Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/7f55fd-df97-4564-9a4a-f5138d5d753f/1/b5Kg3vQa7dXvop43jQ-a0bDKhD0.roa
File: b5Kg3vQa7dXvop43jQ-a0bDKhD0.roa (raw, json)
Hash identifier: mKd2/nZg9A8Jb/3mNgW2XZ0XfGe+/i/3dzh8efg0UU8=
Subject key identifier: 6F:92:A0:DE:F4:1A:ED:D5:EF:A2:9E:37:8D:0F:9A:D1:B0:CA:84:3D
Certificate issuer: /CN=74fc64a06ee6ae25c2d23d6255ed2542bf51d8ae
Certificate serial: 0184C4338299225E3125ACE271B2FFBFFA85
Authority key identifier: 74:FC:64:A0:6E:E6:AE:25:C2:D2:3D:62:55:ED:25:42:BF:51:D8:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dPxkoG7mriXC0j1iVe0lQr9R2K4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/7f55fd-df97-4564-9a4a-f5138d5d753f/1/b5Kg3vQa7dXvop43jQ-a0bDKhD0.roa
Signing time: Tue 29 Nov 2022 16:23:40 +0000
ROA not before: Tue 29 Nov 2022 16:23:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 2a12:1280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c4:33:82:99:22:5e:31:25:ac:e2:71:b2:ff:bf:fa:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74fc64a06ee6ae25c2d23d6255ed2542bf51d8ae
Validity
Not Before: Nov 29 16:23:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f92a0def41aedd5efa29e378d0f9ad1b0ca843d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e9:d6:4a:65:36:4b:89:21:82:84:ec:71:17:
63:25:dd:61:81:da:90:ff:43:a2:46:36:df:de:50:
05:5e:23:e2:e8:00:24:db:81:1f:79:48:21:72:f4:
31:88:f9:a8:25:03:87:8b:d0:57:4a:08:6c:33:dd:
94:26:7b:f7:97:a4:90:67:02:36:8e:2c:d2:60:09:
23:6d:58:30:74:21:a5:ca:a9:60:c1:d2:a1:f1:24:
4d:bb:1a:30:ff:27:6c:c5:a3:7e:53:86:dd:52:d1:
e2:f6:b1:ec:a9:98:e0:ed:bd:bd:53:39:fc:c2:63:
c9:74:6d:fe:bd:9e:4f:16:68:cc:67:84:2e:76:ed:
c6:cf:41:9d:02:bd:02:6b:df:76:db:51:a9:98:42:
4f:cc:78:bc:e3:a1:25:ee:69:d4:29:66:d7:44:6c:
06:1b:f7:38:fc:df:3e:ea:67:63:17:08:b0:f1:47:
56:23:82:d4:a3:55:cb:39:7e:57:04:eb:20:a9:4c:
7b:a7:04:26:8d:ff:de:a0:c9:f5:eb:51:63:cd:b4:
d3:78:4e:de:ac:d9:b2:aa:15:41:ef:f7:bf:a3:c7:
5c:d1:58:28:43:5d:42:38:ce:ae:ae:cb:3a:ee:25:
38:68:0d:93:57:ec:8d:e1:31:5e:55:c0:9d:4e:13:
eb:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:92:A0:DE:F4:1A:ED:D5:EF:A2:9E:37:8D:0F:9A:D1:B0:CA:84:3D
X509v3 Authority Key Identifier:
keyid:74:FC:64:A0:6E:E6:AE:25:C2:D2:3D:62:55:ED:25:42:BF:51:D8:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPxkoG7mriXC0j1iVe0lQr9R2K4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/7f55fd-df97-4564-9a4a-f5138d5d753f/1/b5Kg3vQa7dXvop43jQ-a0bDKhD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/7f55fd-df97-4564-9a4a-f5138d5d753f/1/dPxkoG7mriXC0j1iVe0lQr9R2K4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:1280::/29
Signature Algorithm: sha256WithRSAEncryption
8c:2b:14:e3:83:8e:29:a0:4b:99:0a:ea:4e:e9:de:64:42:7f:
aa:64:79:5a:0b:48:e7:40:8c:fe:44:10:0b:a0:e7:29:24:cb:
48:13:bc:70:91:2a:0c:ce:6a:c0:70:36:93:61:4a:32:cc:2a:
d4:2c:44:d4:2b:a2:bd:03:d2:88:1e:9b:4f:5e:4c:a6:77:07:
43:88:40:96:ed:26:30:c1:b1:a1:84:6a:2d:dc:e8:68:93:b0:
6d:c5:9c:3e:5f:e2:7c:42:fd:f9:d8:3b:fc:d4:b7:db:22:ca:
92:44:07:52:cf:9f:f3:43:c9:da:8a:05:7c:ef:17:f2:30:dc:
f5:a9:e6:de:d5:98:e8:d8:b6:2c:b3:ed:25:2d:8c:39:6d:a5:
ce:81:9d:d2:d9:a0:0f:f7:ce:62:7d:32:6b:cd:6d:35:a7:56:
b9:22:69:c4:0c:09:be:e6:78:67:96:f8:9d:bf:fe:60:65:38:
a3:0c:b5:a5:0c:aa:82:4f:84:bf:c0:3b:e9:24:12:59:75:c0:
5f:5b:80:d9:21:2b:49:50:45:ae:5d:99:6e:52:e7:dc:10:ad:
e6:68:e1:52:d8:2f:44:41:29:50:b4:72:ef:a3:af:5f:89:2b:
e8:10:64:a9:07:65:e6:5d:ae:63:54:c6:a0:42:c1:8c:86:a7:
c7:6c:5d:42
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYTEM4KZIl4xJazicbL/v/qFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZmM2NGEwNmVlNmFlMjVjMmQyM2Q2MjU1ZWQyNTQyYmY1
MWQ4YWUwHhcNMjIxMTI5MTYyMzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjkyYTBkZWY0MWFlZGQ1ZWZhMjllMzc4ZDBmOWFkMWIwY2E4NDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOnWSmU2S4khgoTscRdjJd1hgdqQ
/0OiRjbf3lAFXiPi6AAk24EfeUghcvQxiPmoJQOHi9BXSghsM92UJnv3l6SQZwI2
jizSYAkjbVgwdCGlyqlgwdKh8SRNuxow/ydsxaN+U4bdUtHi9rHsqZjg7b29Uzn8
wmPJdG3+vZ5PFmjMZ4Qudu3Gz0GdAr0Ca99221GpmEJPzHi846El7mnUKWbXRGwG
G/c4/N8+6mdjFwiw8UdWI4LUo1XLOX5XBOsgqUx7pwQmjf/eoMn161FjzbTTeE7e
rNmyqhVB7/e/o8dc0VgoQ11COM6urss67iU4aA2TV+yN4TFeVcCdThPrXQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG+SoN70Gu3V76KeN40PmtGwyoQ9MB8GA1UdIwQY
MBaAFHT8ZKBu5q4lwtI9YlXtJUK/UdiuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFB4a29HN21yaVhDMGoxaVZlMGxRcjlSMks0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC83ZjU1ZmQtZGY5Ny00NTY0LTlhNGEt
ZjUxMzhkNWQ3NTNmLzEvYjVLZzN2UWE3ZFh2b3A0M2pRLWEwYkRLaEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC83ZjU1ZmQtZGY5Ny00NTY0LTlhNGEtZjUxMzhkNWQ3NTNm
LzEvZFB4a29HN21yaVhDMGoxaVZlMGxRcjlSMks0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhISgDAN
BgkqhkiG9w0BAQsFAAOCAQEAjCsU44OOKaBLmQrqTuneZEJ/qmR5WgtI50CM/kQQ
C6DnKSTLSBO8cJEqDM5qwHA2k2FKMswq1CxE1CuivQPSiB6bT15MpncHQ4hAlu0m
MMGxoYRqLdzoaJOwbcWcPl/ifEL9+dg7/NS32yLKkkQHUs+f80PJ2ooFfO8X8jDc
9anm3tWY6Ni2LLPtJS2MOW2lzoGd0tmgD/fOYn0ya81tNadWuSJpxAwJvuZ4Z5b4
nb/+YGU4owy1pQyqgk+Ev8A76SQSWXXAX1uA2SErSVBFrl2ZblLn3BCt5mjhUtgv
REEpULRy76OvX4kr6BBkqQdl5l2uY1TGoELBjIanx2xdQg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:51 2023 by rpki-client on console-ams.rpki-client.org