Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/vkRhuR5kuKnmhjxRQU-u7rBUTX4.roa
File: vkRhuR5kuKnmhjxRQU-u7rBUTX4.roa (raw, json)
Hash identifier: 1dspQw+Rq3PLGgGW+70KzdbIJgGaGgq94rJcTpdh8rk=
Subject key identifier: BE:44:61:B9:1E:64:B8:A9:E6:86:3C:51:41:4F:AE:EE:B0:54:4D:7E
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01315B4F
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/vkRhuR5kuKnmhjxRQU-u7rBUTX4.roa
Signing time: Sat 01 Jan 2022 00:59:52 +0000
ROA not before: Sat 01 Jan 2022 00:59:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209861
IP address blocks: 2a0c:b641:80::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20011855 (0x1315b4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be4461b91e64b8a9e6863c51414faeeeb0544d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a0:56:eb:f5:1f:f3:cd:c7:b3:47:49:b7:f1:
25:83:13:cb:2e:e2:95:b9:fd:a4:e6:b8:be:f7:bf:
b5:46:4a:1f:ed:8d:aa:4c:9d:cb:f8:ea:4f:97:1e:
ab:8f:89:fd:6c:d2:8e:6b:50:b0:19:db:37:b3:c3:
4a:a2:82:34:a0:d3:ac:da:ed:b6:cb:e6:94:b1:58:
10:03:c5:ad:18:5e:44:60:f9:a9:0f:03:16:16:c7:
29:e7:95:6c:0b:86:da:82:7e:0d:94:f4:71:84:ee:
37:30:04:c1:21:2b:b4:ce:3c:f5:20:d7:22:f3:4b:
1f:01:74:bd:f3:69:8c:21:e5:0a:f4:c2:fb:3d:aa:
45:8e:2a:28:2e:91:37:79:28:6a:f3:58:1a:69:e8:
6f:82:c9:ff:31:40:ed:cf:ea:fd:7d:8e:10:2c:33:
b7:10:56:00:f8:c4:9d:79:8c:a9:6e:d4:fa:50:5d:
28:a1:e9:14:8a:af:e1:69:b2:70:1b:6b:ef:0c:1f:
62:b0:d0:5a:9d:f1:b2:df:9b:7a:da:3c:2b:db:d5:
23:89:d9:15:94:5a:f9:d7:48:e8:64:36:fd:e0:88:
39:d0:34:3b:e4:27:c3:22:15:d7:81:27:f8:82:63:
7b:25:ac:8d:6c:47:8f:c5:42:7c:b0:a6:6b:ee:ed:
21:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:44:61:B9:1E:64:B8:A9:E6:86:3C:51:41:4F:AE:EE:B0:54:4D:7E
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/vkRhuR5kuKnmhjxRQU-u7rBUTX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:80::/44
Signature Algorithm: sha256WithRSAEncryption
13:65:44:eb:ac:19:af:b1:e9:12:c8:a9:02:34:9c:8c:11:cf:
4e:59:3a:91:7c:42:fc:67:74:39:8b:a5:ff:0d:b8:83:3f:c4:
c4:f8:e5:18:e2:8c:4a:10:f4:fd:79:30:cb:82:c2:4a:11:54:
55:0e:f0:fa:73:4f:8e:53:ce:74:b9:5f:8b:8f:c0:37:91:a5:
66:78:eb:88:9c:93:a6:4e:b1:1a:92:7d:64:35:a5:b5:b4:63:
9e:96:e0:a3:24:eb:69:3e:4c:9c:10:5f:cb:f9:f8:1d:26:37:
50:58:62:fb:1d:d7:b3:ac:8d:51:83:93:91:ba:1b:81:1b:ef:
fa:bf:81:a4:79:00:3b:ea:d2:7c:1b:c2:78:7a:1d:b7:c2:cf:
8a:ab:8c:d6:0f:3e:92:9f:23:af:d1:11:79:41:ce:c2:2d:f4:
64:da:e3:c4:c8:07:5b:f4:3a:b4:35:f7:46:f3:87:e0:ce:b1:
9a:94:2b:10:19:9b:a4:4a:0d:c2:29:fe:b5:63:fa:aa:c4:b3:
08:e5:c9:22:63:81:fc:01:86:c0:54:88:f1:02:dd:c5:44:1a:
1c:c7:92:16:84:da:66:f3:00:77:e9:f6:43:4b:0d:08:65:b1:
72:87:76:71:44:4e:68:60:37:b1:2b:8a:10:c2:64:1f:95:87:
b2:c4:41:b6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEATFbTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTk1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmU0NDYxYjkxZTY0
YjhhOWU2ODYzYzUxNDE0ZmFlZWViMDU0NGQ3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6gVuv1H/PNx7NHSbfxJYMTyy7ilbn9pOa4vve/tUZKH+2N
qkydy/jqT5ceq4+J/WzSjmtQsBnbN7PDSqKCNKDTrNrttsvmlLFYEAPFrRheRGD5
qQ8DFhbHKeeVbAuG2oJ+DZT0cYTuNzAEwSErtM489SDXIvNLHwF0vfNpjCHlCvTC
+z2qRY4qKC6RN3koavNYGmnob4LJ/zFA7c/q/X2OECwztxBWAPjEnXmMqW7U+lBd
KKHpFIqv4WmycBtr7wwfYrDQWp3xst+beto8K9vVI4nZFZRa+ddI6GQ2/eCIOdA0
O+QnwyIV14En+IJjeyWsjWxHj8VCfLCma+7tIYECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS+RGG5HmS4qeaGPFFBT67usFRNfjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L3ZrUmh1UjVrdUtubWhqeFJRVS11N3JCVVRYNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEAgDANBgkqhkiG9w0BAQsF
AAOCAQEAE2VE66wZr7HpEsipAjScjBHPTlk6kXxC/Gd0OYul/w24gz/ExPjlGOKM
ShD0/Xkwy4LCShFUVQ7w+nNPjlPOdLlfi4/AN5GlZnjriJyTpk6xGpJ9ZDWltbRj
npbgoyTraT5MnBBfy/n4HSY3UFhi+x3Xs6yNUYOTkbobgRvv+r+BpHkAO+rSfBvC
eHodt8LPiquM1g8+kp8jr9EReUHOwi30ZNrjxMgHW/Q6tDX3RvOH4M6xmpQrEBmb
pEoNwin+tWP6qsSzCOXJImOB/AGGwFSI8QLdxUQaHMeSFoTaZvMAd+n2Q0sNCGWx
cod2cUROaGA3sSuKEMJkH5WHssRBtg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:37 2023 by rpki-client on console-fra.rpki-client.org