Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/yZfDEfl2RwDsffqb-iSxazAqPvM.roa
File: yZfDEfl2RwDsffqb-iSxazAqPvM.roa (raw, json)
Hash identifier: 9HPd0/XJPXU7CFUbHav9A/b1JPZ8naj2FV063qfBFXc=
Subject key identifier: C9:97:C3:11:F9:76:47:00:EC:7D:FA:9B:FA:24:B1:6B:30:2A:3E:F3
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E86D77E33F0699EE797142E411148
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/yZfDEfl2RwDsffqb-iSxazAqPvM.roa
Signing time: Mon 02 Jan 2023 06:15:03 +0000
ROA not before: Mon 02 Jan 2023 06:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212007
IP address blocks: 2a0c:b641:110::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:86:d7:7e:33:f0:69:9e:e7:97:14:2e:41:11:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c997c311f9764700ec7dfa9bfa24b16b302a3ef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f9:f5:62:02:04:c8:e6:62:44:98:b5:31:ce:
a0:9e:fd:46:85:e8:6f:94:a6:51:b0:6d:e6:8a:4e:
1f:87:9a:ab:9a:6e:02:3c:ec:ba:92:ee:52:ee:fe:
2d:37:fe:f9:73:54:63:7d:40:09:b6:bc:b9:56:9b:
df:e3:a0:ed:ba:fd:43:8b:4e:cb:4e:ba:75:23:ad:
31:7e:38:f6:57:ee:d9:8c:c5:2f:a5:1d:b3:d1:ff:
3f:61:5f:88:3f:97:7f:cf:0c:91:78:e3:bc:81:82:
6f:9c:03:0a:af:76:4e:74:71:34:39:16:91:4f:98:
f4:23:4e:4f:f3:8e:00:48:03:e8:5f:ca:cd:2b:8d:
c3:80:b6:45:29:4b:ec:b5:15:0c:53:c8:d6:33:19:
a6:e8:5a:5e:63:ca:56:e8:46:41:a9:99:3c:96:f9:
30:73:4c:d7:0c:58:ba:01:44:70:f7:6a:1d:75:55:
7d:34:0e:e2:78:a7:e0:da:4f:32:f0:63:ef:69:37:
d7:a3:af:11:4c:4a:ce:38:cb:d3:25:ac:ed:a0:25:
c8:21:f6:91:2b:8d:76:59:ef:4b:87:c6:62:58:e3:
8b:f3:c7:c5:17:54:6d:aa:00:99:86:03:f9:83:3a:
1f:d4:ac:8b:f2:4a:ec:f4:36:7e:ca:a3:ef:84:3c:
07:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:97:C3:11:F9:76:47:00:EC:7D:FA:9B:FA:24:B1:6B:30:2A:3E:F3
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/yZfDEfl2RwDsffqb-iSxazAqPvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:110::/44
Signature Algorithm: sha256WithRSAEncryption
95:77:a5:d9:06:7f:45:4f:22:8a:9d:70:b4:08:84:75:98:ff:
ab:10:71:c3:16:18:e1:a1:77:84:4e:ab:f0:ca:09:13:72:31:
30:ea:8a:9a:04:07:ba:44:f8:3f:fb:74:3e:07:cb:a6:3c:c9:
40:a9:54:ad:fa:9d:bc:32:7e:35:5d:c0:61:a4:8b:ca:70:fa:
53:68:55:a4:56:8a:a2:10:80:bb:33:7b:f9:ab:34:27:f8:3a:
ba:9f:3e:3b:fe:d2:a7:df:fd:68:26:c7:64:5e:e9:17:02:6a:
da:e7:fd:cb:08:85:7e:2d:cb:4b:73:df:cb:38:5e:6f:5d:88:
8d:d1:5e:53:89:98:d8:12:42:30:87:5f:fc:7f:42:82:c8:ea:
20:06:aa:bc:38:cf:96:cd:71:33:ff:85:c3:40:21:5d:1a:4f:
25:99:bd:13:ff:c4:6f:ed:e4:e6:30:ad:09:85:29:47:14:b8:
41:a5:d7:be:a1:ce:ae:31:41:e7:42:58:4c:6a:91:98:e1:ff:
5b:3f:8a:0a:26:e2:0e:5a:1e:f2:a0:68:cc:8d:e6:61:66:d8:
6e:63:b3:de:62:86:bf:4b:fb:3f:df:52:e3:2e:33:d1:1a:0c:
00:9f:a7:e9:73:48:bf:89:63:c5:48:f8:9b:49:59:c6:f3:46:
7a:34:fd:f6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHobXfjPwaZ7nlxQuQRFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTk3YzMxMWY5NzY0NzAwZWM3ZGZhOWJmYTI0YjE2YjMwMmEzZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPn1YgIEyOZiRJi1Mc6gnv1Ghehv
lKZRsG3mik4fh5qrmm4CPOy6ku5S7v4tN/75c1RjfUAJtry5Vpvf46Dtuv1Di07L
Trp1I60xfjj2V+7ZjMUvpR2z0f8/YV+IP5d/zwyReOO8gYJvnAMKr3ZOdHE0ORaR
T5j0I05P844ASAPoX8rNK43DgLZFKUvstRUMU8jWMxmm6FpeY8pW6EZBqZk8lvkw
c0zXDFi6AURw92oddVV9NA7ieKfg2k8y8GPvaTfXo68RTErOOMvTJaztoCXIIfaR
K412We9Lh8ZiWOOL88fFF1RtqgCZhgP5gzof1KyL8krs9DZ+yqPvhDwHdQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMmXwxH5dkcA7H36m/oksWswKj7zMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEveVpmREVmbDJSd0RzZmZxYi1pU3hhekFxUHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCVd6XZBn9FTyKKnXC0CIR1mP+rEHHDFhjhoXeE
TqvwygkTcjEw6oqaBAe6RPg/+3Q+B8umPMlAqVSt+p28Mn41XcBhpIvKcPpTaFWk
VoqiEIC7M3v5qzQn+Dq6nz47/tKn3/1oJsdkXukXAmra5/3LCIV+LctLc9/LOF5v
XYiN0V5TiZjYEkIwh1/8f0KCyOogBqq8OM+WzXEz/4XDQCFdGk8lmb0T/8Rv7eTm
MK0JhSlHFLhBpde+oc6uMUHnQlhMapGY4f9bP4oKJuIOWh7yoGjMjeZhZthuY7Pe
Yoa/S/s/31LjLjPRGgwAn6fpc0i/iWPFSPibSVnG80Z6NP32
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:26:18 2025 by rpki-client