Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/y99sZ-5kjRxKmXw9tJ5wSWF8yws.roa
File: y99sZ-5kjRxKmXw9tJ5wSWF8yws.roa (raw, json)
Hash identifier: oxIE9wfiKpyL1Lo0sJZQ1ptuVdE9E7mXkZ+mFeuDmhc=
Subject key identifier: CB:DF:6C:67:EE:64:8D:1C:4A:99:7C:3D:B4:9E:70:49:61:7C:CB:0B
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0151ADF8
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/y99sZ-5kjRxKmXw9tJ5wSWF8yws.roa
Signing time: Sat 01 Jan 2022 01:00:23 +0000
ROA not before: Sat 01 Jan 2022 01:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212510
IP address blocks: 2a0c:b641:2c0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22130168 (0x151adf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbdf6c67ee648d1c4a997c3db49e7049617ccb0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ec:cd:bb:ea:ff:5e:60:bf:29:50:98:8b:69:
b8:c9:dc:bf:d1:b6:aa:1f:26:62:17:56:9f:36:d1:
a7:31:8a:f8:c7:cd:cd:03:82:fd:c2:72:7a:43:91:
db:3e:b2:cf:95:c4:0d:dd:28:04:39:44:3e:06:cd:
20:5b:75:23:9f:d8:a4:c3:4a:55:87:af:7e:c0:7d:
ec:dc:6c:28:27:70:42:11:13:19:a9:94:f5:00:c0:
18:1d:97:c7:4c:28:40:fe:4a:47:91:6f:82:07:c5:
92:00:c7:d3:80:1d:12:7f:77:f9:0e:77:8e:b8:fe:
2f:ed:28:02:11:6a:cb:ac:26:49:be:fe:d0:2e:db:
47:f8:dd:56:26:4a:c1:26:bb:9d:5e:58:9f:a3:08:
62:fd:3f:3c:18:6d:d2:b8:bc:6b:bc:7e:8c:7a:2c:
55:69:01:ab:30:54:b6:54:3b:fb:bd:95:df:78:21:
57:6c:82:9e:8c:3a:65:af:b0:30:f0:31:62:11:a0:
14:10:d8:36:8b:94:8f:51:f3:4e:03:88:3b:94:e9:
5c:d2:ed:f8:a3:b9:50:96:ca:59:6f:2d:f2:87:87:
43:50:84:d6:5b:2b:80:bb:1a:ed:15:52:76:95:6c:
03:0b:b1:62:bf:9c:2b:af:04:51:71:ed:17:26:2f:
69:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:DF:6C:67:EE:64:8D:1C:4A:99:7C:3D:B4:9E:70:49:61:7C:CB:0B
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/y99sZ-5kjRxKmXw9tJ5wSWF8yws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:2c0::/44
Signature Algorithm: sha256WithRSAEncryption
27:1d:a0:b0:44:33:f1:48:ee:00:69:48:8a:ab:c9:79:75:74:
19:86:9e:07:3d:39:83:7c:13:6c:35:a4:e1:f6:4e:fe:89:50:
22:d0:1c:e3:be:40:70:7b:d8:d1:f2:6b:04:42:25:ad:73:5f:
e3:d4:11:70:96:a7:ac:cb:c5:7b:af:a4:d4:b0:39:12:8f:7a:
48:e1:cc:5a:7f:33:9d:da:9e:a2:e1:4e:48:5e:d6:96:0e:37:
9d:2c:af:17:ad:07:fd:31:52:05:cf:a7:99:05:2b:29:32:c6:
71:ef:e4:46:cc:2c:4b:b2:69:a2:9a:2b:41:49:ed:33:98:51:
7b:fd:57:b4:3d:b5:a6:f7:24:97:e3:01:1a:70:09:dc:98:ca:
01:5b:ac:b1:b2:f2:9d:4a:53:24:ed:ea:5b:3f:6f:2f:26:00:
77:31:c0:73:d2:c1:e6:f2:90:8c:89:d9:2a:d0:92:8e:db:e2:
6c:a4:39:2e:bf:c9:bc:ca:6b:80:97:8b:80:fd:a1:96:b6:75:
f1:7a:7c:77:06:da:21:a0:69:ca:33:a5:bf:7a:ff:d5:a8:d5:
3c:e3:4c:cd:dd:22:87:53:b0:f1:e9:99:be:f8:1c:bd:07:f2:
a5:df:02:ff:40:fd:8c:ae:41:11:53:89:03:d2:1a:08:3b:9b:
2b:2b:75:98
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAVGt+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JkZjZjNjdlZTY0
OGQxYzRhOTk3YzNkYjQ5ZTcwNDk2MTdjY2IwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN/szbvq/15gvylQmItpuMncv9G2qh8mYhdWnzbRpzGK+MfN
zQOC/cJyekOR2z6yz5XEDd0oBDlEPgbNIFt1I5/YpMNKVYevfsB97NxsKCdwQhET
GamU9QDAGB2Xx0woQP5KR5FvggfFkgDH04AdEn93+Q53jrj+L+0oAhFqy6wmSb7+
0C7bR/jdViZKwSa7nV5Yn6MIYv0/PBht0ri8a7x+jHosVWkBqzBUtlQ7+72V33gh
V2yCnow6Za+wMPAxYhGgFBDYNouUj1HzTgOIO5TpXNLt+KO5UJbKWW8t8oeHQ1CE
1lsrgLsa7RVSdpVsAwuxYr+cK68EUXHtFyYvaaECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTL32xn7mSNHEqZfD20nnBJYXzLCzAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L3k5OXNaLTVralJ4S21Ydzl0SjV3U1dGOHl3cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkECwDANBgkqhkiG9w0BAQsF
AAOCAQEAJx2gsEQz8UjuAGlIiqvJeXV0GYaeBz05g3wTbDWk4fZO/olQItAc475A
cHvY0fJrBEIlrXNf49QRcJanrMvFe6+k1LA5Eo96SOHMWn8zndqeouFOSF7Wlg43
nSyvF60H/TFSBc+nmQUrKTLGce/kRswsS7JpoporQUntM5hRe/1XtD21pvckl+MB
GnAJ3JjKAVussbLynUpTJO3qWz9vLyYAdzHAc9LB5vKQjInZKtCSjtvibKQ5Lr/J
vMprgJeLgP2hlrZ18Xp8dwbaIaBpyjOlv3r/1ajVPONMzd0ih1Ow8emZvvgcvQfy
pd8C/0D9jK5BEVOJA9IaCDubKyt1mA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:25 2023 by rpki-client on console-ams.rpki-client.org