Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/A7lBntU6uoxALv7lInijLKQ0idY.roa
File: A7lBntU6uoxALv7lInijLKQ0idY.roa (raw, json)
Hash identifier: gPUAee+gIDOoHhk5UP1HTvE3Lj0qPBLm2HnvoPk12+8=
Subject key identifier: 03:B9:41:9E:D5:3A:BA:8C:40:2E:FE:E5:22:78:A3:2C:A4:34:89:D6
Certificate issuer: /CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
Certificate serial: 703425
Authority key identifier: F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/A7lBntU6uoxALv7lInijLKQ0idY.roa
Signing time: Mon 28 Feb 2022 21:26:13 +0000
ROA not before: Mon 28 Feb 2022 21:26:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209768
IP address blocks: 2a12:5840:1f2::/48 maxlen: 48
2a12:5840:1f0::/48 maxlen: 48
2a12:5844::/30 maxlen: 30
2a12:5840:1f1::/48 maxlen: 48
2a12:5840:2111::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7353381 (0x703425)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6c3e027d2d1c2d36d7c954867226c83b65eb56f
Validity
Not Before: Feb 28 21:26:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03b9419ed53aba8c402efee52278a32ca43489d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:23:64:2f:23:5f:fa:0e:80:c7:cc:76:8f:22:
15:88:4b:0d:27:11:2a:03:d3:9c:27:19:b4:a1:4d:
2b:ce:3b:5f:b2:da:84:02:65:c2:2e:87:2f:4a:e9:
2e:50:5e:60:b6:c6:18:5d:8f:25:71:0e:83:9f:3f:
33:a9:5f:0b:41:1a:49:28:da:1f:0d:35:b2:2c:1b:
d4:a0:8f:33:a4:85:0e:85:4f:32:d6:53:5d:d0:18:
7b:3e:52:c4:03:52:08:0d:73:54:7c:0d:59:93:5c:
09:da:77:b7:a8:5b:04:a3:f2:ff:ab:1e:fd:4a:5c:
0d:95:b7:c1:5a:b3:c1:53:c0:9d:50:77:0c:04:3a:
07:2e:3b:14:8a:30:1f:15:a3:91:81:a9:e5:38:dd:
30:c3:bc:81:74:f7:e9:e3:32:20:7f:ef:58:98:56:
fb:2d:71:d9:0b:4b:7b:2c:fe:3e:5b:4e:be:1f:81:
33:d7:2e:b8:ff:bb:a9:02:28:97:3f:73:25:7d:8c:
ad:df:bc:4d:54:e0:60:7e:55:5a:37:ad:0e:9c:b2:
cc:bf:5b:fc:a4:2b:be:03:b9:1e:99:81:94:4d:72:
d4:bb:3e:2b:0a:00:22:0f:4e:a6:5a:86:79:61:ef:
1d:47:31:7b:cf:16:51:be:82:2d:33:53:5d:e1:35:
e6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B9:41:9E:D5:3A:BA:8C:40:2E:FE:E5:22:78:A3:2C:A4:34:89:D6
X509v3 Authority Key Identifier:
keyid:F6:C3:E0:27:D2:D1:C2:D3:6D:7C:95:48:67:22:6C:83:B6:5E:B5:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/A7lBntU6uoxALv7lInijLKQ0idY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2b2878-5b79-40f7-b4b5-356c4d7bb452/1/9sPgJ9LRwtNtfJVIZyJsg7ZetW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:5840:1f0::-2a12:5840:1f2:ffff:ffff:ffff:ffff:ffff
2a12:5840:2111::/48
2a12:5844::/30
Signature Algorithm: sha256WithRSAEncryption
9b:00:d7:de:b8:a7:73:73:e8:3f:76:5b:99:4f:a3:3c:f9:7c:
04:11:be:eb:5f:83:93:bf:bb:ca:24:bf:a4:6d:cc:52:ef:88:
14:b5:0c:17:85:7a:b8:7d:fe:e5:cd:61:bf:c9:34:d4:9e:bb:
8e:d0:9c:f9:80:2c:76:f6:96:f8:dd:ee:73:be:da:b9:e2:0c:
f2:f7:ea:e6:e1:23:7d:d9:89:bc:72:d5:4c:22:a2:10:4a:c1:
40:14:c3:b0:7f:df:a6:9d:ca:30:12:1a:e1:92:57:ca:69:7c:
f7:e4:e1:57:a1:8e:bc:a6:2c:da:25:5a:51:9c:57:bd:1b:bd:
d4:5d:f4:d3:df:83:ec:c0:54:86:84:f5:91:8e:f6:ad:a6:8c:
a7:77:d8:86:16:82:19:36:40:8d:bc:74:10:b2:bb:1a:36:56:
b7:b3:0c:96:0a:41:99:c5:18:86:a2:96:f3:bb:dd:0b:6e:49:
53:b0:d7:cc:45:05:44:67:24:a6:3e:42:06:0b:d5:c5:88:9f:
70:cf:89:d6:44:e1:7a:7b:f2:48:f9:2a:a0:51:82:7f:2d:8c:
a3:e6:1d:99:9a:54:fb:1f:d4:09:6f:ec:50:54:5b:cf:28:c1:
d2:04:aa:19:7e:7a:7a:47:4d:9b:b9:b3:fe:02:c6:e9:f8:31:
30:09:3b:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIDcDQlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY2
YzNlMDI3ZDJkMWMyZDM2ZDdjOTU0ODY3MjI2YzgzYjY1ZWI1NmYwHhcNMjIwMjI4
MjEyNjEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwM2I5NDE5ZWQ1M2Fi
YThjNDAyZWZlZTUyMjc4YTMyY2E0MzQ4OWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqSNkLyNf+g6Ax8x2jyIViEsNJxEqA9OcJxm0oU0rzjtfstqE
AmXCLocvSukuUF5gtsYYXY8lcQ6Dnz8zqV8LQRpJKNofDTWyLBvUoI8zpIUOhU8y
1lNd0Bh7PlLEA1IIDXNUfA1Zk1wJ2ne3qFsEo/L/qx79SlwNlbfBWrPBU8CdUHcM
BDoHLjsUijAfFaORganlON0ww7yBdPfp4zIgf+9YmFb7LXHZC0t7LP4+W06+H4Ez
1y64/7upAiiXP3MlfYyt37xNVOBgflVaN60OnLLMv1v8pCu+A7kemYGUTXLUuz4r
CgAiD06mWoZ5Ye8dRzF7zxZRvoItM1Nd4TXmAQIDAQABo4ICJzCCAiMwHQYDVR0O
BBYEFAO5QZ7VOrqMQC7+5SJ4oyykNInWMB8GA1UdIwQYMBaAFPbD4CfS0cLTbXyV
SGcibIO2XrVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
OXNQZ0o5TFJ3dE50ZkpWSVp5SnNnN1pldFc4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zZi8yYjI4NzgtNWI3OS00MGY3LWI0YjUtMzU2YzRkN2JiNDUyLzEv
QTdsQm50VTZ1b3hBTHY3bEluaWpMS1EwaWRZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8y
YjI4NzgtNWI3OS00MGY3LWI0YjUtMzU2YzRkN2JiNDUyLzEvOXNQZ0o5TFJ3dE50
ZkpWSVp5SnNnN1pldFc4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0G
CCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkMBIDBwQqElhAAfADBwAqElhAAfIDBwAq
ElhAIREDBQIqElhEMA0GCSqGSIb3DQEBCwUAA4IBAQCbANfeuKdzc+g/dluZT6M8
+XwEEb7rX4OTv7vKJL+kbcxS74gUtQwXhXq4ff7lzWG/yTTUnruO0Jz5gCx29pb4
3e5zvtq54gzy9+rm4SN92Ym8ctVMIqIQSsFAFMOwf9+mncowEhrhklfKaXz35OFX
oY68pizaJVpRnFe9G73UXfTT34PswFSGhPWRjvatpoynd9iGFoIZNkCNvHQQsrsa
Nla3swyWCkGZxRiGopbzu90LbklTsNfMRQVEZySmPkIGC9XFiJ9wz4nWROF6e/JI
+SqgUYJ/LYyj5h2ZmlT7H9QJb+xQVFvPKMHSBKoZfnp6R02bubP+Asbp+DEwCTsg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:36 2024 by rpki-client on console-ams.rpki-client.org