Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/1-3yG0Wf9tbQtAlMhu1sUWU-m1z0.roa
File: 1-3yG0Wf9tbQtAlMhu1sUWU-m1z0.roa (raw, json)
Hash identifier: h+QkQ8HkVQ5JYWEiWCnQIWgD8vhdOeBZDkkYXjSXfa4=
Subject key identifier: FB:7C:86:D1:67:FD:B5:B4:2D:02:53:21:BB:5B:14:59:4F:A6:D7:3D
Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial: 042DF5
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/1-3yG0Wf9tbQtAlMhu1sUWU-m1z0.roa
Signing time: Wed 12 Jan 2022 10:30:35 +0000
ROA not before: Wed 12 Jan 2022 10:30:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211444
IP address blocks: 2a12:49c0::/30 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 273909 (0x42df5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Validity
Not Before: Jan 12 10:30:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb7c86d167fdb5b42d025321bb5b14594fa6d73d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:57:bf:f4:27:0c:c2:bd:70:5f:25:23:2f:e4:
b4:d2:b4:dc:fa:e1:08:68:31:d0:39:9d:0b:59:f8:
48:10:f0:fa:56:1f:7c:91:eb:2d:38:6d:72:a0:c1:
c3:e9:d4:e0:9a:91:ee:fc:85:9e:0f:b0:42:be:24:
a0:45:b3:cb:0e:a0:06:86:1b:36:42:6d:04:d6:5a:
8d:4c:5f:ad:06:bf:f2:2a:3a:fe:46:cb:74:6c:cc:
bf:40:af:3c:c2:44:40:f0:a0:70:50:8b:33:35:c5:
00:8e:cb:88:37:e6:c1:95:1c:c6:82:08:0d:ea:44:
d1:48:17:0b:33:59:77:e7:c2:c1:ab:c2:5a:dd:3e:
c9:0b:cf:0e:f6:0b:06:63:ac:87:71:da:c0:5e:fb:
bc:bb:77:97:68:21:b3:9b:47:e7:07:5b:12:99:a9:
08:95:9b:95:95:35:a6:f4:49:4d:4f:b7:1b:72:3c:
20:58:6f:96:49:a5:7b:21:62:3e:ab:f5:e7:09:e3:
69:1c:a8:bd:64:32:e9:05:12:31:3d:b7:0f:ed:34:
c8:4e:c8:ab:2d:0d:45:4f:d9:c4:42:81:18:47:7f:
55:f5:fd:97:64:c5:47:6e:8d:d1:66:23:79:2a:da:
cd:8c:49:2d:cb:cc:a3:bf:95:c7:c1:a1:2d:77:bf:
b7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:7C:86:D1:67:FD:B5:B4:2D:02:53:21:BB:5B:14:59:4F:A6:D7:3D
X509v3 Authority Key Identifier:
keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/1-3yG0Wf9tbQtAlMhu1sUWU-m1z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:49c0::/30
Signature Algorithm: sha256WithRSAEncryption
c7:7d:41:17:83:1c:7a:25:88:06:29:6b:d3:9c:cb:9f:8d:53:
5d:49:54:3d:55:1b:95:cb:b1:ff:22:b8:b7:35:49:41:76:71:
99:c4:4f:9e:cc:fb:52:30:63:fa:9d:b3:34:5a:04:30:77:e3:
9e:41:eb:81:8b:8a:e8:71:4d:02:a3:ab:87:6f:47:a4:83:8b:
9e:71:ab:c6:bd:4d:48:9f:22:fa:86:7f:40:e7:f9:bb:29:73:
a5:35:fa:a2:29:85:3b:22:12:c2:9e:8c:01:b5:b0:e4:01:28:
4f:72:79:f6:fd:64:3c:be:6b:a7:f2:70:95:d6:3b:46:1f:31:
ae:46:47:34:a9:87:a3:ac:6c:8a:03:69:96:c2:79:46:a7:05:
a6:c5:42:80:1d:0c:d4:d5:4c:52:d6:4b:01:cf:9b:38:6b:fa:
4c:5c:6f:4d:57:5e:7e:2b:b1:e6:1f:bd:74:ad:bc:9e:1b:ca:
96:79:e8:01:8a:2c:0a:31:d4:ba:ab:ba:20:c2:9b:da:83:33:
69:29:0c:d9:c7:53:c1:0d:6b:01:ce:0c:b9:1e:82:ed:1d:7d:
e1:73:cf:3b:49:01:da:7d:c8:f6:9b:13:51:f1:51:2f:cc:97:
93:ab:65:29:5b:dd:fd:73:31:f4:5e:db:83:00:82:3a:cc:f7:
23:74:34:c3
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIDBC31MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI1
OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYzNDY5YzkwHhcNMjIwMTEy
MTAzMDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmYjdjODZkMTY3ZmRi
NWI0MmQwMjUzMjFiYjViMTQ1OTRmYTZkNzNkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1Ve/9CcMwr1wXyUjL+S00rTc+uEIaDHQOZ0LWfhIEPD6Vh98
kestOG1yoMHD6dTgmpHu/IWeD7BCviSgRbPLDqAGhhs2Qm0E1lqNTF+tBr/yKjr+
Rst0bMy/QK88wkRA8KBwUIszNcUAjsuIN+bBlRzGgggN6kTRSBcLM1l358LBq8Ja
3T7JC88O9gsGY6yHcdrAXvu8u3eXaCGzm0fnB1sSmakIlZuVlTWm9ElNT7cbcjwg
WG+WSaV7IWI+q/XnCeNpHKi9ZDLpBRIxPbcP7TTITsirLQ1FT9nEQoEYR39V9f2X
ZMVHbo3RZiN5KtrNjEkty8yjv5XHwaEtd7+3+wIDAQABo4ICCzCCAgcwHQYDVR0O
BBYEFPt8htFn/bW0LQJTIbtbFFlPptc9MB8GA1UdIwQYMBaAFCWUkMXbz79ZDaM7
+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCBjgYIKwYBBQUHAQsEgYEw
fzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5LzEv
MS0zeUcwV2Y5dGJRdEFsTWh1MXNVV1UtbTF6MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
ZWRhZDJkLTk1Y2MtNDlkMC04NmY0LTNjZTNjZjhiMWM0OS8xL0paU1F4ZHZQdjFr
Tm96djcwM2x3b0hZMGFjay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAioSScAwDQYJKoZIhvcNAQELBQAD
ggEBAMd9QReDHHoliAYpa9Ocy5+NU11JVD1VG5XLsf8iuLc1SUF2cZnET57M+1Iw
Y/qdszRaBDB3455B64GLiuhxTQKjq4dvR6SDi55xq8a9TUifIvqGf0Dn+bspc6U1
+qIphTsiEsKejAG1sOQBKE9yefb9ZDy+a6fycJXWO0YfMa5GRzSph6OsbIoDaZbC
eUanBabFQoAdDNTVTFLWSwHPmzhr+kxcb01XXn4rseYfvXStvJ4bypZ56AGKLAox
1LqruiDCm9qDM2kpDNnHU8ENawHODLkegu0dfeFzzztJAdp9yPabE1HxUS/Ml5Or
ZSlb3f1zMfRe24MAgjrM9yN0NMM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:26 2024 by rpki-client on console-ams.rpki-client.org