Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c69c75-8391-4d93-b378-3fa15a33f429/1/BePQY3JxuXEz4auFTRfLzdq2hnk.roa
File: BePQY3JxuXEz4auFTRfLzdq2hnk.roa (raw, json)
Hash identifier: 3i6IhqyYlUaUlaODXBuBO+Fh1NH0NHlReDykJ+JtvQ8=
Subject key identifier: 05:E3:D0:63:72:71:B9:71:33:E1:AB:85:4D:17:CB:CD:DA:B6:86:79
Certificate issuer: /CN=ea83e30f2d6fce75a666a2d0b636b46ec998a1cb
Certificate serial: 01329E
Authority key identifier: EA:83:E3:0F:2D:6F:CE:75:A6:66:A2:D0:B6:36:B4:6E:C9:98:A1:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6oPjDy1vznWmZqLQtja0bsmYocs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c69c75-8391-4d93-b378-3fa15a33f429/1/BePQY3JxuXEz4auFTRfLzdq2hnk.roa
Signing time: Mon 10 Jan 2022 14:31:59 +0000
ROA not before: Mon 10 Jan 2022 14:31:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51679
IP address blocks: 2a12:c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78494 (0x1329e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea83e30f2d6fce75a666a2d0b636b46ec998a1cb
Validity
Not Before: Jan 10 14:31:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05e3d0637271b97133e1ab854d17cbcddab68679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0c:d3:a3:29:39:01:99:a8:5a:f1:7a:d6:7a:
f3:91:3f:97:df:9f:e5:47:66:59:74:ff:87:00:03:
e9:5a:75:a6:ba:7b:f7:94:08:fa:e0:59:cf:9f:42:
5c:6a:d9:06:7d:47:15:1e:42:f6:87:cb:c6:b8:70:
be:3b:21:d0:fa:6d:c7:a6:93:1f:02:fe:e5:7c:eb:
02:2f:fd:fb:86:63:49:d3:18:cd:00:7a:cd:bb:ab:
9d:35:9a:0c:b8:47:41:82:b1:9e:2f:ac:7c:5b:bd:
89:84:24:69:40:c6:6c:26:c4:24:d9:10:b7:f0:16:
a1:29:f5:51:44:6b:33:f5:39:d3:86:8a:6d:ef:b0:
52:27:b6:08:f3:b2:78:94:79:c4:7a:d0:aa:94:09:
a5:4b:2b:10:39:ef:e3:27:39:bd:45:fa:1b:32:52:
32:8b:c1:d2:34:4c:85:07:f3:ab:46:45:88:83:ea:
31:c4:2c:8f:c3:a7:41:7c:09:0c:40:0e:d6:c3:4a:
b7:13:a0:a7:f4:68:27:6f:0b:eb:21:65:8b:e9:4f:
90:a4:3a:5e:7e:27:73:35:06:34:f0:7e:c1:b7:69:
0a:e0:e6:94:d7:63:b2:4c:61:d7:73:a1:6c:70:3f:
e7:71:49:c9:98:d6:87:27:e9:36:90:db:52:8d:de:
0c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E3:D0:63:72:71:B9:71:33:E1:AB:85:4D:17:CB:CD:DA:B6:86:79
X509v3 Authority Key Identifier:
keyid:EA:83:E3:0F:2D:6F:CE:75:A6:66:A2:D0:B6:36:B4:6E:C9:98:A1:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6oPjDy1vznWmZqLQtja0bsmYocs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c69c75-8391-4d93-b378-3fa15a33f429/1/BePQY3JxuXEz4auFTRfLzdq2hnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c69c75-8391-4d93-b378-3fa15a33f429/1/6oPjDy1vznWmZqLQtja0bsmYocs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:c40::/29
Signature Algorithm: sha256WithRSAEncryption
4b:d7:a7:08:61:25:69:42:76:ba:40:e9:58:52:00:aa:90:83:
78:ac:44:ec:f0:45:b5:9a:55:7f:77:ac:6e:c2:6e:4b:46:a8:
4c:cb:ba:9e:42:e6:c0:64:d4:2c:92:f3:ce:da:c5:88:1c:81:
ff:ea:cc:c6:ea:15:3f:6d:d2:84:ff:b5:8d:df:4e:be:87:ac:
2f:95:5c:9c:42:75:f3:07:5b:29:84:76:0e:54:0f:45:b2:37:
4f:ca:83:54:4f:2b:8c:a8:8b:7d:bd:4e:43:ba:f8:dc:d7:04:
b7:fd:de:ea:72:d8:39:30:2a:94:9c:d0:a0:4e:6c:50:d7:56:
06:16:06:59:5e:9a:1a:cc:94:58:a2:a0:8b:9f:0c:5f:90:1d:
58:0a:79:a6:40:06:ad:11:b9:b1:dd:ab:54:0b:5f:50:1e:3e:
d3:91:7e:d4:55:6d:20:c7:65:e7:4e:99:7e:ad:1a:25:cd:55:
e7:74:73:60:21:a6:53:c6:90:a2:e6:ef:c6:4d:4a:bb:9b:32:
da:0d:8f:bf:32:88:f6:22:b3:5e:f3:4e:5c:3b:20:0b:b7:68:
f9:2a:c5:c8:af:12:bb:da:4c:3b:57:b7:62:37:95:f0:21:e4:
29:ba:86:38:e0:38:e4:f4:05:11:b5:98:dc:60:ff:2f:87:b0:
0f:46:00:fe
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDATKeMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVh
ODNlMzBmMmQ2ZmNlNzVhNjY2YTJkMGI2MzZiNDZlYzk5OGExY2IwHhcNMjIwMTEw
MTQzMTU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwNWUzZDA2MzcyNzFi
OTcxMzNlMWFiODU0ZDE3Y2JjZGRhYjY4Njc5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApAzToyk5AZmoWvF61nrzkT+X35/lR2ZZdP+HAAPpWnWmunv3
lAj64FnPn0JcatkGfUcVHkL2h8vGuHC+OyHQ+m3HppMfAv7lfOsCL/37hmNJ0xjN
AHrNu6udNZoMuEdBgrGeL6x8W72JhCRpQMZsJsQk2RC38BahKfVRRGsz9TnThopt
77BSJ7YI87J4lHnEetCqlAmlSysQOe/jJzm9RfobMlIyi8HSNEyFB/OrRkWIg+ox
xCyPw6dBfAkMQA7Ww0q3E6Cn9GgnbwvrIWWL6U+QpDpefidzNQY08H7Bt2kK4OaU
12OyTGHXc6FscD/ncUnJmNaHJ+k2kNtSjd4MRwIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFAXj0GNycblxM+GrhU0Xy83atoZ5MB8GA1UdIwQYMBaAFOqD4w8tb851pmai
0LY2tG7JmKHLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Nm9QakR5MXZ6bldtWnFMUXRqYTBic21Zb2NzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wOC9jNjljNzUtODM5MS00ZDkzLWIzNzgtM2ZhMTVhMzNmNDI5LzEv
QmVQUVkzSnh1WEV6NGF1RlRSZkx6ZHEyaG5rLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9j
NjljNzUtODM5MS00ZDkzLWIzNzgtM2ZhMTVhMzNmNDI5LzEvNm9QakR5MXZ6bldt
WnFMUXRqYTBic21Zb2NzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIMQDANBgkqhkiG9w0BAQsFAAOC
AQEAS9enCGElaUJ2ukDpWFIAqpCDeKxE7PBFtZpVf3esbsJuS0aoTMu6nkLmwGTU
LJLzztrFiByB/+rMxuoVP23ShP+1jd9OvoesL5VcnEJ18wdbKYR2DlQPRbI3T8qD
VE8rjKiLfb1OQ7r43NcEt/3e6nLYOTAqlJzQoE5sUNdWBhYGWV6aGsyUWKKgi58M
X5AdWAp5pkAGrRG5sd2rVAtfUB4+05F+1FVtIMdl506Zfq0aJc1V53RzYCGmU8aQ
oubvxk1Ku5sy2g2PvzKI9iKzXvNOXDsgC7do+SrFyK8Su9pMO1e3YjeV8CHkKbqG
OOA45PQFEbWY3GD/L4ewD0YA/g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:07 2023 by rpki-client on console-ams.rpki-client.org