Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/h7Rv2Toeu7hjTXif6vlnQT32Bzk.roa
File: h7Rv2Toeu7hjTXif6vlnQT32Bzk.roa (raw, json)
Hash identifier: 0zR34wNl6vPVOIjNV8yPiF5CzAk19yFbXhnU5FfH3Y0=
Subject key identifier: 87:B4:6F:D9:3A:1E:BB:B8:63:4D:78:9F:EA:F9:67:41:3D:F6:07:39
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 0184970F7C1A931D39FD81AF1FF86FAAEA35
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/h7Rv2Toeu7hjTXif6vlnQT32Bzk.roa
Signing time: Sun 20 Nov 2022 22:01:25 +0000
ROA not before: Sun 20 Nov 2022 22:01:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35543
IP address blocks: 2a12:a4c1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:97:0f:7c:1a:93:1d:39:fd:81:af:1f:f8:6f:aa:ea:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Nov 20 22:01:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87b46fd93a1ebbb8634d789feaf967413df60739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fb:81:85:6d:18:a9:33:7c:80:b5:f0:be:06:
f8:6d:16:5a:a3:9b:e1:c2:9b:9c:8e:79:0e:c0:c2:
84:48:0c:77:62:af:dd:a6:73:6a:63:36:ce:04:92:
9e:f5:79:e3:36:93:83:bb:63:da:35:1b:06:8b:7d:
57:fe:13:a4:45:53:94:cf:78:17:0c:49:40:3d:42:
45:f6:25:81:be:b4:60:cc:42:c9:52:83:24:3b:a0:
bc:ef:e6:74:fc:32:fc:5b:61:20:30:85:dd:ea:45:
6e:5f:85:3a:8c:fd:fa:b0:1d:8e:f4:41:ba:ed:32:
83:2c:46:11:2b:59:8b:05:2b:9a:82:22:07:46:5d:
e1:1c:5a:79:24:8b:2d:d0:69:d7:79:e0:80:13:91:
62:de:ba:41:07:ce:ef:e4:ba:fc:76:df:d2:3a:03:
fc:99:ae:f7:68:ad:8b:e9:f0:cd:1e:15:ff:77:b8:
bd:d3:13:c8:40:f2:54:9e:42:50:e4:ec:31:8b:f3:
2e:26:c7:59:22:19:3d:ff:a2:3f:5a:cb:22:03:b1:
b8:78:7f:f0:59:6d:4d:6f:b4:cc:94:c7:b5:4f:ae:
73:de:8a:9f:12:92:19:3a:9c:56:5d:c8:c9:00:e7:
4f:19:93:b6:c7:48:2b:9e:12:a5:34:36:da:f9:dc:
51:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B4:6F:D9:3A:1E:BB:B8:63:4D:78:9F:EA:F9:67:41:3D:F6:07:39
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/h7Rv2Toeu7hjTXif6vlnQT32Bzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a4c1::/32
Signature Algorithm: sha256WithRSAEncryption
1a:63:ee:7c:1f:de:c3:fb:b1:80:8b:0e:cb:3b:a7:8d:9b:58:
cc:c0:5e:21:82:d6:f5:48:a7:7d:1e:f8:35:ec:d1:b3:72:18:
31:e0:41:03:88:f7:08:26:36:c4:6b:a0:00:91:28:1f:c7:72:
96:bc:d5:5e:da:81:c0:03:bb:f5:30:18:ea:d2:5d:8d:dc:24:
32:f9:a2:72:be:95:54:fd:a9:5c:e7:af:22:95:71:63:8c:b3:
5e:e0:c0:03:cb:a5:f8:65:be:65:08:f3:92:cb:f9:b9:bf:4a:
35:22:0c:27:3d:14:c6:b5:d3:0e:fe:24:f2:aa:64:b9:6b:62:
1c:4e:a5:4a:ea:e9:29:85:0c:7f:b9:e0:2b:2d:13:fd:5f:6a:
74:b2:52:59:cf:ec:b0:85:b3:22:58:c7:65:17:53:bb:1e:18:
48:03:79:02:c6:f1:f1:3e:27:93:c4:eb:2a:19:c2:85:d0:f3:
dd:1e:75:18:0f:ec:a7:13:c3:0a:6b:27:ee:f0:d4:82:2e:18:
fc:f3:7d:1c:06:10:e0:99:ec:df:0f:28:3f:a0:27:b9:d5:04:
d5:fa:db:89:4d:d1:84:aa:36:ef:dd:ec:32:29:4f:3b:b2:f4:
07:ce:ec:34:5b:f6:19:f1:c6:45:a3:f1:a6:00:21:10:d4:54:
17:17:cd:79
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSXD3wakx05/YGvH/hvquo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjIxMTIwMjIwMTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2I0NmZkOTNhMWViYmI4NjM0ZDc4OWZlYWY5Njc0MTNkZjYwNzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPuBhW0YqTN8gLXwvgb4bRZao5vh
wpucjnkOwMKESAx3Yq/dpnNqYzbOBJKe9XnjNpODu2PaNRsGi31X/hOkRVOUz3gX
DElAPUJF9iWBvrRgzELJUoMkO6C87+Z0/DL8W2EgMIXd6kVuX4U6jP36sB2O9EG6
7TKDLEYRK1mLBSuagiIHRl3hHFp5JIst0GnXeeCAE5Fi3rpBB87v5Lr8dt/SOgP8
ma73aK2L6fDNHhX/d7i90xPIQPJUnkJQ5Owxi/MuJsdZIhk9/6I/WssiA7G4eH/w
WW1Nb7TMlMe1T65z3oqfEpIZOpxWXcjJAOdPGZO2x0grnhKlNDba+dxRRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIe0b9k6Hru4Y014n+r5Z0E99gc5MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvaDdSdjJUb2V1N2hqVFhpZjZ2bG5RVDMyQnprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKkwTAN
BgkqhkiG9w0BAQsFAAOCAQEAGmPufB/ew/uxgIsOyzunjZtYzMBeIYLW9UinfR74
NezRs3IYMeBBA4j3CCY2xGugAJEoH8dylrzVXtqBwAO79TAY6tJdjdwkMvmicr6V
VP2pXOevIpVxY4yzXuDAA8ul+GW+ZQjzksv5ub9KNSIMJz0UxrXTDv4k8qpkuWti
HE6lSurpKYUMf7ngKy0T/V9qdLJSWc/ssIWzIljHZRdTux4YSAN5Asbx8T4nk8Tr
KhnChdDz3R51GA/spxPDCmsn7vDUgi4Y/PN9HAYQ4Jns3w8oP6AnudUE1frbiU3R
hKo2793sMilPO7L0B87sNFv2GfHGRaPxpgAhENRUFxfNeQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:26 2023 by rpki-client on console-fra.rpki-client.org