Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/uzVpetUycrXnG8wS6pNlzDy0oVY.roa
File: uzVpetUycrXnG8wS6pNlzDy0oVY.roa (raw, json)
Hash identifier: b2KbILAr+frkgw8QDkWHBQZVLxcGFc3mxPc83UbvNfg=
Subject key identifier: BB:35:69:7A:D5:32:72:B5:E7:1B:CC:12:EA:93:65:CC:3C:B4:A1:56
Certificate issuer: /CN=a9f2fdea263b79fce11389052b0cd940995c6dfe
Certificate serial: 01840927461E01EB26FEE94B6E8DE62C370B
Authority key identifier: A9:F2:FD:EA:26:3B:79:FC:E1:13:89:05:2B:0C:D9:40:99:5C:6D:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/uzVpetUycrXnG8wS6pNlzDy0oVY.roa
Signing time: Mon 24 Oct 2022 08:41:19 +0000
ROA not before: Mon 24 Oct 2022 08:41:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204471
IP address blocks: 2a12:d8c1::/32 maxlen: 32
2a12:d8c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:09:27:46:1e:01:eb:26:fe:e9:4b:6e:8d:e6:2c:37:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9f2fdea263b79fce11389052b0cd940995c6dfe
Validity
Not Before: Oct 24 08:41:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb35697ad53272b5e71bcc12ea9365cc3cb4a156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ca:13:5f:5a:5d:9e:7c:c2:bc:c4:4f:c6:4c:
19:a8:5c:23:63:79:a5:fb:53:42:ee:e1:ff:36:46:
a5:6d:f9:d2:14:fe:c7:0f:da:eb:28:01:64:48:6d:
db:77:cc:5a:f5:f7:bb:06:0c:c5:b6:d1:7c:8b:52:
fc:5e:38:14:ae:d1:1b:f1:07:5c:41:e3:af:1e:85:
b7:4c:93:64:83:4b:a9:23:bb:fd:9e:83:8a:6a:1e:
45:55:ee:4f:4e:80:ee:cc:d6:55:6b:9e:d8:e5:97:
e9:ea:c1:91:52:51:44:37:b0:27:7f:94:65:bc:58:
48:e8:88:b3:9e:66:19:dd:76:d3:d3:df:a2:32:25:
f3:ed:38:56:ca:d9:57:b8:93:e3:ed:4c:be:14:62:
f0:a2:aa:5d:6c:2b:6b:97:3b:66:ef:40:70:7e:bd:
24:c1:44:57:64:49:a1:de:3d:d0:1b:52:2f:8e:4b:
83:08:93:a8:2d:56:30:0d:53:9f:2b:dd:82:1b:f9:
e0:62:61:a8:37:46:e0:85:9a:ca:ca:55:2c:91:71:
21:0c:e6:ee:73:d8:56:42:c7:88:6d:ed:09:a5:ea:
0a:c0:04:d9:0f:3f:b1:ce:1d:ec:1a:e3:9f:22:ae:
7d:63:aa:ab:16:07:84:64:64:f2:44:91:96:05:1b:
9f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:35:69:7A:D5:32:72:B5:E7:1B:CC:12:EA:93:65:CC:3C:B4:A1:56
X509v3 Authority Key Identifier:
keyid:A9:F2:FD:EA:26:3B:79:FC:E1:13:89:05:2B:0C:D9:40:99:5C:6D:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/uzVpetUycrXnG8wS6pNlzDy0oVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/qfL96iY7efzhE4kFKwzZQJlcbf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:d8c0::/31
Signature Algorithm: sha256WithRSAEncryption
89:1c:d1:4e:eb:10:6b:91:b0:4d:7d:a6:b9:a5:1f:1f:23:80:
31:94:ce:bf:f6:32:96:82:70:8e:de:1d:b1:53:85:00:74:06:
e3:ab:6c:a4:0c:2b:c6:8b:00:bd:e0:95:6e:31:76:40:a5:ee:
43:68:e7:af:3e:57:ce:55:f7:9f:cc:a6:8b:75:45:0f:70:cc:
45:00:f0:ad:60:cd:50:04:b6:1a:12:67:7f:20:29:ba:a2:0f:
e9:a9:4e:d6:8a:e7:de:cd:2a:66:3d:32:b3:03:5e:dd:53:61:
09:0a:02:d2:2e:20:c4:36:96:1f:22:be:8f:94:e3:0b:35:bf:
5f:ca:13:07:ae:9f:45:c3:14:9f:bd:ab:f3:4e:b6:ac:48:8c:
ef:4c:9f:67:ac:63:dd:37:f1:63:2e:44:c1:0d:91:d0:24:6a:
2f:cf:f3:28:d4:c9:c3:f3:84:00:70:f5:9e:f2:23:fd:0a:14:
97:6e:fd:79:13:bf:82:d9:e1:9d:92:15:93:1e:e2:2e:82:ce:
81:be:d0:32:e7:ed:b9:be:4e:bb:8c:d6:52:c4:7f:50:c9:e4:
41:d3:36:5b:0e:2d:3a:e1:3a:9d:c4:ae:9a:2c:0f:16:f6:83:
e0:77:6a:69:dd:62:e6:2b:2f:4f:4a:41:00:bb:54:94:4b:50:
71:cd:2f:d7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYQJJ0YeAesm/ulLbo3mLDcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZjJmZGVhMjYzYjc5ZmNlMTEzODkwNTJiMGNkOTQwOTk1
YzZkZmUwHhcNMjIxMDI0MDg0MTE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjM1Njk3YWQ1MzI3MmI1ZTcxYmNjMTJlYTkzNjVjYzNjYjRhMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48oTX1pdnnzCvMRPxkwZqFwjY3ml
+1NC7uH/NkalbfnSFP7HD9rrKAFkSG3bd8xa9fe7BgzFttF8i1L8XjgUrtEb8Qdc
QeOvHoW3TJNkg0upI7v9noOKah5FVe5PToDuzNZVa57Y5Zfp6sGRUlFEN7Anf5Rl
vFhI6IiznmYZ3XbT09+iMiXz7ThWytlXuJPj7Uy+FGLwoqpdbCtrlztm70Bwfr0k
wURXZEmh3j3QG1IvjkuDCJOoLVYwDVOfK92CG/ngYmGoN0bghZrKylUskXEhDObu
c9hWQseIbe0JpeoKwATZDz+xzh3sGuOfIq59Y6qrFgeEZGTyRJGWBRufMwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLs1aXrVMnK15xvMEuqTZcw8tKFWMB8GA1UdIwQY
MBaAFKny/eomO3n84ROJBSsM2UCZXG3+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWZMOTZpWTdlZnpoRTRrRkt3elpRSmxjYmY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81M2ZmNjItYzFhZC00MjQ0LWI5MWEt
ZjhhZmZlZjExMmQ4LzEvdXpWcGV0VXljclhuRzh3UzZwTmx6RHkwb1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My81M2ZmNjItYzFhZC00MjQ0LWI5MWEtZjhhZmZlZjExMmQ4
LzEvcWZMOTZpWTdlZnpoRTRrRkt3elpRSmxjYmY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKhLYwDAN
BgkqhkiG9w0BAQsFAAOCAQEAiRzRTusQa5GwTX2muaUfHyOAMZTOv/YyloJwjt4d
sVOFAHQG46tspAwrxosAveCVbjF2QKXuQ2jnrz5XzlX3n8ymi3VFD3DMRQDwrWDN
UAS2GhJnfyApuqIP6alO1orn3s0qZj0yswNe3VNhCQoC0i4gxDaWHyK+j5TjCzW/
X8oTB66fRcMUn72r8062rEiM70yfZ6xj3TfxYy5EwQ2R0CRqL8/zKNTJw/OEAHD1
nvIj/QoUl279eRO/gtnhnZIVkx7iLoLOgb7QMuftub5Ou4zWUsR/UMnkQdM2Ww4t
OuE6ncSumiwPFvaD4Hdqad1i5isvT0pBALtUlEtQcc0v1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:16 2024 by rpki-client on console-fra.rpki-client.org