Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/pUzUObzkJlrbMRCpEXkcXLu_OuU.roa
File: pUzUObzkJlrbMRCpEXkcXLu_OuU.roa (raw, json)
Hash identifier: YcDCmto34ydG16GoaKE0H5JS0THtRolXzV/YHwI/fZ8=
Subject key identifier: A5:4C:D4:39:BC:E4:26:5A:DB:31:10:A9:11:79:1C:5C:BB:BF:3A:E5
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01856C1CA87071BF119C90DB07E02409681F
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/pUzUObzkJlrbMRCpEXkcXLu_OuU.roa
Signing time: Sun 01 Jan 2023 06:54:55 +0000
ROA not before: Sun 01 Jan 2023 06:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202408
IP address blocks: 2a12:3fc2:ab10::/48 maxlen: 48
2a12:3fc2:ab10::/44 maxlen: 48
2a12:3fc2:2b00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a8:70:71:bf:11:9c:90:db:07:e0:24:09:68:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 06:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a54cd439bce4265adb3110a911791c5cbbbf3ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:24:0f:ab:3b:03:a4:27:7d:70:c7:75:d9:41:
9c:d3:68:f2:da:09:34:3a:65:c4:4b:3f:41:b9:07:
57:be:3d:ac:87:d2:83:1b:15:d6:d4:ce:fd:f2:78:
96:f0:9d:00:1a:c5:a0:dc:a9:33:ca:3d:ae:db:41:
36:ea:cc:fd:64:e1:ce:2f:b4:25:57:a3:e4:03:2b:
81:1d:71:a5:b0:10:78:b7:93:a3:62:0e:95:a0:7e:
4e:77:b2:b1:15:e1:ca:65:2b:8e:2c:01:d5:fa:de:
81:81:35:cb:4e:f7:e0:c6:16:1e:06:83:22:a4:cb:
bc:76:cf:0a:f2:42:13:88:fa:80:91:f0:48:5c:32:
ac:de:c6:c7:15:45:0b:b0:44:e7:05:59:a0:5f:e8:
71:ee:b7:63:5e:cb:be:e8:be:3d:45:af:1f:f9:3a:
e8:c2:fb:66:be:c7:eb:3c:a6:e3:7a:d2:90:cd:34:
6b:a2:b0:93:e0:fd:26:9b:16:05:e5:77:81:94:21:
4d:a0:04:01:47:58:53:32:8a:02:ea:25:0f:c4:66:
7e:f7:69:5b:93:53:e1:01:a7:d1:7a:ea:67:38:27:
b3:ab:08:2c:19:b8:ff:ff:bf:f5:e1:e5:1d:b7:95:
85:5f:8f:88:fe:62:c2:80:1c:ee:4b:08:d7:8c:a8:
41:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:4C:D4:39:BC:E4:26:5A:DB:31:10:A9:11:79:1C:5C:BB:BF:3A:E5
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/pUzUObzkJlrbMRCpEXkcXLu_OuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:2b00::/40
2a12:3fc2:ab10::/44
Signature Algorithm: sha256WithRSAEncryption
7e:8e:e4:65:b5:f6:75:da:c8:1e:5e:b9:85:a2:84:2b:35:2e:
db:78:80:39:74:61:7d:af:03:23:5c:6d:25:95:89:4b:47:82:
f2:50:42:ce:6a:6b:bd:b9:58:e5:6f:f4:8d:58:59:ea:7a:2e:
ba:52:40:3c:2d:26:0d:c3:02:b1:2b:23:3d:dc:89:a7:88:8e:
4e:48:22:03:42:51:e0:16:6e:92:52:65:fd:6f:d7:c6:7f:8d:
56:b3:43:85:20:90:62:b3:f7:80:04:07:62:05:f2:a7:94:5f:
9d:25:7a:1d:aa:6b:66:d6:48:4c:74:e6:db:b5:a1:60:ed:44:
cb:e1:86:1f:a7:78:27:dc:fb:d4:f8:3a:72:ce:03:e3:dc:0e:
ac:a4:92:c3:a1:68:88:52:27:c4:65:8d:8b:74:f9:b5:22:51:
2d:03:33:d0:21:7c:3d:a5:9f:c4:13:9d:26:98:54:74:84:e2:
fa:f8:c0:1e:4e:5c:38:82:c4:8a:7c:d4:9b:18:3f:2b:1b:0b:
94:13:63:9c:3d:b6:69:36:89:e4:72:77:4d:1f:b6:ef:5b:e7:
22:bf:b2:58:67:22:d3:9d:9f:74:67:48:81:26:c6:de:8f:3a:
89:0f:20:67:b0:d0:6b:1d:6a:4a:a8:41:33:cc:48:aa:a7:6b:
d5:75:3e:b7
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVsHKhwcb8RnJDbB+AkCWgfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjMwMTAxMDY1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTRjZDQzOWJjZTQyNjVhZGIzMTEwYTkxMTc5MWM1Y2JiYmYzYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCQPqzsDpCd9cMd12UGc02jy2gk0
OmXESz9BuQdXvj2sh9KDGxXW1M798niW8J0AGsWg3Kkzyj2u20E26sz9ZOHOL7Ql
V6PkAyuBHXGlsBB4t5OjYg6VoH5Od7KxFeHKZSuOLAHV+t6BgTXLTvfgxhYeBoMi
pMu8ds8K8kITiPqAkfBIXDKs3sbHFUULsETnBVmgX+hx7rdjXsu+6L49Ra8f+Tro
wvtmvsfrPKbjetKQzTRrorCT4P0mmxYF5XeBlCFNoAQBR1hTMooC6iUPxGZ+92lb
k1PhAafReupnOCezqwgsGbj//7/14eUdt5WFX4+I/mLCgBzuSwjXjKhBaQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFKVM1Dm85CZa2zEQqRF5HFy7vzrlMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvcFV6VU9iemtKbHJiTVJDcEVYa2NYTHVfT3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKhI/wisD
BwQqEj/CqxAwDQYJKoZIhvcNAQELBQADggEBAH6O5GW19nXayB5euYWihCs1Ltt4
gDl0YX2vAyNcbSWViUtHgvJQQs5qa725WOVv9I1YWep6LrpSQDwtJg3DArErIz3c
iaeIjk5IIgNCUeAWbpJSZf1v18Z/jVazQ4UgkGKz94AEB2IF8qeUX50leh2qa2bW
SEx05tu1oWDtRMvhhh+neCfc+9T4OnLOA+PcDqykksOhaIhSJ8RljYt0+bUiUS0D
M9AhfD2ln8QTnSaYVHSE4vr4wB5OXDiCxIp81JsYPysbC5QTY5w9tmk2ieRyd00f
tu9b5yK/slhnItOdn3RnSIEmxt6POokPIGew0GsdakqoQTPMSKqna9V1Prc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:50 2025 by rpki-client