Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/fa17f3-2d73-4584-afac-1e2273f5eb19/1/ZeTcJlsnVWgxQdYQZlJInj4n-fI.roa
File: ZeTcJlsnVWgxQdYQZlJInj4n-fI.roa (raw, json)
Hash identifier: REKI3PB8HzdzF9ULkKaK0wQYL/bZB8VSCqdXaQCObzY=
Subject key identifier: 65:E4:DC:26:5B:27:55:68:31:41:D6:10:66:52:48:9E:3E:27:F9:F2
Certificate issuer: /CN=4dd5017171cb486228461ca078591bacac24b6cd
Certificate serial: 88CE1C
Authority key identifier: 4D:D5:01:71:71:CB:48:62:28:46:1C:A0:78:59:1B:AC:AC:24:B6:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdUBcXHLSGIoRhygeFkbrKwkts0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/fa17f3-2d73-4584-afac-1e2273f5eb19/1/ZeTcJlsnVWgxQdYQZlJInj4n-fI.roa
Signing time: Sat 01 Jan 2022 02:01:38 +0000
ROA not before: Sat 01 Jan 2022 02:01:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a12:2400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8965660 (0x88ce1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd5017171cb486228461ca078591bacac24b6cd
Validity
Not Before: Jan 1 02:01:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65e4dc265b2755683141d6106652489e3e27f9f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7f:6f:9d:65:e0:bc:66:c1:4d:33:68:8f:d7:
89:e5:a4:c9:2e:80:c5:f5:63:4c:2f:e0:93:5a:67:
e0:a7:1a:6e:7c:5a:f2:60:ce:e1:b3:45:04:d4:5d:
ff:a0:63:62:63:f1:e3:66:a1:86:4d:91:1a:28:92:
e3:97:40:58:16:f2:bf:c4:a4:5f:d4:9b:97:cd:2f:
78:9b:68:35:8e:74:5f:2c:fc:fb:5e:82:9d:67:9c:
d7:15:c8:19:c3:6f:95:28:93:bf:28:82:41:b7:2c:
c3:30:f1:56:51:ef:2b:77:84:3a:dc:b8:28:f8:5e:
a9:86:22:bb:72:c3:f1:ba:2f:cb:a8:ae:cd:1e:55:
96:c0:16:32:fd:95:22:b8:31:6a:fd:79:0a:09:fc:
9e:12:9c:ee:88:78:48:6d:ac:86:dd:8a:5e:7f:b4:
f3:16:7c:b8:c5:ba:61:0e:2f:74:78:11:e9:8a:ed:
b1:e7:41:85:10:cd:60:8b:be:e6:fe:b1:9d:43:7a:
7f:66:f3:e8:2f:ac:72:53:46:71:20:39:71:1a:84:
1d:52:91:f0:eb:19:9b:89:4b:e0:b8:20:be:5a:12:
ca:52:af:4b:fe:46:5f:96:21:81:c4:9a:bf:c4:fa:
2d:76:a1:59:c0:52:45:7d:72:0b:7b:99:cb:61:d7:
0d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E4:DC:26:5B:27:55:68:31:41:D6:10:66:52:48:9E:3E:27:F9:F2
X509v3 Authority Key Identifier:
keyid:4D:D5:01:71:71:CB:48:62:28:46:1C:A0:78:59:1B:AC:AC:24:B6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdUBcXHLSGIoRhygeFkbrKwkts0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/fa17f3-2d73-4584-afac-1e2273f5eb19/1/ZeTcJlsnVWgxQdYQZlJInj4n-fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/fa17f3-2d73-4584-afac-1e2273f5eb19/1/TdUBcXHLSGIoRhygeFkbrKwkts0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:2400::/29
Signature Algorithm: sha256WithRSAEncryption
43:48:d5:85:f3:35:f3:70:c7:2e:29:b3:de:52:38:5c:5e:8e:
36:56:35:16:96:af:97:b4:b1:9e:6e:f0:10:a7:5f:04:71:a8:
b3:83:3b:3a:b2:21:7c:a7:7d:f3:13:05:40:02:76:dd:27:db:
e5:55:94:a3:08:5c:0a:a0:51:f4:0d:1e:1b:5f:36:81:4b:29:
89:a5:9b:74:f7:7c:46:b1:bb:99:6a:b4:b1:07:05:03:bb:92:
84:76:d6:00:ff:fb:76:83:a6:7e:10:7f:b2:d2:26:ca:69:a6:
90:57:c1:d4:28:a5:6b:c3:89:ec:ec:d6:66:a2:77:5b:8a:45:
d8:78:db:95:3d:d7:98:87:ce:69:30:c6:1f:4a:89:9f:95:83:
93:18:ae:7d:5b:39:4b:28:6b:14:82:9c:44:77:a9:a6:5c:de:
de:9a:27:d2:03:5d:00:26:6e:b7:ff:12:7a:80:18:c4:b3:c3:
5f:e6:d0:69:ed:60:ef:5f:5e:c4:e5:17:87:3b:af:23:c3:a8:
43:ae:1a:13:61:91:6f:27:ac:41:ff:0e:1f:58:f6:e1:f6:f0:
98:71:73:f2:b8:3e:cc:ef:26:6a:d0:a9:36:4a:68:ec:60:6b:
3e:c6:6d:40:f0:cf:22:a1:f1:89:18:bd:c4:a7:7f:15:bd:d4:
4b:29:22:c8
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAIjOHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZGQ1MDE3MTcxY2I0ODYyMjg0NjFjYTA3ODU5MWJhY2FjMjRiNmNkMB4XDTIyMDEw
MTAyMDEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjVlNGRjMjY1YjI3
NTU2ODMxNDFkNjEwNjY1MjQ4OWUzZTI3ZjlmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANV/b51l4LxmwU0zaI/XieWkyS6AxfVjTC/gk1pn4Kcabnxa
8mDO4bNFBNRd/6BjYmPx42ahhk2RGiiS45dAWBbyv8SkX9Sbl80veJtoNY50Xyz8
+16CnWec1xXIGcNvlSiTvyiCQbcswzDxVlHvK3eEOty4KPheqYYiu3LD8bovy6iu
zR5VlsAWMv2VIrgxav15Cgn8nhKc7oh4SG2sht2KXn+08xZ8uMW6YQ4vdHgR6Yrt
sedBhRDNYIu+5v6xnUN6f2bz6C+sclNGcSA5cRqEHVKR8OsZm4lL4LggvloSylKv
S/5GX5YhgcSav8T6LXahWcBSRX1yC3uZy2HXDS0CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRl5NwmWydVaDFB1hBmUkiePif58jAfBgNVHSMEGDAWgBRN1QFxcctIYihG
HKB4WRusrCS2zTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RkVUJjWEhMU0dJb1JoeWdlRmtickt3a3RzMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvZmExN2YzLTJkNzMtNDU4NC1hZmFjLTFlMjI3M2Y1ZWIxOS8x
L1plVGNKbHNuVldneFFkWVFabEpJbmo0bi1mSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
ZmExN2YzLTJkNzMtNDU4NC1hZmFjLTFlMjI3M2Y1ZWIxOS8xL1RkVUJjWEhMU0dJ
b1JoeWdlRmtickt3a3RzMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoSJAAwDQYJKoZIhvcNAQELBQAD
ggEBAENI1YXzNfNwxy4ps95SOFxejjZWNRaWr5e0sZ5u8BCnXwRxqLODOzqyIXyn
ffMTBUACdt0n2+VVlKMIXAqgUfQNHhtfNoFLKYmlm3T3fEaxu5lqtLEHBQO7koR2
1gD/+3aDpn4Qf7LSJsppppBXwdQopWvDiezs1maid1uKRdh425U915iHzmkwxh9K
iZ+Vg5MYrn1bOUsoaxSCnER3qaZc3t6aJ9IDXQAmbrf/EnqAGMSzw1/m0GntYO9f
XsTlF4c7ryPDqEOuGhNhkW8nrEH/Dh9Y9uH28Jhxc/K4PszvJmrQqTZKaOxgaz7G
bUDwzyKh8YkYvcSnfxW91EspIsg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:57 2023 by rpki-client on console-ams.rpki-client.org