b:a4:e2:8a:fa:a3:1e:a2:bd:6e:20:25:52:b8:
8c:88:39:73:17:a6:4e:70:46:f4:16:b2:73:20:59:f6:20:0e:
ea:1d:54:33:d7:73:c5:bf:0f:b7:47:de:5e:b2:67:12:e4:00:
c6:91:ee:6e:4a:82:a4:10:91:60:40:cb:ec:2b:1a:48:99:cc:
9c:bd:95:e2:aa:c7:e9:62:27:36:a8:1a:3a:15:99:a5:a0:26:
d6:f7:3a:f6:0e:48:c3:1a:eb:9f:4e:f6:ec:4d:99:cb:c0:c1:
78:de:dc:b3:39:9e:91:72:07:2e:41:bd:de:0a:05:84:96:1f:
22:c0:47:5e:a9:e9:d3:33:75:c0:b7:4c:83:25:b4:a2:47:82:
3f:78:79:44:83:d5:e6:56:fc:de:42:7a:56:ad:86:73:fc:6f:
b6:5b:ef:c7:2f:35:07:b0:44:4a:c3:c9:76:08:d6:61:f6:f3:
f0:48:d0:83
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEATz61zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRmNTNhYzVjYTU0
NjE5NTA0MGJhNmYyNTk1YzRmYzk4NmNiZjI3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnulq/+RyDnphPAhBRZhN1z3APGnnGNW3fYKVsVkV5JXIDG
lBElzN8O6FTxS9TEnn0ari+JCm9Cq+Ilf+aTmgPzoxzjOUeV/VFBOhMmAwfn3QJN
tPzy0rH+stCg9U1njuVIM13WDAj4iV6y2kOe/cVOHDrSNVgqLeCJx60yXYbsvxST
WbbQ/p7yk+84ORgi1xVV1LiTAHuq1562371Ta3H0lVQO3RGLmmRhMK6cOro8m44L
/CBhwx63BZMzJQ19p31Mn0W2XOzuZmK0bBiXvzpLQAtZwzPcAtU5nHFX9VPpM3/f
Dg4FwiBsUxSh19EfZpAdr/qYtWR3gXCG7xEfva8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSE9TrFylRhlQQLpvJZXE/JhsvycTAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L2hQVTZ4Y3BVWVpVRUM2YnlXVnhQeVliTDhuRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEEsDANBgkqhkiG9w0BAQsF
AAOCAQEAZ8bvO+W+vlyq8gTCOHl8Q7cg2TWFjDNBlCZbWU3laYb8U7zaQ+rHrzB7
xskCcwTd4Pc2mbv2ro5OPKOI37/ttNyXf65rEK2jfsxJ6Yuk4or6ox6ivW4gJVK4
jIg5cxemTnBG9BaycyBZ9iAO6h1UM9dzxb8Pt0feXrJnEuQAxpHubkqCpBCRYEDL
7CsaSJnMnL2V4qrH6WInNqgaOhWZpaAm1vc69g5Iwxrrn0727E2Zy8DBeN7cszme
kXIHLkG93goFhJYfIsBHXqnp0zN1wLdMgyW0okeCP3h5RIPV5lb83kJ6Vq2Gc/xv
tlvvxy81B7BESsPJdgjWYfbz8EjQgw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:37 2023 by rpki-client on console-fra.rpki-client.org