Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/wDUPG8b7oVkkk0p41xfQGBepZOA.roa
File: wDUPG8b7oVkkk0p41xfQGBepZOA.roa (raw, json)
Hash identifier: Y/W2v3oYR1ox19rFCfhOmD4bQSDN42EAbsHalhuymEg=
Subject key identifier: C0:35:0F:1B:C6:FB:A1:59:24:93:4A:78:D7:17:D0:18:17:A9:64:E0
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E6D08AD7F2AD5566505CC00765492
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/wDUPG8b7oVkkk0p41xfQGBepZOA.roa
Signing time: Mon 02 Jan 2023 06:14:57 +0000
ROA not before: Mon 02 Jan 2023 06:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209645
IP address blocks: 2a0c:b641:230::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:6d:08:ad:7f:2a:d5:56:65:05:cc:00:76:54:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0350f1bc6fba15924934a78d717d01817a964e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ca:e2:46:81:f6:a0:ac:e4:e4:90:80:31:18:
ea:32:85:2c:33:dc:2b:62:58:f2:54:77:f0:9c:f2:
00:91:b3:d8:9f:bd:ed:9f:0a:5f:d0:4c:06:e5:c2:
50:17:e6:a7:0a:a4:50:8c:de:ee:27:be:91:67:7b:
31:63:fc:44:9a:fb:26:f4:0d:66:0d:3b:1d:e0:3f:
ae:b9:68:40:2e:95:53:0e:9e:c6:7a:22:ca:30:5a:
e9:4e:31:55:fa:ce:66:e7:c6:5b:73:22:41:ac:e9:
f5:55:87:e3:9d:46:7a:1d:3d:ad:44:a5:34:c8:2a:
92:99:08:ab:15:31:a4:b1:a1:63:52:93:94:db:13:
b5:f8:76:a4:fc:02:39:4c:d9:f6:5d:4d:b1:b2:d7:
10:db:97:df:46:93:bb:4f:da:fb:32:e9:8f:4f:a6:
37:b1:b8:ec:e7:69:61:ad:7c:87:68:b8:f5:de:cc:
dd:17:17:ad:81:c5:9f:3a:67:c6:a6:04:d1:37:5f:
37:4b:08:40:65:a3:b9:48:b4:fb:d3:ff:8e:ef:00:
8d:41:9f:02:5a:e9:bb:b5:3b:55:0f:4d:84:81:8f:
d4:51:41:6b:c8:ca:e5:2f:34:22:53:cf:69:09:ee:
0e:3e:9d:10:5f:2c:1a:e4:a5:3a:0f:86:af:1b:5c:
d9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:35:0F:1B:C6:FB:A1:59:24:93:4A:78:D7:17:D0:18:17:A9:64:E0
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/wDUPG8b7oVkkk0p41xfQGBepZOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:230::/44
Signature Algorithm: sha256WithRSAEncryption
9c:c4:d4:c6:cb:79:d8:d5:de:d4:ea:2d:76:53:04:e4:79:bd:
b5:b5:40:ef:c1:fc:30:d2:a9:0f:70:b2:63:00:83:19:c7:92:
99:6d:49:5a:96:cb:91:07:07:b0:a5:e2:09:65:06:77:ba:37:
a2:81:ec:ee:ba:43:4d:08:8a:97:c7:a2:3c:39:1b:08:5d:5a:
53:64:48:1e:92:da:e3:c0:ac:22:92:18:d5:82:79:fd:d1:d0:
63:18:77:ef:a1:de:c4:a5:f6:7c:0e:0b:1e:b0:8f:9c:76:13:
75:92:42:0e:4d:ba:74:dd:9a:56:49:73:34:2d:45:57:7c:e0:
64:21:5f:0e:d7:57:c7:62:83:d3:7e:bf:e6:57:fc:eb:7f:95:
62:08:31:8a:d0:5e:f8:a0:92:69:1b:70:5f:ee:95:f0:6e:f3:
37:dd:08:8e:7d:21:a3:ad:8a:4e:b4:3f:46:e4:35:7c:6c:cf:
9e:bb:d7:10:44:8b:aa:e1:5c:33:f2:16:f1:7c:2c:c0:0c:05:
33:a2:50:e3:4c:67:a5:25:a4:c3:00:2a:34:8e:e1:ab:10:ec:
ad:e5:0d:3c:b7:06:f5:1c:75:b4:7d:b9:56:11:19:e3:13:eb:
26:10:50:69:f4:33:50:a6:45:0d:bf:50:f7:89:59:02:03:7e:
78:19:b4:c3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHm0IrX8q1VZlBcwAdlSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDM1MGYxYmM2ZmJhMTU5MjQ5MzRhNzhkNzE3ZDAxODE3YTk2NGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMriRoH2oKzk5JCAMRjqMoUsM9wr
YljyVHfwnPIAkbPYn73tnwpf0EwG5cJQF+anCqRQjN7uJ76RZ3sxY/xEmvsm9A1m
DTsd4D+uuWhALpVTDp7GeiLKMFrpTjFV+s5m58ZbcyJBrOn1VYfjnUZ6HT2tRKU0
yCqSmQirFTGksaFjUpOU2xO1+Hak/AI5TNn2XU2xstcQ25ffRpO7T9r7MumPT6Y3
sbjs52lhrXyHaLj13szdFxetgcWfOmfGpgTRN183SwhAZaO5SLT70/+O7wCNQZ8C
Wum7tTtVD02EgY/UUUFryMrlLzQiU89pCe4OPp0QXywa5KU6D4avG1zZxwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMA1DxvG+6FZJJNKeNcX0BgXqWTgMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvd0RVUEc4YjdvVmtrazBwNDF4ZlFHQmVwWk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQIw
MA0GCSqGSIb3DQEBCwUAA4IBAQCcxNTGy3nY1d7U6i12UwTkeb21tUDvwfww0qkP
cLJjAIMZx5KZbUlalsuRBwewpeIJZQZ3ujeigezuukNNCIqXx6I8ORsIXVpTZEge
ktrjwKwikhjVgnn90dBjGHfvod7EpfZ8DgsesI+cdhN1kkIOTbp03ZpWSXM0LUVX
fOBkIV8O11fHYoPTfr/mV/zrf5ViCDGK0F74oJJpG3Bf7pXwbvM33QiOfSGjrYpO
tD9G5DV8bM+eu9cQRIuq4Vwz8hbxfCzADAUzolDjTGelJaTDACo0juGrEOyt5Q08
twb1HHW0fblWERnjE+smEFBp9DNQpkUNv1D3iVkCA354GbTD
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:21:48 2025 by rpki-client