Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/9lzkp0e9l_ksJ2neVHg8fOdrbUE.roa
File: 9lzkp0e9l_ksJ2neVHg8fOdrbUE.roa (raw, json)
Hash identifier: lTSygdscVo/oix1ucM71kXjWoYaOr1zdXcDLvnbmzkI=
Subject key identifier: F6:5C:E4:A7:47:BD:97:F9:2C:27:69:DE:54:78:3C:7C:E7:6B:6D:41
Certificate issuer: /CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Certificate serial: 0181DA59FAE695B01D29B5080EE36597A30E
Authority key identifier: 1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/9lzkp0e9l_ksJ2neVHg8fOdrbUE.roa
Signing time: Thu 07 Jul 2022 20:28:58 +0000
ROA not before: Thu 07 Jul 2022 20:28:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 941
IP address blocks: 2a12:f3c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:da:59:fa:e6:95:b0:1d:29:b5:08:0e:e3:65:97:a3:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Validity
Not Before: Jul 7 20:28:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f65ce4a747bd97f92c2769de54783c7ce76b6d41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ac:e7:89:64:40:91:fc:60:d2:96:c3:b8:85:
fa:a2:01:01:2e:57:74:1d:c8:a1:00:29:4f:ef:ea:
3f:66:27:f6:df:06:b9:68:82:d4:29:7a:d1:d6:8d:
82:f6:c0:f7:29:30:d7:6b:f1:63:36:21:34:d9:2d:
72:75:9a:5b:20:db:7d:25:ab:c6:bc:ac:44:f9:ae:
1c:b6:a7:f5:9e:c0:95:24:7f:5c:78:66:8f:7e:de:
ae:0f:27:2c:af:c4:af:96:f6:a8:73:4a:bf:89:74:
e8:72:a6:53:fd:f5:08:f5:ae:c9:bd:b2:03:0a:e2:
08:90:51:0e:4c:b4:d7:56:a7:1b:11:97:af:9d:bc:
a9:b9:81:77:f4:17:56:d6:c6:89:20:91:06:a7:36:
a5:c1:f5:ff:9c:f7:63:8d:11:52:f8:b8:a6:e3:a7:
a0:62:75:46:6a:3b:f3:9d:b4:23:e6:65:bf:ca:82:
d1:08:85:92:65:fc:2c:ef:fa:c4:8f:94:ef:26:f4:
39:9a:3f:2a:02:d8:67:19:8d:54:ad:02:5d:96:f3:
6d:93:26:67:15:25:d6:0c:3a:a9:e0:56:89:39:61:
db:08:5b:18:e8:b3:dd:5b:01:77:9a:39:1a:f6:7f:
25:13:56:01:95:28:46:db:ab:ee:77:3b:27:60:e8:
f1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5C:E4:A7:47:BD:97:F9:2C:27:69:DE:54:78:3C:7C:E7:6B:6D:41
X509v3 Authority Key Identifier:
keyid:1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/9lzkp0e9l_ksJ2neVHg8fOdrbUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/GpFU4cVXiw_virt3n4EX5k6ITRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f3c0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:11:71:37:bb:7f:d8:53:76:c5:07:33:8d:f7:33:b5:81:0b:
48:b3:15:4a:4a:3a:c5:d9:92:c0:f6:6f:2f:37:32:f5:71:70:
6c:91:02:92:85:10:d5:e4:2e:6c:46:fd:87:c5:8d:48:a6:d3:
b4:d1:41:3f:b5:03:e0:da:08:5b:ee:69:00:46:4f:56:85:f8:
fe:29:63:8c:61:3c:c1:89:60:09:8b:e4:67:43:76:9a:3c:af:
79:e4:d6:16:5b:84:7e:ac:19:90:c2:8b:09:74:89:8f:a2:f0:
98:3e:c4:03:3c:86:b7:ba:c1:33:b2:94:33:57:e1:ae:62:49:
40:cd:d9:bd:f7:db:d9:1c:16:e9:d4:4e:e3:6d:26:5f:df:89:
26:91:02:1a:8d:f4:f1:4b:0a:c8:b1:d3:3d:b4:a7:b8:ef:2d:
5f:77:d7:37:c2:d4:17:73:e7:dd:da:60:59:d7:90:79:eb:28:
fc:f7:04:09:c8:06:16:e1:90:df:87:06:1b:23:5a:70:e8:f8:
96:f2:df:59:01:45:69:78:51:c4:96:94:e5:e1:0f:4c:f0:81:
3b:ee:06:b3:66:6f:36:a2:bf:45:b9:84:f6:f8:a7:be:05:e6:
9f:ad:73:46:6d:77:15:a5:a4:d1:34:f3:54:b8:bd:ad:c8:41:
2d:93:56:0c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYHaWfrmlbAdKbUIDuNll6MOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTE1NGUxYzU1NzhiMGZlZjhhYmI3NzlmODExN2U2NGU4
ODRkMTgwHhcNMjIwNzA3MjAyODU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjVjZTRhNzQ3YmQ5N2Y5MmMyNzY5ZGU1NDc4M2M3Y2U3NmI2ZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKzniWRAkfxg0pbDuIX6ogEBLld0
HcihAClP7+o/Zif23wa5aILUKXrR1o2C9sD3KTDXa/FjNiE02S1ydZpbINt9JavG
vKxE+a4ctqf1nsCVJH9ceGaPft6uDycsr8Svlvaoc0q/iXTocqZT/fUI9a7JvbID
CuIIkFEOTLTXVqcbEZevnbypuYF39BdW1saJIJEGpzalwfX/nPdjjRFS+Lim46eg
YnVGajvznbQj5mW/yoLRCIWSZfws7/rEj5TvJvQ5mj8qAthnGY1UrQJdlvNtkyZn
FSXWDDqp4FaJOWHbCFsY6LPdWwF3mjka9n8lE1YBlShG26vudzsnYOjxmQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPZc5KdHvZf5LCdp3lR4PHzna21BMB8GA1UdIwQY
MBaAFBqRVOHFV4sP74q7d5+BF+ZOiE0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDIt
Mzg4ZDhhZDJhNWJiLzEvOWx6a3AwZTlsX2tzSjJuZVZIZzhmT2RyYlVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDItMzg4ZDhhZDJhNWJi
LzEvR3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLzwDAN
BgkqhkiG9w0BAQsFAAOCAQEAbRFxN7t/2FN2xQczjfcztYELSLMVSko6xdmSwPZv
Lzcy9XFwbJECkoUQ1eQubEb9h8WNSKbTtNFBP7UD4NoIW+5pAEZPVoX4/iljjGE8
wYlgCYvkZ0N2mjyveeTWFluEfqwZkMKLCXSJj6LwmD7EAzyGt7rBM7KUM1fhrmJJ
QM3Zvffb2RwW6dRO420mX9+JJpECGo308UsKyLHTPbSnuO8tX3fXN8LUF3Pn3dpg
WdeQeeso/PcECcgGFuGQ34cGGyNacOj4lvLfWQFFaXhRxJaU5eEPTPCBO+4Gs2Zv
NqK/RbmE9vinvgXmn61zRm13FaWk0TTzVLi9rchBLZNWDA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:49 2023 by rpki-client on console-ams.rpki-client.org