Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/mL52ICaupVmEuTo9lwiFNA9X-eQ.roa
File: mL52ICaupVmEuTo9lwiFNA9X-eQ.roa (raw, json)
Hash identifier: 31KFOKRInSDGxeHkp22yICexjKa0k0Q89cDpnmH6XdM=
Subject key identifier: 98:BE:76:20:26:AE:A5:59:84:B9:3A:3D:97:08:85:34:0F:57:F9:E4
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01856C1CA4AA04E96A25E16ADE1D3D69D541
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/mL52ICaupVmEuTo9lwiFNA9X-eQ.roa
Signing time: Sun 01 Jan 2023 06:54:54 +0000
ROA not before: Sun 01 Jan 2023 06:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200592
IP address blocks: 2a12:3fc2:e300::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a4:aa:04:e9:6a:25:e1:6a:de:1d:3d:69:d5:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 06:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98be762026aea55984b93a3d970885340f57f9e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:67:cd:b2:b8:01:a1:12:19:2a:80:60:dc:12:
e2:df:1d:49:6a:06:91:cd:3b:e9:9d:66:55:49:12:
02:e6:6d:6d:cb:32:4f:99:a1:9a:7e:60:82:03:8b:
ba:99:71:bc:e5:a7:0b:89:90:66:f5:82:56:0c:99:
db:fd:f8:fe:f7:0b:85:ea:dc:ae:60:2c:f9:51:5d:
4a:3b:fe:e6:ed:c4:fe:ef:75:30:62:b8:18:41:12:
f2:b1:0f:40:1c:00:31:3a:a6:4c:9f:bb:7f:7f:05:
07:b8:52:0b:70:a5:6f:83:3b:13:a9:c4:f1:66:b0:
2a:ca:23:c8:2f:0d:0e:07:4c:b9:83:6f:41:e0:0b:
2e:82:fe:c5:68:ab:03:49:6c:79:03:0f:08:80:98:
89:44:59:de:db:97:a8:04:28:a0:a9:1e:9a:06:cd:
c1:ed:80:6e:37:c5:8b:39:69:c8:9c:7a:69:a0:7d:
df:d0:07:e0:ab:a3:0d:d7:36:10:16:b7:bc:56:bd:
82:f2:ad:3d:c2:82:6f:30:9a:1e:8e:2f:66:73:cc:
ea:5a:ed:81:7c:fa:6a:ac:af:87:10:63:c5:1b:ee:
e8:c5:97:5e:30:0c:c3:bc:1d:c1:24:09:d5:7f:8a:
56:4c:ad:cd:ad:8c:2e:40:54:f6:db:50:5e:d5:01:
5a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:BE:76:20:26:AE:A5:59:84:B9:3A:3D:97:08:85:34:0F:57:F9:E4
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/mL52ICaupVmEuTo9lwiFNA9X-eQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:e300::/40
Signature Algorithm: sha256WithRSAEncryption
c6:78:75:91:93:61:a5:2d:b9:e4:32:cf:fb:38:ea:be:af:9c:
7e:7a:62:de:1d:da:a3:d6:79:6b:8e:c7:57:50:30:80:74:db:
f2:7d:af:10:cb:e6:65:24:0c:cf:00:73:00:e0:b2:1e:4d:16:
ae:a0:da:64:94:df:3a:52:0d:74:42:f1:0c:d3:ea:25:ab:18:
c7:cc:1f:27:a8:36:9f:8b:a7:ed:21:aa:ad:30:ed:97:b2:0b:
47:cc:32:a5:62:01:e5:55:d2:e7:09:0b:aa:01:6b:eb:52:3b:
1c:e5:c0:be:27:c1:06:91:80:fb:65:30:e5:36:28:5f:b8:c0:
c9:55:54:70:81:1f:5d:3f:08:a9:a7:97:bd:4a:4d:1d:9b:cc:
3c:ab:7e:c1:ec:6a:6f:f0:03:1a:2d:95:10:bf:dd:0b:6e:35:
cd:f7:24:5f:dc:bc:40:78:a0:cd:f2:a4:b8:b4:d5:fd:46:ac:
5b:53:07:62:e6:49:b2:1c:8d:d4:62:d0:2a:85:aa:aa:97:0e:
70:ba:8f:d7:3a:a8:e9:ae:c6:4d:8e:85:43:f7:85:03:7d:a1:
12:4b:d4:0c:7d:a3:b1:0c:fc:cb:b1:a5:3d:0a:de:d1:b1:8a:
d9:3d:ca:fd:e9:6a:68:a3:7d:7b:21:84:b9:b2:13:57:8f:c6:
63:81:3c:9c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsHKSqBOlqJeFq3h09adVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjMwMTAxMDY1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGJlNzYyMDI2YWVhNTU5ODRiOTNhM2Q5NzA4ODUzNDBmNTdmOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWfNsrgBoRIZKoBg3BLi3x1JagaR
zTvpnWZVSRIC5m1tyzJPmaGafmCCA4u6mXG85acLiZBm9YJWDJnb/fj+9wuF6tyu
YCz5UV1KO/7m7cT+73UwYrgYQRLysQ9AHAAxOqZMn7t/fwUHuFILcKVvgzsTqcTx
ZrAqyiPILw0OB0y5g29B4Asugv7FaKsDSWx5Aw8IgJiJRFne25eoBCigqR6aBs3B
7YBuN8WLOWnInHppoH3f0Afgq6MN1zYQFre8Vr2C8q09woJvMJoeji9mc8zqWu2B
fPpqrK+HEGPFG+7oxZdeMAzDvB3BJAnVf4pWTK3NrYwuQFT221Be1QFavQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJi+diAmrqVZhLk6PZcIhTQPV/nkMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvbUw1MklDYXVwVm1FdVRvOWx3aUZOQTlYLWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI/wuMw
DQYJKoZIhvcNAQELBQADggEBAMZ4dZGTYaUtueQyz/s46r6vnH56Yt4d2qPWeWuO
x1dQMIB02/J9rxDL5mUkDM8AcwDgsh5NFq6g2mSU3zpSDXRC8QzT6iWrGMfMHyeo
Np+Lp+0hqq0w7ZeyC0fMMqViAeVV0ucJC6oBa+tSOxzlwL4nwQaRgPtlMOU2KF+4
wMlVVHCBH10/CKmnl71KTR2bzDyrfsHsam/wAxotlRC/3QtuNc33JF/cvEB4oM3y
pLi01f1GrFtTB2LmSbIcjdRi0CqFqqqXDnC6j9c6qOmuxk2OhUP3hQN9oRJL1Ax9
o7EM/MuxpT0K3tGxitk9yv3pamijfXshhLmyE1ePxmOBPJw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:54 2025 by rpki-client