Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/5TMIRd9vPWA1sg5Ltx1sILyfulM.roa
File: 5TMIRd9vPWA1sg5Ltx1sILyfulM.roa (raw, json)
Hash identifier: VjN6mSbprDFsCBTr/BS/78GDUKG/Q+dE5XgVhk63as8=
Subject key identifier: E5:33:08:45:DF:6F:3D:60:35:B2:0E:4B:B7:1D:6C:20:BC:9F:BA:53
Certificate issuer: /CN=a9f2fdea263b79fce11389052b0cd940995c6dfe
Certificate serial: 01840BB22BEB6B6E621567A2FEF74B686300
Authority key identifier: A9:F2:FD:EA:26:3B:79:FC:E1:13:89:05:2B:0C:D9:40:99:5C:6D:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/5TMIRd9vPWA1sg5Ltx1sILyfulM.roa
Signing time: Mon 24 Oct 2022 20:32:16 +0000
ROA not before: Mon 24 Oct 2022 20:32:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 2a12:d8c6::/32 maxlen: 32
2a12:d8c4::/32 maxlen: 32
2a12:d8c3::/32 maxlen: 32
2a12:d8c7::/32 maxlen: 32
2a12:d8c2::/32 maxlen: 32
2a12:d8c5::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0b:b2:2b:eb:6b:6e:62:15:67:a2:fe:f7:4b:68:63:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9f2fdea263b79fce11389052b0cd940995c6dfe
Validity
Not Before: Oct 24 20:32:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5330845df6f3d6035b20e4bb71d6c20bc9fba53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a0:9d:ed:7a:18:e9:cc:6b:9f:8d:77:74:ab:
71:d5:a1:39:54:82:ef:ad:ec:32:2c:30:aa:7e:47:
d4:0d:f1:3c:bf:aa:5b:92:c4:5c:0d:1a:70:ee:39:
a8:5a:84:0b:43:91:0f:65:8d:1b:24:6c:e4:84:ab:
d3:87:92:6d:46:2b:48:4d:91:9e:34:a3:fd:40:70:
57:e1:fd:23:11:5b:37:1b:a4:6d:07:5c:5d:bc:5b:
c4:9f:d4:3b:3e:37:46:95:f3:bb:49:c7:2d:2f:66:
64:60:16:e4:01:30:43:f6:72:1a:bb:21:00:58:fd:
9a:c3:ff:f6:c0:b6:31:65:2c:b2:9f:80:af:fd:01:
07:6f:05:48:bf:66:10:ca:17:e7:a2:0c:39:f6:ab:
b8:dd:f1:31:32:78:bc:de:ea:4c:cc:e5:97:b0:25:
c0:8f:3f:2e:fa:8b:6b:95:87:c3:18:e8:b5:81:b3:
01:7b:b0:cb:a5:b0:e5:c3:94:1d:e8:45:aa:f0:9d:
ac:72:60:3f:32:d5:bb:01:ee:0a:d7:b8:da:b6:64:
4a:87:94:95:7a:6f:3d:de:83:c9:04:1f:6a:7a:90:
78:ee:ca:16:34:ad:32:fa:08:68:89:51:69:4d:cc:
18:36:51:c1:98:5f:85:7d:ac:8d:73:eb:97:bb:71:
a3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:33:08:45:DF:6F:3D:60:35:B2:0E:4B:B7:1D:6C:20:BC:9F:BA:53
X509v3 Authority Key Identifier:
keyid:A9:F2:FD:EA:26:3B:79:FC:E1:13:89:05:2B:0C:D9:40:99:5C:6D:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/5TMIRd9vPWA1sg5Ltx1sILyfulM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/qfL96iY7efzhE4kFKwzZQJlcbf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:d8c2::-2a12:d8c7:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c8:f9:c2:8d:de:6b:f6:ff:49:cd:c5:cd:af:26:01:3b:50:2b:
da:11:68:1f:dc:d3:35:0d:90:a5:a0:5c:1c:9d:b0:fe:9d:25:
7d:2c:bc:54:ab:10:7a:62:d1:0f:4d:67:d8:ab:a0:e5:33:0b:
66:c1:68:8e:ae:d9:81:5d:c1:1a:e7:07:4a:ff:4d:7a:05:d2:
6a:3e:f3:71:d9:72:a5:e2:34:df:7c:51:e6:34:d6:e2:62:81:
fd:5d:8a:a8:2c:43:0c:ed:56:e0:06:ee:a6:ac:6c:0f:36:f7:
6b:0d:44:40:24:55:07:7c:58:8f:38:7f:38:81:82:d5:3a:7c:
b4:86:1a:fe:f1:61:44:af:d8:1f:6a:ab:3e:2c:d6:98:47:ba:
40:29:29:39:d4:74:ed:bb:da:85:14:e7:e5:4b:af:de:ad:70:
90:21:dc:b8:6a:82:8e:48:a9:4b:2a:fc:6c:59:6b:40:6a:71:
4f:0c:3b:20:24:4e:e6:d6:39:eb:27:67:d0:a8:ff:2d:66:20:
ee:7d:29:d9:09:d7:9d:cb:91:87:c4:15:85:95:fe:aa:b7:39:
fc:f4:8e:40:df:38:ee:77:e8:75:bc:04:de:cc:c1:4a:98:69:
d5:8a:16:ae:98:f7:48:7d:c6:4e:1c:30:e0:5e:46:43:84:8f:
64:4c:6d:87
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYQLsivra25iFWei/vdLaGMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZjJmZGVhMjYzYjc5ZmNlMTEzODkwNTJiMGNkOTQwOTk1
YzZkZmUwHhcNMjIxMDI0MjAzMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTMzMDg0NWRmNmYzZDYwMzViMjBlNGJiNzFkNmMyMGJjOWZiYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKCd7XoY6cxrn413dKtx1aE5VILv
rewyLDCqfkfUDfE8v6pbksRcDRpw7jmoWoQLQ5EPZY0bJGzkhKvTh5JtRitITZGe
NKP9QHBX4f0jEVs3G6RtB1xdvFvEn9Q7PjdGlfO7ScctL2ZkYBbkATBD9nIauyEA
WP2aw//2wLYxZSyyn4Cv/QEHbwVIv2YQyhfnogw59qu43fExMni83upMzOWXsCXA
jz8u+otrlYfDGOi1gbMBe7DLpbDlw5Qd6EWq8J2scmA/MtW7Ae4K17jatmRKh5SV
em893oPJBB9qepB47soWNK0y+ghoiVFpTcwYNlHBmF+FfayNc+uXu3Gj8wIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFOUzCEXfbz1gNbIOS7cdbCC8n7pTMB8GA1UdIwQY
MBaAFKny/eomO3n84ROJBSsM2UCZXG3+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWZMOTZpWTdlZnpoRTRrRkt3elpRSmxjYmY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81M2ZmNjItYzFhZC00MjQ0LWI5MWEt
ZjhhZmZlZjExMmQ4LzEvNVRNSVJkOXZQV0Exc2c1THR4MXNJTHlmdWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My81M2ZmNjItYzFhZC00MjQ0LWI5MWEtZjhhZmZlZjExMmQ4
LzEvcWZMOTZpWTdlZnpoRTRrRkt3elpRSmxjYmY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQEqEtjC
AwUDKhLYwDANBgkqhkiG9w0BAQsFAAOCAQEAyPnCjd5r9v9JzcXNryYBO1Ar2hFo
H9zTNQ2QpaBcHJ2w/p0lfSy8VKsQemLRD01n2Kug5TMLZsFojq7ZgV3BGucHSv9N
egXSaj7zcdlypeI033xR5jTW4mKB/V2KqCxDDO1W4AbupqxsDzb3aw1EQCRVB3xY
jzh/OIGC1Tp8tIYa/vFhRK/YH2qrPizWmEe6QCkpOdR07bvahRTn5Uuv3q1wkCHc
uGqCjkipSyr8bFlrQGpxTww7ICRO5tY56ydn0Kj/LWYg7n0p2QnXncuRh8QVhZX+
qrc5/PSOQN847nfodbwE3szBSphp1YoWrpj3SH3GThww4F5GQ4SPZExthw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:02 2024 by rpki-client on console-ams.rpki-client.org