Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/4l58mxCzDxrQO568ApSsy8CkGTs.roa
File: 4l58mxCzDxrQO568ApSsy8CkGTs.roa (raw, json)
Hash identifier: wxwxbCEjSzEteRZsAwRFzbUZ6tgkDQojxASryPFLwU0=
Subject key identifier: E2:5E:7C:9B:10:B3:0F:1A:D0:3B:9E:BC:02:94:AC:CB:C0:A4:19:3B
Certificate issuer: /CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Certificate serial: 65774C
Authority key identifier: 1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/4l58mxCzDxrQO568ApSsy8CkGTs.roa
Signing time: Sat 02 Jul 2022 02:16:27 +0000
ROA not before: Sat 02 Jul 2022 02:16:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1020
IP address blocks: 2a12:f3c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6649676 (0x65774c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Validity
Not Before: Jul 2 02:16:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e25e7c9b10b30f1ad03b9ebc0294accbc0a4193b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:39:90:28:0d:71:ea:bb:5f:9e:dc:4f:cf:67:
34:46:8a:ba:cd:b4:28:8e:d8:e6:79:46:ce:cf:e9:
f4:41:28:1d:a8:3b:37:28:0f:6b:f7:74:fb:1d:44:
f6:c0:62:e9:93:9c:7e:03:22:a6:24:13:b7:b7:8d:
15:34:79:03:a6:1c:32:72:2d:0a:0c:f5:4a:88:74:
a3:24:f9:d2:b7:27:d9:1c:f1:b6:29:bc:04:4e:d6:
95:fd:87:35:74:0d:04:7a:85:bf:1f:47:7c:c5:6c:
ca:93:dc:ef:fd:37:a7:29:d1:31:ab:06:6d:0f:70:
be:25:d5:7e:65:c9:ed:e0:ed:0a:8a:80:e4:7a:d7:
88:68:a8:d6:81:7a:c0:37:0c:3f:77:37:e4:65:11:
8c:50:16:a2:c5:c9:bf:f9:a0:41:19:ca:21:1b:34:
30:16:16:c6:41:1a:4a:84:f8:1f:cd:5c:df:c9:e3:
0a:32:37:74:31:9a:33:7b:c8:bf:b2:56:06:00:4e:
18:bf:97:c6:1f:35:ff:f7:ae:c1:bd:4e:f2:00:1c:
2c:43:ce:c3:78:79:99:c6:d2:7e:62:65:ea:cf:82:
58:09:99:4c:c9:ce:62:b1:b8:eb:85:57:c4:ed:c4:
aa:79:82:d5:70:8b:69:0f:70:46:a8:3d:4d:aa:78:
52:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5E:7C:9B:10:B3:0F:1A:D0:3B:9E:BC:02:94:AC:CB:C0:A4:19:3B
X509v3 Authority Key Identifier:
keyid:1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/4l58mxCzDxrQO568ApSsy8CkGTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/GpFU4cVXiw_virt3n4EX5k6ITRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f3c0::/29
Signature Algorithm: sha256WithRSAEncryption
57:46:e6:e2:dd:45:d6:89:fe:3e:53:30:be:da:32:7b:9c:e3:
70:9e:cc:f1:d9:ee:2a:89:bc:6b:c8:42:bb:a8:65:ab:90:5b:
f2:03:61:14:e6:76:0e:9a:0b:ad:b8:72:cc:28:c5:53:55:58:
18:a6:12:78:20:3f:24:5e:3e:52:3a:c2:a1:03:d0:61:4c:46:
4f:93:c1:44:c5:78:bf:63:f5:31:c6:14:ba:cf:ed:e2:4f:df:
51:b9:97:56:2c:cf:a4:1d:c9:c5:53:5a:9a:4d:91:7b:ef:19:
79:15:56:88:64:16:32:19:91:bb:22:72:a0:a6:4a:f9:43:a6:
2f:21:09:b6:50:93:33:f8:cf:56:7a:e6:64:88:9c:d8:28:84:
28:88:0c:4a:6b:70:3c:f1:a9:4b:c2:68:cd:b1:eb:6b:67:44:
bb:e8:52:14:a6:bc:f7:3c:ba:40:a4:ae:b6:4d:52:a4:cf:8c:
bd:c8:c4:43:6c:78:80:ed:56:26:3b:fd:1e:f0:75:29:7a:10:
9d:ff:c5:66:5d:58:28:ec:fa:56:99:6e:1e:ab:2e:92:b5:80:
68:c4:b3:27:90:d0:bc:f6:6a:43:29:5c:60:12:e2:64:62:eb:
97:6a:a0:7e:ae:90:8b:fb:05:d4:39:54:1c:13:df:60:4e:70:
f2:d3:86:24
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDZXdMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFh
OTE1NGUxYzU1NzhiMGZlZjhhYmI3NzlmODExN2U2NGU4ODRkMTgwHhcNMjIwNzAy
MDIxNjI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlMjVlN2M5YjEwYjMw
ZjFhZDAzYjllYmMwMjk0YWNjYmMwYTQxOTNiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyDmQKA1x6rtfntxPz2c0Roq6zbQojtjmeUbOz+n0QSgdqDs3
KA9r93T7HUT2wGLpk5x+AyKmJBO3t40VNHkDphwyci0KDPVKiHSjJPnStyfZHPG2
KbwETtaV/Yc1dA0EeoW/H0d8xWzKk9zv/TenKdExqwZtD3C+JdV+Zcnt4O0KioDk
eteIaKjWgXrANww/dzfkZRGMUBaixcm/+aBBGcohGzQwFhbGQRpKhPgfzVzfyeMK
Mjd0MZoze8i/slYGAE4Yv5fGHzX/967BvU7yABwsQ87DeHmZxtJ+YmXqz4JYCZlM
yc5isbjrhVfE7cSqeYLVcItpD3BGqD1NqnhSawIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFOJefJsQsw8a0DuevAKUrMvApBk7MB8GA1UdIwQYMBaAFBqRVOHFV4sP74q7
d5+BF+ZOiE0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
R3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDItMzg4ZDhhZDJhNWJiLzEv
NGw1OG14Q3pEeHJRTzU2OEFwU3N5OENrR1RzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81
NGJhYzgtYmY1MC00NGQyLWFkNDItMzg4ZDhhZDJhNWJiLzEvR3BGVTRjVlhpd192
aXJ0M240RVg1azZJVFJnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLzwDANBgkqhkiG9w0BAQsFAAOC
AQEAV0bm4t1F1on+PlMwvtoye5zjcJ7M8dnuKom8a8hCu6hlq5Bb8gNhFOZ2DpoL
rbhyzCjFU1VYGKYSeCA/JF4+UjrCoQPQYUxGT5PBRMV4v2P1McYUus/t4k/fUbmX
VizPpB3JxVNamk2Re+8ZeRVWiGQWMhmRuyJyoKZK+UOmLyEJtlCTM/jPVnrmZIic
2CiEKIgMSmtwPPGpS8JozbHra2dEu+hSFKa89zy6QKSutk1SpM+MvcjEQ2x4gO1W
Jjv9HvB1KXoQnf/FZl1YKOz6VpluHqsukrWAaMSzJ5DQvPZqQylcYBLiZGLrl2qg
fq6Qi/sF1DlUHBPfYE5w8tOGJA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:08 2023 by rpki-client on console-fra.rpki-client.org