Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/PBnNcC1tlaH4xzLeVby-gnCQ8T4.roa
File: PBnNcC1tlaH4xzLeVby-gnCQ8T4.roa (raw, json)
Hash identifier: d5ybz7mBxNS9hgsrRzmK+fQCHU5zqnMUl7VIt9LUeDI=
Subject key identifier: 3C:19:CD:70:2D:6D:95:A1:F8:C7:32:DE:55:BC:BE:82:70:90:F1:3E
Certificate issuer: /CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Certificate serial: 061B6B04
Authority key identifier: 72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/PBnNcC1tlaH4xzLeVby-gnCQ8T4.roa
Signing time: Sat 01 Jan 2022 02:55:54 +0000
ROA not before: Sat 01 Jan 2022 02:55:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207902
IP address blocks: 2a0e:7900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102460164 (0x61b6b04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Validity
Not Before: Jan 1 02:55:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c19cd702d6d95a1f8c732de55bcbe827090f13e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:dd:6d:22:84:66:fe:19:f9:01:a9:80:2a:3f:
73:cd:f9:0e:44:e2:be:7d:3c:8c:7f:bd:fd:d5:fa:
c6:4f:11:d5:3a:38:58:10:27:cd:4d:f7:c3:d1:a9:
e6:4b:47:9f:3b:89:fc:d9:2f:21:f5:35:f5:30:71:
64:cc:a6:8a:c4:a8:bd:85:8c:27:2c:8c:da:fd:fe:
75:04:2d:90:56:63:34:5c:e7:e2:90:07:6e:35:62:
97:7b:b5:3b:0f:eb:d7:6c:0c:ce:3c:0b:33:68:59:
6c:07:44:1f:bd:c3:fa:64:6e:2f:fe:e6:86:b1:fa:
6d:e5:35:26:fa:d8:7b:cb:d2:d2:33:e0:1f:e4:d3:
d3:30:58:02:3c:d1:26:d0:e1:48:02:fd:5e:cb:43:
63:f0:49:a5:01:32:60:42:13:a8:53:a6:51:d4:49:
6c:85:63:7e:85:ad:26:13:91:a6:11:be:fe:a1:c9:
b0:41:51:62:50:e1:0b:4f:17:11:6c:24:84:15:eb:
cf:01:36:b1:e9:f8:19:ab:d9:e3:7d:14:7f:25:c5:
7d:70:a0:fb:8e:87:13:7f:85:ab:b6:fc:73:4d:ac:
3b:14:07:e9:b4:93:67:28:fa:72:34:f6:ae:03:ec:
ad:a5:07:98:0d:9b:fb:81:b3:66:79:32:29:1d:81:
69:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:19:CD:70:2D:6D:95:A1:F8:C7:32:DE:55:BC:BE:82:70:90:F1:3E
X509v3 Authority Key Identifier:
keyid:72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/PBnNcC1tlaH4xzLeVby-gnCQ8T4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7900::/29
Signature Algorithm: sha256WithRSAEncryption
5b:c9:c7:8f:bc:1f:d8:38:8b:dc:ce:b2:7d:2c:c2:61:f7:86:
30:27:d5:8e:f3:a0:1d:22:18:75:49:2d:df:92:44:59:7c:32:
50:61:8c:41:68:dc:fe:89:c5:bf:09:7d:ee:14:29:73:de:71:
92:4a:82:7f:23:01:45:7d:b1:2a:c9:cd:8b:5e:33:f0:f3:4f:
cd:43:db:e1:cb:eb:89:18:25:10:2f:e2:dd:9e:72:3a:d7:0c:
a5:77:e1:19:fc:fd:ff:8f:dd:e5:73:8b:95:1c:02:d0:92:3f:
09:52:33:64:3e:63:bf:3a:ae:04:b7:65:b2:99:10:64:f1:79:
5f:a7:ce:e9:a2:90:52:bb:48:fc:4d:d3:bd:1e:2d:bb:4f:24:
ec:54:10:66:cc:c7:cb:31:f2:ee:96:43:cf:5b:f2:11:3a:7a:
87:ee:d4:6b:ee:82:ca:15:02:55:7a:15:16:7f:5c:eb:5c:44:
90:fd:24:77:73:df:c6:c2:98:04:aa:eb:4e:b5:3d:7e:77:1b:
01:04:e8:c6:ea:35:b1:b2:3a:a0:25:7a:cf:57:d8:67:eb:06:
b8:47:38:74:3f:85:3d:fb:6e:a1:20:89:2a:3a:1d:fc:43:10:
84:fa:7b:34:be:92:19:df:d3:6b:20:12:1c:03:15:70:73:63:
9c:b4:5c:64
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBhtrBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmU0YmFmOTlhYjg0MDEyOTEzMzI4NWZlOWFkN2I4M2ZkMTMwYzM5MB4XDTIyMDEw
MTAyNTU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2MxOWNkNzAyZDZk
OTVhMWY4YzczMmRlNTViY2JlODI3MDkwZjEzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7dbSKEZv4Z+QGpgCo/c835DkTivn08jH+9/dX6xk8R1To4
WBAnzU33w9Gp5ktHnzuJ/NkvIfU19TBxZMymisSovYWMJyyM2v3+dQQtkFZjNFzn
4pAHbjVil3u1Ow/r12wMzjwLM2hZbAdEH73D+mRuL/7mhrH6beU1JvrYe8vS0jPg
H+TT0zBYAjzRJtDhSAL9XstDY/BJpQEyYEITqFOmUdRJbIVjfoWtJhORphG+/qHJ
sEFRYlDhC08XEWwkhBXrzwE2sen4GavZ430UfyXFfXCg+46HE3+Fq7b8c02sOxQH
6bSTZyj6cjT2rgPsraUHmA2b+4GzZnkyKR2BaZ0CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQ8Gc1wLW2VofjHMt5VvL6CcJDxPjAfBgNVHSMEGDAWgBRy5Lr5mrhAEpEz
KF/prXuD/RMMOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2N1UzYtWnE0UUJLUk15aGY2YTE3Z18wVEREay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvNjZiNzRjLTgxYzEtNDEwZS05NTdkLWE4ZDY1ZGNjYjk2Yi8x
L1BCbk5jQzF0bGFINHh6TGVWYnktZ25DUThUNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
NjZiNzRjLTgxYzEtNDEwZS05NTdkLWE4ZDY1ZGNjYjk2Yi8xL2N1UzYtWnE0UUJL
Uk15aGY2YTE3Z18wVEREay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoOeQAwDQYJKoZIhvcNAQELBQAD
ggEBAFvJx4+8H9g4i9zOsn0swmH3hjAn1Y7zoB0iGHVJLd+SRFl8MlBhjEFo3P6J
xb8Jfe4UKXPecZJKgn8jAUV9sSrJzYteM/DzT81D2+HL64kYJRAv4t2ecjrXDKV3
4Rn8/f+P3eVzi5UcAtCSPwlSM2Q+Y786rgS3ZbKZEGTxeV+nzumikFK7SPxN070e
LbtPJOxUEGbMx8sx8u6WQ89b8hE6eofu1GvugsoVAlV6FRZ/XOtcRJD9JHdz38bC
mASq6061PX53GwEE6MbqNbGyOqAles9X2GfrBrhHOHQ/hT37bqEgiSo6HfxDEIT6
ezS+khnf02sgEhwDFXBzY5y0XGQ=
-----END CERTIFICATE-----
Generated at Mon Apr 28 11:16:39 2025 by rpki-client