Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/s2esa3rJGbQH7AtqceE3MZC2gqk.roa
File: s2esa3rJGbQH7AtqceE3MZC2gqk.roa (raw, json)
Hash identifier: k0YSDfme4q1RRg5NhcznUKKAG5HFcxDNPyxHH1dK7Zc=
Subject key identifier: B3:67:AC:6B:7A:C9:19:B4:07:EC:0B:6A:71:E1:37:31:90:B6:82:A9
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0113AC72
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/s2esa3rJGbQH7AtqceE3MZC2gqk.roa
Signing time: Sat 01 Jan 2022 00:59:37 +0000
ROA not before: Sat 01 Jan 2022 00:59:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201106
IP address blocks: 2a0c:b642:1a0a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18066546 (0x113ac72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b367ac6b7ac919b407ec0b6a71e1373190b682a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d4:0a:7a:cd:00:d6:e7:47:b6:70:cd:84:76:
72:33:16:c3:6a:3d:f9:e2:55:e6:8c:81:ce:80:ed:
9e:96:61:bb:4f:d0:ec:26:4f:23:b1:ff:38:4a:96:
ce:24:b3:de:03:f7:30:ab:0d:2f:76:3a:ed:bb:f8:
44:b5:1f:97:eb:e0:97:7b:90:ed:91:53:83:a7:6f:
7f:30:b0:20:b1:ca:b7:aa:5e:b4:68:ac:ee:c8:bf:
55:c4:58:3f:4b:ac:be:22:b2:b2:8e:39:a3:b4:c4:
72:51:7d:cd:a0:c7:42:c7:c3:fe:57:54:7b:9f:dc:
8a:4b:fe:84:29:67:e6:c4:59:45:44:90:31:ee:4b:
94:96:61:1a:87:59:8e:9d:0f:d2:fb:c4:2c:f7:d9:
d4:8c:30:cf:8d:ff:11:60:28:69:80:da:e2:2a:ed:
f1:51:2f:30:97:7a:79:c2:d0:15:03:b2:3a:b4:c5:
05:39:ba:88:cc:52:59:8a:bc:fa:d1:ec:5b:06:59:
9e:ac:e9:4b:52:99:39:b7:90:90:aa:7c:9c:b9:9f:
f3:90:07:c1:b0:51:41:35:ab:1c:cf:62:6b:46:04:
82:db:ac:02:8c:fb:3e:04:51:b7:d4:c8:e4:cf:ef:
79:8d:9c:7c:a7:a5:ea:e1:02:aa:60:30:a7:8c:ad:
97:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:67:AC:6B:7A:C9:19:B4:07:EC:0B:6A:71:E1:37:31:90:B6:82:A9
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/s2esa3rJGbQH7AtqceE3MZC2gqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:1a0a::/48
Signature Algorithm: sha256WithRSAEncryption
9a:01:c0:c1:32:86:1a:f2:7f:8e:b5:27:cd:c2:3f:c4:60:d8:
12:19:3a:3d:c0:ed:02:83:97:50:2e:66:2f:c6:b0:d8:bd:b4:
39:e9:ff:a9:2f:30:66:21:b9:e9:94:ab:52:ed:1b:c5:ee:72:
36:7f:45:f5:8e:28:ca:96:a2:dd:c8:bf:04:d7:7d:e7:44:37:
6d:a5:a9:e4:5b:68:3e:5e:19:0e:d7:1d:90:c2:10:c7:bd:19:
1d:36:7b:e1:93:cd:1f:44:d3:89:cd:c7:c7:2f:2a:99:d3:94:
3c:a1:eb:9f:2b:49:cb:c9:b5:72:30:3a:65:dd:c9:b0:49:a2:
8c:4f:b1:da:10:74:00:c6:87:62:29:24:6a:0f:35:15:68:2c:
3a:12:06:28:98:c0:09:92:d6:6d:96:8e:49:31:96:6f:27:5c:
52:36:23:b0:d5:1e:0c:a4:d3:5e:e9:be:65:34:46:f5:9a:8d:
16:99:fb:11:18:51:5e:0e:7b:bf:f7:1e:5d:86:20:80:ff:63:
a2:80:a3:cd:45:65:33:9b:9c:4e:a5:3e:8d:73:7a:50:23:b1:
d3:81:cb:3a:9f:e4:32:f9:71:c9:3f:31:a5:8d:36:73:43:e2:
9e:8a:38:71:01:ae:fe:f8:e8:bd:74:ab:e7:88:b0:de:0b:ae:
33:9d:65:27
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAROscjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTkzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjM2N2FjNmI3YWM5
MTliNDA3ZWMwYjZhNzFlMTM3MzE5MGI2ODJhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzUCnrNANbnR7ZwzYR2cjMWw2o9+eJV5oyBzoDtnpZhu0/Q
7CZPI7H/OEqWziSz3gP3MKsNL3Y67bv4RLUfl+vgl3uQ7ZFTg6dvfzCwILHKt6pe
tGis7si/VcRYP0usviKyso45o7TEclF9zaDHQsfD/ldUe5/cikv+hCln5sRZRUSQ
Me5LlJZhGodZjp0P0vvELPfZ1Iwwz43/EWAoaYDa4irt8VEvMJd6ecLQFQOyOrTF
BTm6iMxSWYq8+tHsWwZZnqzpS1KZObeQkKp8nLmf85AHwbBRQTWrHM9ia0YEgtus
Aoz7PgRRt9TI5M/veY2cfKel6uECqmAwp4ytlwUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSzZ6xreskZtAfsC2px4TcxkLaCqTAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L3MyZXNhM3JKR2JRSDdBdHFjZUUzTVpDMmdxay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoMtkIaCjANBgkqhkiG9w0BAQsF
AAOCAQEAmgHAwTKGGvJ/jrUnzcI/xGDYEhk6PcDtAoOXUC5mL8aw2L20Oen/qS8w
ZiG56ZSrUu0bxe5yNn9F9Y4oypai3ci/BNd950Q3baWp5FtoPl4ZDtcdkMIQx70Z
HTZ74ZPNH0TTic3Hxy8qmdOUPKHrnytJy8m1cjA6Zd3JsEmijE+x2hB0AMaHYikk
ag81FWgsOhIGKJjACZLWbZaOSTGWbydcUjYjsNUeDKTTXum+ZTRG9ZqNFpn7ERhR
Xg57v/ceXYYggP9jooCjzUVlM5ucTqU+jXN6UCOx04HLOp/kMvlxyT8xpY02c0Pi
noo4cQGu/vjovXSr54iw3guuM51lJw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:53:14 2025 by rpki-client