Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/DhKLe3EU4zfrCKlKtKTxk3WbUuo.roa
File: DhKLe3EU4zfrCKlKtKTxk3WbUuo.roa (raw, json)
Hash identifier: KNk2jh84JTJ6PKm8rE4KTLbPPbKaiBT9AGTt9D+sBbA=
Subject key identifier: 0E:12:8B:7B:71:14:E3:37:EB:08:A9:4A:B4:A4:F1:93:75:9B:52:EA
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01856C1CA2CB51114393D908CE8B7902C9CE
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/DhKLe3EU4zfrCKlKtKTxk3WbUuo.roa
Signing time: Sun 01 Jan 2023 06:54:53 +0000
ROA not before: Sun 01 Jan 2023 06:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138211
IP address blocks: 2a12:3fc2:e600::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a2:cb:51:11:43:93:d9:08:ce:8b:79:02:c9:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 06:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e128b7b7114e337eb08a94ab4a4f193759b52ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9c:bc:60:fb:6c:b1:ed:a0:f6:cc:85:02:6d:
7b:14:07:4e:5c:05:14:e3:8f:fd:58:2d:30:d2:93:
26:6c:25:99:ed:a7:cc:8c:4b:dc:f4:76:c3:94:b8:
9a:a5:b7:a1:c7:39:98:d5:b9:b3:de:b5:7b:c6:d4:
e8:68:9f:2b:d5:33:d3:92:d8:34:42:43:d3:ff:aa:
4d:3e:39:31:b4:5a:03:79:57:66:d9:ac:7f:6c:f0:
d1:50:06:7e:79:a2:6c:ac:0b:3d:00:05:21:71:40:
90:11:9b:42:7b:4c:24:12:43:9b:07:52:a9:c8:88:
81:0a:0e:8b:b9:89:fa:80:25:2a:9d:c5:66:10:74:
f0:5f:e3:26:24:6b:d2:3b:c8:12:2c:75:fb:4c:2f:
2a:df:43:15:fe:ff:a0:6f:81:84:01:91:09:aa:ad:
99:91:06:05:9c:93:83:c7:92:9d:97:b7:1f:71:01:
4e:f5:0f:8f:06:f7:b9:39:a3:10:eb:31:71:09:a4:
86:53:06:c7:05:f1:3a:7c:6c:83:c8:3f:12:67:39:
ee:ff:5d:e0:dc:49:28:c0:87:74:ce:f5:04:90:75:
f6:8e:6c:53:12:de:df:9a:06:0d:17:4b:f6:02:48:
c9:88:ac:d4:86:6f:fd:11:a9:1b:d1:f3:da:06:62:
b5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:12:8B:7B:71:14:E3:37:EB:08:A9:4A:B4:A4:F1:93:75:9B:52:EA
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/DhKLe3EU4zfrCKlKtKTxk3WbUuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:e600::/40
Signature Algorithm: sha256WithRSAEncryption
2e:28:9e:a1:5a:2e:29:c9:ac:ce:5d:5c:be:11:a3:6a:87:b3:
bc:a0:fe:97:3d:27:d8:fc:0e:56:cd:90:ba:d4:21:36:5a:1b:
b1:27:52:1d:1b:d9:ee:d8:d5:2a:b6:c4:f2:c4:04:0c:75:58:
8e:af:58:16:6b:82:ac:81:85:94:a6:8b:b4:53:2d:e9:16:f9:
2b:f1:01:91:33:03:51:69:d5:90:fa:8a:c1:d4:2e:c1:3f:f1:
ea:63:ed:b7:7e:30:ad:d1:e6:f3:06:3f:41:7f:f3:78:8b:9b:
5f:fa:8f:7a:45:81:be:9e:76:5a:2f:e1:c9:cc:ad:df:43:e3:
8b:cf:59:1f:33:08:5e:30:15:36:c9:19:14:19:cb:c2:b8:9f:
f4:35:ec:47:ca:e0:37:b6:54:90:09:d0:8d:8c:9a:b3:81:d5:
b4:45:2b:5d:62:af:01:b0:4e:0c:e3:9c:a0:2c:0b:3d:7c:2a:
83:fc:f9:59:b4:79:87:9c:47:d6:19:c2:2c:b8:90:d6:92:9c:
20:e3:34:11:34:3e:c8:be:b9:90:aa:fb:c9:0b:de:d8:81:db:
33:34:16:df:b5:1f:d1:c1:ec:22:a0:3c:13:2b:a3:9c:a3:69:
af:c5:e9:27:47:48:94:4d:2d:a5:3a:52:51:41:a8:b4:7e:77:
8b:c1:cf:35
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsHKLLURFDk9kIzot5AsnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjMwMTAxMDY1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTEyOGI3YjcxMTRlMzM3ZWIwOGE5NGFiNGE0ZjE5Mzc1OWI1MmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJy8YPtsse2g9syFAm17FAdOXAUU
44/9WC0w0pMmbCWZ7afMjEvc9HbDlLiapbehxzmY1bmz3rV7xtToaJ8r1TPTktg0
QkPT/6pNPjkxtFoDeVdm2ax/bPDRUAZ+eaJsrAs9AAUhcUCQEZtCe0wkEkObB1Kp
yIiBCg6LuYn6gCUqncVmEHTwX+MmJGvSO8gSLHX7TC8q30MV/v+gb4GEAZEJqq2Z
kQYFnJODx5Kdl7cfcQFO9Q+PBve5OaMQ6zFxCaSGUwbHBfE6fGyDyD8SZznu/13g
3EkowId0zvUEkHX2jmxTEt7fmgYNF0v2AkjJiKzUhm/9Eakb0fPaBmK1swIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFA4Si3txFOM36wipSrSk8ZN1m1LqMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvRGhLTGUzRVU0emZyQ0tsS3RLVHhrM1diVXVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI/wuYw
DQYJKoZIhvcNAQELBQADggEBAC4onqFaLinJrM5dXL4Ro2qHs7yg/pc9J9j8DlbN
kLrUITZaG7EnUh0b2e7Y1Sq2xPLEBAx1WI6vWBZrgqyBhZSmi7RTLekW+SvxAZEz
A1Fp1ZD6isHULsE/8epj7bd+MK3R5vMGP0F/83iLm1/6j3pFgb6edlov4cnMrd9D
44vPWR8zCF4wFTbJGRQZy8K4n/Q17EfK4De2VJAJ0I2MmrOB1bRFK11irwGwTgzj
nKAsCz18KoP8+Vm0eYecR9YZwiy4kNaSnCDjNBE0Psi+uZCq+8kL3tiB2zM0Ft+1
H9HB7CKgPBMro5yjaa/F6SdHSJRNLaU6UlFBqLR+d4vBzzU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:43 2025 by rpki-client