Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/2fdd56-ba2c-46fb-9882-9b257f4fea8d/1/co6ssF_g8tv83fTebYMrctj08TM.roa
File: co6ssF_g8tv83fTebYMrctj08TM.roa (raw, json)
Hash identifier: aktx4/7300dNfUk7zoirOrDqBcGk0l7//llU7SKEqeg=
Subject key identifier: 72:8E:AC:B0:5F:E0:F2:DB:FC:DD:F4:DE:6D:83:2B:72:D8:F4:F1:33
Certificate issuer: /CN=77bc534ba44e9d3cba2f2446d4a3dd6eea9b8f61
Certificate serial: 01856DDD603256B1121766BE09A44A929FFA
Authority key identifier: 77:BC:53:4B:A4:4E:9D:3C:BA:2F:24:46:D4:A3:DD:6E:EA:9B:8F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7xTS6ROnTy6LyRG1KPdbuqbj2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/2fdd56-ba2c-46fb-9882-9b257f4fea8d/1/co6ssF_g8tv83fTebYMrctj08TM.roa
Signing time: Sun 01 Jan 2023 15:05:02 +0000
ROA not before: Sun 01 Jan 2023 15:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a11:60c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:60:32:56:b1:12:17:66:be:09:a4:4a:92:9f:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77bc534ba44e9d3cba2f2446d4a3dd6eea9b8f61
Validity
Not Before: Jan 1 15:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=728eacb05fe0f2dbfcddf4de6d832b72d8f4f133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6d:2b:4a:9d:92:7e:61:8b:4e:18:5d:52:67:
72:c9:e9:d1:8d:1c:db:3e:0d:96:9b:4b:fd:24:14:
aa:51:ce:f2:ab:20:9d:dd:30:f7:06:03:7e:4b:84:
04:7f:b6:c1:06:04:f6:57:5d:ea:1d:7a:e6:f2:ea:
47:1d:97:61:db:5c:ef:10:23:d2:54:b2:7c:9e:2e:
d4:79:53:d1:df:23:75:35:b3:74:3c:86:5c:a6:c8:
e8:5e:a1:1a:1e:97:85:a2:5a:14:1f:d3:46:fb:af:
a2:b3:4b:fd:b9:3b:a8:32:3e:85:32:39:c2:f5:18:
c9:ba:36:6e:c7:cf:44:59:25:83:0a:65:52:87:1f:
ed:39:2b:90:6a:03:1f:e9:68:f3:d4:d2:c0:0b:a9:
31:12:28:10:ab:d2:0b:8b:f6:84:cf:78:ec:5a:fe:
3a:78:17:16:fe:8e:ba:91:49:6b:08:73:b5:51:f6:
35:0c:92:0b:b8:c1:f5:8f:c1:ed:0b:30:ca:df:15:
3f:02:d8:f6:1d:40:45:70:1f:bc:81:8d:00:83:ca:
2a:10:14:53:7a:1d:4c:e5:fe:48:a2:13:63:d7:8a:
d2:13:89:53:f2:10:b0:d1:44:d1:d8:3c:92:84:4e:
86:3d:fe:69:4e:44:e0:96:2c:c9:c9:0a:2d:cd:3b:
d0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:8E:AC:B0:5F:E0:F2:DB:FC:DD:F4:DE:6D:83:2B:72:D8:F4:F1:33
X509v3 Authority Key Identifier:
keyid:77:BC:53:4B:A4:4E:9D:3C:BA:2F:24:46:D4:A3:DD:6E:EA:9B:8F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7xTS6ROnTy6LyRG1KPdbuqbj2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/2fdd56-ba2c-46fb-9882-9b257f4fea8d/1/co6ssF_g8tv83fTebYMrctj08TM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/2fdd56-ba2c-46fb-9882-9b257f4fea8d/1/d7xTS6ROnTy6LyRG1KPdbuqbj2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:60c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
4b:e9:f9:2d:f6:aa:91:02:c9:1d:95:ad:e8:02:ff:8f:85:85:
eb:14:44:d3:00:8a:65:3c:e3:b4:24:13:c3:1c:be:c8:ee:0f:
ce:3d:7f:23:9c:f6:c5:23:95:b0:84:2a:b0:76:05:c1:28:bc:
c4:09:07:8b:14:3c:08:30:42:50:ba:83:a4:e8:b8:dd:d3:85:
20:f4:5a:84:fa:42:4d:07:16:7e:08:fa:96:3e:95:ab:d7:7d:
01:56:4e:67:78:2d:4b:0a:93:88:12:41:03:a1:63:ce:ab:43:
40:d8:c7:92:8b:51:57:a6:1f:97:0e:03:49:63:3e:be:26:8f:
5b:cb:1e:8e:a2:2e:b9:fa:bd:dd:44:a9:5e:18:5c:1e:6a:8d:
c3:73:bd:06:4d:6c:3c:ef:f7:a9:81:32:38:2b:51:59:d1:88:
45:ae:1d:94:a4:5a:87:c7:e0:19:f9:88:04:63:e3:85:71:4a:
bb:ee:e4:f5:dc:2c:9c:d0:91:8e:7b:d5:c3:75:2a:5f:9d:7b:
4d:85:d7:49:39:09:d2:a8:32:43:e8:a6:10:f9:52:1c:51:11:
65:b2:9f:7e:7f:e6:13:ec:4f:4e:40:0d:1b:40:db:7b:59:10:
9c:b6:d9:56:6c:83:2f:75:77:a0:47:ee:5c:bf:56:fd:da:1d:
ca:99:a6:46
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVt3WAyVrESF2a+CaRKkp/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YmM1MzRiYTQ0ZTlkM2NiYTJmMjQ0NmQ0YTNkZDZlZWE5
YjhmNjEwHhcNMjMwMTAxMTUwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjhlYWNiMDVmZTBmMmRiZmNkZGY0ZGU2ZDgzMmI3MmQ4ZjRmMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm0rSp2SfmGLThhdUmdyyenRjRzb
Pg2Wm0v9JBSqUc7yqyCd3TD3BgN+S4QEf7bBBgT2V13qHXrm8upHHZdh21zvECPS
VLJ8ni7UeVPR3yN1NbN0PIZcpsjoXqEaHpeFoloUH9NG+6+is0v9uTuoMj6FMjnC
9RjJujZux89EWSWDCmVShx/tOSuQagMf6Wjz1NLAC6kxEigQq9ILi/aEz3jsWv46
eBcW/o66kUlrCHO1UfY1DJILuMH1j8HtCzDK3xU/Atj2HUBFcB+8gY0Ag8oqEBRT
eh1M5f5IohNj14rSE4lT8hCw0UTR2DyShE6GPf5pTkTglizJyQotzTvQHwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHKOrLBf4PLb/N303m2DK3LY9PEzMB8GA1UdIwQY
MBaAFHe8U0ukTp08ui8kRtSj3W7qm49hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDd4VFM2Uk9uVHk2THlSRzFLUGRidXFiajJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8yZmRkNTYtYmEyYy00NmZiLTk4ODIt
OWIyNTdmNGZlYThkLzEvY282c3NGX2c4dHY4M2ZUZWJZTXJjdGowOFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8yZmRkNTYtYmEyYy00NmZiLTk4ODItOWIyNTdmNGZlYThk
LzEvZDd4VFM2Uk9uVHk2THlSRzFLUGRidXFiajJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhFgwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBL6fkt9qqRAskdla3oAv+PhYXrFETTAIplPOO0
JBPDHL7I7g/OPX8jnPbFI5WwhCqwdgXBKLzECQeLFDwIMEJQuoOk6Ljd04Ug9FqE
+kJNBxZ+CPqWPpWr130BVk5neC1LCpOIEkEDoWPOq0NA2MeSi1FXph+XDgNJYz6+
Jo9byx6Ooi65+r3dRKleGFweao3Dc70GTWw87/epgTI4K1FZ0YhFrh2UpFqHx+AZ
+YgEY+OFcUq77uT13Cyc0JGOe9XDdSpfnXtNhddJOQnSqDJD6KYQ+VIcURFlsp9+
f+YT7E9OQA0bQNt7WRCcttlWbIMvdXegR+5cv1b92h3KmaZG
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:08 2025 by rpki-client