Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/sFH2K7ZpyhfRUprKIcoIgDQKTvk.roa
File: sFH2K7ZpyhfRUprKIcoIgDQKTvk.roa (raw, json)
Hash identifier: IgI2Laga+cwItoQAEu9LOpdO480bL2jRMDFHu+BHgxg=
Subject key identifier: B0:51:F6:2B:B6:69:CA:17:D1:52:9A:CA:21:CA:08:80:34:0A:4E:F9
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 013CA608
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/sFH2K7ZpyhfRUprKIcoIgDQKTvk.roa
Signing time: Sat 01 Jan 2022 01:00:01 +0000
ROA not before: Sat 01 Jan 2022 01:00:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210597
IP address blocks: 2a0c:b641:530::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20751880 (0x13ca608)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b051f62bb669ca17d1529aca21ca0880340a4ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e7:ee:28:7d:ea:41:20:61:f8:36:40:c2:37:
87:d9:da:eb:f9:00:af:c5:2c:78:77:97:b1:fb:b9:
cb:9c:0a:4c:c2:3f:fc:70:e2:ff:52:e8:72:a7:11:
da:12:b1:16:cf:57:e0:dc:b3:03:99:33:fc:78:50:
c8:eb:7f:67:7b:b6:31:3b:19:bf:aa:84:84:af:03:
a9:c8:7a:e8:9e:aa:90:85:9a:d0:70:b8:6e:86:25:
92:43:66:5b:6d:32:5e:09:c1:fc:04:29:67:8c:f8:
8f:c0:86:c1:1d:ef:d2:30:12:e5:ee:09:61:ab:fa:
ac:cc:ff:06:29:e8:41:b6:e4:a9:9e:8a:57:7a:45:
ed:32:b6:02:df:33:be:1d:78:41:43:ad:6c:5c:dd:
7d:22:fe:a8:36:f4:2b:23:4a:6e:48:e9:e0:2b:a7:
66:82:9b:07:27:f5:6f:9e:fd:06:ca:59:7a:97:aa:
54:9d:a2:f3:80:ec:19:0d:f0:42:cb:d6:02:d0:bf:
11:06:9b:73:e0:99:b7:03:ae:3a:68:94:46:f1:c1:
fd:03:a1:4b:b7:3b:3c:5a:b6:14:91:c8:ce:c1:10:
ed:ec:22:ad:27:86:75:f2:18:e5:3a:c8:60:cd:11:
54:9b:2b:aa:e0:e3:56:05:19:04:cf:87:00:56:0b:
22:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:51:F6:2B:B6:69:CA:17:D1:52:9A:CA:21:CA:08:80:34:0A:4E:F9
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/sFH2K7ZpyhfRUprKIcoIgDQKTvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:530::/44
Signature Algorithm: sha256WithRSAEncryption
4a:16:6d:8e:bd:27:f1:f0:17:f7:d4:e1:f8:d5:ef:1c:78:56:
a8:76:be:78:50:36:22:d5:1d:31:0c:d1:a8:f8:82:e7:f0:10:
30:a7:68:0c:9a:6d:06:bd:65:f9:8d:72:4e:7c:ff:c6:ca:60:
00:da:bf:ae:5b:13:97:5c:1c:83:78:45:85:3a:86:7f:cd:65:
e6:3c:f0:c3:f0:f8:30:9f:1a:cb:93:24:2e:64:3b:a5:0f:c6:
c1:42:54:b8:ad:21:a1:ab:ce:ec:64:f5:39:82:ab:5d:90:61:
5b:4e:0e:f6:8b:61:3e:6b:23:1c:8f:38:82:ce:86:6f:a7:76:
87:b7:97:8e:d5:f7:9a:47:6e:d0:80:83:60:65:86:c7:56:30:
fd:ca:88:60:df:b9:ea:d6:8a:d4:d9:ad:c7:04:8a:a9:7d:06:
02:47:2f:1b:cc:46:65:6d:96:55:40:85:54:c0:5e:40:91:8e:
dc:ef:01:7b:bf:8b:7b:e0:1e:7e:dc:71:08:05:ea:37:43:79:
e8:4f:0d:32:fb:24:59:d6:9e:67:2f:2c:0d:2a:0f:05:f9:0b:
7f:e5:07:25:81:56:18:f6:2d:97:40:c6:01:f5:df:5c:2a:f4:
d4:02:a9:a2:89:23:9e:42:c8:11:65:ce:70:60:a6:bb:3b:07:
7f:67:7a:45
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEATymCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjA1MWY2MmJiNjY5
Y2ExN2QxNTI5YWNhMjFjYTA4ODAzNDBhNGVmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAInn7ih96kEgYfg2QMI3h9na6/kAr8UseHeXsfu5y5wKTMI/
/HDi/1LocqcR2hKxFs9X4NyzA5kz/HhQyOt/Z3u2MTsZv6qEhK8Dqch66J6qkIWa
0HC4boYlkkNmW20yXgnB/AQpZ4z4j8CGwR3v0jAS5e4JYav6rMz/BinoQbbkqZ6K
V3pF7TK2At8zvh14QUOtbFzdfSL+qDb0KyNKbkjp4CunZoKbByf1b579BspZepeq
VJ2i84DsGQ3wQsvWAtC/EQabc+CZtwOuOmiURvHB/QOhS7c7PFq2FJHIzsEQ7ewi
rSeGdfIY5TrIYM0RVJsrquDjVgUZBM+HAFYLIk0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSwUfYrtmnKF9FSmsohygiANApO+TAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L3NGSDJLN1pweWhmUlVwcktJY29JZ0RRS1R2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEFMDANBgkqhkiG9w0BAQsF
AAOCAQEAShZtjr0n8fAX99Th+NXvHHhWqHa+eFA2ItUdMQzRqPiC5/AQMKdoDJpt
Br1l+Y1yTnz/xspgANq/rlsTl1wcg3hFhTqGf81l5jzww/D4MJ8ay5MkLmQ7pQ/G
wUJUuK0hoavO7GT1OYKrXZBhW04O9othPmsjHI84gs6Gb6d2h7eXjtX3mkdu0ICD
YGWGx1Yw/cqIYN+56taK1NmtxwSKqX0GAkcvG8xGZW2WVUCFVMBeQJGO3O8Be7+L
e+AeftxxCAXqN0N56E8NMvskWdaeZy8sDSoPBfkLf+UHJYFWGPYtl0DGAfXfXCr0
1AKpookjnkLIEWXOcGCmuzsHf2d6RQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:54:36 2025 by rpki-client