Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/e6d996-87d9-4fdc-b654-46705881b161/1/TNZKDKXbsVGUYA2mPxqkYdlq5cw.roa
File: TNZKDKXbsVGUYA2mPxqkYdlq5cw.roa (raw, json)
Hash identifier: 9Ao57RbwNkRfs58Gko9Zd5QhRc16sczwqoWAEuV2eUY=
Subject key identifier: 4C:D6:4A:0C:A5:DB:B1:51:94:60:0D:A6:3F:1A:A4:61:D9:6A:E5:CC
Certificate issuer: /CN=d191342b98368ad4be832a67e355db275c8da3ad
Certificate serial: 0182371258F980268F49CEC63057AD5BB418
Authority key identifier: D1:91:34:2B:98:36:8A:D4:BE:83:2A:67:E3:55:DB:27:5C:8D:A3:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ZE0K5g2itS-gypn41XbJ1yNo60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/e6d996-87d9-4fdc-b654-46705881b161/1/TNZKDKXbsVGUYA2mPxqkYdlq5cw.roa
Signing time: Mon 25 Jul 2022 20:35:25 +0000
ROA not before: Mon 25 Jul 2022 20:35:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a12:4200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:37:12:58:f9:80:26:8f:49:ce:c6:30:57:ad:5b:b4:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d191342b98368ad4be832a67e355db275c8da3ad
Validity
Not Before: Jul 25 20:35:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cd64a0ca5dbb15194600da63f1aa461d96ae5cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c7:b3:5e:f7:1e:ab:3d:cc:77:e0:91:bf:0b:
0a:03:f2:b1:44:6a:43:87:e2:ee:7a:3d:3e:28:8e:
e2:62:f9:1a:12:a7:8a:12:fb:01:0f:70:93:04:bd:
2c:86:62:7e:e4:a1:b4:b2:68:f0:0b:88:b3:f6:46:
bd:f7:4b:fb:bd:46:15:da:0f:3d:99:41:57:f1:67:
43:56:4e:20:66:d6:c8:ad:07:45:42:47:00:04:eb:
07:89:01:26:0c:ed:2c:e5:0e:b3:e7:9a:ca:a7:77:
53:bb:00:b2:29:0d:48:7e:f8:bb:d1:73:76:b0:1d:
aa:11:67:97:e6:f2:99:8f:c8:37:b2:80:8e:52:54:
05:c1:26:7a:50:29:b6:f4:34:62:a7:bb:b3:86:01:
34:14:94:4b:c0:fb:c4:8b:a7:08:ca:77:f7:54:32:
d3:9c:05:68:91:22:c9:57:14:07:06:33:5c:d0:65:
fb:cc:de:4c:1f:71:4b:77:95:30:46:90:c9:07:e2:
95:51:a3:96:7b:9a:1d:12:13:89:ab:36:80:25:13:
a8:77:3a:99:c1:27:14:13:7b:7f:d7:56:e4:c2:3c:
33:3c:78:29:cc:bf:49:de:14:6f:18:91:72:83:c7:
c0:60:47:03:a2:ee:ff:14:4c:f2:76:20:16:41:6b:
85:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D6:4A:0C:A5:DB:B1:51:94:60:0D:A6:3F:1A:A4:61:D9:6A:E5:CC
X509v3 Authority Key Identifier:
keyid:D1:91:34:2B:98:36:8A:D4:BE:83:2A:67:E3:55:DB:27:5C:8D:A3:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ZE0K5g2itS-gypn41XbJ1yNo60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e6d996-87d9-4fdc-b654-46705881b161/1/TNZKDKXbsVGUYA2mPxqkYdlq5cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e6d996-87d9-4fdc-b654-46705881b161/1/0ZE0K5g2itS-gypn41XbJ1yNo60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:4200::/29
Signature Algorithm: sha256WithRSAEncryption
89:7f:4c:2f:e5:0b:5b:b8:79:3c:61:c4:84:3f:64:b5:8b:e6:
a5:d4:91:4b:ba:7f:2c:32:1e:59:24:40:d4:a2:ac:dd:64:72:
a5:d6:e3:6b:c1:64:87:64:c7:39:f1:dc:3f:40:ae:f6:e9:40:
1d:7c:fc:69:57:0e:8f:f8:f6:93:19:e1:45:8e:4f:4f:e5:2f:
e8:fa:ef:c1:85:24:5a:4e:86:00:ef:0b:c7:6f:78:2d:9f:9a:
7d:33:72:2c:63:f4:c7:38:de:6a:f7:db:8e:76:05:93:07:15:
53:5c:1a:84:9c:01:4a:eb:c4:c2:fb:44:7c:90:a0:ba:14:4b:
50:ef:8d:5b:42:c9:b3:24:fe:5f:32:33:93:77:e5:f4:b3:ce:
f3:a5:11:8f:a6:f7:8d:0d:7c:da:71:ba:ce:73:7b:58:79:0c:
c4:92:a6:da:0d:b9:a3:8f:b8:16:51:e7:a7:ed:f8:53:01:67:
b1:64:89:8d:98:64:38:33:ac:86:d1:43:6a:cd:7c:ff:1c:9b:
8b:a5:39:af:08:91:ee:ed:2e:ef:3b:b0:54:00:96:7e:d6:5d:
e5:27:99:d7:ad:2c:f6:ec:6d:05:67:b8:8d:d3:6d:9b:25:89:
26:a3:2f:57:58:2d:98:62:ff:63:dc:fa:87:26:24:5f:bf:ea:
28:35:90:fd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYI3Elj5gCaPSc7GMFetW7QYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxOTEzNDJiOTgzNjhhZDRiZTgzMmE2N2UzNTVkYjI3NWM4
ZGEzYWQwHhcNMjIwNzI1MjAzNTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Q2NGEwY2E1ZGJiMTUxOTQ2MDBkYTYzZjFhYTQ2MWQ5NmFlNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsezXvceqz3Md+CRvwsKA/KxRGpD
h+Luej0+KI7iYvkaEqeKEvsBD3CTBL0shmJ+5KG0smjwC4iz9ka990v7vUYV2g89
mUFX8WdDVk4gZtbIrQdFQkcABOsHiQEmDO0s5Q6z55rKp3dTuwCyKQ1Ifvi70XN2
sB2qEWeX5vKZj8g3soCOUlQFwSZ6UCm29DRip7uzhgE0FJRLwPvEi6cIynf3VDLT
nAVokSLJVxQHBjNc0GX7zN5MH3FLd5UwRpDJB+KVUaOWe5odEhOJqzaAJROodzqZ
wScUE3t/11bkwjwzPHgpzL9J3hRvGJFyg8fAYEcDou7/FEzydiAWQWuFEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEzWSgyl27FRlGANpj8apGHZauXMMB8GA1UdIwQY
MBaAFNGRNCuYNorUvoMqZ+NV2ydcjaOtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFpFMEs1ZzJpdFMtZ3lwbjQxWGJKMXlObzYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lNmQ5OTYtODdkOS00ZmRjLWI2NTQt
NDY3MDU4ODFiMTYxLzEvVE5aS0RLWGJzVkdVWUEybVB4cWtZZGxxNWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9lNmQ5OTYtODdkOS00ZmRjLWI2NTQtNDY3MDU4ODFiMTYx
LzEvMFpFMEs1ZzJpdFMtZ3lwbjQxWGJKMXlObzYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJCADAN
BgkqhkiG9w0BAQsFAAOCAQEAiX9ML+ULW7h5PGHEhD9ktYvmpdSRS7p/LDIeWSRA
1KKs3WRypdbja8Fkh2THOfHcP0Cu9ulAHXz8aVcOj/j2kxnhRY5PT+Uv6PrvwYUk
Wk6GAO8Lx294LZ+afTNyLGP0xzjeavfbjnYFkwcVU1wahJwBSuvEwvtEfJCguhRL
UO+NW0LJsyT+XzIzk3fl9LPO86URj6b3jQ182nG6znN7WHkMxJKm2g25o4+4FlHn
p+34UwFnsWSJjZhkODOshtFDas18/xybi6U5rwiR7u0u7zuwVACWftZd5SeZ160s
9uxtBWe4jdNtmyWJJqMvV1gtmGL/Y9z6hyYkX7/qKDWQ/Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:31 2023 by rpki-client on console-ams.rpki-client.org