Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/hZJ2bwDRl6FkoCPi88Q3FBh5oDI.roa
File: hZJ2bwDRl6FkoCPi88Q3FBh5oDI.roa (raw, json)
Hash identifier: DzwWvMmGwfazeEQsdtZLi9JoREpdwi19jvlCvV688hA=
Subject key identifier: 85:92:76:6F:00:D1:97:A1:64:A0:23:E2:F3:C4:37:14:18:79:A0:32
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01850C4BDD26BAF46FE16E4E43FD5465B77E
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/hZJ2bwDRl6FkoCPi88Q3FBh5oDI.roa
Signing time: Tue 13 Dec 2022 16:22:56 +0000
ROA not before: Tue 13 Dec 2022 16:22:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56738
IP address blocks: 2a0c:b641:3e0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0c:4b:dd:26:ba:f4:6f:e1:6e:4e:43:fd:54:65:b7:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Dec 13 16:22:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8592766f00d197a164a023e2f3c437141879a032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cf:0b:43:2a:1f:1b:0c:b2:dc:fd:53:49:dd:
b3:ff:95:20:65:49:e1:f5:db:57:20:18:e7:cc:d0:
8c:06:a5:50:42:58:62:5e:fc:c1:df:bc:55:3d:16:
0c:c3:a6:7e:d1:35:2e:f6:3d:c2:51:c1:e1:33:0f:
8d:40:9d:01:e1:46:a9:20:2b:42:32:ff:3d:2c:28:
3a:1b:08:40:8c:7d:8f:e4:d8:54:d2:04:b5:c6:e0:
7f:10:a6:4f:2a:70:8c:79:7f:b6:93:16:b2:6e:fb:
46:62:48:64:ea:bb:39:c6:86:be:27:10:74:5a:3b:
b7:b3:40:28:09:5d:e9:a3:77:ee:72:b2:46:d9:ad:
8f:cc:73:1a:d2:8f:c4:be:90:16:4a:ed:94:79:b5:
d1:05:99:1f:a8:85:45:4d:d6:a0:87:10:a0:1a:61:
49:74:37:2d:4d:78:c6:57:08:57:20:e8:fe:5f:ec:
06:4f:c0:d0:eb:fb:0f:48:27:b8:3d:98:f4:d6:4b:
74:f6:c4:87:09:26:e8:81:36:6d:bc:b7:12:55:6d:
0c:57:15:87:21:b7:8d:c6:a2:e4:31:29:ec:d8:e8:
16:b2:db:02:df:d9:d5:a2:3d:93:d7:ca:df:8c:cd:
c7:68:dd:eb:00:58:e9:ee:d0:ca:eb:54:e1:6e:f2:
4d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:92:76:6F:00:D1:97:A1:64:A0:23:E2:F3:C4:37:14:18:79:A0:32
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/hZJ2bwDRl6FkoCPi88Q3FBh5oDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:3e0::/44
Signature Algorithm: sha256WithRSAEncryption
2a:7b:51:00:b5:da:97:69:2e:b8:4f:ff:ae:19:97:d8:16:6d:
d5:30:c2:32:7f:f2:99:77:ac:70:e6:fa:ca:e9:06:79:20:96:
13:e5:20:b8:db:9d:4e:45:ff:11:97:d2:26:24:18:b5:9d:e1:
d4:2a:b0:e8:cc:91:6a:4e:3e:dc:67:9f:c4:b8:a8:05:85:cc:
4b:bd:05:87:4b:c8:70:9e:17:4e:fa:06:b7:29:c5:be:6d:61:
d8:23:33:8d:b6:f8:2c:62:18:99:74:a2:90:44:d4:fd:f9:40:
e7:7b:81:69:ce:3d:9c:63:d8:7f:13:9c:2a:dd:6a:16:73:6c:
81:60:33:41:9c:05:bc:3e:e1:24:ff:6c:82:68:65:7f:cb:a0:
0b:e6:21:7c:bb:95:3e:e1:51:03:6b:2c:de:e3:f1:99:30:98:
e6:53:9e:ab:4b:e7:08:bb:68:5e:0f:8b:33:ef:2a:a7:21:04:
d1:ff:c8:2a:c4:8e:d9:a5:c8:ef:ee:df:81:53:bc:7c:b8:69:
d5:17:c3:08:ae:b3:98:90:68:5f:08:4f:e5:ea:97:bf:02:00:
5b:24:cc:d7:f2:29:b5:68:cd:92:19:6e:05:02:81:d9:86:19:
38:21:5c:2b:72:e6:84:61:7f:d3:7d:d3:d3:77:97:c6:5f:ef:
04:eb:cc:9f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYUMS90muvRv4W5OQ/1UZbd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjIxMjEzMTYyMjU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTkyNzY2ZjAwZDE5N2ExNjRhMDIzZTJmM2M0MzcxNDE4NzlhMDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjc8LQyofGwyy3P1TSd2z/5UgZUnh
9dtXIBjnzNCMBqVQQlhiXvzB37xVPRYMw6Z+0TUu9j3CUcHhMw+NQJ0B4UapICtC
Mv89LCg6GwhAjH2P5NhU0gS1xuB/EKZPKnCMeX+2kxaybvtGYkhk6rs5xoa+JxB0
Wju3s0AoCV3po3fucrJG2a2PzHMa0o/EvpAWSu2UebXRBZkfqIVFTdaghxCgGmFJ
dDctTXjGVwhXIOj+X+wGT8DQ6/sPSCe4PZj01kt09sSHCSbogTZtvLcSVW0MVxWH
IbeNxqLkMSns2OgWstsC39nVoj2T18rfjM3HaN3rAFjp7tDK61ThbvJNVwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIWSdm8A0ZehZKAj4vPENxQYeaAyMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvaFpKMmJ3RFJsNkZrb0NQaTg4UTNGQmg1b0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQPg
MA0GCSqGSIb3DQEBCwUAA4IBAQAqe1EAtdqXaS64T/+uGZfYFm3VMMIyf/KZd6xw
5vrK6QZ5IJYT5SC4251ORf8Rl9ImJBi1neHUKrDozJFqTj7cZ5/EuKgFhcxLvQWH
S8hwnhdO+ga3KcW+bWHYIzONtvgsYhiZdKKQRNT9+UDne4Fpzj2cY9h/E5wq3WoW
c2yBYDNBnAW8PuEk/2yCaGV/y6AL5iF8u5U+4VEDayze4/GZMJjmU56rS+cIu2he
D4sz7yqnIQTR/8gqxI7Zpcjv7t+BU7x8uGnVF8MIrrOYkGhfCE/l6pe/AgBbJMzX
8im1aM2SGW4FAoHZhhk4IVwrcuaEYX/TfdPTd5fGX+8E68yf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:16 2024 by rpki-client on console-fra.rpki-client.org