Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/tQaUeifEhdOtEPfpRwQm9rGblHI.roa
File: tQaUeifEhdOtEPfpRwQm9rGblHI.roa (raw, json)
Hash identifier: LhH4SVJb1ecyCbt0wFRgVQ6DUxt01OAt0dpDuQM1xF8=
Subject key identifier: B5:06:94:7A:27:C4:85:D3:AD:10:F7:E9:47:04:26:F6:B1:9B:94:72
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0154B1FF
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/tQaUeifEhdOtEPfpRwQm9rGblHI.roa
Signing time: Sat 01 Jan 2022 01:00:25 +0000
ROA not before: Sat 01 Jan 2022 01:00:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212715
IP address blocks: 2a0c:b641:4e0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22327807 (0x154b1ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b506947a27c485d3ad10f7e9470426f6b19b9472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ba:d2:1a:64:43:ec:91:ce:f0:cd:07:d6:cb:
bb:86:e3:59:a3:f7:c4:d0:3d:74:57:cf:8f:62:77:
1e:91:33:cf:06:0b:1e:b3:19:6f:f6:33:c3:2f:f9:
d6:ca:b1:ec:d4:ad:16:64:30:33:3b:13:a6:b5:05:
bb:a5:f4:90:e2:f2:d4:a3:0b:02:e8:38:de:2d:0e:
66:c2:71:ad:a6:c4:c1:42:65:c6:e2:4a:da:a6:31:
d2:d3:da:13:60:70:1c:49:a7:97:e9:1c:2f:18:b2:
20:00:ce:1b:66:f6:08:4e:24:ca:87:90:17:28:f8:
fe:c3:14:94:20:7c:2a:30:25:1e:7c:db:14:fe:b2:
e5:4f:f8:0c:39:d1:30:64:3a:6b:52:ea:9d:47:b6:
20:a9:ed:04:3b:c9:1b:ff:55:c4:aa:dd:7f:a2:2e:
20:92:b9:0f:4d:a9:07:df:de:33:8e:fc:26:ed:51:
75:a3:c4:ce:40:e2:13:64:3e:4a:97:fc:68:ea:68:
d4:2a:ca:8f:ee:27:71:fa:1c:06:6e:dc:ea:cd:f5:
fc:8c:37:e2:0d:43:fe:e0:5f:a9:37:8d:0d:d7:fb:
67:ae:bc:c4:6d:46:63:d8:03:25:65:a1:6d:8c:c3:
e1:13:08:36:c2:56:a8:20:05:f2:a1:75:d4:51:32:
b4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:06:94:7A:27:C4:85:D3:AD:10:F7:E9:47:04:26:F6:B1:9B:94:72
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/tQaUeifEhdOtEPfpRwQm9rGblHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:4e0::/44
Signature Algorithm: sha256WithRSAEncryption
41:e1:da:45:92:b7:34:b2:2e:ca:d2:1c:7f:36:5f:7e:aa:eb:
5d:1f:7b:1c:e4:0d:75:c9:35:4e:97:9a:d0:d5:21:3e:80:eb:
b4:5c:92:00:9a:35:86:45:05:af:74:c2:f9:b4:04:88:92:ad:
cb:33:9e:14:ab:84:0f:e1:ef:2c:72:90:6e:da:a5:c2:a7:fe:
cc:ac:bb:44:05:75:bb:e6:fc:98:7a:84:57:cd:ab:1e:4c:02:
08:40:20:2c:b2:c2:fa:f8:e0:dc:a2:5f:36:1e:c4:7f:5b:06:
68:77:d1:e9:cb:ae:d2:68:f3:48:6f:38:b8:1f:ff:d0:6b:1c:
7e:4b:7c:37:9a:7a:84:0e:7d:af:47:74:4e:1a:73:92:f9:05:
b1:54:a9:ee:45:9c:84:01:63:46:87:0a:9d:5d:c0:4b:35:82:
e6:67:57:dc:45:7a:47:4a:12:69:62:21:39:05:bb:6a:f7:dd:
af:7d:f9:38:5c:f5:eb:48:3e:d4:78:f5:0f:a7:17:63:60:08:
6b:46:da:f0:4f:07:38:5d:68:d9:e0:79:ac:82:c3:d9:a8:e7:
c3:de:81:78:72:2c:b4:0e:e7:be:ae:92:74:57:25:33:49:44:
64:1a:e0:dc:cb:10:f4:81:c6:3b:1b:26:fb:ca:ac:78:04:dd:
08:77:79:e2
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAVSx/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjUwNjk0N2EyN2M0
ODVkM2FkMTBmN2U5NDcwNDI2ZjZiMTliOTQ3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKm60hpkQ+yRzvDNB9bLu4bjWaP3xNA9dFfPj2J3HpEzzwYL
HrMZb/Yzwy/51sqx7NStFmQwMzsTprUFu6X0kOLy1KMLAug43i0OZsJxrabEwUJl
xuJK2qYx0tPaE2BwHEmnl+kcLxiyIADOG2b2CE4kyoeQFyj4/sMUlCB8KjAlHnzb
FP6y5U/4DDnRMGQ6a1LqnUe2IKntBDvJG/9VxKrdf6IuIJK5D02pB9/eM478Ju1R
daPEzkDiE2Q+Spf8aOpo1CrKj+4ncfocBm7c6s31/Iw34g1D/uBfqTeNDdf7Z668
xG1GY9gDJWWhbYzD4RMINsJWqCAF8qF11FEytIkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS1BpR6J8SF060Q9+lHBCb2sZuUcjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L3RRYVVlaWZFaGRPdEVQZnBSd1FtOXJHYmxISS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEE4DANBgkqhkiG9w0BAQsF
AAOCAQEAQeHaRZK3NLIuytIcfzZffqrrXR97HOQNdck1Tpea0NUhPoDrtFySAJo1
hkUFr3TC+bQEiJKtyzOeFKuED+HvLHKQbtqlwqf+zKy7RAV1u+b8mHqEV82rHkwC
CEAgLLLC+vjg3KJfNh7Ef1sGaHfR6cuu0mjzSG84uB//0Gscfkt8N5p6hA59r0d0
ThpzkvkFsVSp7kWchAFjRocKnV3ASzWC5mdX3EV6R0oSaWIhOQW7avfdr335OFz1
60g+1Hj1D6cXY2AIa0ba8E8HOF1o2eB5rILD2ajnw96BeHIstA7nvq6SdFclM0lE
ZBrg3MsQ9IHGOxsm+8qseATdCHd54g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:25 2023 by rpki-client on console-ams.rpki-client.org