Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/J2MWfdnrnddqIop4pc8cg3lvJ1Y.roa
File: J2MWfdnrnddqIop4pc8cg3lvJ1Y.roa (raw, json)
Hash identifier: b7IxpaTux8fe31r+KF7YX8K5zq+Vdsw+RTyR7UGuMZs=
Subject key identifier: 27:63:16:7D:D9:EB:9D:D7:6A:22:8A:78:A5:CF:1C:83:79:6F:27:56
Certificate issuer: /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial: 01857082BD1636E419EF3AEBD4B66AA14C6F
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/J2MWfdnrnddqIop4pc8cg3lvJ1Y.roa
Signing time: Mon 02 Jan 2023 03:24:54 +0000
ROA not before: Mon 02 Jan 2023 03:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213110
IP address blocks: 2a0f:b104::/48 maxlen: 48
2a0f:b105::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:bd:16:36:e4:19:ef:3a:eb:d4:b6:6a:a1:4c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Validity
Not Before: Jan 2 03:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2763167dd9eb9dd76a228a78a5cf1c83796f2756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:44:f9:d5:de:4f:73:b8:b4:2a:b4:d7:c4:de:
fa:81:b2:e1:51:c0:52:d5:28:66:4d:a0:3c:eb:c1:
be:07:8d:7c:f5:3b:c7:ac:97:93:59:a3:5b:90:d7:
d8:9e:c6:82:7b:04:b8:8f:04:41:a3:01:ca:83:78:
ca:49:ea:d1:95:3b:20:b5:3e:02:08:a7:5a:5b:a0:
8b:ea:16:e7:05:65:45:4e:c5:d0:23:40:df:19:72:
32:91:2a:64:49:18:70:2d:d8:9f:fb:9f:c8:f7:a0:
e8:85:cd:b5:c3:b3:6d:27:e3:2d:fb:ae:54:90:8d:
13:51:3d:8c:6e:1f:1f:40:40:1b:2b:cc:80:cb:b2:
af:64:44:d3:35:e8:aa:54:5d:c1:4d:f4:55:54:7c:
85:fc:82:77:a8:32:a8:a5:e7:e4:44:9a:b1:b0:f9:
3f:30:45:23:ac:31:60:a8:9a:b0:69:98:05:f4:2a:
7f:9d:29:14:5f:51:be:8b:07:21:b8:ba:d4:89:26:
b9:a6:73:19:58:d3:19:6e:64:ce:ff:0b:5b:c1:22:
5c:20:74:2d:bd:78:1d:e4:60:94:d8:ed:8a:e4:24:
92:c5:b4:29:bd:34:05:ea:88:5e:ea:2a:91:de:df:
c7:e4:16:f5:a2:5a:38:fd:08:16:a2:6a:47:86:3a:
05:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:63:16:7D:D9:EB:9D:D7:6A:22:8A:78:A5:CF:1C:83:79:6F:27:56
X509v3 Authority Key Identifier:
keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/J2MWfdnrnddqIop4pc8cg3lvJ1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b104::/48
2a0f:b105::/32
Signature Algorithm: sha256WithRSAEncryption
94:b8:75:4d:42:53:17:47:3f:5f:ae:f4:a3:c0:4b:4e:b5:26:
84:70:e0:d3:12:e7:e4:d9:3d:be:14:bc:58:b4:9a:d8:fc:71:
59:2f:76:89:cc:32:95:ba:23:56:f7:97:6c:c8:0e:aa:ee:b7:
1a:fa:66:a0:cb:85:5a:88:26:e1:de:4b:dd:94:45:3c:84:2d:
59:87:69:fe:4a:28:e3:95:a7:11:5c:1a:79:08:34:69:f1:da:
17:df:1d:77:06:11:c7:2b:30:d2:e7:04:69:1e:c5:bd:27:c1:
87:76:38:71:d4:98:42:10:de:2c:9b:a9:5a:a6:a1:89:cf:ac:
5b:63:e4:e1:cf:df:52:8b:fe:4a:59:87:12:9b:94:1b:93:ee:
a5:22:6e:85:03:2a:50:74:02:32:1f:a8:95:92:97:aa:ed:a5:
22:28:b3:48:79:43:96:e8:c1:ae:37:72:6e:2e:94:1f:df:c1:
8b:02:b9:02:97:22:6e:a8:f8:e9:27:de:eb:e1:bd:f6:c6:cd:
32:80:9d:d9:0b:08:16:87:57:ce:3a:5c:62:e3:32:23:16:c8:
a8:1a:e9:44:f4:40:c8:ad:3c:08:b2:45:c5:69:40:3e:bf:4b:
7e:fa:c1:d1:d9:84:fb:ca:bd:90:f3:61:a7:c4:34:d6:dc:9c:
d1:15:88:b4
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVwgr0WNuQZ7zrr1LZqoUxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjMwMTAyMDMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzYzMTY3ZGQ5ZWI5ZGQ3NmEyMjhhNzhhNWNmMWM4Mzc5NmYyNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokT51d5Pc7i0KrTXxN76gbLhUcBS
1ShmTaA868G+B4189TvHrJeTWaNbkNfYnsaCewS4jwRBowHKg3jKSerRlTsgtT4C
CKdaW6CL6hbnBWVFTsXQI0DfGXIykSpkSRhwLdif+5/I96Dohc21w7NtJ+Mt+65U
kI0TUT2Mbh8fQEAbK8yAy7KvZETTNeiqVF3BTfRVVHyF/IJ3qDKopefkRJqxsPk/
MEUjrDFgqJqwaZgF9Cp/nSkUX1G+iwchuLrUiSa5pnMZWNMZbmTO/wtbwSJcIHQt
vXgd5GCU2O2K5CSSxbQpvTQF6ohe6iqR3t/H5Bb1olo4/QgWompHhjoFgwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFCdjFn3Z653XaiKKeKXPHIN5bydWMB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEvSjJNV2ZkbnJuZGRxSW9wNHBjOGNnM2x2SjFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAKg+xBAAA
AwUAKg+xBTANBgkqhkiG9w0BAQsFAAOCAQEAlLh1TUJTF0c/X670o8BLTrUmhHDg
0xLn5Nk9vhS8WLSa2PxxWS92icwylbojVveXbMgOqu63GvpmoMuFWogm4d5L3ZRF
PIQtWYdp/koo45WnEVwaeQg0afHaF98ddwYRxysw0ucEaR7FvSfBh3Y4cdSYQhDe
LJupWqahic+sW2Pk4c/fUov+SlmHEpuUG5PupSJuhQMqUHQCMh+olZKXqu2lIiiz
SHlDlujBrjdybi6UH9/BiwK5Apcibqj46Sfe6+G99sbNMoCd2QsIFodXzjpcYuMy
IxbIqBrpRPRAyK08CLJFxWlAPr9LfvrB0dmE+8q9kPNhp8Q01tyc0RWItA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:01 2025 by rpki-client