Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/0301d4-4805-405c-a6e0-a42e1f1f4798/1/wgPcP9T_sVuTv29S9egMUUQWE88.roa
File: wgPcP9T_sVuTv29S9egMUUQWE88.roa (raw, json)
Hash identifier: cBH57Jqj2E7IVs99QW1URXd/malhYbkGyEMY44xPSqk=
Subject key identifier: C2:03:DC:3F:D4:FF:B1:5B:93:BF:6F:52:F5:E8:0C:51:44:16:13:CF
Certificate issuer: /CN=a9b5ffd24d2eb5d5c1e1cfe78b003c4bab5a2f13
Certificate serial: 01855D0983B8483BFE738D00F7D4A856CDB8
Authority key identifier: A9:B5:FF:D2:4D:2E:B5:D5:C1:E1:CF:E7:8B:00:3C:4B:AB:5A:2F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbX_0k0utdXB4c_niwA8S6taLxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/0301d4-4805-405c-a6e0-a42e1f1f4798/1/wgPcP9T_sVuTv29S9egMUUQWE88.roa
Signing time: Thu 29 Dec 2022 08:39:42 +0000
ROA not before: Thu 29 Dec 2022 08:39:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50907
IP address blocks: 2a12:bc0:5::/48 maxlen: 48
2a12:bc0:3::/48 maxlen: 48
2a12:bc0:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:09:83:b8:48:3b:fe:73:8d:00:f7:d4:a8:56:cd:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b5ffd24d2eb5d5c1e1cfe78b003c4bab5a2f13
Validity
Not Before: Dec 29 08:39:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c203dc3fd4ffb15b93bf6f52f5e80c51441613cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f0:93:8a:0e:71:26:82:f3:2c:89:e6:cf:6e:
37:71:bf:7d:f5:38:a1:eb:64:75:5c:3b:86:90:d8:
6e:5b:a9:39:1e:d6:e5:cf:46:8c:48:2b:88:95:77:
ad:5d:60:3e:48:f0:ac:12:a1:18:6c:0a:e2:a0:18:
ca:a7:61:56:69:b6:99:6f:0b:8a:3f:48:30:41:fd:
79:14:53:d0:cd:5b:6c:4a:b6:f1:6b:48:e5:57:ce:
8f:c9:1a:59:c6:15:eb:6f:e1:7b:95:0c:1b:bc:82:
d9:a3:16:b4:18:49:83:76:12:6c:df:a4:43:d1:11:
7a:74:0e:ae:93:d4:f9:12:22:83:90:4c:e6:5c:d3:
92:34:ba:d4:f7:c1:d7:05:f0:3f:48:74:50:9d:fd:
e2:55:2f:6c:c8:07:da:4c:00:5c:fe:43:a7:a3:20:
94:45:c8:35:5e:e1:18:26:dd:a0:ce:a0:1f:f8:d4:
07:a9:c7:dc:00:05:06:d6:1d:ca:d2:63:84:2b:64:
91:5c:15:05:c3:f5:fa:f0:ac:1a:62:b9:f3:13:64:
3f:57:a0:bf:07:8b:09:86:fb:ee:7a:b4:2c:db:45:
79:a7:0d:88:d7:77:94:26:8f:65:27:09:01:e9:cd:
43:b9:4e:f8:7d:17:90:c1:7b:c7:3f:69:15:57:1a:
f9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:03:DC:3F:D4:FF:B1:5B:93:BF:6F:52:F5:E8:0C:51:44:16:13:CF
X509v3 Authority Key Identifier:
keyid:A9:B5:FF:D2:4D:2E:B5:D5:C1:E1:CF:E7:8B:00:3C:4B:AB:5A:2F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbX_0k0utdXB4c_niwA8S6taLxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0301d4-4805-405c-a6e0-a42e1f1f4798/1/wgPcP9T_sVuTv29S9egMUUQWE88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0301d4-4805-405c-a6e0-a42e1f1f4798/1/qbX_0k0utdXB4c_niwA8S6taLxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bc0:3::-2a12:bc0:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
57:4e:ab:69:fe:a8:fa:c2:9c:b0:de:43:df:6a:2a:9c:4f:28:
f4:d0:a0:f9:f1:63:8f:cb:85:2d:09:6a:d8:3b:6c:34:f7:dc:
00:36:06:a5:ba:5c:df:23:57:11:19:57:44:19:75:f0:41:73:
57:05:ca:d8:6b:bb:9b:9e:68:42:95:b9:a6:b9:94:44:fe:b4:
19:93:b7:8d:e9:cf:92:18:3e:cb:61:bb:43:93:f1:30:8b:5c:
c5:28:a7:00:fc:71:a4:69:9d:05:a9:f2:51:e7:72:28:77:ad:
83:f7:cf:ca:5a:ee:7a:e0:6d:86:80:bb:e5:e4:de:4d:87:35:
7c:a8:9f:e6:ff:9a:f3:52:be:ac:97:01:fe:db:e2:20:30:81:
2b:7e:a8:fa:1e:b2:df:f5:69:8e:51:99:87:fd:da:84:56:51:
60:74:b1:10:fd:f6:1a:ac:06:14:bd:8c:63:ad:58:7f:6a:b0:
9a:c3:76:93:d5:6c:0b:57:d6:80:e1:13:ef:6b:ba:a5:b0:1a:
f4:00:73:c1:e6:c7:53:e2:1f:ea:b6:b5:10:ac:25:c5:7f:90:
fd:4e:3f:00:fb:3d:96:e9:93:21:8a:9c:e6:0e:4b:62:4a:1e:
3e:17:3f:1a:e0:08:12:22:a2:1b:fe:59:4c:d1:99:11:2c:87:
13:8e:c1:4e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVdCYO4SDv+c40A99SoVs24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YjVmZmQyNGQyZWI1ZDVjMWUxY2ZlNzhiMDAzYzRiYWI1
YTJmMTMwHhcNMjIxMjI5MDgzOTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjAzZGMzZmQ0ZmZiMTViOTNiZjZmNTJmNWU4MGM1MTQ0MTYxM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/CTig5xJoLzLInmz243cb999Tih
62R1XDuGkNhuW6k5Htblz0aMSCuIlXetXWA+SPCsEqEYbArioBjKp2FWabaZbwuK
P0gwQf15FFPQzVtsSrbxa0jlV86PyRpZxhXrb+F7lQwbvILZoxa0GEmDdhJs36RD
0RF6dA6uk9T5EiKDkEzmXNOSNLrU98HXBfA/SHRQnf3iVS9syAfaTABc/kOnoyCU
Rcg1XuEYJt2gzqAf+NQHqcfcAAUG1h3K0mOEK2SRXBUFw/X68KwaYrnzE2Q/V6C/
B4sJhvvuerQs20V5pw2I13eUJo9lJwkB6c1DuU74fReQwXvHP2kVVxr5fwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMID3D/U/7Fbk79vUvXoDFFEFhPPMB8GA1UdIwQY
MBaAFKm1/9JNLrXVweHP54sAPEurWi8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJYXzBrMHV0ZFhCNGNfbml3QThTNnRhTHhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8wMzAxZDQtNDgwNS00MDVjLWE2ZTAt
YTQyZTFmMWY0Nzk4LzEvd2dQY1A5VF9zVnVUdjI5UzllZ01VVVFXRTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8wMzAxZDQtNDgwNS00MDVjLWE2ZTAtYTQyZTFmMWY0Nzk4
LzEvcWJYXzBrMHV0ZFhCNGNfbml3QThTNnRhTHhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqEgvA
AAMDBwEqEgvAAAQwDQYJKoZIhvcNAQELBQADggEBAFdOq2n+qPrCnLDeQ99qKpxP
KPTQoPnxY4/LhS0Jatg7bDT33AA2BqW6XN8jVxEZV0QZdfBBc1cFythru5ueaEKV
uaa5lET+tBmTt43pz5IYPsthu0OT8TCLXMUopwD8caRpnQWp8lHncih3rYP3z8pa
7nrgbYaAu+Xk3k2HNXyon+b/mvNSvqyXAf7b4iAwgSt+qPoest/1aY5RmYf92oRW
UWB0sRD99hqsBhS9jGOtWH9qsJrDdpPVbAtX1oDhE+9ruqWwGvQAc8Hmx1PiH+q2
tRCsJcV/kP1OPwD7PZbpkyGKnOYOS2JKHj4XPxrgCBIiohv+WUzRmREshxOOwU4=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:27 2023 by rpki-client on console-fra.rpki-client.org