Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/f097b6-7a7f-4f16-a60e-3699707b8631/1/0DlLjRVJpsJBCPBgOMvBK9KRdZA.roa
File: 0DlLjRVJpsJBCPBgOMvBK9KRdZA.roa (raw, json)
Hash identifier: cvwhyMMG5tIXGST9OS7gKQoB7ZiJH7Tcgd4PmCPs00s=
Subject key identifier: D0:39:4B:8D:15:49:A6:C2:41:08:F0:60:38:CB:C1:2B:D2:91:75:90
Certificate issuer: /CN=ff32cec606fb6f6fd6ae7be874826c302b695ef3
Certificate serial: 0182371115839B32E9CC0E8A0EDDEBFEA8B8
Authority key identifier: FF:32:CE:C6:06:FB:6F:6F:D6:AE:7B:E8:74:82:6C:30:2B:69:5E:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zLOxgb7b2_WrnvodIJsMCtpXvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/f097b6-7a7f-4f16-a60e-3699707b8631/1/0DlLjRVJpsJBCPBgOMvBK9KRdZA.roa
Signing time: Mon 25 Jul 2022 20:34:02 +0000
ROA not before: Mon 25 Jul 2022 20:34:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a12:e980::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:37:11:15:83:9b:32:e9:cc:0e:8a:0e:dd:eb:fe:a8:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff32cec606fb6f6fd6ae7be874826c302b695ef3
Validity
Not Before: Jul 25 20:34:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0394b8d1549a6c24108f06038cbc12bd2917590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e5:00:af:59:bb:d2:54:b8:5d:27:8a:58:bf:
54:53:a4:d9:46:7d:a5:a5:57:94:aa:c5:83:5b:98:
7c:37:29:60:28:19:07:cc:f1:e5:c1:fb:dc:e6:5c:
43:e5:1a:76:c3:77:5a:f2:02:b6:ce:7f:dd:b8:e6:
ab:78:6c:5a:c3:dd:a6:63:81:67:7a:a7:79:f5:77:
fc:19:97:82:79:a1:f8:40:d6:c2:81:57:a3:9d:5a:
10:9e:4b:ad:a9:72:ef:14:ab:f1:01:a9:70:0b:ba:
ea:9a:81:b7:be:25:44:9b:a5:ff:25:3d:00:fb:46:
fd:54:bc:fd:d1:72:77:76:6b:92:1f:e3:9d:69:01:
5b:c2:65:7c:33:d4:79:49:90:aa:95:f9:f0:3a:94:
35:89:f1:e8:ef:c6:82:73:f1:bb:c0:59:1e:d9:39:
fc:94:a7:6f:28:92:a9:e1:d9:0d:24:d6:88:45:98:
14:81:0d:ce:99:4d:d9:8a:c1:b1:6e:8b:d8:3e:a2:
4f:91:6e:47:ae:cd:e6:71:d0:fc:c1:98:03:b3:03:
59:1f:a4:e0:6d:66:60:86:2c:ec:8e:a7:7d:47:13:
5f:d2:af:a3:dd:6e:2f:4c:9d:49:d2:47:d0:5f:a7:
60:ae:87:53:3c:c6:b5:4d:d5:b1:09:f3:88:59:6f:
b1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:39:4B:8D:15:49:A6:C2:41:08:F0:60:38:CB:C1:2B:D2:91:75:90
X509v3 Authority Key Identifier:
keyid:FF:32:CE:C6:06:FB:6F:6F:D6:AE:7B:E8:74:82:6C:30:2B:69:5E:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zLOxgb7b2_WrnvodIJsMCtpXvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f097b6-7a7f-4f16-a60e-3699707b8631/1/0DlLjRVJpsJBCPBgOMvBK9KRdZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f097b6-7a7f-4f16-a60e-3699707b8631/1/_zLOxgb7b2_WrnvodIJsMCtpXvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:e980::/29
Signature Algorithm: sha256WithRSAEncryption
73:d3:90:4e:c5:c1:59:8f:7f:fc:04:b1:c6:5e:47:de:e3:24:
77:76:44:66:34:66:c3:81:91:36:1a:bb:02:4d:be:7c:ef:90:
79:0b:7e:53:f5:68:9c:a4:a4:92:f4:75:de:da:94:7e:da:e3:
83:28:b2:c4:50:ef:6e:c5:17:ca:28:62:0a:ac:5e:6e:47:5b:
92:18:60:6b:e3:b8:32:d0:5c:92:eb:a1:b5:52:c2:58:a0:25:
e7:b6:00:fa:ed:9a:43:17:78:9d:26:00:c1:2e:69:a7:f7:7a:
8f:c1:c0:21:9a:da:51:96:59:b1:95:3c:e1:43:c4:9e:43:2a:
74:79:f7:fa:90:32:b1:d2:86:50:27:b1:3d:59:81:d3:50:f4:
c0:ca:f9:cd:25:28:ce:c1:3b:19:d0:0e:54:af:4d:52:de:2b:
a5:69:d6:a1:7d:f8:80:c3:1a:88:f2:f7:b8:b1:39:fa:32:be:
cc:bb:a4:1b:2d:b2:fb:51:69:b9:32:0a:f8:96:f4:b8:9d:da:
de:fa:ba:12:f2:62:ab:a8:d8:9b:bd:56:ba:c1:f1:67:10:6e:
97:96:fe:00:c1:c4:52:8d:bf:e7:89:7e:7d:7d:f5:cd:1b:99:
d1:58:61:bc:6b:37:15:5b:a9:e2:c3:70:ba:e2:06:4f:c3:74:
76:db:2a:65
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYI3ERWDmzLpzA6KDt3r/qi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzJjZWM2MDZmYjZmNmZkNmFlN2JlODc0ODI2YzMwMmI2
OTVlZjMwHhcNMjIwNzI1MjAzNDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDM5NGI4ZDE1NDlhNmMyNDEwOGYwNjAzOGNiYzEyYmQyOTE3NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOUAr1m70lS4XSeKWL9UU6TZRn2l
pVeUqsWDW5h8NylgKBkHzPHlwfvc5lxD5Rp2w3da8gK2zn/duOareGxaw92mY4Fn
eqd59Xf8GZeCeaH4QNbCgVejnVoQnkutqXLvFKvxAalwC7rqmoG3viVEm6X/JT0A
+0b9VLz90XJ3dmuSH+OdaQFbwmV8M9R5SZCqlfnwOpQ1ifHo78aCc/G7wFke2Tn8
lKdvKJKp4dkNJNaIRZgUgQ3OmU3ZisGxbovYPqJPkW5Hrs3mcdD8wZgDswNZH6Tg
bWZghizsjqd9RxNf0q+j3W4vTJ1J0kfQX6dgrodTPMa1TdWxCfOIWW+xKwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNA5S40VSabCQQjwYDjLwSvSkXWQMB8GA1UdIwQY
MBaAFP8yzsYG+29v1q576HSCbDAraV7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pMT3hnYjdiMl9Xcm52b2RJSnNNQ3RwWHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9mMDk3YjYtN2E3Zi00ZjE2LWE2MGUt
MzY5OTcwN2I4NjMxLzEvMERsTGpSVkpwc0pCQ1BCZ09NdkJLOUtSZFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9mMDk3YjYtN2E3Zi00ZjE2LWE2MGUtMzY5OTcwN2I4NjMx
LzEvX3pMT3hnYjdiMl9Xcm52b2RJSnNNQ3RwWHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLpgDAN
BgkqhkiG9w0BAQsFAAOCAQEAc9OQTsXBWY9//ASxxl5H3uMkd3ZEZjRmw4GRNhq7
Ak2+fO+QeQt+U/VonKSkkvR13tqUftrjgyiyxFDvbsUXyihiCqxebkdbkhhga+O4
MtBckuuhtVLCWKAl57YA+u2aQxd4nSYAwS5pp/d6j8HAIZraUZZZsZU84UPEnkMq
dHn3+pAysdKGUCexPVmB01D0wMr5zSUozsE7GdAOVK9NUt4rpWnWoX34gMMaiPL3
uLE5+jK+zLukGy2y+1FpuTIK+Jb0uJ3a3vq6EvJiq6jYm71WusHxZxBul5b+AMHE
Uo2/54l+fX31zRuZ0VhhvGs3FVup4sNwuuIGT8N0dtsqZQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:41 2023 by rpki-client on console-ams.rpki-client.org