Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/i3hdl61FXcPui6isQDkEkrTMrRI.roa
File: i3hdl61FXcPui6isQDkEkrTMrRI.roa (raw, json)
Hash identifier: tmx/qAD7U9jNUTbMNM1btc3JbLOIJe3rXUJmhJ4Riso=
Subject key identifier: 8B:78:5D:97:AD:45:5D:C3:EE:8B:A8:AC:40:39:04:92:B4:CC:AD:12
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 0183FFC39AAC5C2F4F8DB49527057A645FD2
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/i3hdl61FXcPui6isQDkEkrTMrRI.roa
Signing time: Sat 22 Oct 2022 12:55:52 +0000
ROA not before: Sat 22 Oct 2022 12:55:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202408
IP address blocks: 2a12:3fc2:ab10::/48 maxlen: 48
2a12:3fc2:ab10::/44 maxlen: 48
2a12:3fc2:2b00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ff:c3:9a:ac:5c:2f:4f:8d:b4:95:27:05:7a:64:5f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Oct 22 12:55:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b785d97ad455dc3ee8ba8ac40390492b4ccad12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:48:f6:1f:09:96:52:5f:12:d4:e8:57:65:6f:
3e:8d:af:97:1a:55:3c:a5:93:8e:53:a7:8f:c7:88:
59:39:5a:dc:6e:65:af:8c:a0:68:5e:0e:5a:a9:30:
b2:a3:21:f8:06:f0:b8:33:36:48:4f:32:5b:3a:1f:
ba:eb:ed:fe:f9:0e:9b:21:b9:59:bc:7d:bc:c8:d9:
55:ed:aa:e1:42:aa:46:03:3b:99:28:96:44:eb:28:
81:b6:40:d1:cb:50:60:23:16:24:5e:17:52:a0:7f:
c8:4d:9c:2b:9e:87:55:3a:73:8e:66:a5:76:31:50:
dd:a8:99:5d:84:8b:fd:f7:21:86:7a:95:3b:50:2f:
bb:1e:95:63:5f:0a:73:06:3a:79:c8:b6:2a:f3:c2:
b9:67:20:b1:02:39:9a:93:ea:ae:eb:f5:bf:74:b3:
ec:4b:1a:cb:d6:7d:f0:57:f4:e2:d6:1b:f3:09:b1:
1e:49:c3:ba:d7:d4:64:92:8c:d1:ba:0c:6e:63:90:
79:be:85:a1:99:1c:30:81:81:0b:37:18:60:39:e8:
4d:7c:da:22:2b:b3:53:b9:46:c1:f4:8f:da:60:01:
ce:fe:0d:bf:59:61:5b:10:c7:81:4d:53:0c:d7:d6:
ab:fc:71:83:3c:ac:2c:89:d8:5b:1e:a8:7c:b9:dc:
11:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:78:5D:97:AD:45:5D:C3:EE:8B:A8:AC:40:39:04:92:B4:CC:AD:12
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/i3hdl61FXcPui6isQDkEkrTMrRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:2b00::/40
2a12:3fc2:ab10::/44
Signature Algorithm: sha256WithRSAEncryption
16:09:11:21:bb:21:63:7d:0c:c9:8e:01:54:35:ef:e6:76:ce:
0a:66:1e:e0:64:01:dc:bb:92:38:3c:20:67:1b:ab:e6:0d:84:
33:33:6c:75:8a:cb:e1:0f:ac:68:45:82:f6:9a:be:87:ce:cb:
a6:11:5e:17:65:8c:a1:35:e1:30:ae:14:5d:f6:99:bf:16:2f:
86:d2:04:f9:a3:2d:bb:97:7d:5a:01:36:75:3d:4f:f2:25:ae:
ac:19:5d:2d:58:a2:22:3d:6f:89:0f:dc:fe:52:57:7e:77:e5:
ca:41:6b:e8:d4:51:57:1f:44:b3:b4:3f:09:70:46:f1:9b:ee:
98:43:11:2c:e1:6a:e9:80:55:eb:7e:0b:cd:0c:e1:34:70:6c:
9f:62:7f:48:dd:a5:b9:29:f9:53:b3:40:3b:9c:d8:82:ae:74:
49:09:b5:55:98:9b:85:41:9b:a6:25:5e:12:9f:70:12:29:7c:
b2:60:df:f2:38:94:30:3a:4b:a6:7c:31:b4:fc:4d:87:cb:c9:
91:93:ee:35:ed:7d:84:5c:3b:85:ca:6f:a6:64:ab:fd:69:df:
56:26:e6:38:a1:17:6b:e7:ae:fc:24:b0:21:9f:08:19:fa:5d:
7b:e9:47:04:af:56:4d:c9:a6:1b:89:8d:38:08:4c:55:ba:96:
ce:c1:86:a4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYP/w5qsXC9PjbSVJwV6ZF/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjIxMDIyMTI1NTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjc4NWQ5N2FkNDU1ZGMzZWU4YmE4YWM0MDM5MDQ5MmI0Y2NhZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkj2HwmWUl8S1OhXZW8+ja+XGlU8
pZOOU6ePx4hZOVrcbmWvjKBoXg5aqTCyoyH4BvC4MzZITzJbOh+66+3++Q6bIblZ
vH28yNlV7arhQqpGAzuZKJZE6yiBtkDRy1BgIxYkXhdSoH/ITZwrnodVOnOOZqV2
MVDdqJldhIv99yGGepU7UC+7HpVjXwpzBjp5yLYq88K5ZyCxAjmak+qu6/W/dLPs
SxrL1n3wV/Ti1hvzCbEeScO619RkkozRugxuY5B5voWhmRwwgYELNxhgOehNfNoi
K7NTuUbB9I/aYAHO/g2/WWFbEMeBTVMM19ar/HGDPKwsidhbHqh8udwR2wIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFIt4XZetRV3D7ouorEA5BJK0zK0SMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvaTNoZGw2MUZYY1B1aTZpc1FEa0VrclRNclJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKhI/wisD
BwQqEj/CqxAwDQYJKoZIhvcNAQELBQADggEBABYJESG7IWN9DMmOAVQ17+Z2zgpm
HuBkAdy7kjg8IGcbq+YNhDMzbHWKy+EPrGhFgvaavofOy6YRXhdljKE14TCuFF32
mb8WL4bSBPmjLbuXfVoBNnU9T/IlrqwZXS1YoiI9b4kP3P5SV3535cpBa+jUUVcf
RLO0PwlwRvGb7phDESzhaumAVet+C80M4TRwbJ9if0jdpbkp+VOzQDuc2IKudEkJ
tVWYm4VBm6YlXhKfcBIpfLJg3/I4lDA6S6Z8MbT8TYfLyZGT7jXtfYRcO4XKb6Zk
q/1p31Ym5jihF2vnrvwksCGfCBn6XXvpRwSvVk3JphuJjTgITFW6ls7BhqQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:06 2025 by rpki-client