Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/GmJCamfp9GHQmfVtqmRNDx96nNM.roa
File: GmJCamfp9GHQmfVtqmRNDx96nNM.roa (raw, json)
Hash identifier: WRSlQZ29Vm7C1tmdsGIqIeuriR/IAEPvJ+V9Xbe6ckY=
Subject key identifier: 1A:62:42:6A:67:E9:F4:61:D0:99:F5:6D:AA:64:4D:0F:1F:7A:9C:D3
Certificate issuer: /CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Certificate serial: 39B4E0
Authority key identifier: 74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/GmJCamfp9GHQmfVtqmRNDx96nNM.roa
Signing time: Wed 19 Jan 2022 22:26:41 +0000
ROA not before: Wed 19 Jan 2022 22:26:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211398
IP address blocks: 2a12:4940::/32 maxlen: 48
2a12:4942::/31 maxlen: 48
2a12:4946:6960::/44 maxlen: 48
2a12:4946:1700::/48 maxlen: 48
2a12:4946:1800::/48 maxlen: 48
2a12:4946:1900::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3781856 (0x39b4e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Validity
Not Before: Jan 19 22:26:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a62426a67e9f461d099f56daa644d0f1f7a9cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:55:2a:41:09:f8:ed:e6:0b:ec:f4:e0:39:10:
c7:14:29:07:eb:8c:2f:3f:22:22:ee:62:c6:bf:9b:
92:a1:b1:58:5c:bf:d4:d6:7d:b7:27:0c:83:4c:aa:
aa:ff:61:c8:0b:48:e1:2f:f2:32:22:e7:f7:d9:a6:
36:a8:eb:99:41:19:b2:e8:4a:0a:94:2d:39:75:9b:
b3:7a:d4:6f:40:e4:45:4d:74:58:59:4f:29:61:52:
74:a4:29:c6:09:e1:b0:98:8a:67:4c:63:c4:02:d0:
15:e8:a3:70:a9:7e:fe:7a:e4:26:14:a1:3e:7c:c0:
60:18:c6:64:c6:14:85:5d:33:f8:73:f4:97:f0:eb:
eb:b7:e6:6e:fa:2f:c3:ec:52:ea:5e:f5:b5:07:d7:
04:07:e4:c8:47:29:de:9d:65:00:5b:40:18:68:56:
28:ed:26:ca:98:d1:74:ec:72:d8:5c:3a:31:d4:76:
61:31:0f:09:b9:1d:e5:c3:3f:3c:9e:4c:08:ec:76:
d0:a3:e9:58:30:64:4f:40:4b:02:f7:b6:e3:0d:05:
c0:ac:99:57:6f:55:f6:3b:99:4c:66:fa:f9:44:07:
9e:fd:57:10:a8:50:1e:12:a4:22:9f:3e:73:18:76:
9a:af:22:9c:2d:c4:30:a1:fa:ee:7e:44:6e:5f:d6:
6d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:62:42:6A:67:E9:F4:61:D0:99:F5:6D:AA:64:4D:0F:1F:7A:9C:D3
X509v3 Authority Key Identifier:
keyid:74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/GmJCamfp9GHQmfVtqmRNDx96nNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/dGOVwSZyrZWJIbYrncmyvNimip8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:4940::/32
2a12:4942::/31
2a12:4946:1700::/48
2a12:4946:1800::/48
2a12:4946:1900::/48
2a12:4946:6960::/44
Signature Algorithm: sha256WithRSAEncryption
c3:5e:be:4b:be:70:86:f8:d0:46:bf:61:7d:73:59:f8:e8:76:
ee:02:d9:11:b4:79:f2:d4:8e:84:a5:aa:59:f6:47:09:ef:60:
f1:dd:04:c7:f1:42:72:f0:5e:4e:5c:19:8e:e6:1b:0f:b1:09:
cb:47:74:03:d4:7c:95:bc:90:35:68:1e:fd:36:fd:fb:8e:f1:
9c:d4:2d:41:67:a0:7f:82:a9:b5:a9:52:06:92:0a:aa:02:d8:
8b:84:dd:d1:26:ee:1a:d6:d5:33:be:d7:99:85:e0:67:d1:1b:
2a:df:d1:15:18:b8:54:f2:35:f6:7f:d4:57:0a:07:11:7e:27:
0f:3f:c9:d9:49:20:79:4e:8a:2e:6d:79:e7:0b:ea:8e:4c:ce:
d7:83:64:46:1f:b1:01:4f:0a:86:1c:95:bc:4d:6c:49:85:56:
32:12:c6:59:66:b1:0d:e1:fb:36:c1:02:42:b3:87:ed:fe:e2:
bc:2e:65:4b:2c:fe:05:29:55:8a:c7:33:88:17:77:0d:86:8d:
37:ac:33:0f:5b:d0:ec:da:7f:f7:8c:3b:53:e2:fa:d4:a2:4e:
30:ed:c5:5d:2f:1d:e4:f8:14:ae:db:f9:dc:76:29:30:9e:e3:
3b:2b:e7:d0:8d:23:bb:2e:da:09:b9:6c:25:51:60:7c:c5:09:
e3:bc:9a:9a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIDObTgMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc0
NjM5NWMxMjY3MmFkOTU4OTIxYjYyYjlkYzliMmJjZDhhNjhhOWYwHhcNMjIwMTE5
MjIyNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxYTYyNDI2YTY3ZTlm
NDYxZDA5OWY1NmRhYTY0NGQwZjFmN2E5Y2QzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq1UqQQn47eYL7PTgORDHFCkH64wvPyIi7mLGv5uSobFYXL/U
1n23JwyDTKqq/2HIC0jhL/IyIuf32aY2qOuZQRmy6EoKlC05dZuzetRvQORFTXRY
WU8pYVJ0pCnGCeGwmIpnTGPEAtAV6KNwqX7+euQmFKE+fMBgGMZkxhSFXTP4c/SX
8Ovrt+Zu+i/D7FLqXvW1B9cEB+TIRynenWUAW0AYaFYo7SbKmNF07HLYXDox1HZh
MQ8JuR3lwz88nkwI7HbQo+lYMGRPQEsC97bjDQXArJlXb1X2O5lMZvr5RAee/VcQ
qFAeEqQinz5zGHaaryKcLcQwofrufkRuX9ZtrwIDAQABo4ICNTCCAjEwHQYDVR0O
BBYEFBpiQmpn6fRh0Jn1bapkTQ8fepzTMB8GA1UdIwQYMBaAFHRjlcEmcq2ViSG2
K53JsrzYpoqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMtZmI3NzRhYmRmYWMyLzEv
R21KQ2FtZnA5R0hRbWZWdHFtUk5EeDk2bk5NLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85
ZTIzNTEtOGRkMC00YjcwLWE1ZmMtZmI3NzRhYmRmYWMyLzEvZEdPVndTWnlyWldK
SWJZcm5jbXl2TmltaXA4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEsG
CCsGAQUFBwEHAQH/BDwwOjA4BAIAAjAyAwUAKhJJQAMFASoSSUIDBwAqEklGFwAD
BwAqEklGGAADBwAqEklGGQADBwQqEklGaWAwDQYJKoZIhvcNAQELBQADggEBAMNe
vku+cIb40Ea/YX1zWfjodu4C2RG0efLUjoSlqln2RwnvYPHdBMfxQnLwXk5cGY7m
Gw+xCctHdAPUfJW8kDVoHv02/fuO8ZzULUFnoH+CqbWpUgaSCqoC2IuE3dEm7hrW
1TO+15mF4GfRGyrf0RUYuFTyNfZ/1FcKBxF+Jw8/ydlJIHlOii5teecL6o5MzteD
ZEYfsQFPCoYclbxNbEmFVjISxllmsQ3h+zbBAkKzh+3+4rwuZUss/gUpVYrHM4gX
dw2GjTesMw9b0Ozaf/eMO1Pi+tSiTjDtxV0vHeT4FK7b+dx2KTCe4zsr59CNI7su
2gm5bCVRYHzFCeO8mpo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:43 2023 by rpki-client on console-ams.rpki-client.org