Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/1eeba8-7399-4bca-9341-ce882a5054c6/1/a3hOQlKY_kK3ji032c6cm8FVxkE.roa
File: a3hOQlKY_kK3ji032c6cm8FVxkE.roa (raw, json)
Hash identifier: gEvYqeT/gqdtTqCodOLA9tZ/8Dx/spSSP3ZpxnrNEF8=
Subject key identifier: 6B:78:4E:42:52:98:FE:42:B7:8E:2D:37:D9:CE:9C:9B:C1:55:C6:41
Certificate issuer: /CN=1cecefd9eadb2d5284d713b94b56d3abbc10e9e5
Certificate serial: 05F289
Authority key identifier: 1C:EC:EF:D9:EA:DB:2D:52:84:D7:13:B9:4B:56:D3:AB:BC:10:E9:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HOzv2erbLVKE1xO5S1bTq7wQ6eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/1eeba8-7399-4bca-9341-ce882a5054c6/1/a3hOQlKY_kK3ji032c6cm8FVxkE.roa
Signing time: Wed 02 Mar 2022 22:13:07 +0000
ROA not before: Wed 02 Mar 2022 22:13:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 2a12:9140::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 389769 (0x5f289)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cecefd9eadb2d5284d713b94b56d3abbc10e9e5
Validity
Not Before: Mar 2 22:13:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b784e425298fe42b78e2d37d9ce9c9bc155c641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ca:61:bb:eb:c6:8c:b6:ef:96:33:f8:0c:cd:
a1:9b:77:35:c1:85:6b:8c:3a:3a:3a:ee:5a:c9:b5:
e6:42:83:e3:7e:15:92:87:8d:7c:13:8e:cf:aa:29:
d2:18:33:83:f3:04:e2:2a:5b:d9:87:20:23:05:35:
1e:48:b8:bd:c8:86:f3:30:5d:ad:af:11:8c:c3:cd:
ed:ec:b3:1e:d5:d8:aa:65:e2:06:87:d7:d0:0f:63:
71:86:5b:47:df:ee:0d:e3:c5:c7:21:10:4f:0a:cf:
0b:66:e5:2e:03:32:d6:5c:d8:f7:1b:b7:d5:f7:9b:
84:d2:1f:c9:92:8b:bc:7b:12:c5:37:a1:bb:2c:fb:
f1:1c:c6:a4:a3:75:0d:82:33:7d:34:e0:4f:5d:6a:
06:c9:cf:4b:64:b1:0b:d8:97:68:89:3e:8b:ba:b0:
4f:93:f7:e6:f9:32:aa:16:db:d8:5c:c7:1f:c9:69:
1a:f6:e0:32:82:70:a4:21:60:5a:78:80:bc:57:25:
e8:b6:95:8b:ce:5b:4e:10:22:82:fe:51:88:0f:c3:
87:81:63:af:f6:c1:ea:8f:8b:4d:8f:18:af:e7:17:
c7:07:76:99:80:cf:15:03:67:cf:a6:5e:ea:e1:ea:
20:70:c2:27:9b:b8:22:11:69:31:8e:d4:12:68:c3:
97:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:78:4E:42:52:98:FE:42:B7:8E:2D:37:D9:CE:9C:9B:C1:55:C6:41
X509v3 Authority Key Identifier:
keyid:1C:EC:EF:D9:EA:DB:2D:52:84:D7:13:B9:4B:56:D3:AB:BC:10:E9:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HOzv2erbLVKE1xO5S1bTq7wQ6eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/1eeba8-7399-4bca-9341-ce882a5054c6/1/a3hOQlKY_kK3ji032c6cm8FVxkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/1eeba8-7399-4bca-9341-ce882a5054c6/1/HOzv2erbLVKE1xO5S1bTq7wQ6eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:9140::/48
Signature Algorithm: sha256WithRSAEncryption
a7:f9:6c:e9:84:9c:50:50:2f:51:e4:b6:92:7e:47:ed:44:9f:
7d:b9:6f:cf:00:b7:38:2b:f0:e0:3d:4a:12:6e:28:48:02:cd:
c8:1c:4f:d4:c7:64:cd:f8:a5:21:ed:05:47:a6:3f:14:66:65:
55:8b:3d:ac:e7:e4:04:8b:89:7c:b2:75:fe:ac:26:91:9f:4e:
4d:59:bc:bb:e9:be:20:a8:40:82:76:3a:21:e3:e1:f5:26:ea:
d8:62:ab:dc:81:1c:23:bf:b9:77:6c:7e:da:90:64:61:5a:9f:
23:da:7e:73:b0:65:c0:95:5e:1a:38:20:3e:21:b9:7a:48:8c:
2c:21:a4:0b:0f:ff:90:3a:14:d8:6e:f0:71:fb:fa:66:b1:de:
5e:70:a9:90:2b:4c:38:ec:cb:12:a0:fd:69:7a:8a:54:8c:fb:
bf:08:96:84:84:6e:5f:e4:47:8c:d6:ef:ca:0b:7e:40:e8:0f:
04:0d:f6:c0:14:48:15:40:3a:45:47:cb:95:16:73:44:88:f4:
3a:1c:ef:85:93:3a:08:1a:a3:7a:18:32:e7:63:46:5a:24:0b:
61:5d:29:88:2c:35:4e:58:b9:4a:c9:38:0c:b1:20:4b:91:30:
9d:1d:e9:b1:f2:3a:fc:6d:4b:c6:cd:e7:0f:49:ac:f2:3e:ea:
76:ba:ff:08
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDBfKJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFj
ZWNlZmQ5ZWFkYjJkNTI4NGQ3MTNiOTRiNTZkM2FiYmMxMGU5ZTUwHhcNMjIwMzAy
MjIxMzA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2Yjc4NGU0MjUyOThm
ZTQyYjc4ZTJkMzdkOWNlOWM5YmMxNTVjNjQxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtcphu+vGjLbvljP4DM2hm3c1wYVrjDo6Ou5aybXmQoPjfhWS
h418E47PqinSGDOD8wTiKlvZhyAjBTUeSLi9yIbzMF2trxGMw83t7LMe1diqZeIG
h9fQD2NxhltH3+4N48XHIRBPCs8LZuUuAzLWXNj3G7fV95uE0h/Jkou8exLFN6G7
LPvxHMako3UNgjN9NOBPXWoGyc9LZLEL2JdoiT6LurBPk/fm+TKqFtvYXMcfyWka
9uAygnCkIWBaeIC8VyXotpWLzltOECKC/lGID8OHgWOv9sHqj4tNjxiv5xfHB3aZ
gM8VA2fPpl7q4eogcMInm7giEWkxjtQSaMOXEQIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFGt4TkJSmP5Ct44tN9nOnJvBVcZBMB8GA1UdIwQYMBaAFBzs79nq2y1ShNcT
uUtW06u8EOnlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SE96djJlcmJMVktFMXhPNVMxYlRxN3dRNmVVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hMC8xZWViYTgtNzM5OS00YmNhLTkzNDEtY2U4ODJhNTA1NGM2LzEv
YTNoT1FsS1lfa0szamkwMzJjNmNtOEZWeGtFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8x
ZWViYTgtNzM5OS00YmNhLTkzNDEtY2U4ODJhNTA1NGM2LzEvSE96djJlcmJMVktF
MXhPNVMxYlRxN3dRNmVVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKRQAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQCn+WzphJxQUC9R5LaSfkftRJ99uW/PALc4K/DgPUoSbihIAs3IHE/Ux2TN
+KUh7QVHpj8UZmVViz2s5+QEi4l8snX+rCaRn05NWby76b4gqECCdjoh4+H1JurY
YqvcgRwjv7l3bH7akGRhWp8j2n5zsGXAlV4aOCA+Ibl6SIwsIaQLD/+QOhTYbvBx
+/pmsd5ecKmQK0w47MsSoP1peopUjPu/CJaEhG5f5EeM1u/KC35A6A8EDfbAFEgV
QDpFR8uVFnNEiPQ6HO+FkzoIGqN6GDLnY0ZaJAthXSmILDVOWLlKyTgMsSBLkTCd
Hemx8jr8bUvGzecPSazyPup2uv8I
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:30 2023 by rpki-client on console-fra.rpki-client.org