Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/e53313-ba6a-4e81-ba7b-6715f58ceebf/1/cUvg3mT9y0kH3Yg2ymIjDAzMAO4.roa
File: cUvg3mT9y0kH3Yg2ymIjDAzMAO4.roa (raw, json)
Hash identifier: a9lFJtIhDzaiwzCyg6kpbYVFHJHRP85HAG0eDdaZ+WU=
Subject key identifier: 71:4B:E0:DE:64:FD:CB:49:07:DD:88:36:CA:62:23:0C:0C:CC:00:EE
Certificate issuer: /CN=c79a7ca44027d2e5ad389f169ed15936d7851166
Certificate serial: 01856D5D24435E84BE26B43396FF33C78012
Authority key identifier: C7:9A:7C:A4:40:27:D2:E5:AD:38:9F:16:9E:D1:59:36:D7:85:11:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x5p8pEAn0uWtOJ8WntFZNteFEWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/e53313-ba6a-4e81-ba7b-6715f58ceebf/1/cUvg3mT9y0kH3Yg2ymIjDAzMAO4.roa
Signing time: Sun 01 Jan 2023 12:44:58 +0000
ROA not before: Sun 01 Jan 2023 12:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204881
IP address blocks: 2a12:fd40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:24:43:5e:84:be:26:b4:33:96:ff:33:c7:80:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c79a7ca44027d2e5ad389f169ed15936d7851166
Validity
Not Before: Jan 1 12:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=714be0de64fdcb4907dd8836ca62230c0ccc00ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ae:ce:79:cf:68:16:6d:da:45:2d:b2:b6:3f:
04:92:f0:12:b8:11:08:b6:12:a9:06:78:63:a1:27:
ca:d4:b3:a0:38:cb:f0:8c:20:e9:65:e9:fc:41:13:
5e:3f:bb:49:5f:44:2a:46:d1:40:23:2c:7b:5c:9e:
9f:14:a3:b5:3b:2d:17:10:2a:a9:88:10:88:3f:34:
29:5e:46:9b:47:9f:1f:12:03:f3:4c:48:80:2b:66:
a6:a9:cd:2c:9f:b8:ac:21:10:2b:98:42:d0:b5:17:
8e:9f:4f:3f:87:11:02:1b:60:71:80:db:9c:83:ea:
9e:12:87:a4:b9:24:8b:7b:ba:96:46:90:e5:b5:b2:
05:97:22:43:0d:77:8a:be:eb:bb:bb:33:69:58:e3:
ad:e1:64:23:4e:1f:35:4b:f7:94:ad:b8:86:d1:a8:
21:0c:15:cd:19:83:52:5d:20:75:7e:9e:94:f0:b2:
35:41:4d:3c:78:ab:a3:56:28:79:24:63:1c:53:e2:
0f:eb:c0:2a:d9:2b:e1:0b:58:b5:3e:39:db:14:08:
d3:06:e4:b1:03:d8:7d:04:b1:3b:11:b7:88:85:b9:
22:69:d0:cf:9b:b8:6a:3d:48:99:3d:5c:23:b9:77:
76:f1:3c:07:70:62:af:d9:fb:90:92:58:6e:c3:d5:
26:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:4B:E0:DE:64:FD:CB:49:07:DD:88:36:CA:62:23:0C:0C:CC:00:EE
X509v3 Authority Key Identifier:
keyid:C7:9A:7C:A4:40:27:D2:E5:AD:38:9F:16:9E:D1:59:36:D7:85:11:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x5p8pEAn0uWtOJ8WntFZNteFEWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e53313-ba6a-4e81-ba7b-6715f58ceebf/1/cUvg3mT9y0kH3Yg2ymIjDAzMAO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e53313-ba6a-4e81-ba7b-6715f58ceebf/1/x5p8pEAn0uWtOJ8WntFZNteFEWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:fd40::/29
Signature Algorithm: sha256WithRSAEncryption
3a:7b:63:19:a8:05:cb:68:bc:77:a8:25:1e:4f:22:99:f7:b8:
58:b7:e6:18:fb:36:2a:21:32:f8:d7:c1:1f:30:79:5d:9f:3f:
28:38:82:b2:1f:a8:ce:db:b5:cc:95:0e:fb:e0:cd:23:cf:17:
9e:7e:ed:4f:6b:d2:a5:c7:19:32:da:a5:7f:00:68:49:60:44:
9d:9f:10:24:88:e2:12:b5:8f:4e:3e:ab:e1:8b:a8:db:6c:9e:
7e:d6:27:5f:42:f4:ce:41:3e:16:2f:a1:ae:2b:54:fc:9d:9b:
e7:11:69:1c:78:4f:08:b7:ed:f9:25:03:06:c6:5f:4b:6f:b5:
ca:56:5e:d4:fa:84:9b:86:e2:80:8d:52:3a:9e:1e:a4:a3:3a:
39:32:ed:d8:2b:68:8f:ae:5a:d0:ca:d8:8f:af:a5:0d:a1:68:
44:fd:9d:e8:5f:bd:86:f2:5b:7d:8d:1c:15:0c:74:0b:f7:1b:
fc:90:64:ad:33:05:91:ca:19:2f:71:8b:a5:c3:59:3b:94:21:
ba:d6:46:c7:ff:47:4c:1a:80:1e:8e:3e:ca:76:23:2e:4b:a5:
d2:8c:a0:4c:ca:94:58:62:d6:8d:2f:72:fa:a5:7e:3a:bc:05:
65:26:2d:0c:08:5a:11:05:b9:f4:a8:9f:f6:2f:bc:5e:b0:02:
cc:2f:4d:0c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtXSRDXoS+JrQzlv8zx4ASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3OWE3Y2E0NDAyN2QyZTVhZDM4OWYxNjllZDE1OTM2ZDc4
NTExNjYwHhcNMjMwMTAxMTI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTRiZTBkZTY0ZmRjYjQ5MDdkZDg4MzZjYTYyMjMwYzBjY2MwMGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn67Oec9oFm3aRS2ytj8EkvASuBEI
thKpBnhjoSfK1LOgOMvwjCDpZen8QRNeP7tJX0QqRtFAIyx7XJ6fFKO1Oy0XECqp
iBCIPzQpXkabR58fEgPzTEiAK2amqc0sn7isIRArmELQtReOn08/hxECG2BxgNuc
g+qeEoekuSSLe7qWRpDltbIFlyJDDXeKvuu7uzNpWOOt4WQjTh81S/eUrbiG0agh
DBXNGYNSXSB1fp6U8LI1QU08eKujVih5JGMcU+IP68Aq2SvhC1i1PjnbFAjTBuSx
A9h9BLE7EbeIhbkiadDPm7hqPUiZPVwjuXd28TwHcGKv2fuQklhuw9UmNQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHFL4N5k/ctJB92INspiIwwMzADuMB8GA1UdIwQY
MBaAFMeafKRAJ9LlrTifFp7RWTbXhRFmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDVwOHBFQW4wdVd0T0o4V250RlpOdGVGRVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9lNTMzMTMtYmE2YS00ZTgxLWJhN2It
NjcxNWY1OGNlZWJmLzEvY1V2ZzNtVDl5MGtIM1lnMnltSWpEQXpNQU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9lNTMzMTMtYmE2YS00ZTgxLWJhN2ItNjcxNWY1OGNlZWJm
LzEveDVwOHBFQW4wdVd0T0o4V250RlpOdGVGRVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhL9QDAN
BgkqhkiG9w0BAQsFAAOCAQEAOntjGagFy2i8d6glHk8imfe4WLfmGPs2KiEy+NfB
HzB5XZ8/KDiCsh+oztu1zJUO++DNI88Xnn7tT2vSpccZMtqlfwBoSWBEnZ8QJIji
ErWPTj6r4Yuo22yeftYnX0L0zkE+Fi+hritU/J2b5xFpHHhPCLft+SUDBsZfS2+1
ylZe1PqEm4bigI1SOp4epKM6OTLt2Ctoj65a0MrYj6+lDaFoRP2d6F+9hvJbfY0c
FQx0C/cb/JBkrTMFkcoZL3GLpcNZO5QhutZGx/9HTBqAHo4+ynYjLkul0oygTMqU
WGLWjS9y+qV+OrwFZSYtDAhaEQW59Kif9i+8XrACzC9NDA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:18:12 2025 by rpki-client