Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/zgfrXru6Pv5tkQywbdL2_kl7578.roa
File: zgfrXru6Pv5tkQywbdL2_kl7578.roa (raw, json)
Hash identifier: /UOBM/+666Cpqd5hGIUqoMQUMDo/p6OvAiYM7aP1Omw=
Subject key identifier: CE:07:EB:5E:BB:BA:3E:FE:6D:91:0C:B0:6D:D2:F6:FE:49:7B:E7:BF
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E35C200949C835527FD2BE03C972A
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/zgfrXru6Pv5tkQywbdL2_kl7578.roa
Signing time: Mon 02 Jan 2023 06:14:43 +0000
ROA not before: Mon 02 Jan 2023 06:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16584
IP address blocks: 2a0c:b641:494::/48 maxlen: 48
2a0c:b642:1a00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:35:c2:00:94:9c:83:55:27:fd:2b:e0:3c:97:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce07eb5ebbba3efe6d910cb06dd2f6fe497be7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:56:f7:be:35:4e:e1:0b:e4:d2:eb:82:78:b8:
0d:cf:88:cf:e8:6e:bd:8c:1a:bd:43:5b:57:0c:d2:
ad:08:c3:09:fa:f2:b7:4b:0d:e6:ba:f6:8b:d4:7b:
9a:93:25:3e:39:09:6d:46:6c:51:41:78:46:11:d7:
d0:89:e3:6b:ed:22:67:ea:65:e5:3f:ee:6f:af:db:
9c:1b:11:38:91:d3:2a:db:54:0e:1d:91:69:9f:7d:
f5:b8:07:cd:33:01:66:8e:a8:54:43:aa:03:7f:d3:
b4:da:d5:3d:67:61:c2:bf:8b:c3:5a:68:2c:e3:c0:
dc:75:e3:a1:88:c6:a9:75:0b:31:9e:9d:80:5a:5a:
d7:a3:ec:b1:1b:f1:d5:10:f3:8a:d2:12:42:b3:0d:
8f:ef:8f:45:00:12:c8:35:eb:87:73:d4:2d:05:34:
ef:00:e8:0e:ba:93:84:20:94:7b:c2:ad:63:56:d6:
15:d3:71:ee:7c:cc:b9:5c:0b:bb:87:60:b7:02:80:
e0:3e:f6:30:e7:23:ce:8a:e9:c8:25:81:86:67:e4:
64:0a:eb:95:d5:6b:a0:71:a5:6b:68:70:46:12:2c:
a3:ef:1c:24:4a:cf:7c:d1:c3:79:73:53:76:28:10:
71:65:79:fc:2c:7d:59:8e:8b:e9:15:fe:3a:6d:9c:
34:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:07:EB:5E:BB:BA:3E:FE:6D:91:0C:B0:6D:D2:F6:FE:49:7B:E7:BF
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/zgfrXru6Pv5tkQywbdL2_kl7578.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:494::/48
2a0c:b642:1a00::/48
Signature Algorithm: sha256WithRSAEncryption
12:c8:13:82:2c:6d:82:16:7d:bf:08:93:51:1c:3f:cc:c0:b6:
ad:4b:5e:18:b0:f5:b1:92:54:e4:2b:a6:ce:d3:17:f6:08:69:
e3:ee:83:4c:23:0d:fb:23:db:7d:79:30:2b:f5:7d:57:c2:08:
55:ce:8a:f5:93:60:2f:0a:ef:f3:d4:02:5b:ab:55:ac:81:63:
80:f0:f7:96:58:fd:99:72:ac:54:f2:7e:b3:8b:34:78:e9:08:
45:61:dd:61:97:b4:32:d5:e8:67:43:6f:16:e6:92:0a:95:e2:
53:0b:16:d1:ca:a8:ec:c8:88:f4:7a:32:02:0c:f4:8b:9d:05:
74:1d:98:ef:bd:6c:71:64:cb:50:76:5e:48:03:9a:8d:75:78:
04:e6:70:38:78:31:be:d1:80:8a:45:22:2a:55:bc:61:1d:ea:
57:28:2a:94:3f:c1:95:80:fa:0c:af:c3:e4:60:86:ec:82:c9:
3d:28:55:9e:4f:ae:2d:a2:be:8b:84:e6:ca:ea:da:ca:6e:78:
71:65:6b:eb:da:da:21:11:6d:37:48:5a:a5:b2:a3:9a:ef:1b:
08:0e:7b:44:ba:fe:01:54:46:cc:0a:6f:88:1b:1f:c3:9f:26:
27:ae:30:2b:10:85:2c:99:13:74:1e:92:f7:cf:58:11:0f:60:
cf:4b:3b:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxHjXCAJScg1Un/SvgPJcqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTA3ZWI1ZWJiYmEzZWZlNmQ5MTBjYjA2ZGQyZjZmZTQ5N2JlN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFb3vjVO4Qvk0uuCeLgNz4jP6G69
jBq9Q1tXDNKtCMMJ+vK3Sw3muvaL1HuakyU+OQltRmxRQXhGEdfQieNr7SJn6mXl
P+5vr9ucGxE4kdMq21QOHZFpn331uAfNMwFmjqhUQ6oDf9O02tU9Z2HCv4vDWmgs
48DcdeOhiMapdQsxnp2AWlrXo+yxG/HVEPOK0hJCsw2P749FABLINeuHc9QtBTTv
AOgOupOEIJR7wq1jVtYV03HufMy5XAu7h2C3AoDgPvYw5yPOiunIJYGGZ+RkCuuV
1WugcaVraHBGEiyj7xwkSs980cN5c1N2KBBxZXn8LH1ZjovpFf46bZw0pQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM4H6167uj7+bZEMsG3S9v5Je+e/MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvemdmclhydTZQdjV0a1F5d2JkTDJfa2w3NTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgy2QQSU
AwcAKgy2QhoAMA0GCSqGSIb3DQEBCwUAA4IBAQASyBOCLG2CFn2/CJNRHD/MwLat
S14YsPWxklTkK6bO0xf2CGnj7oNMIw37I9t9eTAr9X1XwghVzor1k2AvCu/z1AJb
q1WsgWOA8PeWWP2ZcqxU8n6zizR46QhFYd1hl7Qy1ehnQ28W5pIKleJTCxbRyqjs
yIj0ejICDPSLnQV0HZjvvWxxZMtQdl5IA5qNdXgE5nA4eDG+0YCKRSIqVbxhHepX
KCqUP8GVgPoMr8PkYIbsgsk9KFWeT64tor6LhObK6trKbnhxZWvr2tohEW03SFql
sqOa7xsIDntEuv4BVEbMCm+IGx/DnyYnrjArEIUsmRN0HpL3z1gRD2DPSzso
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:19 2025 by rpki-client