Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/kxoitFZn1bBWX_H14MI-7baQX5E.roa
File: kxoitFZn1bBWX_H14MI-7baQX5E.roa (raw, json)
Hash identifier: 8jTy7TApoPcwb6pv1qTc2dn5DfaxEXLbcYHyZdzaGUo=
Subject key identifier: 93:1A:22:B4:56:67:D5:B0:56:5F:F1:F5:E0:C2:3E:ED:B6:90:5F:91
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01D03592
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/kxoitFZn1bBWX_H14MI-7baQX5E.roa
Signing time: Sun 13 Feb 2022 23:23:10 +0000
ROA not before: Sun 13 Feb 2022 23:23:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211662
IP address blocks: 2a0c:b641:800::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30422418 (0x1d03592)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Feb 13 23:23:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=931a22b45667d5b0565ff1f5e0c23eedb6905f91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b1:13:b9:a0:30:8f:95:b7:95:cc:64:f1:0c:
7e:a0:f0:6c:f9:a0:21:9b:51:31:e9:30:30:7f:ea:
ce:4a:37:03:96:d9:57:f0:15:95:78:b1:93:d7:a4:
1c:ae:83:71:b3:69:c2:fe:b0:6a:c9:44:b1:4e:1e:
d3:66:5c:37:c1:6b:e1:b4:2a:2c:e2:ec:cd:21:8d:
58:4d:e2:91:60:e5:ab:2d:c8:0b:4e:8e:a1:c4:ff:
e9:af:e0:7c:1c:a3:1c:49:29:8c:6b:87:99:2e:42:
2a:9d:f6:33:50:4c:5e:4c:12:a0:aa:03:14:3f:ec:
ce:88:dc:02:ce:d0:81:aa:f1:ba:fc:c2:90:77:3b:
cb:38:75:07:2e:da:74:8b:c1:20:27:ea:62:c1:be:
24:5f:4c:10:3c:c3:aa:8b:1e:af:ae:c5:ba:ce:29:
5f:49:c9:69:11:93:64:81:90:11:72:12:5a:8e:06:
d5:16:dc:51:37:1c:e0:92:95:a9:84:37:9e:b3:e0:
b1:f2:41:54:0c:7d:38:f5:4a:9b:cb:61:df:54:06:
67:a4:8d:63:8d:c8:ca:42:bb:34:e0:44:b2:3f:9f:
45:30:85:90:15:a4:81:b4:db:70:a1:88:c4:11:89:
96:ee:cf:54:d8:85:ca:fc:ad:d4:55:2a:37:97:ce:
ba:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:1A:22:B4:56:67:D5:B0:56:5F:F1:F5:E0:C2:3E:ED:B6:90:5F:91
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/kxoitFZn1bBWX_H14MI-7baQX5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:800::/44
Signature Algorithm: sha256WithRSAEncryption
74:86:38:8c:b3:66:59:8a:90:56:1e:81:81:93:57:5b:84:6b:
4a:2c:48:51:e2:7b:34:d0:67:51:6e:17:b3:8a:82:dd:2d:20:
e5:24:f1:d8:82:d8:81:3a:4a:a1:88:02:08:12:0f:88:25:15:
f3:d3:32:03:2d:8a:bf:05:e1:2d:0e:9b:39:40:17:9e:f9:25:
8e:b2:0a:23:e8:3d:71:98:6f:66:aa:99:86:71:20:88:78:7a:
f2:09:ec:de:5d:5e:30:8d:c9:41:1e:7b:3a:c2:2f:b1:4b:8c:
5c:36:fa:14:1d:d7:0c:86:83:4f:91:fa:c3:b7:33:b6:58:84:
1f:14:61:c8:dc:8c:e0:9f:56:2b:fb:ee:bd:81:85:22:73:a7:
e2:84:d3:34:5a:23:31:8e:52:72:46:4a:55:85:0b:12:6e:74:
16:d6:b1:71:9a:76:3a:70:4d:ca:22:b7:14:c4:7e:51:8c:36:
da:5d:8a:74:01:75:4d:fa:47:ae:35:52:53:49:8e:c4:b1:6f:
f7:e5:a8:b7:bd:e1:a0:da:f0:65:5b:9c:f7:e0:00:cc:94:98:
c2:39:f9:47:55:75:f3:80:68:9a:78:07:41:18:a0:a6:09:e0:
95:d9:18:79:e3:cd:0c:5f:f9:05:62:fa:d2:53:a6:6b:99:65:
ce:26:c4:9c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAdA1kjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDIx
MzIzMjMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTMxYTIyYjQ1NjY3
ZDViMDU2NWZmMWY1ZTBjMjNlZWRiNjkwNWY5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGxE7mgMI+Vt5XMZPEMfqDwbPmgIZtRMekwMH/qzko3A5bZ
V/AVlXixk9ekHK6DcbNpwv6waslEsU4e02ZcN8Fr4bQqLOLszSGNWE3ikWDlqy3I
C06OocT/6a/gfByjHEkpjGuHmS5CKp32M1BMXkwSoKoDFD/szojcAs7QgarxuvzC
kHc7yzh1By7adIvBICfqYsG+JF9MEDzDqoser67Fus4pX0nJaRGTZIGQEXISWo4G
1RbcUTcc4JKVqYQ3nrPgsfJBVAx9OPVKm8th31QGZ6SNY43IykK7NOBEsj+fRTCF
kBWkgbTbcKGIxBGJlu7PVNiFyvyt1FUqN5fOug8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSTGiK0VmfVsFZf8fXgwj7ttpBfkTAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L2t4b2l0RlpuMWJCV1hfSDE0TUktN2JhUVg1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEIADANBgkqhkiG9w0BAQsF
AAOCAQEAdIY4jLNmWYqQVh6BgZNXW4RrSixIUeJ7NNBnUW4Xs4qC3S0g5STx2ILY
gTpKoYgCCBIPiCUV89MyAy2KvwXhLQ6bOUAXnvkljrIKI+g9cZhvZqqZhnEgiHh6
8gns3l1eMI3JQR57OsIvsUuMXDb6FB3XDIaDT5H6w7cztliEHxRhyNyM4J9WK/vu
vYGFInOn4oTTNFojMY5SckZKVYULEm50FtaxcZp2OnBNyiK3FMR+UYw22l2KdAF1
TfpHrjVSU0mOxLFv9+Wot73hoNrwZVuc9+AAzJSYwjn5R1V184BomngHQRigpgng
ldkYeePNDF/5BWL60lOma5llzibEnA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:25 2023 by rpki-client on console-ams.rpki-client.org