Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/xRrkzsR50hPhU_DLSXsmd6ZKtWA.roa
File: xRrkzsR50hPhU_DLSXsmd6ZKtWA.roa (raw, json)
Hash identifier: KwtWFE4dcd7kTpHb0/u4B1UevCLOO7ZecIFTbLWjQ/o=
Subject key identifier: C5:1A:E4:CE:C4:79:D2:13:E1:53:F0:CB:49:7B:26:77:A6:4A:B5:60
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E8026D780EBDB1F1BAD3F14EBFAA3
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/xRrkzsR50hPhU_DLSXsmd6ZKtWA.roa
Signing time: Mon 02 Jan 2023 06:15:02 +0000
ROA not before: Mon 02 Jan 2023 06:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211227
IP address blocks: 2a0c:b641:1d0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:80:26:d7:80:eb:db:1f:1b:ad:3f:14:eb:fa:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c51ae4cec479d213e153f0cb497b2677a64ab560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:28:a1:44:9f:6c:10:ec:47:04:e8:59:2a:2b:
4c:15:0c:43:58:f3:13:8e:65:bd:d4:37:9e:aa:6a:
8e:cb:b0:d1:c0:e5:0e:53:da:bd:0d:95:73:fb:1c:
a6:c8:50:e7:7f:06:05:32:1d:3d:f9:c4:5b:87:74:
63:79:f6:0d:13:bc:28:80:29:9b:dc:60:77:83:fe:
38:ed:a0:52:88:6e:cc:05:d2:01:cf:8f:22:9a:a1:
33:7f:bb:d1:fb:e9:c9:1a:48:a4:1b:89:3a:b7:21:
55:a6:02:4b:f5:fa:a6:6a:89:f8:95:dc:de:91:56:
21:50:9f:0c:d2:e9:d8:35:13:80:af:ea:c0:83:65:
d3:19:1e:cc:21:5b:8b:d8:04:4b:c0:a9:3e:df:a2:
85:10:61:9d:a3:59:b8:47:e4:e7:b4:0d:d6:3f:e7:
82:78:2a:aa:39:88:14:6d:53:b7:99:b2:77:c3:c2:
d6:de:8d:e8:2d:d5:12:22:09:b5:59:6a:72:60:4f:
50:18:cc:c4:a2:c9:df:b2:78:d5:e8:a3:22:1f:5d:
ba:5c:18:59:05:9c:a2:07:8d:e7:6f:07:ad:17:18:
27:44:27:b9:aa:12:40:9c:8c:e5:35:e4:0d:31:aa:
b9:71:cd:be:a7:9a:5c:d9:95:d0:f7:89:24:36:f3:
03:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1A:E4:CE:C4:79:D2:13:E1:53:F0:CB:49:7B:26:77:A6:4A:B5:60
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/xRrkzsR50hPhU_DLSXsmd6ZKtWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:1d0::/44
Signature Algorithm: sha256WithRSAEncryption
17:97:c3:5c:69:f2:c6:65:7d:b6:c4:91:27:a6:6b:2b:86:02:
6c:ca:d3:08:89:c9:94:5c:80:53:7b:cb:8d:aa:2f:3d:3a:49:
12:d8:eb:0a:ac:87:36:67:15:6d:b5:e6:39:03:5d:f6:28:77:
68:e1:fb:ba:39:fb:61:89:2c:81:61:89:00:96:f5:75:36:87:
76:4c:3a:a8:7a:4d:c2:2a:e6:4b:01:c8:44:18:14:5a:85:c9:
e3:04:0d:d8:64:a7:49:f9:92:ca:2f:0c:79:f7:6f:a4:5e:27:
e9:e5:9e:fe:1e:c2:4c:d4:0f:a7:9e:d7:00:a2:9a:76:93:0c:
75:b3:f7:c8:e2:a5:8c:ad:74:bb:e1:2d:6e:25:9a:6c:af:c5:
e9:47:87:e4:a1:c8:c2:93:54:27:f6:75:e1:b0:f0:59:79:27:
52:b6:70:42:84:39:e8:31:8a:5c:9d:d9:67:cc:b6:4e:9f:0d:
3c:c3:c9:eb:b1:d5:c4:e2:9c:21:2a:7c:66:74:a4:1f:5f:54:
08:b6:50:6e:6b:c9:b1:ba:02:85:20:5e:65:09:85:25:85:17:
84:0f:b3:19:ce:4a:92:a0:97:56:1a:6f:52:8b:04:0c:35:ff:
1b:a3:27:fa:bf:97:63:de:74:d7:88:7f:ab:99:e6:67:72:c3:
ce:49:d5:32
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHoAm14Dr2x8brT8U6/qjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTFhZTRjZWM0NzlkMjEzZTE1M2YwY2I0OTdiMjY3N2E2NGFiNTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCihRJ9sEOxHBOhZKitMFQxDWPMT
jmW91DeeqmqOy7DRwOUOU9q9DZVz+xymyFDnfwYFMh09+cRbh3RjefYNE7wogCmb
3GB3g/447aBSiG7MBdIBz48imqEzf7vR++nJGkikG4k6tyFVpgJL9fqmaon4ldze
kVYhUJ8M0unYNROAr+rAg2XTGR7MIVuL2ARLwKk+36KFEGGdo1m4R+TntA3WP+eC
eCqqOYgUbVO3mbJ3w8LW3o3oLdUSIgm1WWpyYE9QGMzEosnfsnjV6KMiH126XBhZ
BZyiB43nbwetFxgnRCe5qhJAnIzlNeQNMaq5cc2+p5pc2ZXQ94kkNvMDMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMUa5M7EedIT4VPwy0l7JnemSrVgMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEveFJya3pzUjUwaFBoVV9ETFNYc21kNlpLdFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQHQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAXl8NcafLGZX22xJEnpmsrhgJsytMIicmUXIBT
e8uNqi89OkkS2OsKrIc2ZxVtteY5A132KHdo4fu6OfthiSyBYYkAlvV1Nod2TDqo
ek3CKuZLAchEGBRahcnjBA3YZKdJ+ZLKLwx592+kXifp5Z7+HsJM1A+nntcAopp2
kwx1s/fI4qWMrXS74S1uJZpsr8XpR4fkocjCk1Qn9nXhsPBZeSdStnBChDnoMYpc
ndlnzLZOnw08w8nrsdXE4pwhKnxmdKQfX1QItlBua8mxugKFIF5lCYUlhReED7MZ
zkqSoJdWGm9SiwQMNf8boyf6v5dj3nTXiH+rmeZncsPOSdUy
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:29:30 2025 by rpki-client