Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/hAgDKa7zrfsORLgbf-C9mwVMOH0.roa
File: hAgDKa7zrfsORLgbf-C9mwVMOH0.roa (raw, json)
Hash identifier: HXw2tGMK3FZW1uj1mgMLQ9yIae2Ob/2S/bcbgEurtZg=
Subject key identifier: 84:08:03:29:AE:F3:AD:FB:0E:44:B8:1B:7F:E0:BD:9B:05:4C:38:7D
Certificate issuer: /CN=3b80edd425050865eafba8089db9da3f3519b334
Certificate serial: 018485AAF62EB36EADEB3D6C8890A0B16B95
Authority key identifier: 3B:80:ED:D4:25:05:08:65:EA:FB:A8:08:9D:B9:DA:3F:35:19:B3:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/hAgDKa7zrfsORLgbf-C9mwVMOH0.roa
Signing time: Thu 17 Nov 2022 12:58:04 +0000
ROA not before: Thu 17 Nov 2022 12:58:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1759
IP address blocks: 2a12:b440:100::/48 maxlen: 64
2a12:b440:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:aa:f6:2e:b3:6e:ad:eb:3d:6c:88:90:a0:b1:6b:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b80edd425050865eafba8089db9da3f3519b334
Validity
Not Before: Nov 17 12:58:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84080329aef3adfb0e44b81b7fe0bd9b054c387d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c3:91:17:c0:01:3a:c8:f9:6d:85:e8:d5:79:
5c:33:e0:47:0b:04:57:4c:98:4d:dd:44:fe:d3:b1:
85:7c:7e:7c:fe:bc:5f:f3:a0:8e:88:e0:76:28:a5:
9c:01:78:a4:ee:2a:fe:24:58:48:be:6e:da:29:4d:
bf:b5:c4:c4:cb:3a:a6:6e:81:01:bf:01:2f:8a:8e:
56:74:f0:0d:61:5f:da:8d:b2:9f:da:59:9e:6a:3e:
87:5f:18:22:0f:c9:dd:0e:2d:86:b1:24:22:de:70:
88:67:da:3a:3e:e7:de:c8:00:a5:d5:1e:e6:00:38:
15:ff:08:c6:0e:27:61:76:48:00:dc:b2:45:4f:c6:
24:23:55:3a:b3:85:b1:d5:ad:de:5e:94:95:db:1a:
cf:df:f6:70:49:7e:86:50:cc:b9:b7:9b:07:02:e1:
0b:3d:b4:c0:4f:1e:93:f2:9b:ff:61:2e:24:af:fc:
0f:8f:43:04:ca:1d:ee:eb:ae:5a:ca:2d:27:e0:fe:
dd:53:e6:30:05:cb:91:1b:8a:d4:ea:4c:c9:45:8e:
0b:0f:0e:82:93:ce:ff:3a:31:c2:22:db:73:67:8d:
76:22:d4:c5:46:c5:f4:14:35:0f:ee:a4:06:ab:77:
5b:35:60:59:e5:5e:4e:78:8a:8a:d4:ce:1a:95:6c:
09:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:08:03:29:AE:F3:AD:FB:0E:44:B8:1B:7F:E0:BD:9B:05:4C:38:7D
X509v3 Authority Key Identifier:
keyid:3B:80:ED:D4:25:05:08:65:EA:FB:A8:08:9D:B9:DA:3F:35:19:B3:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4Dt1CUFCGXq-6gInbnaPzUZszQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/hAgDKa7zrfsORLgbf-C9mwVMOH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7f13a9-7289-4e1e-bb43-c7161dc5c087/1/O4Dt1CUFCGXq-6gInbnaPzUZszQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:b440:1::/48
2a12:b440:100::/48
Signature Algorithm: sha256WithRSAEncryption
20:68:b9:e5:fc:93:d5:0f:be:d6:bb:fd:3f:ad:11:13:9f:3a:
a2:ae:f1:38:0d:9a:29:0a:cc:79:e4:36:38:3c:69:78:21:51:
7e:d8:b8:10:31:0d:ea:47:11:88:a0:de:04:90:73:0d:03:3f:
ed:2b:0e:06:99:4e:81:ac:a5:0a:9a:bd:b6:22:e5:e8:dc:60:
f2:f8:68:74:bf:35:74:a9:80:99:78:28:a6:60:41:b1:d6:68:
e3:a6:55:09:04:a4:39:ad:36:14:47:2d:c2:d5:cf:97:65:2a:
d9:02:60:64:a2:46:0a:2a:4a:3d:9e:10:53:28:3d:a4:2a:b2:
da:04:fc:d6:2c:c1:92:ff:fa:ea:ca:08:13:80:72:94:3a:72:
44:52:5a:4c:4a:88:e3:ec:7d:5c:ac:03:42:c9:2b:bd:48:c4:
61:7d:52:3a:a5:55:5f:f8:43:74:6a:c7:9a:76:9b:35:de:e5:
da:69:da:98:e5:8c:b7:f1:26:26:d5:36:5b:79:be:c0:f7:de:
b8:ba:11:ca:c3:ee:af:16:c1:b5:c6:5d:3b:fc:10:b2:0d:5c:
dc:d4:99:84:b4:2e:6c:c3:f1:d9:f1:97:20:06:fa:c9:63:94:
c2:01:4b:04:ce:47:23:66:d7:c1:a3:63:b2:1c:ba:20:68:0b:
6a:48:ea:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSFqvYus26t6z1siJCgsWuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiODBlZGQ0MjUwNTA4NjVlYWZiYTgwODlkYjlkYTNmMzUx
OWIzMzQwHhcNMjIxMTE3MTI1ODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDA4MDMyOWFlZjNhZGZiMGU0NGI4MWI3ZmUwYmQ5YjA1NGMzODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8ORF8ABOsj5bYXo1XlcM+BHCwRX
TJhN3UT+07GFfH58/rxf86COiOB2KKWcAXik7ir+JFhIvm7aKU2/tcTEyzqmboEB
vwEvio5WdPANYV/ajbKf2lmeaj6HXxgiD8ndDi2GsSQi3nCIZ9o6PufeyACl1R7m
ADgV/wjGDidhdkgA3LJFT8YkI1U6s4Wx1a3eXpSV2xrP3/ZwSX6GUMy5t5sHAuEL
PbTATx6T8pv/YS4kr/wPj0MEyh3u665ayi0n4P7dU+YwBcuRG4rU6kzJRY4LDw6C
k87/OjHCIttzZ412ItTFRsX0FDUP7qQGq3dbNWBZ5V5OeIqK1M4alWwJPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIQIAymu8637DkS4G3/gvZsFTDh9MB8GA1UdIwQY
MBaAFDuA7dQlBQhl6vuoCJ252j81GbM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83ZjEzYTktNzI4OS00ZTFlLWJiNDMt
YzcxNjFkYzVjMDg3LzEvaEFnREthN3pyZnNPUkxnYmYtQzltd1ZNT0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83ZjEzYTktNzI4OS00ZTFlLWJiNDMtYzcxNjFkYzVjMDg3
LzEvTzREdDFDVUZDR1hxLTZnSW5ibmFQelVac3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhK0QAAB
AwcAKhK0QAEAMA0GCSqGSIb3DQEBCwUAA4IBAQAgaLnl/JPVD77Wu/0/rRETnzqi
rvE4DZopCsx55DY4PGl4IVF+2LgQMQ3qRxGIoN4EkHMNAz/tKw4GmU6BrKUKmr22
IuXo3GDy+Gh0vzV0qYCZeCimYEGx1mjjplUJBKQ5rTYURy3C1c+XZSrZAmBkokYK
Kko9nhBTKD2kKrLaBPzWLMGS//rqyggTgHKUOnJEUlpMSojj7H1crANCySu9SMRh
fVI6pVVf+EN0aseadps13uXaadqY5Yy38SYm1TZbeb7A9964uhHKw+6vFsG1xl07
/BCyDVzc1JmEtC5sw/HZ8ZcgBvrJY5TCAUsEzkcjZtfBo2OyHLogaAtqSOp6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:41 2023 by rpki-client on console-fra.rpki-client.org