Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ufpAcuTNov0DopO18zqHZ_O2fSk.roa
File: ufpAcuTNov0DopO18zqHZ_O2fSk.roa (raw, json)
Hash identifier: 3aAqV4p2USC5Dww/Ghy6t8rAfxU4gRVrADkYMpD9q/k=
Subject key identifier: B9:FA:40:72:E4:CD:A2:FD:03:A2:93:B5:F3:3A:87:67:F3:B6:7D:29
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 01852E921FC7F3E6B9027D68B632E68B1867
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ufpAcuTNov0DopO18zqHZ_O2fSk.roa
Signing time: Tue 20 Dec 2022 08:06:46 +0000
ROA not before: Tue 20 Dec 2022 08:06:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397522
IP address blocks: 2a01:488:bb1d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:92:1f:c7:f3:e6:b9:02:7d:68:b6:32:e6:8b:18:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Dec 20 08:06:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9fa4072e4cda2fd03a293b5f33a8767f3b67d29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ee:cc:60:78:90:91:9b:09:24:7f:26:25:82:
c4:ab:95:2a:bc:b5:c6:f9:3c:7a:27:d6:a2:e3:91:
fb:74:33:21:f2:97:15:d0:84:50:a1:c4:f6:3d:4c:
cd:90:67:24:7f:bb:ea:28:e9:82:f3:c1:16:dc:44:
75:c5:85:b9:6a:e1:32:a1:f5:b3:1d:94:44:e3:42:
e1:ec:cd:e7:c0:04:b9:ca:0d:4c:b5:e1:b7:e9:c4:
d1:4f:04:fc:2a:08:e1:c0:12:cc:4f:e4:e9:f4:b8:
c2:49:cf:71:0a:46:05:ab:20:21:f4:58:75:06:a7:
e2:cd:30:dd:aa:07:c6:3f:72:3c:be:5e:41:be:f3:
8a:0f:14:7f:99:86:4d:3a:f2:c7:42:f8:3e:68:e8:
83:6e:fc:82:3d:f4:d7:30:5f:e3:8d:64:df:a5:8e:
56:31:3a:5f:53:96:82:21:35:0b:cb:c0:32:fd:20:
4f:24:8e:42:1a:ce:78:05:7b:95:cd:78:67:fa:b1:
dd:20:54:2a:ae:72:d7:e9:cf:6d:38:d7:af:07:75:
7f:54:89:77:d7:e2:a5:3f:c5:2e:da:34:ac:4a:b7:
67:bc:94:16:06:70:c5:37:39:83:b2:c0:ab:d7:fe:
26:25:bf:a7:9a:8b:fb:2c:4b:ca:cb:d8:9a:9c:9c:
d4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FA:40:72:E4:CD:A2:FD:03:A2:93:B5:F3:3A:87:67:F3:B6:7D:29
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ufpAcuTNov0DopO18zqHZ_O2fSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb1d::/48
Signature Algorithm: sha256WithRSAEncryption
79:e1:f9:45:16:24:cd:50:1b:3d:11:72:6f:ea:84:f6:d2:83:
c2:f9:57:20:c3:f5:d0:66:bf:b8:b7:a8:a2:da:44:fb:a4:cc:
8f:0d:ec:73:c1:0a:18:a7:33:ea:ac:10:b4:74:15:f7:db:70:
f4:f5:3d:33:60:00:86:f1:94:b6:d0:08:fa:cc:fa:6e:ed:47:
af:06:d6:65:34:3e:56:80:be:7a:21:eb:ab:ef:8b:e6:43:d3:
26:4b:9b:e7:18:11:4b:1a:44:2f:13:19:b9:a8:8e:b9:81:e2:
0e:ba:2c:fd:33:57:ce:3a:09:90:14:8d:ec:e5:4c:e9:88:15:
01:53:a3:11:97:83:0a:b7:91:bd:67:06:cc:c2:6e:da:69:73:
d0:f1:ba:9b:e5:49:32:28:61:de:42:47:6e:2d:88:62:63:9f:
96:ca:c5:30:08:bb:74:53:0c:a7:da:b4:93:2e:aa:71:c5:8b:
2d:6c:a5:96:dd:e5:af:43:6d:2f:59:95:b1:3a:67:3e:62:86:
6a:de:73:63:d7:8c:b2:f4:41:75:37:85:00:50:a0:29:16:71:
77:c2:25:d6:bf:34:8e:af:4a:b5:cc:ef:4f:7e:5d:93:b5:88:
29:68:af:3c:f5:e8:4a:ed:07:f5:7a:f7:a8:10:f5:21:68:de:
2c:b5:4d:39
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYUukh/H8+a5An1otjLmixhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjIxMjIwMDgwNjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWZhNDA3MmU0Y2RhMmZkMDNhMjkzYjVmMzNhODc2N2YzYjY3ZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAge7MYHiQkZsJJH8mJYLEq5UqvLXG
+Tx6J9ai45H7dDMh8pcV0IRQocT2PUzNkGckf7vqKOmC88EW3ER1xYW5auEyofWz
HZRE40Lh7M3nwAS5yg1MteG36cTRTwT8KgjhwBLMT+Tp9LjCSc9xCkYFqyAh9Fh1
BqfizTDdqgfGP3I8vl5BvvOKDxR/mYZNOvLHQvg+aOiDbvyCPfTXMF/jjWTfpY5W
MTpfU5aCITULy8Ay/SBPJI5CGs54BXuVzXhn+rHdIFQqrnLX6c9tONevB3V/VIl3
1+KlP8Uu2jSsSrdnvJQWBnDFNzmDssCr1/4mJb+nmov7LEvKy9ianJzURwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLn6QHLkzaL9A6KTtfM6h2fztn0pMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvdWZwQWN1VE5vdjBEb3BPMTh6cUhaX08yZlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsd
MA0GCSqGSIb3DQEBCwUAA4IBAQB54flFFiTNUBs9EXJv6oT20oPC+Vcgw/XQZr+4
t6ii2kT7pMyPDexzwQoYpzPqrBC0dBX323D09T0zYACG8ZS20Aj6zPpu7UevBtZl
ND5WgL56Ieur74vmQ9MmS5vnGBFLGkQvExm5qI65geIOuiz9M1fOOgmQFI3s5Uzp
iBUBU6MRl4MKt5G9ZwbMwm7aaXPQ8bqb5UkyKGHeQkduLYhiY5+WysUwCLt0Uwyn
2rSTLqpxxYstbKWW3eWvQ20vWZWxOmc+YoZq3nNj14yy9EF1N4UAUKApFnF3wiXW
vzSOr0q1zO9Pfl2TtYgpaK889ehK7Qf1eveoEPUhaN4stU05
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:40 2024 by rpki-client on console-ams.rpki-client.org