Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/rwfsWc83Aq0O9OZteczMfWwQm5M.roa
File: rwfsWc83Aq0O9OZteczMfWwQm5M.roa (raw, json)
Hash identifier: iO9X7GpuGlC0K+LYcnJrmo8yXZWR7YgPdiloXWptx1I=
Subject key identifier: AF:07:EC:59:CF:37:02:AD:0E:F4:E6:6D:79:CC:CC:7D:6C:10:9B:93
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0116D3E2
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/rwfsWc83Aq0O9OZteczMfWwQm5M.roa
Signing time: Sat 01 Jan 2022 00:59:39 +0000
ROA not before: Sat 01 Jan 2022 00:59:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205778
IP address blocks: 2a0c:b641:7b0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18273250 (0x116d3e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af07ec59cf3702ad0ef4e66d79cccc7d6c109b93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e9:96:21:ab:88:f2:6e:a9:22:21:3f:d1:1f:
62:f9:d2:bd:03:f8:14:58:e0:cb:86:d4:b5:e5:d9:
cc:75:0f:0d:95:51:9c:72:f1:fc:ea:9c:8a:f5:fa:
e9:26:a7:53:bb:50:60:42:29:80:8f:60:f6:39:c7:
c7:7d:15:88:34:3b:25:44:4e:64:48:97:68:e4:37:
0c:42:40:f7:6e:ed:70:e4:01:f8:5f:d0:00:ff:8e:
23:73:e1:b7:a0:3e:e9:e1:e3:68:dd:c8:66:87:a0:
10:91:0d:0f:3f:f9:65:34:b5:21:85:e2:d1:36:88:
53:c6:4b:c4:b1:84:92:4c:32:c0:e5:fb:84:1d:e4:
ff:0b:c9:2d:8e:6a:2f:42:27:a0:1f:d1:01:1e:e3:
e4:ae:87:8d:20:93:15:b3:06:e3:30:92:e6:cd:b7:
96:e6:96:12:3a:f0:f8:05:db:2a:b5:72:e6:0f:51:
ec:cc:b3:91:10:c4:2c:98:5d:37:54:fb:9d:6c:2c:
b5:51:da:87:8f:7d:5f:a1:1f:a3:e1:a5:36:59:4c:
7f:40:5a:be:b2:d7:33:dd:d3:43:f2:63:7f:76:f3:
44:dc:65:b9:73:92:44:3f:d6:22:f8:ad:23:1d:c4:
19:91:0d:55:7c:f8:66:c3:c0:11:1b:bc:12:43:45:
40:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:07:EC:59:CF:37:02:AD:0E:F4:E6:6D:79:CC:CC:7D:6C:10:9B:93
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/rwfsWc83Aq0O9OZteczMfWwQm5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:7b0::/44
Signature Algorithm: sha256WithRSAEncryption
3c:8d:db:29:8e:eb:90:c1:55:28:67:2a:3f:b3:fd:73:2b:a9:
34:52:bb:50:75:f0:f8:f4:6f:99:0b:ee:6f:85:e7:c4:9f:e0:
bf:c5:44:d4:c0:85:66:77:93:4e:c9:fe:15:39:42:c1:d1:d2:
71:a7:82:ba:b1:61:3a:1a:dc:7b:b8:25:25:96:c4:5f:fd:0b:
1b:ff:d6:ea:6b:f6:b7:93:45:aa:74:9c:ba:0d:1f:91:8a:6a:
37:d8:20:2f:74:df:33:20:a5:88:ad:f1:24:ae:23:88:31:bc:
43:6d:f9:01:35:68:cd:b9:79:fa:97:24:10:a6:09:32:65:71:
f0:95:b9:2f:c3:cc:e5:17:b9:72:ae:52:a1:50:bc:da:50:46:
b7:34:c0:73:43:7d:98:68:90:e2:6a:fa:9a:59:84:cf:b1:0a:
54:24:70:08:5f:7e:e5:cc:ce:72:a0:75:ed:ff:68:0b:cb:5b:
22:f1:15:75:82:f4:d9:6c:78:bd:fb:58:af:91:64:e3:5f:63:
72:d8:70:e7:f0:0e:06:c1:a3:98:a6:ae:38:9d:fa:21:be:71:
f7:f8:07:a5:23:fd:dd:30:2c:3b:e2:d8:58:34:c1:4e:c9:ea:
86:00:0e:86:c1:2c:12:78:c1:a2:8f:87:28:25:6c:fd:44:6d:
a4:0b:4b:71
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEARbT4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTkzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWYwN2VjNTljZjM3
MDJhZDBlZjRlNjZkNzljY2NjN2Q2YzEwOWI5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMnpliGriPJuqSIhP9EfYvnSvQP4FFjgy4bUteXZzHUPDZVR
nHLx/OqcivX66SanU7tQYEIpgI9g9jnHx30ViDQ7JUROZEiXaOQ3DEJA927tcOQB
+F/QAP+OI3Pht6A+6eHjaN3IZoegEJENDz/5ZTS1IYXi0TaIU8ZLxLGEkkwywOX7
hB3k/wvJLY5qL0InoB/RAR7j5K6HjSCTFbMG4zCS5s23luaWEjrw+AXbKrVy5g9R
7MyzkRDELJhdN1T7nWwstVHah499X6Efo+GlNllMf0BavrLXM93TQ/Jjf3bzRNxl
uXOSRD/WIvitIx3EGZENVXz4ZsPAERu8EkNFQDECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSvB+xZzzcCrQ705m15zMx9bBCbkzAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L3J3ZnNXYzgzQXEwTzlPWnRlY3pNZld3UW01TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEHsDANBgkqhkiG9w0BAQsF
AAOCAQEAPI3bKY7rkMFVKGcqP7P9cyupNFK7UHXw+PRvmQvub4XnxJ/gv8VE1MCF
ZneTTsn+FTlCwdHScaeCurFhOhrce7glJZbEX/0LG//W6mv2t5NFqnScug0fkYpq
N9ggL3TfMyCliK3xJK4jiDG8Q235ATVozbl5+pckEKYJMmVx8JW5L8PM5Re5cq5S
oVC82lBGtzTAc0N9mGiQ4mr6mlmEz7EKVCRwCF9+5czOcqB17f9oC8tbIvEVdYL0
2Wx4vftYr5Fk419jcthw5/AOBsGjmKauOJ36Ib5x9/gHpSP93TAsO+LYWDTBTsnq
hgAOhsEsEnjBoo+HKCVs/URtpAtLcQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:25 2023 by rpki-client on console-ams.rpki-client.org