Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Tb1XaTbWKBoENxwpM2HPnq0_dXM.roa
File: Tb1XaTbWKBoENxwpM2HPnq0_dXM.roa (raw, json)
Hash identifier: oOtuntkQCsb7jLBtJEnzCbUalKUJ3JfsxLB2LDEs9+k=
Subject key identifier: 4D:BD:57:69:36:D6:28:1A:04:37:1C:29:33:61:CF:9E:AD:3F:75:73
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 0182F30403559AEB56A60CF93DD0F9C9A36A
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Tb1XaTbWKBoENxwpM2HPnq0_dXM.roa
Signing time: Wed 31 Aug 2022 08:28:22 +0000
ROA not before: Wed 31 Aug 2022 08:28:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34465
IP address blocks: 2a12:8fc6:ace2::/48 maxlen: 48
2a12:8fc6:cd01::/48 maxlen: 48
2a12:8fc6:ace1::/48 maxlen: 48
2a12:8fc6::/32 maxlen: 32
2a12:8fc6:cd00::/48 maxlen: 48
2a12:8fc6:ce00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f3:04:03:55:9a:eb:56:a6:0c:f9:3d:d0:f9:c9:a3:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Aug 31 08:28:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4dbd576936d6281a04371c293361cf9ead3f7573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bc:a3:1d:c7:f6:05:a1:c4:e3:8b:c2:98:a4:
96:e3:a1:40:9b:31:14:2b:af:12:7c:88:76:ca:2b:
da:a8:b5:ad:12:c8:04:69:7a:0a:49:c3:4a:e6:26:
07:28:71:6d:84:ca:4d:f2:f3:ef:bd:44:c7:3c:29:
ef:04:28:97:c7:54:3a:cf:1f:68:e1:62:83:fc:96:
56:cf:9c:d6:55:72:aa:11:22:49:14:ce:d3:8d:7f:
50:cf:f3:b2:e1:43:4d:b0:73:ab:2f:4c:77:c8:e7:
88:4e:2b:9f:f2:d7:d3:9f:ad:35:04:b5:de:24:0c:
d3:aa:fd:ad:78:8c:e0:33:5f:e9:c4:a5:24:d3:ed:
cb:e6:63:1d:b8:9f:ba:b3:cb:b2:7d:d2:27:21:d3:
0d:72:94:2d:27:10:c7:6c:16:50:41:27:2d:f3:ba:
a0:ee:54:88:f8:54:c1:00:c5:0e:39:23:10:69:a0:
af:34:a2:fb:b4:e4:35:f9:46:de:94:aa:44:61:55:
fa:56:66:56:b9:6c:df:07:d0:ed:ea:7c:6e:16:9c:
19:b7:4e:c7:52:dd:da:69:35:0f:2f:53:d4:30:25:
8b:fc:49:62:2a:ce:45:1e:96:bf:7d:30:31:49:a9:
93:98:d0:62:1e:3a:af:59:b4:43:a9:33:7a:36:2a:
af:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:BD:57:69:36:D6:28:1A:04:37:1C:29:33:61:CF:9E:AD:3F:75:73
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/Tb1XaTbWKBoENxwpM2HPnq0_dXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8fc6::/32
Signature Algorithm: sha256WithRSAEncryption
6e:cb:ed:22:c3:83:fc:74:91:e5:38:c2:3f:82:2e:9a:e0:64:
b1:da:e9:88:06:6e:d5:ad:0d:0a:49:45:f0:17:17:43:9b:26:
d2:d8:bd:ce:86:61:d4:c1:bf:b8:47:9b:84:e9:4b:52:46:0c:
2e:c1:13:9d:27:b0:a6:df:92:40:77:ed:25:0e:3e:f3:c7:60:
74:81:34:e3:08:91:df:bf:86:fb:0f:0f:14:cd:0c:b8:ea:04:
c0:99:36:e1:b7:42:b0:7b:74:9b:39:9e:ac:a7:3c:d2:2c:70:
aa:27:cb:64:96:24:4a:9f:99:3a:f0:25:6d:e9:79:c5:ba:c1:
5f:23:32:d0:42:1c:a0:cb:3d:7b:d3:0e:22:4b:c2:67:81:9e:
8f:90:d3:3d:5c:f5:15:88:29:ef:7a:0d:bf:a1:4f:7f:de:58:
cd:84:17:14:38:bd:7a:d1:cb:3d:fe:d1:d9:bc:74:40:04:3f:
6e:e2:38:7b:0c:79:66:06:79:c6:59:21:ce:c3:75:18:71:10:
73:ce:36:bc:85:62:b6:dd:ae:b2:2e:df:79:16:ef:00:09:30:
c5:46:11:7e:82:55:03:d0:e3:04:54:26:dd:ba:96:d0:ff:dc:
a6:3d:d9:97:fc:70:35:cd:ba:ad:81:c5:8a:26:79:81:10:bd:
ae:58:0c:e1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYLzBANVmutWpgz5PdD5yaNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjIwODMxMDgyODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGJkNTc2OTM2ZDYyODFhMDQzNzFjMjkzMzYxY2Y5ZWFkM2Y3NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLyjHcf2BaHE44vCmKSW46FAmzEU
K68SfIh2yivaqLWtEsgEaXoKScNK5iYHKHFthMpN8vPvvUTHPCnvBCiXx1Q6zx9o
4WKD/JZWz5zWVXKqESJJFM7TjX9Qz/Oy4UNNsHOrL0x3yOeITiuf8tfTn601BLXe
JAzTqv2teIzgM1/pxKUk0+3L5mMduJ+6s8uyfdInIdMNcpQtJxDHbBZQQSct87qg
7lSI+FTBAMUOOSMQaaCvNKL7tOQ1+UbelKpEYVX6VmZWuWzfB9Dt6nxuFpwZt07H
Ut3aaTUPL1PUMCWL/EliKs5FHpa/fTAxSamTmNBiHjqvWbRDqTN6NiqvJwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE29V2k21igaBDccKTNhz56tP3VzMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvVGIxWGFUYldLQm9FTnh3cE0ySFBucTBfZFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKPxjAN
BgkqhkiG9w0BAQsFAAOCAQEAbsvtIsOD/HSR5TjCP4IumuBksdrpiAZu1a0NCklF
8BcXQ5sm0ti9zoZh1MG/uEebhOlLUkYMLsETnSewpt+SQHftJQ4+88dgdIE04wiR
37+G+w8PFM0MuOoEwJk24bdCsHt0mzmerKc80ixwqifLZJYkSp+ZOvAlbel5xbrB
XyMy0EIcoMs9e9MOIkvCZ4Gej5DTPVz1FYgp73oNv6FPf95YzYQXFDi9etHLPf7R
2bx0QAQ/buI4ewx5ZgZ5xlkhzsN1GHEQc842vIVitt2usi7feRbvAAkwxUYRfoJV
A9DjBFQm3bqW0P/cpj3Zl/xwNc26rYHFiiZ5gRC9rlgM4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:04 2024 by rpki-client on console-ams.rpki-client.org