Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b09530-9ca0-4407-8a05-bbd7b0aba6ab/1/8ckiDMx6rpqM4mAdg19BG0HcrbI.roa
File: 8ckiDMx6rpqM4mAdg19BG0HcrbI.roa (raw, json)
Hash identifier: /7R31YZMrmVCwrdD5rvvqswXyFO6XZBr1iZjvusBPKw=
Subject key identifier: F1:C9:22:0C:CC:7A:AE:9A:8C:E2:60:1D:83:5F:41:1B:41:DC:AD:B2
Certificate issuer: /CN=aca8ecfee51f68d5f803aae6fbfc1fdc4190262a
Certificate serial: 039A7A
Authority key identifier: AC:A8:EC:FE:E5:1F:68:D5:F8:03:AA:E6:FB:FC:1F:DC:41:90:26:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKjs_uUfaNX4A6rm-_wf3EGQJio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b09530-9ca0-4407-8a05-bbd7b0aba6ab/1/8ckiDMx6rpqM4mAdg19BG0HcrbI.roa
Signing time: Thu 31 Mar 2022 11:13:59 +0000
ROA not before: Thu 31 Mar 2022 11:13:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210035
IP address blocks: 2a12:7d40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 236154 (0x39a7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca8ecfee51f68d5f803aae6fbfc1fdc4190262a
Validity
Not Before: Mar 31 11:13:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1c9220ccc7aae9a8ce2601d835f411b41dcadb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c0:a6:cc:35:0a:7f:2d:01:06:d9:53:a8:bb:
c8:99:50:1d:3c:49:51:15:50:b8:69:41:a4:67:fa:
7b:0b:98:ae:a0:e5:ae:48:4b:10:02:86:a0:07:e8:
ca:ad:78:91:5b:0f:cb:41:46:43:7d:9b:ef:de:a0:
22:ad:57:6b:02:49:9d:df:70:f7:b6:1b:94:fb:2d:
c2:15:64:84:0a:c8:82:72:de:79:d7:cb:94:41:ca:
7d:79:b1:14:95:ba:e1:26:0b:07:57:51:ce:f8:96:
bb:c0:cd:7d:42:c5:ae:84:2b:71:c7:3a:0a:b2:19:
5c:15:43:c1:a2:5b:66:b9:78:94:22:a4:3d:08:59:
ee:54:73:c7:8b:ff:2a:79:90:55:12:6d:79:6d:52:
ec:43:ae:e4:df:fb:ad:7f:c5:a9:54:c9:15:52:3f:
78:d0:74:57:ae:5d:cd:79:69:de:1f:1f:01:7f:73:
62:92:11:b7:20:2f:ea:68:c1:ec:19:4e:f1:e3:2e:
3f:1b:a1:18:e6:fb:6d:68:58:b6:34:3d:42:9a:29:
40:05:7b:63:19:8c:ca:6d:63:b3:89:b5:aa:e4:d7:
f6:3a:96:1a:fe:f8:0b:29:27:f2:69:fa:dd:e1:f7:
a4:f0:52:d7:88:c0:d4:2d:ba:9d:25:0a:36:3d:10:
52:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C9:22:0C:CC:7A:AE:9A:8C:E2:60:1D:83:5F:41:1B:41:DC:AD:B2
X509v3 Authority Key Identifier:
keyid:AC:A8:EC:FE:E5:1F:68:D5:F8:03:AA:E6:FB:FC:1F:DC:41:90:26:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKjs_uUfaNX4A6rm-_wf3EGQJio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b09530-9ca0-4407-8a05-bbd7b0aba6ab/1/8ckiDMx6rpqM4mAdg19BG0HcrbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b09530-9ca0-4407-8a05-bbd7b0aba6ab/1/rKjs_uUfaNX4A6rm-_wf3EGQJio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
92:3b:c4:2b:3f:97:e4:b0:67:bc:2e:36:cd:5e:10:29:68:73:
dc:f1:06:a5:c3:d7:ba:85:d6:f5:0e:9d:e7:ba:75:26:70:4f:
bc:43:2d:40:5a:63:b0:0b:8e:1e:97:40:19:41:fd:df:59:ab:
6a:a4:da:96:27:ee:b5:5c:38:e7:7e:27:48:29:b5:10:e5:e2:
81:80:4b:31:a7:55:98:98:54:44:38:ac:ff:e9:f7:bf:77:71:
01:c5:82:8b:8a:bc:8b:76:02:cb:c6:bd:16:48:d4:95:e5:3b:
ca:ee:54:5d:e0:0c:15:53:10:03:b7:66:db:54:c1:29:64:eb:
f3:d3:19:4a:f9:99:4b:09:12:3d:47:bf:23:19:a1:81:ec:d4:
85:f6:1c:d9:6d:86:46:50:aa:4d:37:b9:51:70:ee:79:b5:dd:
03:8f:74:c2:06:61:00:40:41:f2:ef:7c:96:64:14:c0:ca:05:
8c:34:9c:8a:8d:1f:42:57:21:bc:d4:d0:ea:71:b6:1a:e1:b7:
01:5d:7b:ff:d4:ca:49:f9:1c:57:62:e4:2d:82:60:5c:70:5a:
94:3d:2d:5d:4c:c4:86:6e:c4:48:40:bb:6e:d6:34:d4:17:1a:
b8:17:ab:87:0f:df:f1:62:f2:ee:4d:e7:6e:0e:ae:a0:07:40:
2c:25:2d:7d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDA5p6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFj
YThlY2ZlZTUxZjY4ZDVmODAzYWFlNmZiZmMxZmRjNDE5MDI2MmEwHhcNMjIwMzMx
MTExMzU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmMWM5MjIwY2NjN2Fh
ZTlhOGNlMjYwMWQ4MzVmNDExYjQxZGNhZGIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkMCmzDUKfy0BBtlTqLvImVAdPElRFVC4aUGkZ/p7C5iuoOWu
SEsQAoagB+jKrXiRWw/LQUZDfZvv3qAirVdrAkmd33D3thuU+y3CFWSECsiCct55
18uUQcp9ebEUlbrhJgsHV1HO+Ja7wM19QsWuhCtxxzoKshlcFUPBoltmuXiUIqQ9
CFnuVHPHi/8qeZBVEm15bVLsQ67k3/utf8WpVMkVUj940HRXrl3NeWneHx8Bf3Ni
khG3IC/qaMHsGU7x4y4/G6EY5vttaFi2ND1CmilABXtjGYzKbWOzibWq5Nf2OpYa
/vgLKSfyafrd4fek8FLXiMDULbqdJQo2PRBS7wIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFPHJIgzMeq6ajOJgHYNfQRtB3K2yMB8GA1UdIwQYMBaAFKyo7P7lH2jV+AOq
5vv8H9xBkCYqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cktqc191VWZhTlg0QTZybS1fd2YzRUdRSmlvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hNy9iMDk1MzAtOWNhMC00NDA3LThhMDUtYmJkN2IwYWJhNmFiLzEv
OGNraURNeDZycHFNNG1BZGcxOUJHMEhjcmJJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9i
MDk1MzAtOWNhMC00NDA3LThhMDUtYmJkN2IwYWJhNmFiLzEvcktqc191VWZhTlg0
QTZybS1fd2YzRUdRSmlvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhJ9QDANBgkqhkiG9w0BAQsFAAOC
AQEAkjvEKz+X5LBnvC42zV4QKWhz3PEGpcPXuoXW9Q6d57p1JnBPvEMtQFpjsAuO
HpdAGUH931mraqTalifutVw4534nSCm1EOXigYBLMadVmJhURDis/+n3v3dxAcWC
i4q8i3YCy8a9FkjUleU7yu5UXeAMFVMQA7dm21TBKWTr89MZSvmZSwkSPUe/Ixmh
gezUhfYc2W2GRlCqTTe5UXDuebXdA490wgZhAEBB8u98lmQUwMoFjDScio0fQlch
vNTQ6nG2GuG3AV17/9TKSfkcV2LkLYJgXHBalD0tXUzEhm7ESEC7btY01BcauBer
hw/f8WLy7k3nbg6uoAdALCUtfQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:52 2023 by rpki-client on console-fra.rpki-client.org