Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/bfc002-c1c0-4b65-aa7c-2213691facfb/1/EKjeSSYcbgQ_xwREm_7zOWuLbLs.roa
File: EKjeSSYcbgQ_xwREm_7zOWuLbLs.roa (raw, json)
Hash identifier: W+ROkjku9ArHh1mHvaHoivnhTCXYkY9Apm/ti86eqVI=
Subject key identifier: 10:A8:DE:49:26:1C:6E:04:3F:C7:04:44:9B:FE:F3:39:6B:8B:6C:BB
Certificate issuer: /CN=3fe4723deefa2109198a957fdfa7112c342fcfc9
Certificate serial: 723815
Authority key identifier: 3F:E4:72:3D:EE:FA:21:09:19:8A:95:7F:DF:A7:11:2C:34:2F:CF:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-RyPe76IQkZipV_36cRLDQvz8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/bfc002-c1c0-4b65-aa7c-2213691facfb/1/EKjeSSYcbgQ_xwREm_7zOWuLbLs.roa
Signing time: Sat 01 Jan 2022 01:02:06 +0000
ROA not before: Sat 01 Jan 2022 01:02:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a12:7900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7485461 (0x723815)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fe4723deefa2109198a957fdfa7112c342fcfc9
Validity
Not Before: Jan 1 01:02:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10a8de49261c6e043fc704449bfef3396b8b6cbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:29:6f:b8:cc:dd:97:c8:d4:c5:ed:3a:03:8c:
d8:83:79:c9:9a:1a:4e:46:1e:f5:d0:79:30:87:45:
05:06:9e:cd:22:9e:91:f1:e4:d9:5c:c7:f3:36:31:
a8:fa:2f:e7:af:43:f1:fa:ea:22:36:5d:49:a6:4c:
7c:5c:35:ea:77:d6:77:ab:29:bb:47:6b:2a:95:5b:
2c:ab:d8:b7:11:94:2d:e7:81:8e:2f:fd:ee:ab:1b:
eb:f3:d7:b6:3e:a7:40:1b:77:00:06:70:b5:6c:5b:
36:b1:b2:47:3d:74:79:02:5d:8d:6d:96:e8:df:9f:
dc:99:f7:3c:87:ce:d5:7c:1e:99:40:6f:c5:60:86:
d3:29:2b:46:50:fa:d3:35:18:91:4b:c5:2b:c9:0b:
ae:d3:f1:5b:34:10:fa:a3:ef:56:0c:a0:fc:79:24:
0c:17:bb:d2:ff:d9:a4:1a:9a:01:fa:ec:ae:75:67:
35:34:fc:fa:36:7c:53:53:37:93:b4:75:f1:be:89:
a4:cf:b3:61:45:1a:96:bb:1a:ee:14:b9:59:3e:9a:
93:e0:1f:a8:5b:38:ba:f6:29:f7:2b:51:c8:70:f2:
7b:1e:15:a1:74:78:f7:2c:5d:a4:14:a0:c3:6a:03:
62:f9:0a:6d:24:2e:9b:1c:27:ca:37:b9:fd:93:df:
56:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A8:DE:49:26:1C:6E:04:3F:C7:04:44:9B:FE:F3:39:6B:8B:6C:BB
X509v3 Authority Key Identifier:
keyid:3F:E4:72:3D:EE:FA:21:09:19:8A:95:7F:DF:A7:11:2C:34:2F:CF:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-RyPe76IQkZipV_36cRLDQvz8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfc002-c1c0-4b65-aa7c-2213691facfb/1/EKjeSSYcbgQ_xwREm_7zOWuLbLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfc002-c1c0-4b65-aa7c-2213691facfb/1/P-RyPe76IQkZipV_36cRLDQvz8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7900::/29
Signature Algorithm: sha256WithRSAEncryption
37:23:84:e9:e3:f1:ac:62:b7:20:8b:63:45:f7:00:ad:ed:58:
23:89:79:d8:2b:48:b8:60:e9:4c:8d:b3:7e:0b:85:57:8e:00:
f3:1e:ad:22:62:4c:1f:89:76:af:9d:08:36:2b:cf:29:33:3c:
56:c4:04:1c:4d:98:11:a8:cd:c6:f8:a3:7a:0b:b9:48:e4:71:
66:fd:1c:69:2f:81:57:c8:66:75:4d:00:05:9b:e6:01:71:3b:
e0:04:7e:e1:db:44:50:30:1d:2a:4b:52:9b:fd:7c:a6:28:dc:
00:1b:8a:cd:27:9d:88:33:69:f8:05:fc:1e:e0:c1:08:18:b4:
9c:fe:02:73:e2:fc:b4:19:6f:79:ad:06:aa:8b:2d:83:ef:77:
60:f4:b9:94:2c:52:de:bd:0b:1b:56:78:5b:1e:71:dc:ec:0f:
3d:c0:e3:b6:ba:96:41:bc:a3:b2:55:09:de:33:64:13:2c:77:
9f:41:bf:bc:2d:ef:af:a1:91:30:a5:ba:48:0c:cf:ce:c0:9e:
fa:a1:07:a0:a2:47:8c:f8:13:77:94:3d:a5:29:b4:51:1d:9c:
69:bd:34:2c:8f:73:72:47:ad:5b:f9:59:20:54:55:38:da:33:
ce:57:d1:a7:91:f6:c2:99:9f:e0:55:81:db:a6:67:f6:e9:f9:
da:bd:a5:55
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDcjgVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNm
ZTQ3MjNkZWVmYTIxMDkxOThhOTU3ZmRmYTcxMTJjMzQyZmNmYzkwHhcNMjIwMTAx
MDEwMjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxMGE4ZGU0OTI2MWM2
ZTA0M2ZjNzA0NDQ5YmZlZjMzOTZiOGI2Y2JiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApylvuMzdl8jUxe06A4zYg3nJmhpORh710Hkwh0UFBp7NIp6R
8eTZXMfzNjGo+i/nr0Px+uoiNl1Jpkx8XDXqd9Z3qym7R2sqlVssq9i3EZQt54GO
L/3uqxvr89e2PqdAG3cABnC1bFs2sbJHPXR5Al2NbZbo35/cmfc8h87VfB6ZQG/F
YIbTKStGUPrTNRiRS8UryQuu0/FbNBD6o+9WDKD8eSQMF7vS/9mkGpoB+uyudWc1
NPz6NnxTUzeTtHXxvomkz7NhRRqWuxruFLlZPpqT4B+oWzi69in3K1HIcPJ7HhWh
dHj3LF2kFKDDagNi+QptJC6bHCfKN7n9k99WswIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFBCo3kkmHG4EP8cERJv+8zlri2y7MB8GA1UdIwQYMBaAFD/kcj3u+iEJGYqV
f9+nESw0L8/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UC1SeVBlNzZJUWtaaXBWXzM2Y1JMRFF2ejhrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yNS9iZmMwMDItYzFjMC00YjY1LWFhN2MtMjIxMzY5MWZhY2ZiLzEv
RUtqZVNTWWNiZ1FfeHdSRW1fN3pPV3VMYkxzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9i
ZmMwMDItYzFjMC00YjY1LWFhN2MtMjIxMzY5MWZhY2ZiLzEvUC1SeVBlNzZJUWta
aXBWXzM2Y1JMRFF2ejhrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJ5ADANBgkqhkiG9w0BAQsFAAOC
AQEANyOE6ePxrGK3IItjRfcAre1YI4l52CtIuGDpTI2zfguFV44A8x6tImJMH4l2
r50INivPKTM8VsQEHE2YEajNxvijegu5SORxZv0caS+BV8hmdU0ABZvmAXE74AR+
4dtEUDAdKktSm/18pijcABuKzSediDNp+AX8HuDBCBi0nP4Cc+L8tBlvea0Gqost
g+93YPS5lCxS3r0LG1Z4Wx5x3OwPPcDjtrqWQbyjslUJ3jNkEyx3n0G/vC3vr6GR
MKW6SAzPzsCe+qEHoKJHjPgTd5Q9pSm0UR2cab00LI9zcketW/lZIFRVONozzlfR
p5H2wpmf4FWB26Zn9un52r2lVQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:26 2023 by rpki-client on console-fra.rpki-client.org