Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/kQdcZR4_7fpeN4AH0Tp-oUc7Y24.roa
File: kQdcZR4_7fpeN4AH0Tp-oUc7Y24.roa (raw, json)
Hash identifier: FyoOmjvaDqAR2zMs8lrH0rjGCFvIHNOedZGAW7lU0p0=
Subject key identifier: 91:07:5C:65:1E:3F:ED:FA:5E:37:80:07:D1:3A:7E:A1:47:3B:63:6E
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01856C1CAA44588D25A9B675201AF3AEB18A
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/kQdcZR4_7fpeN4AH0Tp-oUc7Y24.roa
Signing time: Sun 01 Jan 2023 06:54:55 +0000
ROA not before: Sun 01 Jan 2023 06:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203236
IP address blocks: 2a12:3fc2:aa10::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:aa:44:58:8d:25:a9:b6:75:20:1a:f3:ae:b1:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 06:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91075c651e3fedfa5e378007d13a7ea1473b636e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:80:88:79:cc:a1:d6:9a:e5:2a:b0:61:47:09:
3c:00:0f:a8:49:06:f8:86:72:12:35:b1:2f:22:1f:
de:6f:f5:fa:a0:62:ae:62:55:90:db:5b:90:89:19:
1b:26:19:fc:ca:ab:a2:32:35:aa:8f:4c:22:96:81:
6f:3d:31:1d:6d:44:0a:d9:be:9e:47:71:6a:31:60:
dd:8e:9f:8f:0e:3d:a0:60:3f:dc:c0:4a:e0:3e:04:
21:8b:5a:01:c3:1c:e6:3d:1c:9c:da:d4:06:85:ae:
3c:85:34:56:be:03:0f:27:04:44:0f:e1:fc:2b:2b:
ab:84:b6:69:49:bb:7e:0f:eb:ec:91:c0:11:7e:64:
5a:7b:4d:9e:f2:42:c3:7e:f7:f4:7e:cc:e1:5b:f0:
b4:02:38:f1:1d:be:89:c9:ae:ca:eb:d4:32:63:72:
78:3c:16:bc:fd:ec:01:f2:f4:30:3c:77:32:02:da:
c3:af:80:97:91:9f:53:27:75:b6:da:b0:e3:a2:04:
9a:17:8a:ab:e6:25:91:a7:e9:91:22:79:07:da:2c:
26:a7:4c:90:4d:2e:1e:d4:f1:9e:58:03:83:64:71:
3b:1e:18:82:45:38:f6:82:50:e6:62:0c:25:48:12:
44:3c:ba:c4:75:8e:a1:64:54:d2:9d:8d:11:ec:b7:
1c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:07:5C:65:1E:3F:ED:FA:5E:37:80:07:D1:3A:7E:A1:47:3B:63:6E
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/kQdcZR4_7fpeN4AH0Tp-oUc7Y24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:aa10::/44
Signature Algorithm: sha256WithRSAEncryption
51:31:fa:3e:c8:e5:73:7f:6b:4d:f4:ec:19:ea:24:1b:25:6a:
04:6e:08:ff:b6:fe:23:2c:02:91:23:2b:c6:39:5b:06:1f:46:
8e:f6:94:95:3b:44:85:84:40:1a:c3:e5:75:cb:04:2c:f0:ea:
df:71:30:a5:b2:0b:9e:ba:32:f5:7c:84:d1:3c:6f:f2:9e:8e:
4c:cb:87:5c:a8:c7:e5:03:79:82:be:6d:69:2a:7e:40:93:1f:
ed:13:cf:c9:bb:5d:67:3c:cf:71:f3:31:b4:ca:d5:aa:af:b9:
1e:46:9b:29:38:b5:3f:ab:1c:f6:90:cd:5d:47:51:71:fe:13:
5f:c2:2e:2d:af:c6:07:65:ba:c9:57:af:15:cf:f8:ef:91:6d:
61:8b:93:3e:88:a3:8c:7f:5d:95:8c:d8:a9:93:02:32:1d:c8:
ac:0a:25:a8:b7:9a:22:7a:d8:de:4f:d7:c8:87:3c:8c:6a:58:
86:37:df:83:38:a2:52:cd:4c:f3:7f:5d:cc:a8:38:e6:a9:3b:
35:fd:7a:d0:03:5a:79:06:33:c4:3a:d7:fe:4d:d3:19:d7:12:
b1:bd:b9:e9:09:dc:d8:df:d1:65:52:35:ef:dc:5d:d9:35:ae:
64:06:05:cb:db:26:17:2f:17:2b:25:c1:69:c5:40:a4:b5:c4:
52:7c:dc:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsHKpEWI0lqbZ1IBrzrrGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjMwMTAxMDY1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTA3NWM2NTFlM2ZlZGZhNWUzNzgwMDdkMTNhN2VhMTQ3M2I2MzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloCIecyh1prlKrBhRwk8AA+oSQb4
hnISNbEvIh/eb/X6oGKuYlWQ21uQiRkbJhn8yquiMjWqj0wiloFvPTEdbUQK2b6e
R3FqMWDdjp+PDj2gYD/cwErgPgQhi1oBwxzmPRyc2tQGha48hTRWvgMPJwRED+H8
KyurhLZpSbt+D+vskcARfmRae02e8kLDfvf0fszhW/C0AjjxHb6Jya7K69QyY3J4
PBa8/ewB8vQwPHcyAtrDr4CXkZ9TJ3W22rDjogSaF4qr5iWRp+mRInkH2iwmp0yQ
TS4e1PGeWAODZHE7HhiCRTj2glDmYgwlSBJEPLrEdY6hZFTSnY0R7Lcc/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJEHXGUeP+36XjeAB9E6fqFHO2NuMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEva1FkY1pSNF83ZnBlTjRBSDBUcC1vVWM3WTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhI/wqoQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBRMfo+yOVzf2tN9OwZ6iQbJWoEbgj/tv4jLAKR
IyvGOVsGH0aO9pSVO0SFhEAaw+V1ywQs8OrfcTClsgueujL1fITRPG/yno5My4dc
qMflA3mCvm1pKn5Akx/tE8/Ju11nPM9x8zG0ytWqr7keRpspOLU/qxz2kM1dR1Fx
/hNfwi4tr8YHZbrJV68Vz/jvkW1hi5M+iKOMf12VjNipkwIyHcisCiWot5oietje
T9fIhzyMaliGN9+DOKJSzUzzf13MqDjmqTs1/XrQA1p5BjPEOtf+TdMZ1xKxvbnp
CdzY39FlUjXv3F3ZNa5kBgXL2yYXLxcrJcFpxUCktcRSfNzM
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:26 2025 by rpki-client