Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a5c088-cfdc-4b95-abf4-3911bbc54747/1/a_FwMnjKnQlhtLl9wDUR-4GilnY.roa
File: a_FwMnjKnQlhtLl9wDUR-4GilnY.roa (raw, json)
Hash identifier: 2K/NwBH5NrfiRg2HHezdrcfuoCSfiewnWoy7OB+hVtE=
Subject key identifier: 6B:F1:70:32:78:CA:9D:09:61:B4:B9:7D:C0:35:11:FB:81:A2:96:76
Certificate issuer: /CN=acef4da56cb940d9f2f7d021af2a61fbd3b14ea8
Certificate serial: 0181F3C78C7D12AA6A399FEE5B6BF565AB0D
Authority key identifier: AC:EF:4D:A5:6C:B9:40:D9:F2:F7:D0:21:AF:2A:61:FB:D3:B1:4E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rO9NpWy5QNny99Ahryph-9OxTqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/a5c088-cfdc-4b95-abf4-3911bbc54747/1/a_FwMnjKnQlhtLl9wDUR-4GilnY.roa
Signing time: Tue 12 Jul 2022 18:59:09 +0000
ROA not before: Tue 12 Jul 2022 18:59:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49844
IP address blocks: 2a12:f840::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f3:c7:8c:7d:12:aa:6a:39:9f:ee:5b:6b:f5:65:ab:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acef4da56cb940d9f2f7d021af2a61fbd3b14ea8
Validity
Not Before: Jul 12 18:59:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bf1703278ca9d0961b4b97dc03511fb81a29676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:86:29:2b:e8:09:ff:d2:ba:f6:ff:e2:60:0a:
ef:0f:42:1f:e3:cd:54:6a:56:4a:1f:2d:6f:1b:e3:
31:6e:52:c1:a6:21:6f:3e:aa:db:f2:4f:85:d8:35:
2e:86:b1:29:9c:30:56:52:a6:db:01:e4:18:7c:ed:
a3:e9:d3:5d:b0:01:67:85:f1:3e:08:3f:51:93:ff:
a5:12:da:ac:f8:55:71:b8:1a:97:8d:a6:c6:7f:71:
ee:7b:64:4e:79:9b:e1:25:9d:62:1a:c5:87:67:11:
11:01:12:8b:16:e6:df:2f:f4:cf:fc:78:0e:79:ca:
1a:21:2d:2a:67:db:1c:e1:69:9f:52:6e:ef:20:21:
15:ce:fb:12:c6:dd:e4:45:4f:ff:66:b6:be:ee:8d:
3b:c5:a6:a4:0a:69:f6:7c:9e:a4:c1:96:8c:f1:96:
33:4b:a3:c6:f3:16:28:3c:ed:30:fc:cd:f4:05:6b:
29:2d:87:00:a2:e6:83:e8:a5:82:e0:f9:99:fc:52:
de:05:bf:6d:11:48:6e:68:f0:be:c6:53:a8:37:18:
e8:77:80:b4:25:fb:87:62:3d:0e:c3:99:c3:b4:19:
68:bf:5f:20:90:97:9f:3a:9e:bb:8a:1c:57:0d:41:
a1:a5:7a:0b:e5:96:91:35:fa:7f:31:7f:0d:90:bd:
14:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F1:70:32:78:CA:9D:09:61:B4:B9:7D:C0:35:11:FB:81:A2:96:76
X509v3 Authority Key Identifier:
keyid:AC:EF:4D:A5:6C:B9:40:D9:F2:F7:D0:21:AF:2A:61:FB:D3:B1:4E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rO9NpWy5QNny99Ahryph-9OxTqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a5c088-cfdc-4b95-abf4-3911bbc54747/1/a_FwMnjKnQlhtLl9wDUR-4GilnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a5c088-cfdc-4b95-abf4-3911bbc54747/1/rO9NpWy5QNny99Ahryph-9OxTqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f840::/29
Signature Algorithm: sha256WithRSAEncryption
51:1b:b9:41:8f:e6:c6:a1:ec:e3:93:f5:56:8b:50:bb:c7:a0:
0e:e0:ee:46:9f:90:c9:e6:bf:cd:69:f1:d3:d2:c2:09:d5:7b:
a0:82:a4:a8:87:83:e1:64:46:17:b2:91:8a:42:a6:3d:f3:9d:
02:5d:e1:e0:0f:9c:b6:73:3c:38:6d:49:d2:a8:f1:78:9f:93:
77:7c:38:5b:2b:75:3b:0e:60:04:50:8f:02:dd:88:eb:68:6d:
47:de:9c:5a:a8:3c:fa:e0:c8:2d:90:e3:b6:f6:1e:70:17:f3:
ff:8a:4a:71:3f:c9:5d:67:be:b9:98:fe:16:42:37:75:e4:f2:
05:f0:51:36:db:d7:dc:73:ad:c2:0e:d7:e4:52:d3:06:5c:76:
09:4b:c0:a4:a6:0a:3c:36:cb:2b:b5:68:63:c0:a2:ae:59:ed:
bc:7e:d9:9c:11:5d:4a:80:16:43:4c:f4:18:76:05:d1:43:69:
a3:e1:05:c1:ed:df:1c:ce:83:5a:c8:62:a1:e7:95:c7:1b:11:
03:9a:c1:5b:ea:b4:ff:74:99:5e:3c:fb:4f:e3:ab:c5:8a:64:
52:48:43:a3:86:e5:83:b6:56:32:3d:e7:25:4d:48:e6:51:d4:
18:c5:68:dd:a2:7b:e7:2e:2f:47:19:17:b7:ee:1e:21:d1:4a:
8d:b0:f2:98
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYHzx4x9EqpqOZ/uW2v1ZasNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZWY0ZGE1NmNiOTQwZDlmMmY3ZDAyMWFmMmE2MWZiZDNi
MTRlYTgwHhcNMjIwNzEyMTg1OTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmYxNzAzMjc4Y2E5ZDA5NjFiNGI5N2RjMDM1MTFmYjgxYTI5Njc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIYpK+gJ/9K69v/iYArvD0If481U
alZKHy1vG+MxblLBpiFvPqrb8k+F2DUuhrEpnDBWUqbbAeQYfO2j6dNdsAFnhfE+
CD9Rk/+lEtqs+FVxuBqXjabGf3Hue2ROeZvhJZ1iGsWHZxERARKLFubfL/TP/HgO
ecoaIS0qZ9sc4WmfUm7vICEVzvsSxt3kRU//Zra+7o07xaakCmn2fJ6kwZaM8ZYz
S6PG8xYoPO0w/M30BWspLYcAouaD6KWC4PmZ/FLeBb9tEUhuaPC+xlOoNxjod4C0
JfuHYj0Ow5nDtBlov18gkJefOp67ihxXDUGhpXoL5ZaRNfp/MX8NkL0UVQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGvxcDJ4yp0JYbS5fcA1EfuBopZ2MB8GA1UdIwQY
MBaAFKzvTaVsuUDZ8vfQIa8qYfvTsU6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck85TnBXeTVRTm55OTlBaHJ5cGgtOU94VHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hNWMwODgtY2ZkYy00Yjk1LWFiZjQt
MzkxMWJiYzU0NzQ3LzEvYV9Gd01uaktuUWxodExsOXdEVVItNEdpbG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hNWMwODgtY2ZkYy00Yjk1LWFiZjQtMzkxMWJiYzU0NzQ3
LzEvck85TnBXeTVRTm55OTlBaHJ5cGgtOU94VHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhL4QDAN
BgkqhkiG9w0BAQsFAAOCAQEAURu5QY/mxqHs45P1VotQu8egDuDuRp+Qyea/zWnx
09LCCdV7oIKkqIeD4WRGF7KRikKmPfOdAl3h4A+ctnM8OG1J0qjxeJ+Td3w4Wyt1
Ow5gBFCPAt2I62htR96cWqg8+uDILZDjtvYecBfz/4pKcT/JXWe+uZj+FkI3deTy
BfBRNtvX3HOtwg7X5FLTBlx2CUvApKYKPDbLK7VoY8CirlntvH7ZnBFdSoAWQ0z0
GHYF0UNpo+EFwe3fHM6DWshioeeVxxsRA5rBW+q0/3SZXjz7T+OrxYpkUkhDo4bl
g7ZWMj3nJU1I5lHUGMVo3aJ75y4vRxkXt+4eIdFKjbDymA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:39 2024 by rpki-client on console-ams.rpki-client.org