Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/KM63ai1EcfRsX6kg_9ovHe_8Pn4.roa
File: KM63ai1EcfRsX6kg_9ovHe_8Pn4.roa (raw, json)
Hash identifier: kJLB8MN0R+qTeBVSTnz5n0bu1FH1g5d54F1EGJFN/qo=
Subject key identifier: 28:CE:B7:6A:2D:44:71:F4:6C:5F:A9:20:FF:DA:2F:1D:EF:FC:3E:7E
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01890FF00FE1A92270ADCBD59B6717CECDA8
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/KM63ai1EcfRsX6kg_9ovHe_8Pn4.roa
Signing time: Sat 01 Jul 2023 05:32:18 +0000
ROA not before: Sat 01 Jul 2023 05:32:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49492
IP address blocks: 2a12:a342::/33 maxlen: 33
2a12:a347:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0f:f0:0f:e1:a9:22:70:ad:cb:d5:9b:67:17:ce:cd:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jul 1 05:32:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28ceb76a2d4471f46c5fa920ffda2f1deffc3e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:35:2d:4c:df:44:28:a6:e1:11:ae:7a:99:29:
36:0b:98:9b:2f:12:71:da:8d:8b:00:c4:83:19:4f:
17:e9:c1:10:7f:8e:b3:0a:14:be:b0:d4:34:f4:19:
e0:3f:54:76:87:20:5f:13:d3:49:84:c1:f2:7a:3d:
20:8a:e8:57:d5:ef:62:43:42:df:54:63:a2:99:c3:
09:0b:35:63:45:12:25:6a:0b:1a:3c:bb:82:39:80:
4b:0a:36:98:e0:d0:ab:d2:88:fa:a2:a7:98:7d:28:
6d:e9:0f:c9:f7:08:8c:01:0b:9d:ef:e3:d9:bc:bf:
59:04:29:b6:83:f8:5a:18:31:a8:13:3c:c6:a2:53:
7f:4c:83:aa:c7:f6:ce:8d:47:c0:05:27:38:32:d3:
97:ae:88:66:45:0d:ce:75:bc:7e:81:3a:7d:29:cc:
55:88:c7:c1:d3:46:09:94:de:6e:21:c1:be:0b:e1:
ab:27:39:9e:30:a3:61:96:fe:ba:75:04:68:5b:15:
f7:b6:91:09:68:1b:1e:7e:fe:1c:c4:c3:d0:40:8c:
10:76:41:82:00:46:41:ad:24:cc:42:78:23:3a:a3:
13:04:0c:86:c7:71:de:15:31:fe:11:5c:07:fb:bf:
fd:97:fa:1b:a5:c9:76:b5:55:fb:11:c5:c8:84:43:
91:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CE:B7:6A:2D:44:71:F4:6C:5F:A9:20:FF:DA:2F:1D:EF:FC:3E:7E
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/KM63ai1EcfRsX6kg_9ovHe_8Pn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a342::/33
2a12:a347:1::/48
Signature Algorithm: sha256WithRSAEncryption
9a:64:fd:49:34:db:f0:9b:51:f7:c7:a1:1c:6d:ac:f6:4a:c3:
3e:55:bc:a0:e8:d7:a0:14:55:19:1a:4a:46:44:07:e9:32:36:
8e:fe:b9:15:66:e6:2b:48:6c:91:2e:53:af:a7:46:28:71:99:
d3:9d:19:14:e7:1e:ab:44:8c:01:a3:67:f8:81:7e:11:50:28:
7b:6a:48:f2:0a:9c:b7:f5:f1:98:97:35:39:ee:b9:90:ba:37:
99:7c:e3:88:22:aa:e3:4d:c6:2c:89:40:87:16:3b:42:e7:27:
05:06:d5:28:8c:6e:a9:38:41:f0:dc:a9:dd:ce:33:45:e2:1e:
6f:f1:45:f0:0d:47:60:25:e3:07:fc:c9:e2:b5:cf:6d:46:2f:
92:f9:6f:67:f5:04:94:2a:46:95:2c:25:33:d0:2d:b6:b2:18:
60:ac:60:c0:89:15:f5:30:e3:66:bf:c1:0b:55:00:32:de:d9:
b8:b4:48:4f:88:e1:a2:f1:c7:98:67:9a:70:d2:5e:7b:5f:d7:
03:d3:e4:8f:10:fe:b4:ef:3e:ee:be:db:1a:2a:dc:0c:5c:93:
4d:2f:79:dd:fa:52:34:31:70:65:ae:c7:ee:6a:b6:47:fc:97:
8e:b5:e1:4c:f4:6e:65:d8:6d:18:a4:8c:d3:ee:5e:49:e5:9a:
ca:25:ca:3e
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYkP8A/hqSJwrcvVm2cXzs2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwNzAxMDUzMjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNlYjc2YTJkNDQ3MWY0NmM1ZmE5MjBmZmRhMmYxZGVmZmMzZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzUtTN9EKKbhEa56mSk2C5ibLxJx
2o2LAMSDGU8X6cEQf46zChS+sNQ09BngP1R2hyBfE9NJhMHyej0giuhX1e9iQ0Lf
VGOimcMJCzVjRRIlagsaPLuCOYBLCjaY4NCr0oj6oqeYfSht6Q/J9wiMAQud7+PZ
vL9ZBCm2g/haGDGoEzzGolN/TIOqx/bOjUfABSc4MtOXrohmRQ3Odbx+gTp9KcxV
iMfB00YJlN5uIcG+C+GrJzmeMKNhlv66dQRoWxX3tpEJaBsefv4cxMPQQIwQdkGC
AEZBrSTMQngjOqMTBAyGx3HeFTH+EVwH+7/9l/obpcl2tVX7EcXIhEOR4wIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFCjOt2otRHH0bF+pIP/aLx3v/D5+MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvS002M2FpMUVjZlJzWDZrZ185b3ZIZV84UG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYHKhKjQgAD
BwAqEqNHAAEwDQYJKoZIhvcNAQELBQADggEBAJpk/Uk02/CbUffHoRxtrPZKwz5V
vKDo16AUVRkaSkZEB+kyNo7+uRVm5itIbJEuU6+nRihxmdOdGRTnHqtEjAGjZ/iB
fhFQKHtqSPIKnLf18ZiXNTnuuZC6N5l844giquNNxiyJQIcWO0LnJwUG1SiMbqk4
QfDcqd3OM0XiHm/xRfANR2Al4wf8yeK1z21GL5L5b2f1BJQqRpUsJTPQLbayGGCs
YMCJFfUw42a/wQtVADLe2bi0SE+I4aLxx5hnmnDSXntf1wPT5I8Q/rTvPu6+2xoq
3Axck00ved36UjQxcGWux+5qtkf8l4614Uz0bmXYbRikjNPuXknlmsolyj4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:32 2025 by rpki-client