Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/6/326131323a646434373a383466663a3a2f34382d3438203d3e203136353039.roa
File: 326131323a646434373a383466663a3a2f34382d3438203d3e203136353039.roa (raw, json)
Hash identifier: egAIPjadnTgson9VTPcIWUaWE6hrRXzuynHD0TK0GAE=
Subject key identifier: AD:6E:9E:67:1E:E2:9D:48:CD:DE:E9:21:53:0C:96:2B:B0:B9:36:28
Certificate issuer: /CN=34E6AAC74193FE34C57CB5F562608EE1E50DAD51
Certificate serial: 4F9058ACDA1CFB675B8A0E5143C769932CF42D99
Authority key identifier: 34:E6:AA:C7:41:93:FE:34:C5:7C:B5:F5:62:60:8E:E1:E5:0D:AD:51
Authority info access: rsync://rpki.co/repo/AS945/1/34E6AAC74193FE34C57CB5F562608EE1E50DAD51.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/6/326131323a646434373a383466663a3a2f34382d3438203d3e203136353039.roa
Signing time: Tue 11 Apr 2023 01:14:06 +0000
ROA not before: Tue 11 Apr 2023 01:09:06 +0000
ROA not after: Tue 09 Apr 2024 01:14:06 +0000
asID: 16509
IP address blocks: 2a12:dd47:84ff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:90:58:ac:da:1c:fb:67:5b:8a:0e:51:43:c7:69:93:2c:f4:2d:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34E6AAC74193FE34C57CB5F562608EE1E50DAD51
Validity
Not Before: Apr 11 01:09:06 2023 GMT
Not After : Apr 9 01:14:06 2024 GMT
Subject: CN=AD6E9E671EE29D48CDDEE921530C962BB0B93628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:55:4a:c8:30:0a:21:93:49:91:cb:f9:bd:50:
40:3d:50:69:d4:7c:e1:46:fb:23:82:54:35:2b:b7:
35:36:f1:2c:69:dc:ab:fc:25:d6:2d:21:9c:2b:6f:
fb:b7:55:8d:6f:b1:2b:38:f4:a8:6a:24:b7:fe:0d:
d2:70:f2:71:3e:75:7b:bb:7e:b9:90:69:d6:aa:18:
c2:cf:9f:fd:c3:d4:ae:0b:7a:c5:25:f6:f0:6c:9a:
52:66:1d:b2:98:1a:fa:e2:d5:39:4f:3f:71:4a:e3:
9d:8a:26:9f:8a:fa:e7:f9:99:8d:f7:8c:c4:90:97:
62:d8:ee:89:1a:76:ba:20:de:77:82:08:58:12:f8:
07:9f:cf:d2:58:ed:b6:b2:34:6e:21:ae:89:5b:4f:
2f:6a:e7:ad:1a:ba:a0:93:67:12:2e:4c:e4:74:92:
37:c3:8a:57:43:ac:0c:e8:2d:fd:48:d4:9c:99:ea:
7e:ab:52:d6:a9:f5:cc:29:ec:b1:0b:7f:21:00:b1:
65:1b:ce:45:24:6e:d2:b3:d0:94:8d:9a:ea:8a:48:
ac:c5:ee:25:fd:db:81:85:e1:75:33:c7:10:ea:05:
f5:38:04:87:0e:32:dd:2a:65:6d:e7:a0:be:7d:7c:
7e:c3:e0:8f:fe:6b:22:1c:4a:7f:91:b6:90:c5:c8:
18:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:6E:9E:67:1E:E2:9D:48:CD:DE:E9:21:53:0C:96:2B:B0:B9:36:28
X509v3 Authority Key Identifier:
keyid:34:E6:AA:C7:41:93:FE:34:C5:7C:B5:F5:62:60:8E:E1:E5:0D:AD:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/6/34E6AAC74193FE34C57CB5F562608EE1E50DAD51.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.co/repo/AS945/1/34E6AAC74193FE34C57CB5F562608EE1E50DAD51.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/6/326131323a646434373a383466663a3a2f34382d3438203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:84ff::/48
Signature Algorithm: sha256WithRSAEncryption
2b:a2:0e:b2:df:57:db:17:9c:f5:f0:79:05:b9:be:1f:f8:5f:
54:07:c3:f3:91:51:aa:f0:4d:29:5a:33:10:22:67:eb:d3:a1:
54:8b:45:74:30:6c:9e:3e:35:02:73:77:1b:a4:fa:9e:51:45:
5b:3a:39:c4:70:e7:c5:18:8c:7b:61:02:16:63:81:6d:d6:48:
db:ec:e1:c1:9b:a4:97:67:d4:7b:66:9e:13:1b:3b:ce:7c:d8:
7e:15:71:a4:7a:ab:68:a8:73:39:e2:0e:51:75:41:8b:b9:4b:
59:17:06:4c:d8:ea:31:8a:32:59:43:f4:96:5e:93:45:85:4f:
50:03:a1:d8:f7:a9:5a:12:f9:7b:ab:72:b8:7d:29:dd:73:7a:
52:4f:23:a4:76:2b:8d:98:ff:70:39:4e:6f:b7:4b:52:28:5f:
bb:ec:0a:92:8c:70:7a:97:24:51:b9:2d:56:15:da:4a:e8:0a:
1c:58:c5:21:67:02:c8:a0:2b:59:d6:05:5c:f4:1d:72:d6:17:
af:be:a3:16:d2:44:1d:ef:4a:66:80:8e:68:26:2f:ee:1b:68:
ea:a2:89:47:73:b7:a2:2c:32:ac:8d:4b:e8:b7:32:f4:63:8d:
00:6b:2a:61:a5:e1:35:7a:2a:9d:b7:6a:5e:e3:9e:0e:d3:78:
83:55:c5:79
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUT5BYrNoc+2dbig5RQ8dpkyz0LZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzRFNkFBQzc0MTkzRkUzNEM1N0NCNUY1NjI2MDhFRTFF
NTBEQUQ1MTAeFw0yMzA0MTEwMTA5MDZaFw0yNDA0MDkwMTE0MDZaMDMxMTAvBgNV
BAMTKEFENkU5RTY3MUVFMjlENDhDRERFRTkyMTUzMEM5NjJCQjBCOTM2MjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKVUrIMAohk0mRy/m9UEA9UGnU
fOFG+yOCVDUrtzU28Sxp3Kv8JdYtIZwrb/u3VY1vsSs49KhqJLf+DdJw8nE+dXu7
frmQadaqGMLPn/3D1K4LesUl9vBsmlJmHbKYGvri1TlPP3FK452KJp+K+uf5mY33
jMSQl2LY7okadrog3neCCFgS+Aefz9JY7bayNG4hrolbTy9q560auqCTZxIuTOR0
kjfDildDrAzoLf1I1JyZ6n6rUtap9cwp7LELfyEAsWUbzkUkbtKz0JSNmuqKSKzF
7iX924GF4XUzxxDqBfU4BIcOMt0qZW3noL59fH7D4I/+ayIcSn+RtpDFyBirAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUrW6eZx7inUjN3ukhUwyWK7C5NigwHwYDVR0j
BBgwFoAUNOaqx0GT/jTFfLX1YmCO4eUNrVEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzYvMzRFNkFBQzc0MTkzRkUzNEM1N0NCNUY1NjI2MDhFRTFFNTBEQUQ1MS5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kuY28v
cmVwby9BUzk0NS8xLzM0RTZBQUM3NDE5M0ZFMzRDNTdDQjVGNTYyNjA4RUUxRTUw
REFENTEuY2VyMIG1BggrBgEFBQcBCwSBqDCBpTCBogYIKwYBBQUHMAuGgZVyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzFiZjhlOTc3
LTcyNzgtNDZjZi1hYmQxLTk5Y2QxZmQyYmU0ZS82LzMyNjEzMTMyM2E2NDY0MzQz
NzNhMzgzNDY2NjYzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTM2MzUzMDM5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAKhLdR4T/MA0GCSqGSIb3DQEBCwUAA4IBAQArog6y31fbF5z18HkF
ub4f+F9UB8PzkVGq8E0pWjMQImfr06FUi0V0MGyePjUCc3cbpPqeUUVbOjnEcOfF
GIx7YQIWY4Ft1kjb7OHBm6SXZ9R7Zp4TGzvOfNh+FXGkeqtoqHM54g5RdUGLuUtZ
FwZM2OoxijJZQ/SWXpNFhU9QA6HY96laEvl7q3K4fSndc3pSTyOkdiuNmP9wOU5v
t0tSKF+77AqSjHB6lyRRuS1WFdpK6AocWMUhZwLIoCtZ1gVc9B1y1hevvqMW0kQd
70pmgI5oJi/uG2jqoolHc7eiLDKsjUvotzL0Y40AayphpeE1eiqdt2pe454O03iD
VcV5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:10 2024 by rpki-client on console-fra.rpki-client.org