Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/2m2iEO0GWm5Qnp5hF7QqSBFwzqY.roa
File: 2m2iEO0GWm5Qnp5hF7QqSBFwzqY.roa (raw, json)
Hash identifier: 88l5f4g85NxgaK2um1YyOmIQd2XhqhoEcGFaWs9jGhs=
Subject key identifier: DA:6D:A2:10:ED:06:5A:6E:50:9E:9E:61:17:B4:2A:48:11:70:CE:A6
Certificate issuer: /CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Certificate serial: 017554CA
Authority key identifier: 8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/2m2iEO0GWm5Qnp5hF7QqSBFwzqY.roa
Signing time: Wed 09 Feb 2022 13:05:52 +0000
ROA not before: Wed 09 Feb 2022 13:05:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 2a0b:8b40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24466634 (0x17554ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Validity
Not Before: Feb 9 13:05:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da6da210ed065a6e509e9e6117b42a481170cea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2e:ab:af:c8:9a:a4:a5:c5:64:92:7c:f4:dd:
e7:93:b6:66:70:ab:e6:f7:c6:59:0b:8f:e2:4d:02:
26:89:0d:aa:cc:a1:0f:d2:68:7c:6d:39:79:05:a4:
af:75:42:f6:c1:0a:b2:c8:75:56:b7:bf:80:00:c5:
2a:f0:52:eb:86:70:c3:4e:b9:93:89:ff:48:22:9e:
6f:ff:8b:fb:46:44:0c:e7:91:e7:8d:af:2e:b8:f8:
5e:70:10:25:b7:bc:4e:36:67:27:ce:57:76:2b:54:
04:cc:88:b9:11:78:b5:c7:2e:78:2f:bd:13:f1:4f:
10:de:8f:31:d6:4d:ae:e2:00:e7:33:7f:70:7c:60:
df:57:d3:97:a9:ba:5d:21:20:96:1f:8d:dd:f5:6c:
b4:71:ee:3c:24:87:36:22:06:67:06:2d:fb:b3:fc:
12:7e:01:de:ac:29:a7:b2:39:0c:6c:60:f1:32:4b:
64:47:78:f6:8a:c9:1c:e7:d3:e0:f3:89:d9:90:b4:
3a:65:3c:6c:19:36:be:26:d2:bf:e2:a7:85:99:58:
31:a3:fd:a0:ba:b2:1b:3b:6c:b9:b6:74:57:04:5f:
1d:9c:d1:e7:44:72:72:34:11:0c:7a:0f:25:23:c3:
76:1f:43:70:4a:3d:6f:c2:50:11:4f:13:f5:97:04:
8a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:6D:A2:10:ED:06:5A:6E:50:9E:9E:61:17:B4:2A:48:11:70:CE:A6
X509v3 Authority Key Identifier:
keyid:8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/2m2iEO0GWm5Qnp5hF7QqSBFwzqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
09:9f:43:a1:cb:08:13:51:93:55:a3:68:ea:c5:f5:0c:4f:86:
23:bb:87:4b:a4:1f:45:ce:64:46:b9:79:cd:e8:aa:a5:8d:b2:
77:94:06:a8:3b:db:a9:e6:5d:aa:27:a3:40:95:a1:cb:13:9c:
de:71:57:cd:28:a6:eb:b6:bc:94:68:d8:ac:6c:b2:ba:a3:00:
e1:a8:b5:75:1d:cc:15:50:ad:84:20:98:7d:12:91:9b:07:b8:
21:41:1f:37:26:ba:98:73:21:14:22:9f:4d:0c:a4:71:a9:93:
ba:91:72:fa:d8:de:9d:e5:0f:78:3d:6f:1c:59:7e:82:a8:c8:
76:2a:68:63:69:be:77:05:40:66:d7:c4:e4:af:7d:0b:c8:89:
aa:e3:b1:3c:36:1e:cc:22:88:78:96:0c:ad:b1:da:95:13:a0:
93:2f:cf:65:34:0f:b2:19:cb:d6:7d:ca:79:49:ba:a3:37:5a:
99:f2:c3:ec:db:cd:5f:d1:2d:bc:8d:cf:5a:b4:15:01:ad:b5:
d3:7d:a4:56:cb:9d:d0:b9:1a:4a:43:fd:8c:ef:12:cc:5b:f5:
20:fc:f5:ed:ae:31:87:ce:9a:96:50:6f:67:3f:91:07:43:c2:
a0:3c:fb:c4:f4:d0:ac:1d:b1:c6:7f:22:f5:50:75:0c:9a:31:
cb:75:a3:aa
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAXVUyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDg5MjIzYzFmMzM1YzBjYzU2OTM1OWZhMmRkYTM0OWEyMjM2Y2NiMB4XDTIyMDIw
OTEzMDU1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE2ZGEyMTBlZDA2
NWE2ZTUwOWU5ZTYxMTdiNDJhNDgxMTcwY2VhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsuq6/ImqSlxWSSfPTd55O2ZnCr5vfGWQuP4k0CJokNqsyh
D9JofG05eQWkr3VC9sEKssh1Vre/gADFKvBS64Zww065k4n/SCKeb/+L+0ZEDOeR
542vLrj4XnAQJbe8TjZnJ85XditUBMyIuRF4tccueC+9E/FPEN6PMdZNruIA5zN/
cHxg31fTl6m6XSEglh+N3fVstHHuPCSHNiIGZwYt+7P8En4B3qwpp7I5DGxg8TJL
ZEd49orJHOfT4POJ2ZC0OmU8bBk2vibSv+KnhZlYMaP9oLqyGztsubZ0VwRfHZzR
50RycjQRDHoPJSPDdh9DcEo9b8JQEU8T9ZcEilcCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTabaIQ7QZablCenmEXtCpIEXDOpjAfBgNVHSMEGDAWgBSNiSI8HzNcDMVp
NZ+i3aNJoiNsyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pZa2lQQjh6WEF6RmFUV2ZvdDJqU2FJamJNcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvNTJhMTBkLWQ4NTEtNDBhZS1hOGIwLWExMDI4ZWRhNjM4My8x
LzJtMmlFTzBHV201UW5wNWhGN1FxU0JGd3pxWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
NTJhMTBkLWQ4NTEtNDBhZS1hOGIwLWExMDI4ZWRhNjM4My8xL2pZa2lQQjh6WEF6
RmFUV2ZvdDJqU2FJamJNcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoLi0AwDQYJKoZIhvcNAQELBQAD
ggEBAAmfQ6HLCBNRk1WjaOrF9QxPhiO7h0ukH0XOZEa5ec3oqqWNsneUBqg726nm
Xaono0CVocsTnN5xV80opuu2vJRo2KxssrqjAOGotXUdzBVQrYQgmH0SkZsHuCFB
HzcmuphzIRQin00MpHGpk7qRcvrY3p3lD3g9bxxZfoKoyHYqaGNpvncFQGbXxOSv
fQvIiarjsTw2HswiiHiWDK2x2pUToJMvz2U0D7IZy9Z9ynlJuqM3Wpnyw+zbzV/R
LbyNz1q0FQGttdN9pFbLndC5GkpD/YzvEsxb9SD89e2uMYfOmpZQb2c/kQdDwqA8
+8T00KwdscZ/IvVQdQyaMct1o6o=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:08 2025 by rpki-client