Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/I9LAJw52_QKXLh4rbvupop_LlAA.roa
File: I9LAJw52_QKXLh4rbvupop_LlAA.roa (raw, json)
Hash identifier: Zhimc0OYM4vzXspuCU/BOY8CME8s6kAjDDjRfTINV/8=
Subject key identifier: 23:D2:C0:27:0E:76:FD:02:97:2E:1E:2B:6E:FB:A9:A2:9F:CB:94:00
Certificate issuer: /CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Certificate serial: 1D0919
Authority key identifier: 1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/I9LAJw52_QKXLh4rbvupop_LlAA.roa
Signing time: Tue 31 May 2022 14:52:15 +0000
ROA not before: Tue 31 May 2022 14:52:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13347
IP address blocks: 2a12:f3c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1902873 (0x1d0919)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a9154e1c5578b0fef8abb779f8117e64e884d18
Validity
Not Before: May 31 14:52:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23d2c0270e76fd02972e1e2b6efba9a29fcb9400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cd:42:9b:ad:7b:b0:7c:6b:2d:ef:6a:18:cd:
b1:96:80:65:86:66:c4:d5:9f:78:57:ed:df:b2:5c:
15:e5:d7:36:3d:ee:2e:3a:3c:41:28:08:71:e4:7c:
0d:4e:12:37:04:b0:5c:6e:23:d6:57:26:3c:7e:1c:
6f:5d:98:73:69:e7:90:de:c8:ab:10:fb:91:3d:f4:
3d:25:77:7b:4b:6d:16:f3:fa:4d:d2:d8:d0:48:0f:
57:6c:7c:ba:65:f2:60:ed:f5:b5:9f:2b:17:98:da:
3e:e4:1d:f3:d3:04:50:db:8c:58:8f:b7:1c:96:b8:
ef:7d:9f:f8:3c:9d:47:c9:3c:00:7d:d4:36:bf:17:
1d:9b:7a:1c:da:37:d5:d7:6d:27:b6:d8:b3:8e:b0:
18:1d:e4:f1:c9:5f:ca:7d:d5:34:08:79:3e:ec:c7:
c6:60:81:8c:74:b5:3a:65:d7:96:fe:c7:91:0c:7a:
ac:b4:c1:b8:dc:e4:f0:95:8e:8d:6e:73:25:99:0e:
cc:8d:5e:d9:0f:b5:fe:44:80:2a:fd:0b:77:2c:ab:
74:46:e8:4c:c9:fa:77:3c:1a:f9:96:ab:bf:47:ae:
ea:52:b4:24:db:c1:a0:af:03:88:f8:37:0f:d6:e3:
a8:08:39:1c:f3:b0:4f:05:c1:3f:79:fe:2f:45:5f:
ae:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D2:C0:27:0E:76:FD:02:97:2E:1E:2B:6E:FB:A9:A2:9F:CB:94:00
X509v3 Authority Key Identifier:
keyid:1A:91:54:E1:C5:57:8B:0F:EF:8A:BB:77:9F:81:17:E6:4E:88:4D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpFU4cVXiw_virt3n4EX5k6ITRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/I9LAJw52_QKXLh4rbvupop_LlAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/54bac8-bf50-44d2-ad42-388d8ad2a5bb/1/GpFU4cVXiw_virt3n4EX5k6ITRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f3c0::/29
Signature Algorithm: sha256WithRSAEncryption
12:dc:f3:14:cb:62:80:44:48:49:85:8d:70:cd:b4:e4:70:4e:
b6:a9:20:7e:93:72:c0:e5:64:29:2c:99:d5:cf:9f:19:07:03:
ef:2b:90:1a:10:14:de:23:78:40:4d:23:e7:3b:06:c3:4c:72:
61:91:34:f6:46:5c:9c:66:e1:2d:02:7c:cd:96:a6:f0:e5:bc:
d3:ed:d4:00:a1:8e:e7:8e:17:66:74:a6:cf:d2:27:06:bd:c3:
39:f8:11:eb:da:96:00:71:2c:85:2e:0c:2c:46:2d:88:75:bb:
b7:ee:06:4b:58:04:55:37:2a:38:ba:00:8d:1c:b1:82:2f:d6:
c6:75:dc:a3:ba:23:95:7e:b5:e2:f1:33:32:66:0b:08:3c:d9:
45:00:9b:18:ca:38:c0:49:06:c1:66:9a:1f:bf:56:18:b6:15:
de:59:fe:4d:07:72:28:97:24:7c:89:6f:95:3b:fd:30:6c:d6:
b7:1e:de:b8:8d:6f:cb:86:e2:03:ab:43:10:37:24:21:a9:6a:
2d:ad:80:3e:05:82:77:d6:d6:09:a6:7d:da:2a:f4:03:1c:d0:
4c:d1:cf:67:e0:a3:6b:4f:c8:f9:c1:f2:44:d1:e2:48:26:c1:
77:b0:61:60:40:48:42:7a:6e:bb:ee:ab:3f:91:d4:86:89:4d:
52:d8:9d:dd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDHQkZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFh
OTE1NGUxYzU1NzhiMGZlZjhhYmI3NzlmODExN2U2NGU4ODRkMTgwHhcNMjIwNTMx
MTQ1MjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyM2QyYzAyNzBlNzZm
ZDAyOTcyZTFlMmI2ZWZiYTlhMjlmY2I5NDAwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm81Cm617sHxrLe9qGM2xloBlhmbE1Z94V+3fslwV5dc2Pe4u
OjxBKAhx5HwNThI3BLBcbiPWVyY8fhxvXZhzaeeQ3sirEPuRPfQ9JXd7S20W8/pN
0tjQSA9XbHy6ZfJg7fW1nysXmNo+5B3z0wRQ24xYj7cclrjvfZ/4PJ1HyTwAfdQ2
vxcdm3oc2jfV120nttizjrAYHeTxyV/KfdU0CHk+7MfGYIGMdLU6ZdeW/seRDHqs
tMG43OTwlY6NbnMlmQ7MjV7ZD7X+RIAq/Qt3LKt0RuhMyfp3PBr5lqu/R67qUrQk
28GgrwOI+DcP1uOoCDkc87BPBcE/ef4vRV+uEQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFCPSwCcOdv0Cly4eK277qaKfy5QAMB8GA1UdIwQYMBaAFBqRVOHFV4sP74q7
d5+BF+ZOiE0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
R3BGVTRjVlhpd192aXJ0M240RVg1azZJVFJnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84YS81NGJhYzgtYmY1MC00NGQyLWFkNDItMzg4ZDhhZDJhNWJiLzEv
STlMQUp3NTJfUUtYTGg0cmJ2dXBvcF9MbEFBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81
NGJhYzgtYmY1MC00NGQyLWFkNDItMzg4ZDhhZDJhNWJiLzEvR3BGVTRjVlhpd192
aXJ0M240RVg1azZJVFJnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLzwDANBgkqhkiG9w0BAQsFAAOC
AQEAEtzzFMtigERISYWNcM205HBOtqkgfpNywOVkKSyZ1c+fGQcD7yuQGhAU3iN4
QE0j5zsGw0xyYZE09kZcnGbhLQJ8zZam8OW80+3UAKGO544XZnSmz9InBr3DOfgR
69qWAHEshS4MLEYtiHW7t+4GS1gEVTcqOLoAjRyxgi/WxnXco7ojlX614vEzMmYL
CDzZRQCbGMo4wEkGwWaaH79WGLYV3ln+TQdyKJckfIlvlTv9MGzWtx7euI1vy4bi
A6tDEDckIalqLa2APgWCd9bWCaZ92ir0AxzQTNHPZ+Cja0/I+cHyRNHiSCbBd7Bh
YEBIQnpuu+6rP5HUholNUtid3Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:08 2023 by rpki-client on console-fra.rpki-client.org