Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/BbAlBc66umTS5OhRoktIdHz2XyU.roa
File: BbAlBc66umTS5OhRoktIdHz2XyU.roa (raw, json)
Hash identifier: CE29rr/4IZ/HQPZJvdk40imUX8gAtkM9tdELyvn4mSc=
Subject key identifier: 05:B0:25:05:CE:BA:BA:64:D2:E4:E8:51:A2:4B:48:74:7C:F6:5F:25
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 01B272
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/BbAlBc66umTS5OhRoktIdHz2XyU.roa
Signing time: Mon 31 Jan 2022 14:50:23 +0000
ROA not before: Mon 31 Jan 2022 14:50:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59645
IP address blocks: 2a06:d1c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111218 (0x1b272)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Jan 31 14:50:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05b02505cebaba64d2e4e851a24b48747cf65f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:38:a4:20:d8:a0:19:c3:92:bb:b8:f2:1c:c8:
96:04:05:9b:bd:c5:3c:b7:fb:be:d1:6a:f5:1e:5d:
ec:55:0f:4c:fb:b3:96:aa:5c:6a:e7:c0:ad:33:4d:
c1:37:4f:42:03:bd:81:bf:90:93:4d:61:79:fe:b1:
c9:74:11:3c:b9:0f:d0:2d:33:25:9e:52:e2:0c:cb:
56:40:d8:7d:71:ac:bc:02:5d:27:42:2c:2c:c6:fd:
5d:a2:82:81:44:f6:06:09:83:24:71:66:70:cd:5f:
a2:ea:e6:bd:20:be:d4:b0:4e:33:ba:09:20:27:ec:
83:4c:08:d2:77:6d:14:0c:e5:05:42:5a:99:dd:c0:
66:15:fe:dd:d8:89:6f:3c:5d:ce:3a:39:9e:9e:12:
34:f6:ed:f9:50:83:7c:a1:76:16:3a:bb:36:70:33:
45:99:2d:2a:20:75:09:50:55:96:a5:38:29:6c:bd:
0f:7c:ae:23:fc:27:8d:1f:e1:fe:75:2a:0c:c9:e1:
55:47:8a:67:72:dc:29:11:90:96:62:42:f2:02:5f:
33:99:a3:32:c0:40:89:22:0c:9b:df:a1:c2:91:b5:
ab:5b:b3:bc:6c:7d:b5:ba:6f:bb:4b:08:9e:46:6e:
3d:a6:6c:a5:8a:64:1c:0b:5e:01:e5:82:b7:cb:19:
44:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:B0:25:05:CE:BA:BA:64:D2:E4:E8:51:A2:4B:48:74:7C:F6:5F:25
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/BbAlBc66umTS5OhRoktIdHz2XyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d1c0::/32
Signature Algorithm: sha256WithRSAEncryption
4f:94:d5:cb:67:05:51:f2:cc:af:cf:a2:44:27:c8:64:bd:98:
b3:a5:0a:b6:3f:a1:71:97:6c:99:9b:5d:48:b0:7f:37:c2:68:
94:50:33:50:fa:82:77:83:cf:a2:40:1b:d4:9b:ae:a9:31:1a:
95:6a:d1:d2:76:8b:ad:46:e4:d7:95:e7:a3:9d:50:9b:d6:e5:
ba:cd:fc:96:39:5e:81:52:6b:90:44:74:1d:4d:22:c8:e2:e7:
7d:a5:19:1d:e7:cc:c3:ca:51:be:50:87:a4:37:b3:ec:09:d0:
d8:a0:1d:aa:cf:25:cf:f9:b7:8d:fd:c5:bc:b2:44:76:46:8a:
de:9d:61:29:a8:e7:aa:6f:b2:88:03:66:49:d9:fd:92:fe:0b:
63:68:3c:d2:a1:c6:63:20:84:d5:5d:f1:13:ac:10:0a:d0:e5:
b7:9a:0f:47:4c:f9:a4:db:ed:ac:42:a0:e7:3b:63:76:1b:80:
68:b9:1e:b2:50:3b:0b:b5:84:15:88:32:e3:d3:17:1b:41:36:
72:ae:87:26:46:2a:f6:fc:1f:27:78:59:80:67:87:4a:e5:59:
69:75:76:14:c0:b9:e4:17:93:f7:9e:ba:c2:65:0d:a2:e5:96:
0c:7d:8f:cd:4f:6f:04:c8:d0:c9:62:1d:25:76:bb:f9:20:c0:
79:52:37:f3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDAbJyMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM2
NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWViZjQ3NWQwHhcNMjIwMTMx
MTQ1MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwNWIwMjUwNWNlYmFi
YTY0ZDJlNGU4NTFhMjRiNDg3NDdjZjY1ZjI1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvDikINigGcOSu7jyHMiWBAWbvcU8t/u+0Wr1Hl3sVQ9M+7OW
qlxq58CtM03BN09CA72Bv5CTTWF5/rHJdBE8uQ/QLTMlnlLiDMtWQNh9cay8Al0n
Qiwsxv1dooKBRPYGCYMkcWZwzV+i6ua9IL7UsE4zugkgJ+yDTAjSd20UDOUFQlqZ
3cBmFf7d2IlvPF3OOjmenhI09u35UIN8oXYWOrs2cDNFmS0qIHUJUFWWpTgpbL0P
fK4j/CeNH+H+dSoMyeFVR4pnctwpEZCWYkLyAl8zmaMywECJIgyb36HCkbWrW7O8
bH21um+7SwieRm49pmylimQcC14B5YK3yxlE6wIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFAWwJQXOurpk0uToUaJLSHR89l8lMB8GA1UdIwQYMBaAFMZPoK2JhxSfBVNH
JLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
eGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5MzlkLzEv
QmJBbEJjNjZ1bVRTNU9oUm9rdElkSHoyWHlVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8y
NDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5MzlkLzEveGstZ3JZbUhGSjhG
VTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgbRwDANBgkqhkiG9w0BAQsFAAOC
AQEAT5TVy2cFUfLMr8+iRCfIZL2Ys6UKtj+hcZdsmZtdSLB/N8JolFAzUPqCd4PP
okAb1JuuqTEalWrR0naLrUbk15Xno51Qm9blus38ljlegVJrkER0HU0iyOLnfaUZ
HefMw8pRvlCHpDez7AnQ2KAdqs8lz/m3jf3FvLJEdkaK3p1hKajnqm+yiANmSdn9
kv4LY2g80qHGYyCE1V3xE6wQCtDlt5oPR0z5pNvtrEKg5ztjdhuAaLkeslA7C7WE
FYgy49MXG0E2cq6HJkYq9vwfJ3hZgGeHSuVZaXV2FMC55BeT9566wmUNouWWDH2P
zU9vBMjQyWIdJXa7+SDAeVI38w==
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:09:42 2025 by rpki-client