Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/1WgWdLxbCiO4MIfl16fecVMMLmQ.roa
File: 1WgWdLxbCiO4MIfl16fecVMMLmQ.roa (raw, json)
Hash identifier: RvK9Y+UiPcvAET7Xaz53Ymaxj4Oy1n9+VwcWw1gqOR8=
Subject key identifier: D5:68:16:74:BC:5B:0A:23:B8:30:87:E5:D7:A7:DE:71:53:0C:2E:64
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 0184C81B4312304F93C866314EA7A6B1FFF4
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/1WgWdLxbCiO4MIfl16fecVMMLmQ.roa
Signing time: Wed 30 Nov 2022 10:35:40 +0000
ROA not before: Wed 30 Nov 2022 10:35:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211759
IP address blocks: 2a12:3fc2:ab40::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c8:1b:43:12:30:4f:93:c8:66:31:4e:a7:a6:b1:ff:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Nov 30 10:35:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5681674bc5b0a23b83087e5d7a7de71530c2e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f7:d4:61:c1:05:bd:fe:de:c0:cf:8a:4f:e7:
61:d9:1e:07:1a:85:7d:11:90:91:32:ca:33:55:3f:
b3:26:b8:b3:fb:34:ba:75:c1:a5:a9:20:53:d3:f3:
f1:60:6c:6e:f9:24:4f:54:e7:6c:03:06:32:20:5e:
6c:f4:11:80:e4:e9:f4:c1:a9:4c:91:4c:59:54:cc:
cf:d3:34:a6:3e:9a:c8:b4:e2:1e:18:1b:62:e6:f5:
45:1e:aa:b8:a6:b0:8a:a3:43:0d:52:a6:2d:07:ba:
d2:1d:93:81:f2:8f:cf:60:ca:0d:b9:2e:9f:17:cc:
d5:5e:30:6d:55:16:64:d3:34:a7:b7:55:68:35:c7:
70:bb:18:55:d6:51:90:35:f8:44:34:d5:f2:e1:af:
be:ae:95:07:9e:60:c3:ab:9d:ee:b6:73:56:45:58:
3a:b9:26:9e:b7:0b:1b:73:31:a3:c5:f8:cd:b9:db:
cf:f5:ed:98:5b:15:21:9d:40:6b:46:ca:fd:7b:20:
0d:e3:04:1c:9b:c6:b4:9e:9a:9e:8e:22:6a:ca:6f:
f1:2d:57:f6:74:55:39:9a:c6:4e:f7:cc:c0:ad:7c:
7b:8f:5a:b8:aa:ca:a9:86:ff:e4:d1:27:fc:21:f8:
fb:ae:8b:b9:97:11:f4:fe:2a:7f:9b:d4:8e:ce:c5:
8a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:68:16:74:BC:5B:0A:23:B8:30:87:E5:D7:A7:DE:71:53:0C:2E:64
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/1WgWdLxbCiO4MIfl16fecVMMLmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:ab40::/44
Signature Algorithm: sha256WithRSAEncryption
33:a2:a1:fc:b3:e8:a0:27:5d:14:4c:3a:63:64:c1:4c:53:34:
42:78:13:f3:d8:1d:28:00:ac:bf:8a:f9:cd:91:50:da:19:75:
59:00:7c:2f:1b:a2:cc:6e:a3:f5:fa:37:04:80:a0:f1:6d:05:
e8:2b:46:85:79:ec:83:fe:42:8f:73:9f:58:35:80:30:86:5c:
42:51:46:aa:cf:46:c2:ba:cb:a3:91:cc:d7:a5:c7:dc:e8:ca:
f5:f6:0c:18:2a:38:c4:ce:b9:a2:e5:92:2e:47:67:9a:d9:88:
4c:e7:5e:08:dd:cf:d5:ac:42:76:4d:fe:b3:53:9c:58:48:83:
63:d7:21:b6:36:83:66:08:18:68:d0:a7:2a:21:3e:14:b1:89:
a9:93:6c:0b:bb:fd:6a:b5:3a:02:10:2a:1a:3d:34:37:8e:29:
88:a1:14:ba:90:78:6e:45:74:ee:be:f7:4a:e1:e8:81:85:09:
9d:c4:7b:98:70:a0:8a:c0:80:aa:8b:20:c7:e0:4e:5d:28:1f:
2f:4c:b9:0f:85:5e:87:27:c4:4f:38:3c:be:bf:0d:eb:fe:3c:
e1:37:95:8c:55:4f:d7:0f:34:1c:82:8b:9f:37:9f:7e:b5:bd:
ee:e4:71:d7:83:3e:d3:e0:d8:0f:e7:ad:15:14:78:9f:31:e6:
5e:20:77:0a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTIG0MSME+TyGYxTqemsf/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjIxMTMwMTAzNTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTY4MTY3NGJjNWIwYTIzYjgzMDg3ZTVkN2E3ZGU3MTUzMGMyZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiffUYcEFvf7ewM+KT+dh2R4HGoV9
EZCRMsozVT+zJriz+zS6dcGlqSBT0/PxYGxu+SRPVOdsAwYyIF5s9BGA5On0walM
kUxZVMzP0zSmPprItOIeGBti5vVFHqq4prCKo0MNUqYtB7rSHZOB8o/PYMoNuS6f
F8zVXjBtVRZk0zSnt1VoNcdwuxhV1lGQNfhENNXy4a++rpUHnmDDq53utnNWRVg6
uSaetwsbczGjxfjNudvP9e2YWxUhnUBrRsr9eyAN4wQcm8a0npqejiJqym/xLVf2
dFU5msZO98zArXx7j1q4qsqphv/k0Sf8Ifj7rou5lxH0/ip/m9SOzsWKcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNVoFnS8WwojuDCH5den3nFTDC5kMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvMVdnV2RMeGJDaU80TUlmbDE2ZmVjVk1NTG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhI/wqtA
MA0GCSqGSIb3DQEBCwUAA4IBAQAzoqH8s+igJ10UTDpjZMFMUzRCeBPz2B0oAKy/
ivnNkVDaGXVZAHwvG6LMbqP1+jcEgKDxbQXoK0aFeeyD/kKPc59YNYAwhlxCUUaq
z0bCusujkczXpcfc6Mr19gwYKjjEzrmi5ZIuR2ea2YhM514I3c/VrEJ2Tf6zU5xY
SINj1yG2NoNmCBho0KcqIT4UsYmpk2wLu/1qtToCECoaPTQ3jimIoRS6kHhuRXTu
vvdK4eiBhQmdxHuYcKCKwICqiyDH4E5dKB8vTLkPhV6HJ8RPODy+vw3r/jzhN5WM
VU/XDzQcgoufN59+tb3u5HHXgz7T4NgP560VFHifMeZeIHcK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:06 2025 by rpki-client