Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/xlvugw4nfPB3C90BJXLoZJAL18k.roa
File: xlvugw4nfPB3C90BJXLoZJAL18k.roa (raw, json)
Hash identifier: RDdAxeQfEoZwZ/9/hfsr8Swg4I7J/llmumgCjCKGzRg=
Subject key identifier: C6:5B:EE:83:0E:27:7C:F0:77:0B:DD:01:25:72:E8:64:90:0B:D7:C9
Certificate issuer: /CN=4fa5cde524f7810d5868bc49ab0bf6621f44dc21
Certificate serial: 0320FF
Authority key identifier: 4F:A5:CD:E5:24:F7:81:0D:58:68:BC:49:AB:0B:F6:62:1F:44:DC:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/xlvugw4nfPB3C90BJXLoZJAL18k.roa
Signing time: Sat 19 Feb 2022 00:21:25 +0000
ROA not before: Sat 19 Feb 2022 00:21:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8283
IP address blocks: 2a12:4440::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 205055 (0x320ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fa5cde524f7810d5868bc49ab0bf6621f44dc21
Validity
Not Before: Feb 19 00:21:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c65bee830e277cf0770bdd012572e864900bd7c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:9e:57:20:91:e4:15:d5:3c:16:ee:9d:e9:24:
12:78:71:b7:59:e2:4e:df:41:3a:f7:7d:6f:85:e2:
52:d8:6e:dd:f4:86:1b:33:79:b0:d8:cd:09:1b:9b:
1d:65:2b:1c:35:c8:7b:77:71:d8:29:85:69:11:54:
25:43:d2:5c:0a:47:f5:1f:40:42:aa:58:69:59:25:
a5:b8:d1:80:1c:cf:b7:0b:ba:67:a5:68:f7:2d:9d:
14:06:17:a0:7f:43:25:a4:98:65:df:bc:72:70:f7:
ee:90:e4:2a:f0:29:01:2a:aa:ca:50:e1:2b:6d:10:
90:9a:05:a0:e1:20:35:c3:ef:7f:14:00:46:e8:72:
24:d4:64:07:03:82:46:69:ca:9a:69:2a:76:97:ba:
82:1e:d4:b4:84:3e:d5:7b:dd:31:b4:99:94:f4:9d:
56:33:1c:bd:a9:77:fb:5b:ce:ab:ae:f2:c5:21:08:
5d:4d:4a:7c:78:cb:ea:2a:ad:27:db:0e:9d:5f:3c:
cb:50:b6:4b:99:40:cc:ed:bd:d0:92:be:4f:80:ce:
cc:e3:35:b0:ad:37:83:db:32:fb:f8:95:a8:89:b3:
32:4a:be:95:ed:be:59:9d:6c:60:b6:6a:dd:c0:0d:
32:b1:f3:08:23:bf:89:d0:f5:84:3f:db:00:f5:1e:
20:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:5B:EE:83:0E:27:7C:F0:77:0B:DD:01:25:72:E8:64:90:0B:D7:C9
X509v3 Authority Key Identifier:
keyid:4F:A5:CD:E5:24:F7:81:0D:58:68:BC:49:AB:0B:F6:62:1F:44:DC:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/xlvugw4nfPB3C90BJXLoZJAL18k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:4440::/32
Signature Algorithm: sha256WithRSAEncryption
1d:ae:62:35:98:25:f5:90:4b:a0:eb:d1:bb:e8:97:c5:4e:b8:
00:4b:38:68:08:d5:3c:55:ec:cd:2e:82:ab:46:05:b2:e4:4e:
2a:98:91:42:fa:19:89:f7:80:63:a8:c4:74:38:fd:25:7e:2a:
a8:c9:98:9c:73:52:f3:59:aa:da:0b:d8:c7:98:d2:c4:17:bc:
2f:72:dc:89:ff:e7:e6:74:28:ce:ea:7c:bd:03:3f:58:23:0d:
13:37:db:4b:89:22:46:66:87:c7:5b:75:09:50:2e:39:9c:c0:
54:19:27:65:bf:1f:23:71:a9:74:d3:e9:1b:6b:4e:34:0e:a3:
05:26:5d:53:2b:43:f1:4c:8f:79:7e:ab:a8:10:71:3b:9f:58:
db:ad:d6:34:a9:83:6f:c1:ed:04:68:6c:9c:42:e6:4d:16:2f:
1a:f9:64:8b:bd:fc:21:c8:a9:e5:88:49:87:0a:d5:42:d0:cb:
a8:f7:47:4a:c0:52:88:83:fc:93:e0:3d:0c:25:63:f9:52:06:
f8:70:ef:86:25:06:cb:59:e4:08:07:8f:d5:2c:3b:5f:d6:2b:
33:2b:5e:61:1f:7c:56:c5:07:1e:85:91:b7:cf:df:f8:7c:a7:
a8:b4:9d:d2:8b:9b:b5:ee:f3:be:39:6c:59:45:c4:7d:92:3a:
8b:0f:d9:fa
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDAyD/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRm
YTVjZGU1MjRmNzgxMGQ1ODY4YmM0OWFiMGJmNjYyMWY0NGRjMjEwHhcNMjIwMjE5
MDAyMTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjNjViZWU4MzBlMjc3
Y2YwNzcwYmRkMDEyNTcyZTg2NDkwMGJkN2M5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5p5XIJHkFdU8Fu6d6SQSeHG3WeJO30E6931vheJS2G7d9IYb
M3mw2M0JG5sdZSscNch7d3HYKYVpEVQlQ9JcCkf1H0BCqlhpWSWluNGAHM+3C7pn
pWj3LZ0UBhegf0MlpJhl37xycPfukOQq8CkBKqrKUOErbRCQmgWg4SA1w+9/FABG
6HIk1GQHA4JGacqaaSp2l7qCHtS0hD7Ve90xtJmU9J1WMxy9qXf7W86rrvLFIQhd
TUp8eMvqKq0n2w6dXzzLULZLmUDM7b3Qkr5PgM7M4zWwrTeD2zL7+JWoibMySr6V
7b5ZnWxgtmrdwA0ysfMII7+J0PWEP9sA9R4guQIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFMZb7oMOJ3zwdwvdASVy6GSQC9fJMB8GA1UdIwQYMBaAFE+lzeUk94ENWGi8
SasL9mIfRNwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VDZYTjVTVDNnUTFZYUx4SnF3djJZaDlFM0NFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lMy9kNjA4OGMtMzExMC00MWUxLWI5OTYtMzJkNGFkOGY1NmRlLzEv
eGx2dWd3NG5mUEIzQzkwQkpYTG9aSkFMMThrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9k
NjA4OGMtMzExMC00MWUxLWI5OTYtMzJkNGFkOGY1NmRlLzEvVDZYTjVTVDNnUTFZ
YUx4SnF3djJZaDlFM0NFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhJEQDANBgkqhkiG9w0BAQsFAAOC
AQEAHa5iNZgl9ZBLoOvRu+iXxU64AEs4aAjVPFXszS6Cq0YFsuROKpiRQvoZifeA
Y6jEdDj9JX4qqMmYnHNS81mq2gvYx5jSxBe8L3Lcif/n5nQozup8vQM/WCMNEzfb
S4kiRmaHx1t1CVAuOZzAVBknZb8fI3GpdNPpG2tONA6jBSZdUytD8UyPeX6rqBBx
O59Y263WNKmDb8HtBGhsnELmTRYvGvlki738Icip5YhJhwrVQtDLqPdHSsBSiIP8
k+A9DCVj+VIG+HDvhiUGy1nkCAeP1Sw7X9YrMyteYR98VsUHHoWRt8/f+HynqLSd
0oubte7zvjlsWUXEfZI6iw/Z+g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:21 2023 by rpki-client on console-ams.rpki-client.org