Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/Kq-gihfAJ2iuVXKMgDTdHKS_28A.roa
File: Kq-gihfAJ2iuVXKMgDTdHKS_28A.roa (raw, json)
Hash identifier: Oph6VptDUD+DxBbHhnHUGf0i05f5szlSwqEZ2TU5MHc=
Subject key identifier: 2A:AF:A0:8A:17:C0:27:68:AE:55:72:8C:80:34:DD:1C:A4:BF:DB:C0
Certificate issuer: /CN=a4338168cd9d5af0604013fc4274126fc581f3cb
Certificate serial: 018340F1DCD5164BB49720565787A3073626
Authority key identifier: A4:33:81:68:CD:9D:5A:F0:60:40:13:FC:42:74:12:6F:C5:81:F3:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDOBaM2dWvBgQBP8QnQSb8WB88s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/Kq-gihfAJ2iuVXKMgDTdHKS_28A.roa
Signing time: Thu 15 Sep 2022 11:38:55 +0000
ROA not before: Thu 15 Sep 2022 11:38:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211833
IP address blocks: 2a12:f340::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:40:f1:dc:d5:16:4b:b4:97:20:56:57:87:a3:07:36:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4338168cd9d5af0604013fc4274126fc581f3cb
Validity
Not Before: Sep 15 11:38:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2aafa08a17c02768ae55728c8034dd1ca4bfdbc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0d:cd:57:93:a8:ee:be:f4:45:ef:bd:46:82:
57:6a:24:e6:40:08:1c:f2:90:dd:91:99:83:55:48:
e8:2b:29:85:d6:bd:45:0a:7d:13:f2:77:e5:6e:2f:
ec:7c:61:f1:bd:57:70:58:ca:6e:7d:17:ca:34:03:
38:79:ee:98:8b:18:16:d1:0c:79:a5:b4:8f:40:d3:
1b:f9:4a:93:db:4b:15:80:1e:ff:61:96:b0:38:8d:
99:28:82:ba:a6:c7:28:57:22:19:3c:36:f3:d6:45:
26:87:e9:e9:07:f7:6d:b1:84:90:d4:ec:6e:7f:5d:
8d:10:8b:76:df:e1:e8:01:b8:69:c5:7e:20:63:7c:
fc:d0:45:52:6f:be:73:2f:0c:de:c3:b9:7c:42:17:
a6:a9:46:f7:2b:53:c2:04:a1:4f:c4:78:a9:f5:06:
e9:94:6e:49:62:69:54:d1:d9:d6:91:26:f8:b8:4d:
e1:b0:4c:50:b8:96:9c:8b:96:52:0d:85:8c:cb:73:
f8:52:19:a3:f7:67:f3:57:7d:b1:b1:b7:d4:41:30:
bd:40:67:71:21:62:46:e3:47:13:13:28:18:33:9d:
50:7c:9e:fb:6f:df:29:b6:6a:81:90:18:8e:97:1d:
3f:56:96:38:71:cc:5a:b9:aa:ed:41:51:85:cd:4f:
57:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:AF:A0:8A:17:C0:27:68:AE:55:72:8C:80:34:DD:1C:A4:BF:DB:C0
X509v3 Authority Key Identifier:
keyid:A4:33:81:68:CD:9D:5A:F0:60:40:13:FC:42:74:12:6F:C5:81:F3:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDOBaM2dWvBgQBP8QnQSb8WB88s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/Kq-gihfAJ2iuVXKMgDTdHKS_28A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/pDOBaM2dWvBgQBP8QnQSb8WB88s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f340::/48
Signature Algorithm: sha256WithRSAEncryption
db:b1:59:fd:27:ea:48:02:d9:ed:65:16:24:f7:c4:82:b1:39:
4a:eb:d3:5f:ae:fb:27:d4:8a:1d:ff:fa:13:3b:75:5f:eb:01:
96:0c:a0:68:13:f7:20:ef:97:d6:fe:56:8e:0b:f4:f9:c6:34:
1e:eb:6c:e3:50:96:ad:00:32:dc:00:47:7a:72:4a:81:48:93:
cb:0f:f1:ac:1c:3f:5b:ff:30:40:b4:ad:3c:d7:69:a9:05:3b:
24:2d:87:fb:fb:fd:d5:80:d5:57:e1:c0:e6:f5:0b:1c:52:fd:
5b:8a:66:09:dc:68:96:8d:1d:0e:4a:cc:f9:d9:4b:2d:15:b3:
77:36:a4:80:7c:72:81:ef:de:85:54:d3:09:af:14:37:4e:ab:
b4:08:83:83:8c:4a:e8:16:32:16:3f:98:db:f7:55:2b:54:5e:
ab:53:a0:72:6a:d6:56:82:cd:6b:f9:78:d3:1f:48:f4:69:1c:
33:88:ca:a5:58:3c:5e:cd:33:b3:cf:06:91:6e:9f:92:5c:0c:
94:0e:2a:2e:8f:ab:36:98:f2:46:a8:a2:4f:a2:55:b2:bf:55:
d3:80:6d:84:10:76:77:02:10:8b:0c:d0:ff:56:19:af:d0:67:
fa:a8:08:7e:24:82:ef:b3:4c:f7:bd:fa:c6:01:06:fc:cb:c0:
5e:87:17:1a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYNA8dzVFku0lyBWV4ejBzYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzM4MTY4Y2Q5ZDVhZjA2MDQwMTNmYzQyNzQxMjZmYzU4
MWYzY2IwHhcNMjIwOTE1MTEzODU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWFmYTA4YTE3YzAyNzY4YWU1NTcyOGM4MDM0ZGQxY2E0YmZkYmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnw3NV5Oo7r70Re+9RoJXaiTmQAgc
8pDdkZmDVUjoKymF1r1FCn0T8nflbi/sfGHxvVdwWMpufRfKNAM4ee6YixgW0Qx5
pbSPQNMb+UqT20sVgB7/YZawOI2ZKIK6pscoVyIZPDbz1kUmh+npB/dtsYSQ1Oxu
f12NEIt23+HoAbhpxX4gY3z80EVSb75zLwzew7l8QhemqUb3K1PCBKFPxHip9Qbp
lG5JYmlU0dnWkSb4uE3hsExQuJaci5ZSDYWMy3P4Uhmj92fzV32xsbfUQTC9QGdx
IWJG40cTEygYM51QfJ77b98ptmqBkBiOlx0/VpY4ccxauartQVGFzU9XdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCqvoIoXwCdorlVyjIA03Rykv9vAMB8GA1UdIwQY
MBaAFKQzgWjNnVrwYEAT/EJ0Em/FgfPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERPQmFNMmRXdkJnUUJQOFFuUVNiOFdCODhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xNzZmN2QtNmYwZi00NWU1LTk3ZjIt
YzlkYjk4MWEyYTJmLzEvS3EtZ2loZkFKMml1VlhLTWdEVGRIS1NfMjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xNzZmN2QtNmYwZi00NWU1LTk3ZjItYzlkYjk4MWEyYTJm
LzEvcERPQmFNMmRXdkJnUUJQOFFuUVNiOFdCODhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhLzQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQDbsVn9J+pIAtntZRYk98SCsTlK69Nfrvsn1Iod
//oTO3Vf6wGWDKBoE/cg75fW/laOC/T5xjQe62zjUJatADLcAEd6ckqBSJPLD/Gs
HD9b/zBAtK0812mpBTskLYf7+/3VgNVX4cDm9QscUv1bimYJ3GiWjR0OSsz52Ust
FbN3NqSAfHKB796FVNMJrxQ3Tqu0CIODjEroFjIWP5jb91UrVF6rU6ByatZWgs1r
+XjTH0j0aRwziMqlWDxezTOzzwaRbp+SXAyUDiouj6s2mPJGqKJPolWyv1XTgG2E
EHZ3AhCLDND/Vhmv0Gf6qAh+JILvs0z3vfrGAQb8y8Behxca
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:35 2024 by rpki-client on console-ams.rpki-client.org