Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/0301d4-4805-405c-a6e0-a42e1f1f4798/1/sKmZkFSa4XJ5YXUk-97A9x4cuOc.roa
File: sKmZkFSa4XJ5YXUk-97A9x4cuOc.roa (raw, json)
Hash identifier: jSFveRETakG75+4CwHhdzhaTdY25+0n75adlQkOwvgo=
Subject key identifier: B0:A9:99:90:54:9A:E1:72:79:61:75:24:FB:DE:C0:F7:1E:1C:B8:E7
Certificate issuer: /CN=a9b5ffd24d2eb5d5c1e1cfe78b003c4bab5a2f13
Certificate serial: 01852E9309738C24493D63E32868DFE0FC68
Authority key identifier: A9:B5:FF:D2:4D:2E:B5:D5:C1:E1:CF:E7:8B:00:3C:4B:AB:5A:2F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbX_0k0utdXB4c_niwA8S6taLxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/0301d4-4805-405c-a6e0-a42e1f1f4798/1/sKmZkFSa4XJ5YXUk-97A9x4cuOc.roa
Signing time: Tue 20 Dec 2022 08:07:46 +0000
ROA not before: Tue 20 Dec 2022 08:07:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50907
IP address blocks: 2a12:bc0:5::/48 maxlen: 48
2a12:bc0:3::/48 maxlen: 48
2a12:bc0:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:93:09:73:8c:24:49:3d:63:e3:28:68:df:e0:fc:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b5ffd24d2eb5d5c1e1cfe78b003c4bab5a2f13
Validity
Not Before: Dec 20 08:07:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0a99990549ae17279617524fbdec0f71e1cb8e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ac:46:87:9a:ce:a5:c5:8b:96:ef:29:1b:19:
61:ed:12:9a:63:c4:03:80:1d:4a:b5:a8:3c:d6:2c:
d0:0b:2d:b6:52:07:cf:e6:ad:c8:e1:0a:17:8e:86:
3a:e6:ba:7e:08:bd:ca:2d:98:6b:84:b5:0b:90:1d:
4e:7f:8f:c4:dc:97:2c:03:fb:9e:0d:b3:c7:d9:61:
61:b9:00:d1:a4:cd:e2:c8:b0:e1:42:9f:51:cd:5f:
02:0e:43:91:63:95:b3:8d:f2:f2:31:db:1f:c8:b7:
5b:01:e7:59:a4:91:7a:71:54:bf:7c:67:08:95:c9:
13:f1:ac:b4:8f:84:5c:70:69:de:ad:35:2f:fd:98:
a3:21:a7:8f:53:e9:98:1e:1e:01:7e:76:2a:b3:5b:
02:f9:e2:77:c1:35:b9:78:65:4b:e0:40:bf:90:e3:
12:cd:43:e1:07:f7:ca:5e:0d:37:54:00:15:d2:63:
94:3f:43:83:82:75:7a:7c:02:02:4b:e2:65:dd:fa:
ee:84:0d:cd:3b:26:ac:2b:5d:94:e5:a6:29:14:81:
cb:0b:8f:38:f5:fa:8e:d0:a4:61:8a:7e:2f:50:80:
8b:8e:32:95:e2:10:99:10:b5:bb:20:ab:2e:39:ea:
79:fb:91:87:83:f6:b5:5c:2e:f7:06:c8:8d:00:0d:
cb:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A9:99:90:54:9A:E1:72:79:61:75:24:FB:DE:C0:F7:1E:1C:B8:E7
X509v3 Authority Key Identifier:
keyid:A9:B5:FF:D2:4D:2E:B5:D5:C1:E1:CF:E7:8B:00:3C:4B:AB:5A:2F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbX_0k0utdXB4c_niwA8S6taLxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0301d4-4805-405c-a6e0-a42e1f1f4798/1/sKmZkFSa4XJ5YXUk-97A9x4cuOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0301d4-4805-405c-a6e0-a42e1f1f4798/1/qbX_0k0utdXB4c_niwA8S6taLxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bc0:3::-2a12:bc0:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7f:20:fd:a2:7c:df:0d:27:4d:bb:53:8a:9a:a5:1f:31:af:85:
be:be:ce:85:2e:90:82:dd:83:04:d2:09:86:15:2d:b6:af:94:
a1:a8:a3:57:aa:db:2a:ec:0a:fc:3f:57:6b:f0:f0:53:0c:9b:
dc:07:06:80:44:7d:06:74:e1:04:ff:7a:52:a8:97:02:d2:82:
75:88:c3:a3:b1:a1:5d:49:a5:7b:6b:d7:40:c8:92:44:62:01:
d4:b3:f2:d1:ab:3b:eb:31:15:d8:7a:c9:e1:40:b4:a5:9c:37:
ba:19:0c:b0:0b:29:74:c3:01:fb:1c:cd:9f:fa:e9:95:e7:d2:
4e:78:92:c5:89:67:13:7f:7d:b2:99:5f:29:7d:02:1d:d0:6b:
4f:ff:ec:38:66:e3:c2:db:78:52:a0:12:5a:a5:cb:88:d6:f3:
cc:1d:20:e2:94:9b:c3:18:e5:89:45:c6:d7:cf:5c:6d:2b:9e:
46:ce:72:4a:48:9e:6e:ee:e7:6f:a2:ff:8d:56:58:58:90:2a:
25:2e:d5:74:e0:f4:a6:06:d3:19:c3:e5:a4:08:a9:c6:61:3e:
09:e4:17:e7:e5:6f:40:0e:75:34:97:41:a7:93:26:2f:2d:cc:
54:37:ce:6c:60:e8:e3:5b:91:9a:b4:ac:23:bc:c1:03:0b:cd:
ed:cd:69:aa
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYUukwlzjCRJPWPjKGjf4PxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YjVmZmQyNGQyZWI1ZDVjMWUxY2ZlNzhiMDAzYzRiYWI1
YTJmMTMwHhcNMjIxMjIwMDgwNzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGE5OTk5MDU0OWFlMTcyNzk2MTc1MjRmYmRlYzBmNzFlMWNiOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaxGh5rOpcWLlu8pGxlh7RKaY8QD
gB1Ktag81izQCy22UgfP5q3I4QoXjoY65rp+CL3KLZhrhLULkB1Of4/E3JcsA/ue
DbPH2WFhuQDRpM3iyLDhQp9RzV8CDkORY5WzjfLyMdsfyLdbAedZpJF6cVS/fGcI
lckT8ay0j4RccGnerTUv/ZijIaePU+mYHh4BfnYqs1sC+eJ3wTW5eGVL4EC/kOMS
zUPhB/fKXg03VAAV0mOUP0ODgnV6fAICS+Jl3fruhA3NOyasK12U5aYpFIHLC484
9fqO0KRhin4vUICLjjKV4hCZELW7IKsuOep5+5GHg/a1XC73BsiNAA3LxwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLCpmZBUmuFyeWF1JPvewPceHLjnMB8GA1UdIwQY
MBaAFKm1/9JNLrXVweHP54sAPEurWi8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJYXzBrMHV0ZFhCNGNfbml3QThTNnRhTHhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8wMzAxZDQtNDgwNS00MDVjLWE2ZTAt
YTQyZTFmMWY0Nzk4LzEvc0ttWmtGU2E0WEo1WVhVay05N0E5eDRjdU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8wMzAxZDQtNDgwNS00MDVjLWE2ZTAtYTQyZTFmMWY0Nzk4
LzEvcWJYXzBrMHV0ZFhCNGNfbml3QThTNnRhTHhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqEgvA
AAMDBwEqEgvAAAQwDQYJKoZIhvcNAQELBQADggEBAH8g/aJ83w0nTbtTipqlHzGv
hb6+zoUukILdgwTSCYYVLbavlKGoo1eq2yrsCvw/V2vw8FMMm9wHBoBEfQZ04QT/
elKolwLSgnWIw6OxoV1JpXtr10DIkkRiAdSz8tGrO+sxFdh6yeFAtKWcN7oZDLAL
KXTDAfsczZ/66ZXn0k54ksWJZxN/fbKZXyl9Ah3Qa0//7Dhm48LbeFKgElqly4jW
88wdIOKUm8MY5YlFxtfPXG0rnkbOckpInm7u52+i/41WWFiQKiUu1XTg9KYG0xnD
5aQIqcZhPgnkF+flb0AOdTSXQaeTJi8tzFQ3zmxg6ONbkZq0rCO8wQMLze3Naao=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:27 2023 by rpki-client on console-fra.rpki-client.org