Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/rPduw0LY2I0qxpcTYug9Np08g1c.roa
File: rPduw0LY2I0qxpcTYug9Np08g1c.roa (raw, json)
Hash identifier: aKST1LEKDk3eXMLoUElDw2K4UR/EkhdnZOHRHBen5eI=
Subject key identifier: AC:F7:6E:C3:42:D8:D8:8D:2A:C6:97:13:62:E8:3D:36:9D:3C:83:57
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: FC3A39
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/rPduw0LY2I0qxpcTYug9Np08g1c.roa
Signing time: Sat 01 Jan 2022 00:59:23 +0000
ROA not before: Sat 01 Jan 2022 00:59:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31396
IP address blocks: 2a0c:b641:410::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16529977 (0xfc3a39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=acf76ec342d8d88d2ac6971362e83d369d3c8357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:05:0d:5c:48:63:7d:3a:81:26:9a:6d:35:20:
47:00:e4:fe:8d:d2:a5:f5:47:64:7f:51:e0:28:b0:
3d:ba:ed:18:87:bf:e4:e7:af:36:ed:48:4c:65:d2:
1c:79:3d:f1:88:83:aa:31:4e:83:2d:c6:42:3b:39:
1a:4d:f0:13:3b:a8:75:07:d1:6b:4e:4c:a3:33:99:
97:e5:18:bd:55:1a:e3:12:e0:ad:87:6c:1f:43:c0:
f8:e4:fd:3c:f9:ef:78:cc:95:6e:bf:97:7b:26:62:
ba:39:84:48:ec:80:86:3b:58:22:30:1a:be:0d:2a:
c3:2a:a7:32:07:1b:4b:f4:10:03:a0:29:67:ed:b1:
f7:32:85:9b:01:31:c2:9a:ae:a5:8a:e2:0c:ae:06:
7d:a0:d3:f4:dd:aa:e2:37:d2:23:cd:4b:d1:a0:cb:
e6:83:6a:df:31:d8:c2:3f:63:02:9d:92:28:8d:b2:
e7:74:12:4d:8d:88:2e:ee:70:9f:f0:c2:15:a8:13:
f9:cc:cd:68:42:eb:5d:4c:58:40:5c:65:d2:a2:d5:
59:9e:ee:98:5f:f9:9f:eb:7c:bb:bc:a1:82:71:74:
de:d5:71:1e:03:63:1d:31:a1:ec:a7:41:c1:86:ae:
8b:31:4a:0d:d7:8b:b4:b6:b5:bb:e7:47:82:e4:82:
0e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:F7:6E:C3:42:D8:D8:8D:2A:C6:97:13:62:E8:3D:36:9D:3C:83:57
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/rPduw0LY2I0qxpcTYug9Np08g1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:410::/44
Signature Algorithm: sha256WithRSAEncryption
2c:2c:6a:3e:71:83:6a:9b:63:66:6d:b5:d5:a0:b1:6f:88:b1:
ed:ca:53:0c:76:16:79:fd:5a:d4:a0:72:9d:c5:f1:71:5d:2a:
ec:d5:1d:7a:74:46:92:fb:e3:d6:2d:1c:46:28:40:70:44:67:
f5:d7:30:74:c2:8f:49:9c:8e:32:e6:fd:64:ad:b8:8b:10:46:
8b:f7:69:7d:18:5f:27:66:b4:5d:0e:11:d8:42:be:5c:77:94:
94:80:09:98:db:d4:25:b5:48:60:2c:55:af:77:18:c4:35:3f:
4a:ba:c1:28:5f:fa:7a:a7:3f:35:5d:b2:fb:8e:37:f8:83:f3:
26:45:c2:8a:91:3a:71:2e:40:00:1f:8f:8d:e8:eb:71:0a:32:
20:cf:01:b5:14:3d:c6:be:93:17:e1:95:9b:e9:69:e1:51:fd:
bc:49:1e:41:02:44:64:b2:31:f1:96:eb:78:32:68:2d:2a:cd:
68:63:b2:a4:4f:62:f9:b7:34:52:8c:88:c2:5a:d2:9b:3d:8a:
e0:2a:b5:e1:d2:cb:16:76:c1:bd:0a:5c:b9:32:5a:9b:05:23:
63:30:ac:24:95:a1:ff:e8:50:4d:e0:6f:b3:23:8b:89:69:59:
7a:a9:16:b3:db:c7:7d:3a:c1:b6:03:5d:27:10:25:d5:f2:73:
d9:60:f8:e2
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAPw6OTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTkyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNmNzZlYzM0MmQ4
ZDg4ZDJhYzY5NzEzNjJlODNkMzY5ZDNjODM1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKUFDVxIY306gSaabTUgRwDk/o3SpfVHZH9R4CiwPbrtGIe/
5OevNu1ITGXSHHk98YiDqjFOgy3GQjs5Gk3wEzuodQfRa05MozOZl+UYvVUa4xLg
rYdsH0PA+OT9PPnveMyVbr+XeyZiujmESOyAhjtYIjAavg0qwyqnMgcbS/QQA6Ap
Z+2x9zKFmwExwpqupYriDK4GfaDT9N2q4jfSI81L0aDL5oNq3zHYwj9jAp2SKI2y
53QSTY2ILu5wn/DCFagT+czNaELrXUxYQFxl0qLVWZ7umF/5n+t8u7yhgnF03tVx
HgNjHTGh7KdBwYauizFKDdeLtLa1u+dHguSCDkkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSs927DQtjYjSrGlxNi6D02nTyDVzAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L3JQZHV3MExZMkkwcXhwY1RZdWc5TnAwOGcxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEEEDANBgkqhkiG9w0BAQsF
AAOCAQEALCxqPnGDaptjZm211aCxb4ix7cpTDHYWef1a1KByncXxcV0q7NUdenRG
kvvj1i0cRihAcERn9dcwdMKPSZyOMub9ZK24ixBGi/dpfRhfJ2a0XQ4R2EK+XHeU
lIAJmNvUJbVIYCxVr3cYxDU/SrrBKF/6eqc/NV2y+443+IPzJkXCipE6cS5AAB+P
jejrcQoyIM8BtRQ9xr6TF+GVm+lp4VH9vEkeQQJEZLIx8ZbreDJoLSrNaGOypE9i
+bc0UoyIwlrSmz2K4Cq14dLLFnbBvQpcuTJamwUjYzCsJJWh/+hQTeBvsyOLiWlZ
eqkWs9vHfTrBtgNdJxAl1fJz2WD44g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:25 2023 by rpki-client on console-ams.rpki-client.org