Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/gzFiYiWtcPbYHGhPuUpisbCgZpY.roa
File: gzFiYiWtcPbYHGhPuUpisbCgZpY.roa (raw, json)
Hash identifier: B3yUujffc+7/JCmsCMp2UpYrLADIqbLxZHpEteU9snA=
Subject key identifier: 83:31:62:62:25:AD:70:F6:D8:1C:68:4F:B9:4A:62:B1:B0:A0:66:96
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01897CA3A7558B3BDD15957D9842A9E2057F
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/gzFiYiWtcPbYHGhPuUpisbCgZpY.roa
Signing time: Sat 22 Jul 2023 08:07:27 +0000
ROA not before: Sat 22 Jul 2023 08:07:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57330
IP address blocks: 2a12:3fc6::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:7c:a3:a7:55:8b:3b:dd:15:95:7d:98:42:a9:e2:05:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jul 22 08:07:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8331626225ad70f6d81c684fb94a62b1b0a06696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8c:45:b2:26:fe:16:d3:03:1d:4e:ec:a6:6f:
85:ba:3d:fc:0f:af:20:fc:87:cb:9b:86:86:1a:2d:
1d:b7:65:f3:33:8f:c2:d9:dd:36:73:b7:df:e1:e8:
c2:cb:8e:12:f3:f7:9f:02:3f:92:70:04:91:57:a7:
cd:9b:15:a9:33:bf:a5:1b:a3:c4:3c:41:6c:99:b8:
dc:7f:98:f3:9e:2f:53:30:c1:d0:32:b9:17:1f:76:
84:5f:83:1c:9b:c0:6e:ec:b0:5a:ff:b3:21:7c:8b:
f9:ab:ed:60:84:84:66:ba:55:bc:0a:e7:f9:bf:bb:
8d:29:00:2f:3c:6d:4c:90:06:62:22:ce:23:e2:b1:
ff:99:9d:1e:d1:e9:3b:fd:b2:69:88:7f:ca:f5:0e:
2f:31:2d:c4:b3:56:d5:f0:1f:18:49:57:54:28:3b:
5e:02:35:35:7a:df:e8:1f:5d:43:77:b3:38:48:11:
df:dc:b3:f4:b7:bb:2d:f9:d1:56:c5:48:4c:30:0d:
07:62:03:aa:cb:80:a1:f2:d8:7d:8e:48:82:e6:0d:
36:75:37:13:49:8c:30:81:62:8d:e0:17:8e:a9:89:
06:11:a0:dd:df:d4:99:b3:53:ef:da:58:1f:62:8d:
05:50:7c:2e:1c:aa:98:e8:93:2b:1d:35:73:74:35:
9a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:31:62:62:25:AD:70:F6:D8:1C:68:4F:B9:4A:62:B1:B0:A0:66:96
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/gzFiYiWtcPbYHGhPuUpisbCgZpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc6::/44
Signature Algorithm: sha256WithRSAEncryption
2b:60:13:3f:e0:40:49:3a:ce:b3:da:62:d3:cf:1e:dc:02:55:
bd:57:0b:c1:ed:cc:31:6e:89:80:f7:fe:ef:a4:5a:bc:d8:c7:
8f:31:29:7a:28:77:b7:7c:8d:7d:e4:a6:58:bc:66:f3:81:53:
8a:f7:09:ba:0b:f1:5d:a5:cc:21:a3:8e:84:b4:16:c5:61:1c:
d0:c1:64:ea:c0:38:33:1a:e3:f6:bd:89:c6:95:74:01:65:99:
78:f9:ae:b2:09:9a:46:9d:12:6e:e2:c7:dc:42:f3:cc:b5:bd:
46:87:3e:ba:45:fb:95:bb:2f:70:d0:00:f6:d1:6f:e5:63:d5:
40:b7:87:7a:bd:dd:54:9d:76:ac:e7:e0:b3:e6:1b:4a:bd:37:
ae:3e:98:8d:f9:8c:20:12:0a:32:d8:47:48:43:b8:09:e2:00:
5b:f6:87:16:ce:6c:12:43:cd:20:c7:7e:31:8a:af:ba:33:98:
c7:d7:0d:eb:4f:b5:ea:2d:47:91:31:7c:54:97:15:b8:48:a4:
f6:a9:93:c3:a1:13:d2:2d:e6:28:74:7b:b1:97:bf:38:e2:d3:
10:ad:13:66:5f:53:ff:5a:55:53:5d:db:9f:1e:3c:c8:e3:49:
be:d1:a8:64:35:cc:a3:1d:dd:a8:e2:40:96:be:13:89:33:9f:
77:8f:36:70
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYl8o6dVizvdFZV9mEKp4gV/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjMwNzIyMDgwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzMxNjI2MjI1YWQ3MGY2ZDgxYzY4NGZiOTRhNjJiMWIwYTA2Njk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4xFsib+FtMDHU7spm+Fuj38D68g
/IfLm4aGGi0dt2XzM4/C2d02c7ff4ejCy44S8/efAj+ScASRV6fNmxWpM7+lG6PE
PEFsmbjcf5jzni9TMMHQMrkXH3aEX4Mcm8Bu7LBa/7MhfIv5q+1ghIRmulW8Cuf5
v7uNKQAvPG1MkAZiIs4j4rH/mZ0e0ek7/bJpiH/K9Q4vMS3Es1bV8B8YSVdUKDte
AjU1et/oH11Dd7M4SBHf3LP0t7st+dFWxUhMMA0HYgOqy4Ch8th9jkiC5g02dTcT
SYwwgWKN4BeOqYkGEaDd39SZs1Pv2lgfYo0FUHwuHKqY6JMrHTVzdDWapwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIMxYmIlrXD22BxoT7lKYrGwoGaWMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvZ3pGaVlpV3RjUGJZSEdoUHVVcGlzYkNnWnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhI/xgAA
MA0GCSqGSIb3DQEBCwUAA4IBAQArYBM/4EBJOs6z2mLTzx7cAlW9VwvB7cwxbomA
9/7vpFq82MePMSl6KHe3fI195KZYvGbzgVOK9wm6C/Fdpcwho46EtBbFYRzQwWTq
wDgzGuP2vYnGlXQBZZl4+a6yCZpGnRJu4sfcQvPMtb1Ghz66RfuVuy9w0AD20W/l
Y9VAt4d6vd1UnXas5+Cz5htKvTeuPpiN+YwgEgoy2EdIQ7gJ4gBb9ocWzmwSQ80g
x34xiq+6M5jH1w3rT7XqLUeRMXxUlxW4SKT2qZPDoRPSLeYodHuxl7844tMQrRNm
X1P/WlVTXdufHjzI40m+0ahkNcyjHd2o4kCWvhOJM593jzZw
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:06 2025 by rpki-client