Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/D8ynK1OlZj3GtBZBr6b8kzmO1hc.roa
File: D8ynK1OlZj3GtBZBr6b8kzmO1hc.roa (raw, json)
Hash identifier: 3zygHhDQYuc39zhQBgqZDMdML2dxojkFII9JbXOiF+w=
Subject key identifier: 0F:CC:A7:2B:53:A5:66:3D:C6:B4:16:41:AF:A6:FC:93:39:8E:D6:17
Certificate issuer: /CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Certificate serial: ACD953
Authority key identifier: BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/D8ynK1OlZj3GtBZBr6b8kzmO1hc.roa
Signing time: Fri 06 May 2022 17:32:29 +0000
ROA not before: Fri 06 May 2022 17:32:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57797
IP address blocks: 2a12:8ac0::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11327827 (0xacd953)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Validity
Not Before: May 6 17:32:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fcca72b53a5663dc6b41641afa6fc93398ed617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:44:12:f5:94:1a:e3:c4:b2:ee:f2:c7:c6:d7:
7d:c1:41:cc:02:44:91:8f:06:9d:27:4c:0d:f4:4d:
75:7c:71:20:a3:b0:5a:0c:c9:b5:d3:c9:cb:00:1f:
e8:d6:c6:7a:34:f9:3b:00:a9:95:66:89:13:19:f9:
da:97:4d:54:b7:67:ee:8b:67:8b:14:41:9b:13:65:
25:32:43:5f:9d:c0:e3:a4:cd:b8:49:93:c3:61:c4:
fb:e3:77:24:16:5f:5f:ed:3a:02:70:4c:c1:e6:df:
02:59:01:55:b2:88:2b:1a:45:36:8b:de:6e:3e:05:
63:26:9f:1e:20:c0:21:c4:69:bf:b1:5e:2e:02:00:
56:98:a5:5d:1d:d6:eb:cb:10:24:eb:1d:12:70:89:
a0:b6:37:07:5d:ec:c5:9b:b3:cb:a8:20:3a:71:26:
52:72:5f:f6:8d:01:71:d2:b9:12:b3:81:e5:aa:80:
0f:5d:1d:a4:1d:f4:f3:ff:b9:8a:ba:7a:c9:01:5e:
b0:ad:56:57:3f:0a:d0:7c:83:70:dc:25:ab:17:18:
d1:71:2c:04:df:46:b8:d8:c6:c3:72:68:33:38:72:
95:32:65:34:1c:56:4e:86:51:2a:27:90:76:a0:dc:
41:79:77:34:18:97:58:ec:5e:8d:64:5f:12:05:db:
aa:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:CC:A7:2B:53:A5:66:3D:C6:B4:16:41:AF:A6:FC:93:39:8E:D6:17
X509v3 Authority Key Identifier:
keyid:BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/D8ynK1OlZj3GtBZBr6b8kzmO1hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8ac0::/40
Signature Algorithm: sha256WithRSAEncryption
24:3a:a4:67:32:de:38:a5:cf:1e:74:cb:5f:31:60:94:f8:4b:
04:91:01:a4:c9:81:ef:07:a9:52:cd:c3:ea:50:a0:36:f2:8e:
79:b9:c5:f6:64:c3:b1:e9:01:50:1a:e3:7b:e5:3e:06:b9:8e:
13:f5:a1:a1:1a:28:3a:53:63:a3:cb:a0:6f:69:58:9c:47:e5:
29:e1:55:67:40:5d:f9:d4:0b:13:5c:c0:c6:73:5d:32:d2:85:
8a:9f:ff:48:46:f8:b8:b0:5d:02:46:4b:78:39:61:c6:2a:a3:
ae:b2:6a:65:23:75:1f:ac:6e:81:9c:e3:c8:6d:e5:30:bf:c2:
2f:7e:2c:43:be:35:a3:85:c4:ee:c2:86:3c:95:ea:00:ae:8f:
51:f5:52:68:a9:a5:7d:b4:91:f9:46:6b:a5:35:e6:56:84:e6:
6c:c1:e7:0a:af:2f:7a:d6:38:ad:5b:98:65:71:8a:0e:51:e1:
36:03:a5:db:52:d9:3c:8d:d6:26:9d:80:f7:d7:31:54:69:7a:
11:2f:4c:2b:18:d9:d9:7f:71:2f:4e:c1:55:21:ca:44:ae:4e:
8c:c0:21:6a:60:fa:f4:4d:c1:db:d9:c8:40:10:cc:c6:50:3c:
69:de:45:72:1d:d8:a0:37:80:3f:fc:e5:c4:af:6b:66:6c:5f:
33:5b:e1:d4
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAKzZUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTY3YmZmN2JhZDFlYjgzODRiNTg1ZGY3YmVmMTIwNmY3ZjE5ZjdlMB4XDTIyMDUw
NjE3MzIyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZjY2E3MmI1M2E1
NjYzZGM2YjQxNjQxYWZhNmZjOTMzOThlZDYxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANNEEvWUGuPEsu7yx8bXfcFBzAJEkY8GnSdMDfRNdXxxIKOw
WgzJtdPJywAf6NbGejT5OwCplWaJExn52pdNVLdn7otnixRBmxNlJTJDX53A46TN
uEmTw2HE++N3JBZfX+06AnBMwebfAlkBVbKIKxpFNovebj4FYyafHiDAIcRpv7Fe
LgIAVpilXR3W68sQJOsdEnCJoLY3B13sxZuzy6ggOnEmUnJf9o0BcdK5ErOB5aqA
D10dpB308/+5irp6yQFesK1WVz8K0HyDcNwlqxcY0XEsBN9GuNjGw3JoMzhylTJl
NBxWToZRKieQdqDcQXl3NBiXWOxejWRfEgXbqusCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQPzKcrU6VmPca0FkGvpvyTOY7WFzAfBgNVHSMEGDAWgBS6Z7/3utHrg4S1
hd977xIG9/GffjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VtZV85N3JSNjRPRXRZWGZlLThTQnZmeG4zNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvNGEyNDRkLTUxZDEtNDE0My1iNmFmLWRhNDUzODAyMmFjNy8x
L0Q4eW5LMU9sWmozR3RCWkJyNmI4a3ptTzFoYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
NGEyNDRkLTUxZDEtNDE0My1iNmFmLWRhNDUzODAyMmFjNy8xL3VtZV85N3JSNjRP
RXRZWGZlLThTQnZmeG4zNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoSisAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAkOqRnMt44pc8edMtfMWCU+EsEkQGkyYHvB6lSzcPqUKA28o55ucX2ZMOx
6QFQGuN75T4GuY4T9aGhGig6U2Ojy6BvaVicR+Up4VVnQF351AsTXMDGc10y0oWK
n/9IRvi4sF0CRkt4OWHGKqOusmplI3UfrG6BnOPIbeUwv8IvfixDvjWjhcTuwoY8
leoAro9R9VJoqaV9tJH5RmulNeZWhOZswecKry961jitW5hlcYoOUeE2A6XbUtk8
jdYmnYD31zFUaXoRL0wrGNnZf3EvTsFVIcpErk6MwCFqYPr0TcHb2chAEMzGUDxp
3kVyHdigN4A//OXEr2tmbF8zW+HU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:01 2024 by rpki-client on console-fra.rpki-client.org