Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/xKVtxDnm5XOYQk_9xaTeepedZ9c.roa
File: xKVtxDnm5XOYQk_9xaTeepedZ9c.roa (raw, json)
Hash identifier: ONeTkmkg6ezXyygb7Xi1OhJciMPz2pI9VwgdA4lsljo=
Subject key identifier: C4:A5:6D:C4:39:E6:E5:73:98:42:4F:FD:C5:A4:DE:7A:97:9D:67:D7
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01856C1CA408F92897C448F4195C41819F8C
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/xKVtxDnm5XOYQk_9xaTeepedZ9c.roa
Signing time: Sun 01 Jan 2023 06:54:54 +0000
ROA not before: Sun 01 Jan 2023 06:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139328
IP address blocks: 2a12:3fc2:8000::/36 maxlen: 48
2a12:3fc2:e800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a4:08:f9:28:97:c4:48:f4:19:5c:41:81:9f:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 06:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4a56dc439e6e57398424ffdc5a4de7a979d67d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:44:52:53:c5:5c:71:1b:fc:24:b9:60:67:96:
39:33:c9:bd:fe:6c:6b:00:7a:32:a7:af:98:70:cb:
be:b0:aa:a7:84:55:1d:6c:61:54:cc:83:5b:1e:44:
a2:0e:f9:d7:95:21:41:96:ca:47:f6:99:ab:01:99:
58:8c:fd:e2:20:ce:5f:81:fb:ab:25:7d:82:52:8e:
09:b2:df:0b:fb:8f:6f:b5:56:cd:62:57:0e:fe:3c:
ac:fd:9e:da:c9:0d:db:00:d3:56:95:92:c2:52:8b:
d3:57:f1:8d:12:c7:ee:cb:68:52:04:2f:ec:c0:f3:
37:86:e4:0c:75:28:f7:b6:d2:c6:91:32:7d:ca:19:
ee:90:69:30:03:62:aa:c0:02:57:05:7a:85:7e:a9:
92:f4:c8:d6:61:23:36:11:6e:24:41:e4:a2:4e:b8:
3f:fa:c4:e2:63:5a:6c:40:2a:e5:7d:72:af:ca:8c:
83:20:f7:be:bb:f4:d5:fa:fb:da:67:ed:31:66:40:
f3:80:b2:ef:91:78:fa:8a:ed:4e:bd:e4:78:8b:5f:
09:4b:58:7c:57:23:88:56:71:01:35:88:35:27:0c:
84:5b:d7:e0:74:43:e6:f2:7f:b7:83:01:6d:e3:34:
2d:25:de:f4:23:e2:05:a6:42:27:ae:20:3a:65:bb:
7e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A5:6D:C4:39:E6:E5:73:98:42:4F:FD:C5:A4:DE:7A:97:9D:67:D7
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/xKVtxDnm5XOYQk_9xaTeepedZ9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:8000::/36
2a12:3fc2:e800::/40
Signature Algorithm: sha256WithRSAEncryption
30:da:9a:12:77:d5:f3:1d:e1:bc:d7:6b:de:67:3c:ed:62:4a:
2a:56:77:8e:bd:cc:04:0d:83:ae:53:19:9e:3d:7f:44:8d:cd:
73:eb:f2:12:86:a2:3d:d7:bd:c9:5e:44:6c:f9:dc:1d:81:cc:
d1:6d:52:1d:e3:7b:8f:00:58:d6:24:b0:79:6b:fa:23:63:67:
bc:70:7a:25:85:c7:05:e2:fe:e2:9d:45:ac:89:8c:07:b3:73:
12:9b:94:38:06:af:26:b7:9f:d9:de:3c:3e:c2:af:01:fa:5f:
f6:72:2c:be:88:01:9a:c7:82:b6:27:b4:7a:fe:62:d0:ca:d2:
53:fb:65:75:75:b9:f1:c0:81:a4:e7:0e:fb:48:f0:b7:3b:1e:
fa:53:80:e9:92:f3:7f:a3:30:c2:08:6c:0c:ab:3f:54:83:34:
71:fb:f1:83:6a:71:15:3f:a0:37:93:2c:c0:d7:c9:95:35:13:
ea:13:09:d7:6a:f0:2a:80:41:a2:ed:a2:21:1a:14:7d:a1:09:
c3:4d:87:52:57:18:69:09:d9:99:22:37:18:bc:d0:55:61:f5:
e1:d8:cf:32:87:63:c4:6b:ff:53:95:86:4b:94:f7:30:98:51:
75:4e:29:62:73:92:94:ad:06:04:6a:a8:97:a0:8a:3c:13:ed:
13:c9:6e:8b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVsHKQI+SiXxEj0GVxBgZ+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjMwMTAxMDY1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGE1NmRjNDM5ZTZlNTczOTg0MjRmZmRjNWE0ZGU3YTk3OWQ2N2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxURSU8VccRv8JLlgZ5Y5M8m9/mxr
AHoyp6+YcMu+sKqnhFUdbGFUzINbHkSiDvnXlSFBlspH9pmrAZlYjP3iIM5fgfur
JX2CUo4Jst8L+49vtVbNYlcO/jys/Z7ayQ3bANNWlZLCUovTV/GNEsfuy2hSBC/s
wPM3huQMdSj3ttLGkTJ9yhnukGkwA2KqwAJXBXqFfqmS9MjWYSM2EW4kQeSiTrg/
+sTiY1psQCrlfXKvyoyDIPe+u/TV+vvaZ+0xZkDzgLLvkXj6iu1OveR4i18JS1h8
VyOIVnEBNYg1JwyEW9fgdEPm8n+3gwFt4zQtJd70I+IFpkInriA6Zbt+5QIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFMSlbcQ55uVzmEJP/cWk3nqXnWfXMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEveEtWdHhEbm01WE9ZUWtfOXhhVGVlcGVkWjljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYEKhI/woAD
BgAqEj/C6DANBgkqhkiG9w0BAQsFAAOCAQEAMNqaEnfV8x3hvNdr3mc87WJKKlZ3
jr3MBA2DrlMZnj1/RI3Nc+vyEoaiPde9yV5EbPncHYHM0W1SHeN7jwBY1iSweWv6
I2NnvHB6JYXHBeL+4p1FrImMB7NzEpuUOAavJref2d48PsKvAfpf9nIsvogBmseC
tie0ev5i0MrSU/tldXW58cCBpOcO+0jwtzse+lOA6ZLzf6MwwghsDKs/VIM0cfvx
g2pxFT+gN5MswNfJlTUT6hMJ12rwKoBBou2iIRoUfaEJw02HUlcYaQnZmSI3GLzQ
VWH14djPModjxGv/U5WGS5T3MJhRdU4pYnOSlK0GBGqol6CKPBPtE8luiw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:20 2025 by rpki-client