Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/YfSfCsb-RN8EZzlg5x6fRLnHV_4.roa
File: YfSfCsb-RN8EZzlg5x6fRLnHV_4.roa (raw, json)
Hash identifier: 2SNCJgyeJfd0lKxmpjMSmWXWfYTbPrMoVslytH+VXWc=
Subject key identifier: 61:F4:9F:0A:C6:FE:44:DF:04:67:39:60:E7:1E:9F:44:B9:C7:57:FE
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 0182AB5B83C915F2E7075C68C21FD04D84FF
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/YfSfCsb-RN8EZzlg5x6fRLnHV_4.roa
Signing time: Wed 17 Aug 2022 10:31:17 +0000
ROA not before: Wed 17 Aug 2022 10:31:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57097
IP address blocks: 2a12:8fc6:300::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ab:5b:83:c9:15:f2:e7:07:5c:68:c2:1f:d0:4d:84:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Aug 17 10:31:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61f49f0ac6fe44df04673960e71e9f44b9c757fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a0:35:34:4b:8f:0c:e5:d5:8b:2b:f5:bf:53:
cd:0c:84:9c:24:0f:0d:63:33:8d:1d:d7:db:b6:5d:
6d:fa:1d:93:9a:f0:10:7a:9b:fc:8f:7d:a6:d7:3a:
b9:71:d6:d1:c5:48:5a:27:98:29:d9:91:41:3a:9f:
61:5e:89:6d:20:7f:9f:f4:e5:9c:d6:dc:26:1f:4e:
b8:7e:c8:97:93:34:8d:e3:4c:76:ba:1f:02:5e:c5:
73:df:ee:86:14:26:72:82:82:d6:be:1c:26:aa:60:
c9:29:00:85:03:89:87:3b:46:67:84:fa:e2:da:a2:
c8:f6:cf:b4:5f:8a:2f:25:21:60:cc:d4:c3:f1:f7:
dd:a9:c2:77:ae:d3:d9:c8:c3:36:90:e3:88:d5:89:
97:3e:41:4c:87:ba:30:3f:cd:87:5d:ba:cc:33:ae:
dd:3d:42:2f:b6:28:87:0d:a6:8c:20:50:1d:f6:bc:
cb:6b:ec:9e:23:62:27:3a:04:66:77:eb:0a:4a:97:
a9:19:79:e2:f3:a9:95:20:77:47:6b:8a:52:4e:ce:
a2:01:27:e3:af:11:b3:15:13:ea:53:f9:fb:29:1b:
e4:ca:21:64:bc:83:d8:c9:19:5b:31:5a:1b:59:15:
fb:70:fa:7f:26:c0:57:dc:c8:50:db:fc:b3:62:70:
50:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F4:9F:0A:C6:FE:44:DF:04:67:39:60:E7:1E:9F:44:B9:C7:57:FE
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/YfSfCsb-RN8EZzlg5x6fRLnHV_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8fc6:300::/40
Signature Algorithm: sha256WithRSAEncryption
73:96:69:c9:6e:34:2c:68:e9:3b:84:a9:0e:84:b3:ba:d1:66:
8e:95:83:4a:0c:9f:1c:9c:c5:40:b8:54:e0:8e:c8:a9:f0:c4:
3f:0a:73:00:a6:20:6b:a7:94:79:05:0b:96:c6:1a:ba:c6:c8:
b2:2c:13:2e:7f:cf:91:23:2a:25:c9:86:1e:f7:b6:03:46:9a:
51:49:73:1b:37:a5:57:69:5e:f7:32:b9:65:ab:7e:b6:c1:59:
9a:a5:1b:4c:6d:d4:e0:5c:00:8f:58:59:4c:8b:08:0f:a5:3e:
f1:5f:7d:52:23:fa:7f:56:ee:bd:e9:dd:65:49:1b:91:8d:0e:
45:a0:39:fd:56:88:88:d4:c3:59:b1:68:15:07:59:52:b8:9d:
39:61:81:27:56:ee:77:5a:85:0f:7d:5d:60:b2:d9:a2:ab:8d:
42:ac:18:f6:d7:40:20:a0:9c:9c:f8:83:58:77:8d:ed:cc:17:
37:bf:22:fb:e5:58:9a:4a:e3:90:cd:66:7e:14:9b:07:d5:8c:
d9:b7:87:9f:cd:2c:4d:0a:a2:a9:6c:9f:75:7c:97:e0:44:76:
f9:6f:d5:71:b9:df:4b:ed:2c:80:d5:e1:81:c5:d7:7a:ac:66:
02:8b:34:a4:4d:b2:0e:d0:4f:30:0a:84:17:bf:9b:65:b6:04:
3b:83:3c:8b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYKrW4PJFfLnB1xowh/QTYT/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjIwODE3MTAzMTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWY0OWYwYWM2ZmU0NGRmMDQ2NzM5NjBlNzFlOWY0NGI5Yzc1N2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaA1NEuPDOXViyv1v1PNDIScJA8N
YzONHdfbtl1t+h2TmvAQepv8j32m1zq5cdbRxUhaJ5gp2ZFBOp9hXoltIH+f9OWc
1twmH064fsiXkzSN40x2uh8CXsVz3+6GFCZygoLWvhwmqmDJKQCFA4mHO0ZnhPri
2qLI9s+0X4ovJSFgzNTD8ffdqcJ3rtPZyMM2kOOI1YmXPkFMh7owP82HXbrMM67d
PUIvtiiHDaaMIFAd9rzLa+yeI2InOgRmd+sKSpepGXni86mVIHdHa4pSTs6iASfj
rxGzFRPqU/n7KRvkyiFkvIPYyRlbMVobWRX7cPp/JsBX3MhQ2/yzYnBQIQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGH0nwrG/kTfBGc5YOcen0S5x1f+MB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvWWZTZkNzYi1STjhFWnpsZzV4NmZSTG5IVl80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhKPxgMw
DQYJKoZIhvcNAQELBQADggEBAHOWacluNCxo6TuEqQ6Es7rRZo6Vg0oMnxycxUC4
VOCOyKnwxD8KcwCmIGunlHkFC5bGGrrGyLIsEy5/z5EjKiXJhh73tgNGmlFJcxs3
pVdpXvcyuWWrfrbBWZqlG0xt1OBcAI9YWUyLCA+lPvFffVIj+n9W7r3p3WVJG5GN
DkWgOf1WiIjUw1mxaBUHWVK4nTlhgSdW7ndahQ99XWCy2aKrjUKsGPbXQCCgnJz4
g1h3je3MFze/IvvlWJpK45DNZn4UmwfVjNm3h5/NLE0Koqlsn3V8l+BEdvlv1XG5
30vtLIDV4YHF13qsZgKLNKRNsg7QTzAKhBe/m2W2BDuDPIs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:13 2024 by rpki-client on console-fra.rpki-client.org