Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/hUlsZwnB3Hnl8ESJv4hpiiBsiPQ.roa
File: hUlsZwnB3Hnl8ESJv4hpiiBsiPQ.roa (raw, json)
Hash identifier: DJdyOJ8IBqVJV1NXAX+a+Q5XRLubwfXFpbmdBa/ufjk=
Subject key identifier: 85:49:6C:67:09:C1:DC:79:E5:F0:44:89:BF:88:69:8A:20:6C:88:F4
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 01827C4C2D56AB108EE26763B1C53312C0BA
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/hUlsZwnB3Hnl8ESJv4hpiiBsiPQ.roa
Signing time: Mon 08 Aug 2022 07:12:23 +0000
ROA not before: Mon 08 Aug 2022 07:12:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34465
IP address blocks: 2a12:8fc6::/32 maxlen: 32
2a12:8fc6:ce00::/48 maxlen: 48
2a12:8fc6:cd00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7c:4c:2d:56:ab:10:8e:e2:67:63:b1:c5:33:12:c0:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Aug 8 07:12:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85496c6709c1dc79e5f04489bf88698a206c88f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c4:fa:68:b5:e9:69:29:03:27:8e:d2:ae:d2:
70:f6:5d:88:b2:2a:23:d0:a7:8b:15:13:e3:f9:4d:
63:30:e8:52:96:4f:c2:a3:86:be:4a:d7:7d:76:b6:
c0:65:5e:67:11:99:18:8a:b1:dc:71:83:98:50:e1:
60:84:d5:9c:bb:ee:3d:37:e4:8b:3f:00:20:f6:df:
2f:a1:a1:0d:54:ff:1e:df:2c:79:07:41:48:12:85:
05:0a:ec:5c:b7:81:89:13:9c:43:c2:71:90:d5:e9:
98:c7:3e:2e:d0:60:2b:c5:4b:06:08:47:81:63:57:
06:56:49:81:fd:0e:de:29:70:f0:62:a1:42:8d:07:
4c:74:15:e7:3a:76:21:4d:30:b2:2a:9d:0d:14:d6:
c4:3a:c3:fa:c9:43:e8:0f:c6:b7:c3:8c:66:19:cc:
ef:25:2d:3f:3c:58:be:0a:8e:e9:67:b0:21:83:a0:
03:19:98:ca:42:6b:6f:fb:e3:0b:49:af:33:fd:67:
9d:bc:a7:7f:b4:b1:04:f5:89:f2:87:d4:09:fd:a2:
d3:e7:5c:3a:c1:32:6f:93:54:df:81:80:4d:d7:0b:
db:fc:e6:55:e9:ed:4c:d7:6b:a7:21:48:4f:93:cb:
52:24:9b:b5:c9:7d:f8:d8:f1:e7:29:cd:e2:e3:2d:
e5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:49:6C:67:09:C1:DC:79:E5:F0:44:89:BF:88:69:8A:20:6C:88:F4
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/hUlsZwnB3Hnl8ESJv4hpiiBsiPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8fc6::/32
Signature Algorithm: sha256WithRSAEncryption
0d:58:5d:17:61:55:3a:80:38:bd:2c:89:19:2d:f5:23:fc:75:
06:7c:50:e1:b8:aa:d9:19:6c:7e:2c:f8:a4:5c:93:70:73:09:
5a:3f:d4:29:ee:77:fe:58:17:f0:90:83:b4:8f:a7:56:58:cc:
22:cb:7d:20:92:d8:10:22:db:56:e5:7f:7d:0b:dd:63:62:8f:
12:37:13:53:ce:df:2d:07:8d:c8:a5:26:c0:0b:df:7d:61:34:
5a:97:34:1a:9f:e3:ef:a6:de:a1:f3:0a:68:65:e5:5d:6b:08:
95:f8:5a:f8:93:56:f7:4b:98:50:7c:bd:65:91:77:b4:9a:2c:
fb:4b:90:a2:cf:c8:9e:50:ce:ee:85:c9:36:e9:7e:7e:81:cb:
30:37:af:66:c2:40:5d:f0:d1:38:99:15:35:a8:70:3e:4c:46:
06:10:31:53:3e:bf:f4:7e:6f:bb:bd:97:54:cd:5a:58:ec:a6:
09:94:bf:b1:57:9a:bb:ef:d7:ea:a4:41:bb:dc:f5:b9:f4:ce:
06:a8:2c:1f:57:90:09:82:e5:11:ab:e9:2d:ba:4f:23:65:b8:
f8:cc:ed:dc:55:34:fe:6c:27:9a:18:ba:d6:a0:39:fb:42:71:
59:b3:92:a4:13:1f:eb:79:1a:c4:02:b1:5d:5e:81:8d:64:e1:
b7:09:9e:36
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYJ8TC1WqxCO4mdjscUzEsC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjIwODA4MDcxMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQ5NmM2NzA5YzFkYzc5ZTVmMDQ0ODliZjg4Njk4YTIwNmM4OGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcT6aLXpaSkDJ47SrtJw9l2Isioj
0KeLFRPj+U1jMOhSlk/Co4a+Std9drbAZV5nEZkYirHccYOYUOFghNWcu+49N+SL
PwAg9t8voaENVP8e3yx5B0FIEoUFCuxct4GJE5xDwnGQ1emYxz4u0GArxUsGCEeB
Y1cGVkmB/Q7eKXDwYqFCjQdMdBXnOnYhTTCyKp0NFNbEOsP6yUPoD8a3w4xmGczv
JS0/PFi+Co7pZ7Ahg6ADGZjKQmtv++MLSa8z/WedvKd/tLEE9Ynyh9QJ/aLT51w6
wTJvk1TfgYBN1wvb/OZV6e1M12unIUhPk8tSJJu1yX342PHnKc3i4y3lfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIVJbGcJwdx55fBEib+IaYogbIj0MB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvaFVsc1p3bkIzSG5sOEVTSnY0aHBpaUJzaVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKPxjAN
BgkqhkiG9w0BAQsFAAOCAQEADVhdF2FVOoA4vSyJGS31I/x1BnxQ4biq2Rlsfiz4
pFyTcHMJWj/UKe53/lgX8JCDtI+nVljMIst9IJLYECLbVuV/fQvdY2KPEjcTU87f
LQeNyKUmwAvffWE0Wpc0Gp/j76beofMKaGXlXWsIlfha+JNW90uYUHy9ZZF3tJos
+0uQos/InlDO7oXJNul+foHLMDevZsJAXfDROJkVNahwPkxGBhAxUz6/9H5vu72X
VM1aWOymCZS/sVeau+/X6qRBu9z1ufTOBqgsH1eQCYLlEavpLbpPI2W4+Mzt3FU0
/mwnmhi61qA5+0JxWbOSpBMf63kaxAKxXV6BjWThtwmeNg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:20 2023 by rpki-client on console-ams.rpki-client.org