Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/UHf8lF_Q7sEepo6p6lcVYJJB0Vw.roa
File: UHf8lF_Q7sEepo6p6lcVYJJB0Vw.roa (raw, json)
Hash identifier: b50vlu1skDniGfmFNIUlFDe9rC6bCJHSu+RY7KkyDvo=
Subject key identifier: 50:77:FC:94:5F:D0:EE:C1:1E:A6:8E:A9:EA:57:15:60:92:41:D1:5C
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01856C1CA540788DE70516D69EECD61EF99D
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/UHf8lF_Q7sEepo6p6lcVYJJB0Vw.roa
Signing time: Sun 01 Jan 2023 06:54:54 +0000
ROA not before: Sun 01 Jan 2023 06:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200895
IP address blocks: 2a12:3fc2:e100::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a5:40:78:8d:e7:05:16:d6:9e:ec:d6:1e:f9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 06:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5077fc945fd0eec11ea68ea9ea5715609241d15c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:26:99:54:11:46:2a:5e:b9:ed:25:ea:1e:68:
b8:82:35:1a:72:56:46:80:9f:b1:06:0f:6e:d1:29:
d3:d3:46:d1:fa:c2:7b:f6:a8:60:1f:fa:13:7d:9b:
b9:82:dc:8c:71:66:5f:4f:3e:51:7d:29:3b:12:dd:
c7:ad:19:8a:e9:d8:62:96:45:ed:4c:8d:a7:48:6e:
09:fe:13:40:ca:e5:90:01:9c:2b:a2:56:6f:57:b2:
fe:82:31:48:d9:d0:c4:37:9e:b5:0b:40:35:34:c9:
6a:0d:88:d4:29:6f:58:ca:89:40:e4:ed:3f:68:c3:
92:8f:62:d1:37:dd:b1:73:a5:8e:67:86:50:e4:27:
cc:4f:e1:49:97:47:ed:2c:ee:fc:8c:fb:45:59:40:
67:9d:70:2f:2d:be:6a:45:49:2f:65:7e:b1:43:47:
31:73:b1:78:17:de:e1:5f:48:49:f2:b8:21:a6:be:
c0:ad:62:ac:5b:ee:80:98:8a:5d:3c:f0:ef:47:f0:
64:ca:3a:6b:d7:bc:bd:2e:9a:b3:ca:cc:62:ec:15:
82:7f:af:e7:e7:0b:b3:76:1c:49:85:9d:d2:20:52:
1b:d3:28:47:dd:99:51:c3:5f:5d:8f:57:1d:28:70:
66:e8:3e:4e:19:a0:b4:77:5a:62:84:51:d0:86:f9:
e9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:77:FC:94:5F:D0:EE:C1:1E:A6:8E:A9:EA:57:15:60:92:41:D1:5C
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/UHf8lF_Q7sEepo6p6lcVYJJB0Vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:e100::/40
Signature Algorithm: sha256WithRSAEncryption
bb:51:8b:07:1c:e3:c2:35:57:ff:b4:06:fe:61:40:64:82:a1:
35:07:d5:d0:b1:a6:fb:6b:cf:76:86:80:73:5e:fc:29:4f:9d:
a5:17:2d:fa:3f:51:1b:64:29:d8:c8:4d:46:b0:ce:05:38:98:
6f:b7:32:fd:49:53:5b:65:3b:67:98:b1:87:e4:de:3f:56:71:
35:02:19:cd:a5:b1:69:70:75:36:5c:8e:2b:53:59:96:7a:1b:
c0:aa:4e:55:e3:e9:8d:6b:2b:3e:59:49:d0:bb:ff:c6:da:bc:
f6:0c:fa:2b:d3:fc:2e:d7:4b:aa:46:a3:9e:0d:93:4a:f5:75:
fd:02:1b:44:13:8d:71:fa:c0:53:d3:7b:79:86:db:52:0a:d4:
48:0d:1a:a2:5e:5c:a2:0f:68:2b:c4:ca:1c:6e:22:1a:a2:8d:
49:93:33:37:64:d2:5b:ca:b7:f4:a6:ff:84:1a:bf:e1:2a:6b:
8e:46:ae:8a:90:ab:c0:25:5d:ab:fc:6e:19:94:63:32:f7:7d:
7e:af:ed:1e:58:e8:fc:91:d2:4b:a2:7a:a8:cd:6f:27:c0:94:
a5:0c:04:c3:35:b1:fd:dd:fd:1f:4f:9e:a4:17:59:7a:0b:e6:
ee:0a:c9:cc:f8:02:a8:28:8e:7a:a8:eb:3e:fd:8b:6d:fd:c1:
7e:71:62:5d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsHKVAeI3nBRbWnuzWHvmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjMwMTAxMDY1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDc3ZmM5NDVmZDBlZWMxMWVhNjhlYTllYTU3MTU2MDkyNDFkMTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyaZVBFGKl657SXqHmi4gjUaclZG
gJ+xBg9u0SnT00bR+sJ79qhgH/oTfZu5gtyMcWZfTz5RfSk7Et3HrRmK6dhilkXt
TI2nSG4J/hNAyuWQAZwrolZvV7L+gjFI2dDEN561C0A1NMlqDYjUKW9YyolA5O0/
aMOSj2LRN92xc6WOZ4ZQ5CfMT+FJl0ftLO78jPtFWUBnnXAvLb5qRUkvZX6xQ0cx
c7F4F97hX0hJ8rghpr7ArWKsW+6AmIpdPPDvR/Bkyjpr17y9Lpqzysxi7BWCf6/n
5wuzdhxJhZ3SIFIb0yhH3ZlRw19dj1cdKHBm6D5OGaC0d1pihFHQhvnpdwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFB3/JRf0O7BHqaOqepXFWCSQdFcMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvVUhmOGxGX1E3c0VlcG82cDZsY1ZZSkpCMFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI/wuEw
DQYJKoZIhvcNAQELBQADggEBALtRiwcc48I1V/+0Bv5hQGSCoTUH1dCxpvtrz3aG
gHNe/ClPnaUXLfo/URtkKdjITUawzgU4mG+3Mv1JU1tlO2eYsYfk3j9WcTUCGc2l
sWlwdTZcjitTWZZ6G8CqTlXj6Y1rKz5ZSdC7/8bavPYM+ivT/C7XS6pGo54Nk0r1
df0CG0QTjXH6wFPTe3mG21IK1EgNGqJeXKIPaCvEyhxuIhqijUmTMzdk0lvKt/Sm
/4Qav+Eqa45GroqQq8AlXav8bhmUYzL3fX6v7R5Y6PyR0kuieqjNbyfAlKUMBMM1
sf3d/R9PnqQXWXoL5u4Kycz4Aqgojnqo6z79i239wX5xYl0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:17 2025 by rpki-client