Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/vU_mFMhAGxWyvDFPoJ9CX5vmrWs.roa
File: vU_mFMhAGxWyvDFPoJ9CX5vmrWs.roa (raw, json)
Hash identifier: PWG5XdieW0FA2RbivcAQw3jF/8CqhFhbQabtUrengso=
Subject key identifier: BD:4F:E6:14:C8:40:1B:15:B2:BC:31:4F:A0:9F:42:5F:9B:E6:AD:6B
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 0184D7F01D671AD1ADE2CB43842127C59770
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/vU_mFMhAGxWyvDFPoJ9CX5vmrWs.roa
Signing time: Sat 03 Dec 2022 12:22:28 +0000
ROA not before: Sat 03 Dec 2022 12:22:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203899
IP address blocks: 2a12:3fc2:e400::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d7:f0:1d:67:1a:d1:ad:e2:cb:43:84:21:27:c5:97:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Dec 3 12:22:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd4fe614c8401b15b2bc314fa09f425f9be6ad6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cf:35:75:27:4f:d8:44:ab:a9:ab:70:05:b3:
29:b6:69:30:1f:bc:9a:68:bc:ba:09:f0:2f:14:1f:
56:9e:30:97:b6:48:af:9a:3e:2f:7b:9e:d7:79:72:
6e:d8:63:a9:e7:3e:da:83:c9:e9:52:8f:61:4f:27:
1b:e4:aa:3a:ee:05:3c:dd:df:60:f8:a5:e6:6d:65:
49:b0:41:8a:bd:50:74:cb:1c:b7:47:46:3f:dd:85:
78:55:bd:b9:ab:69:18:0e:fc:07:f8:9c:28:f6:67:
fb:c6:1c:31:98:06:d2:c2:8e:4f:96:6c:ae:8c:c4:
6e:79:2e:e1:e7:93:81:7e:c9:26:3f:82:9d:b0:f3:
25:e8:c2:71:04:24:f2:50:5b:9a:ff:09:2a:5b:81:
79:e5:54:88:43:8b:a2:1e:a7:f8:b8:6a:dc:ce:00:
1f:d2:a0:17:9c:e4:98:39:f1:4c:8b:6e:f3:08:4a:
b2:56:ed:58:6a:6c:41:73:82:5f:70:31:e5:cf:36:
6e:61:4c:91:71:fc:5f:20:26:ef:28:2a:31:87:97:
32:71:7f:88:2b:0f:51:7f:d1:a6:af:5f:80:43:45:
f1:32:81:18:3a:08:b2:12:49:bc:3c:90:74:97:1d:
68:88:53:c8:22:63:30:31:dd:33:1a:b2:05:c6:4d:
b1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:4F:E6:14:C8:40:1B:15:B2:BC:31:4F:A0:9F:42:5F:9B:E6:AD:6B
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/vU_mFMhAGxWyvDFPoJ9CX5vmrWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:e400::/40
Signature Algorithm: sha256WithRSAEncryption
18:07:90:93:a4:e5:aa:67:8f:b9:d0:4b:24:5a:bb:28:ad:e0:
86:23:68:c7:fa:e4:3d:8e:34:f0:c4:5b:e6:1a:f6:d0:dc:2b:
45:41:aa:ad:10:73:21:6d:ae:46:03:31:74:4c:17:66:3a:7e:
1a:c4:2d:a0:38:70:17:7c:57:5c:fb:1b:ff:72:e6:78:a0:d1:
74:5e:06:55:97:54:7a:b3:f0:b3:64:91:32:3c:77:af:d9:62:
e7:41:d5:81:12:a6:d8:1d:1f:21:a3:50:20:4e:9f:f2:19:41:
44:05:84:5e:4f:27:61:77:c7:77:2f:c1:05:a8:fc:88:87:8c:
8f:0a:06:a8:0e:cf:a4:e9:77:f4:e2:2e:0e:6c:fd:d6:68:79:
4f:96:85:7a:3c:95:43:4c:83:16:6d:a8:84:6f:48:40:b8:fa:
4d:db:47:f3:88:5b:23:56:39:13:9f:08:0a:7c:5f:f7:d4:d6:
95:31:1e:0e:30:0a:f6:fe:e6:b2:4c:1e:7b:5b:80:58:4f:00:
57:0b:83:6e:85:b8:e6:76:cf:a6:61:c2:61:3a:a6:a9:5e:60:
45:ee:ba:4a:67:8a:88:bc:ca:47:c5:42:04:a2:7e:86:41:63:
30:de:ce:c7:d7:15:a6:20:9f:06:7b:67:ae:18:6b:c4:88:fd:
05:21:e6:cc
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYTX8B1nGtGt4stDhCEnxZdwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjIxMjAzMTIyMjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDRmZTYxNGM4NDAxYjE1YjJiYzMxNGZhMDlmNDI1ZjliZTZhZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc81dSdP2ESrqatwBbMptmkwH7ya
aLy6CfAvFB9WnjCXtkivmj4ve57XeXJu2GOp5z7ag8npUo9hTycb5Ko67gU83d9g
+KXmbWVJsEGKvVB0yxy3R0Y/3YV4Vb25q2kYDvwH+Jwo9mf7xhwxmAbSwo5Plmyu
jMRueS7h55OBfskmP4KdsPMl6MJxBCTyUFua/wkqW4F55VSIQ4uiHqf4uGrczgAf
0qAXnOSYOfFMi27zCEqyVu1YamxBc4JfcDHlzzZuYUyRcfxfICbvKCoxh5cycX+I
Kw9Rf9Gmr1+AQ0XxMoEYOgiyEkm8PJB0lx1oiFPIImMwMd0zGrIFxk2xTQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFL1P5hTIQBsVsrwxT6CfQl+b5q1rMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvdlVfbUZNaEFHeFd5dkRGUG9KOUNYNXZtcldzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI/wuQw
DQYJKoZIhvcNAQELBQADggEBABgHkJOk5apnj7nQSyRauyit4IYjaMf65D2ONPDE
W+Ya9tDcK0VBqq0QcyFtrkYDMXRMF2Y6fhrELaA4cBd8V1z7G/9y5nig0XReBlWX
VHqz8LNkkTI8d6/ZYudB1YESptgdHyGjUCBOn/IZQUQFhF5PJ2F3x3cvwQWo/IiH
jI8KBqgOz6Tpd/TiLg5s/dZoeU+WhXo8lUNMgxZtqIRvSEC4+k3bR/OIWyNWOROf
CAp8X/fU1pUxHg4wCvb+5rJMHntbgFhPAFcLg26FuOZ2z6ZhwmE6pqleYEXuukpn
ioi8ykfFQgSifoZBYzDezsfXFaYgnwZ7Z64Ya8SI/QUh5sw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:02 2025 by rpki-client