Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/xWbQZYVVa7A790WVaOALhAAQvQw.roa
File: xWbQZYVVa7A790WVaOALhAAQvQw.roa (raw, json)
Hash identifier: fsPkvsGwIFPIQ83HRFsdYMw3SUHUqjVAo2xayVfgNBA=
Subject key identifier: C5:66:D0:65:85:55:6B:B0:3B:F7:45:95:68:E0:0B:84:00:10:BD:0C
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E90527BE32AD08E64498698642D3D
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/xWbQZYVVa7A790WVaOALhAAQvQw.roa
Signing time: Mon 02 Jan 2023 06:15:06 +0000
ROA not before: Mon 02 Jan 2023 06:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212832
IP address blocks: 2a0c:b641:5f0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:90:52:7b:e3:2a:d0:8e:64:49:86:98:64:2d:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c566d06585556bb03bf7459568e00b840010bd0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:85:e1:6e:bf:5c:bd:98:7e:9c:b7:ba:6a:0c:
64:e0:fa:ac:ea:8d:f8:4c:34:84:f0:bd:db:be:ac:
0f:06:1c:29:62:92:4e:93:9f:a8:aa:a8:3c:b6:38:
33:bc:c0:0a:21:57:0a:20:d7:d7:9e:28:02:6b:79:
7a:f7:ea:4e:a2:2f:11:0d:8d:f8:e2:e5:58:50:0a:
d3:8f:10:45:17:3d:d6:de:52:51:a8:18:16:78:a1:
f3:d9:78:c6:ef:81:0b:31:03:54:69:a6:53:74:9b:
2b:92:33:58:ef:36:26:0d:94:7a:1a:50:ab:b9:47:
2b:8f:21:73:a2:27:19:1f:3e:81:eb:5b:75:86:da:
91:5a:48:b3:41:99:e8:5d:21:0b:4c:94:2d:13:aa:
ae:33:2d:4d:9a:b4:a3:60:8f:ed:c5:04:e1:9c:89:
90:f8:a2:54:6e:49:5f:24:7e:df:43:6b:ac:9f:b0:
8c:7d:40:8b:cf:53:2b:82:f3:98:cf:5f:d1:17:09:
a3:0f:e8:25:50:49:60:c6:85:4f:bc:f3:bf:6a:d7:
f9:07:ab:91:36:65:04:8d:b9:5b:92:b7:48:d0:87:
b1:26:cb:02:1e:1d:12:bf:1a:4a:e1:76:d0:34:6d:
23:fe:8e:48:27:44:5d:04:bd:1b:55:33:2c:8a:35:
f8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:66:D0:65:85:55:6B:B0:3B:F7:45:95:68:E0:0B:84:00:10:BD:0C
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/xWbQZYVVa7A790WVaOALhAAQvQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:5f0::/44
Signature Algorithm: sha256WithRSAEncryption
69:e5:fa:6e:53:d6:39:e7:01:7d:26:13:12:66:71:78:a0:c3:
19:71:72:48:4d:3c:73:ea:51:7f:80:57:1d:18:eb:49:cb:ee:
0e:ab:77:17:cb:3b:2d:dc:c9:a8:54:91:9d:66:18:0d:27:f0:
77:5b:f2:37:fe:f5:01:05:f6:2c:4e:ec:88:27:6b:a4:82:e7:
40:2d:2f:04:87:60:32:bd:ae:c7:3f:38:60:2a:2f:6b:79:01:
88:51:bd:cd:0c:45:40:34:ea:5b:6f:c4:94:17:c9:f6:dd:f8:
19:b5:18:d6:cb:3d:0c:a4:38:b4:25:38:2c:f4:fd:27:2c:ba:
a8:26:33:28:19:61:3d:d5:8c:fb:18:14:e8:ea:a3:50:d5:9d:
91:26:6b:cb:07:8c:47:1c:3e:57:0f:64:87:51:a8:5a:59:a3:
e9:01:c6:ef:f3:03:c1:6d:13:b0:03:bb:17:91:1b:f9:cb:42:
6e:27:6a:be:d2:f0:e5:e5:99:3e:31:7b:5b:62:b0:f4:1e:fd:
70:1b:47:e4:a3:21:18:b0:3e:45:b8:af:ba:0a:c8:c9:1f:e5:
f2:4b:ac:32:7b:24:a0:88:d3:c6:7f:a8:28:fe:e2:cd:6c:ac:
98:04:a4:aa:91:ff:f0:0e:7f:00:aa:43:c8:da:0a:97:8c:e1:
95:c0:4d:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHpBSe+Mq0I5kSYaYZC09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTY2ZDA2NTg1NTU2YmIwM2JmNzQ1OTU2OGUwMGI4NDAwMTBiZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoXhbr9cvZh+nLe6agxk4Pqs6o34
TDSE8L3bvqwPBhwpYpJOk5+oqqg8tjgzvMAKIVcKINfXnigCa3l69+pOoi8RDY34
4uVYUArTjxBFFz3W3lJRqBgWeKHz2XjG74ELMQNUaaZTdJsrkjNY7zYmDZR6GlCr
uUcrjyFzoicZHz6B61t1htqRWkizQZnoXSELTJQtE6quMy1NmrSjYI/txQThnImQ
+KJUbklfJH7fQ2usn7CMfUCLz1MrgvOYz1/RFwmjD+glUElgxoVPvPO/atf5B6uR
NmUEjblbkrdI0IexJssCHh0SvxpK4XbQNG0j/o5IJ0RdBL0bVTMsijX4NQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMVm0GWFVWuwO/dFlWjgC4QAEL0MMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEveFdiUVpZVlZhN0E3OTBXVmFPQUxoQUFRdlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQXw
MA0GCSqGSIb3DQEBCwUAA4IBAQBp5fpuU9Y55wF9JhMSZnF4oMMZcXJITTxz6lF/
gFcdGOtJy+4Oq3cXyzst3MmoVJGdZhgNJ/B3W/I3/vUBBfYsTuyIJ2ukgudALS8E
h2Ayva7HPzhgKi9reQGIUb3NDEVANOpbb8SUF8n23fgZtRjWyz0MpDi0JTgs9P0n
LLqoJjMoGWE91Yz7GBTo6qNQ1Z2RJmvLB4xHHD5XD2SHUahaWaPpAcbv8wPBbROw
A7sXkRv5y0JuJ2q+0vDl5Zk+MXtbYrD0Hv1wG0fkoyEYsD5FuK+6CsjJH+XyS6wy
eySgiNPGf6go/uLNbKyYBKSqkf/wDn8AqkPI2gqXjOGVwE2+
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:32:52 2025 by rpki-client