Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/msQewjbHaV6b2barGT5yTRQBk4s.roa
File: msQewjbHaV6b2barGT5yTRQBk4s.roa (raw, json)
Hash identifier: NGNRwDdZhFkapgVb0zMlVnsTxYBQLxZxhDsOHwITXTM=
Subject key identifier: 9A:C4:1E:C2:36:C7:69:5E:9B:D9:B6:AB:19:3E:72:4D:14:01:93:8B
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01854129E18497690F484534FD182EE604F6
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/msQewjbHaV6b2barGT5yTRQBk4s.roa
Signing time: Fri 23 Dec 2022 22:45:41 +0000
ROA not before: Fri 23 Dec 2022 22:45:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52041
IP address blocks: 2a12:bec0:d0::/44 maxlen: 48
2a12:bec0:7000::/48 maxlen: 48
2a12:bec0:b00b::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:41:29:e1:84:97:69:0f:48:45:34:fd:18:2e:e6:04:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Dec 23 22:45:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ac41ec236c7695e9bd9b6ab193e724d1401938b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fe:23:36:f6:0d:5c:b3:b7:b1:c5:95:06:23:
fd:96:53:84:7e:7a:29:b2:f8:b9:8c:3d:85:80:b3:
64:0e:15:15:d2:d8:79:08:e2:a5:5c:fd:e8:82:2a:
b4:38:cd:c6:66:d7:40:6f:70:45:94:82:47:c1:c0:
a1:aa:57:ec:21:33:14:cc:30:50:76:9a:31:e7:5c:
fd:1f:84:82:0e:d8:e7:a9:52:61:a1:2b:fa:22:73:
56:11:f0:5b:7c:97:db:c6:26:50:e2:c5:b3:17:62:
b6:1c:f4:34:30:f8:4f:03:91:c5:4e:32:02:c0:cb:
30:4d:81:e1:40:03:b8:b9:de:06:07:c5:17:f2:ed:
fd:cc:0c:02:9d:9c:e0:4e:26:f5:25:03:93:d8:02:
1b:66:de:75:5c:82:e8:46:bf:d4:04:79:f0:89:3d:
ad:1c:33:d5:f0:a8:38:be:c4:cf:02:c0:c5:c3:a8:
8f:d1:2c:92:ce:b6:e7:2b:39:d1:54:1f:92:fb:1e:
ad:f8:ac:7c:3d:1f:41:c9:78:f5:03:e7:41:ef:55:
4b:47:2b:a5:d5:16:d9:b6:f5:68:d5:61:1c:49:cb:
c0:77:ea:b5:ea:c1:54:b0:a6:91:0c:9f:51:96:03:
11:5d:77:8e:fa:ea:3f:e3:ca:71:0c:15:6f:a8:36:
38:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C4:1E:C2:36:C7:69:5E:9B:D9:B6:AB:19:3E:72:4D:14:01:93:8B
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/msQewjbHaV6b2barGT5yTRQBk4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:d0::/44
2a12:bec0:7000::/48
2a12:bec0:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
b0:fd:fd:cb:78:d5:8b:79:79:86:94:60:1d:cc:3a:fc:51:c9:
57:30:77:0f:06:02:10:ed:f3:33:f0:d4:c7:e3:8a:13:01:4c:
5a:d4:5e:51:66:20:66:cf:8e:1c:55:7a:8b:9a:4d:68:9a:38:
a7:5d:ae:28:c3:d7:04:77:50:d1:78:9f:df:20:2d:b7:21:38:
d0:89:e0:2e:b9:f3:70:43:ff:c1:c6:54:32:0b:c4:44:b2:b7:
b0:1e:51:ff:25:dc:0d:ef:b4:dc:68:46:13:6d:14:e3:e4:5d:
64:6f:8b:2e:f7:75:1a:be:20:f2:00:08:70:47:61:e7:1a:2a:
e6:c1:f2:93:df:39:92:81:cd:76:d4:a1:87:82:27:3f:7b:20:
8d:60:3d:fc:ac:46:79:a8:ab:fd:81:7f:d9:d8:de:80:ae:84:
23:85:17:5a:f6:5d:7e:bb:10:89:56:5f:8c:87:c5:82:b4:7b:
a7:a2:b9:bb:52:4c:69:bb:55:98:78:66:a2:da:b3:ad:8b:c0:
50:14:7c:19:04:9a:ca:1a:61:e9:30:01:12:23:a2:15:7b:47:
21:d2:d4:77:b2:5f:57:31:13:0d:31:d0:90:f6:a7:0b:d5:91:
35:a7:56:d7:68:49:e3:5c:e0:da:45:36:c1:84:75:12:43:8f:
8e:21:af:e4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVBKeGEl2kPSEU0/Rgu5gT2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjIxMjIzMjI0NTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWM0MWVjMjM2Yzc2OTVlOWJkOWI2YWIxOTNlNzI0ZDE0MDE5MzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv4jNvYNXLO3scWVBiP9llOEfnop
svi5jD2FgLNkDhUV0th5COKlXP3ogiq0OM3GZtdAb3BFlIJHwcChqlfsITMUzDBQ
dpox51z9H4SCDtjnqVJhoSv6InNWEfBbfJfbxiZQ4sWzF2K2HPQ0MPhPA5HFTjIC
wMswTYHhQAO4ud4GB8UX8u39zAwCnZzgTib1JQOT2AIbZt51XILoRr/UBHnwiT2t
HDPV8Kg4vsTPAsDFw6iP0SySzrbnKznRVB+S+x6t+Kx8PR9ByXj1A+dB71VLRyul
1RbZtvVo1WEcScvAd+q16sFUsKaRDJ9RlgMRXXeO+uo/48pxDBVvqDY4ewIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJrEHsI2x2lem9m2qxk+ck0UAZOLMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvbXNRZXdqYkhhVjZiMmJhckdUNXlUUlFCazRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKhK+wADQ
AwcAKhK+wHAAAwcAKhK+wLALMA0GCSqGSIb3DQEBCwUAA4IBAQCw/f3LeNWLeXmG
lGAdzDr8UclXMHcPBgIQ7fMz8NTH44oTAUxa1F5RZiBmz44cVXqLmk1omjinXa4o
w9cEd1DReJ/fIC23ITjQieAuufNwQ//BxlQyC8REsrewHlH/JdwN77TcaEYTbRTj
5F1kb4su93UaviDyAAhwR2HnGirmwfKT3zmSgc121KGHgic/eyCNYD38rEZ5qKv9
gX/Z2N6AroQjhRda9l1+uxCJVl+Mh8WCtHunorm7Ukxpu1WYeGai2rOti8BQFHwZ
BJrKGmHpMAESI6IVe0ch0tR3sl9XMRMNMdCQ9qcL1ZE1p1bXaEnjXODaRTbBhHUS
Q4+OIa/k
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org