Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/975c38-5998-4549-b16a-42f4202b4e52/1/qKr6GjNlGAYWa1wPcdN-s8mGvfY.roa
File: qKr6GjNlGAYWa1wPcdN-s8mGvfY.roa (raw, json)
Hash identifier: Fgf2npv9Hpp6dfXeCVrEeKGF7Pl6m7E7/aNdE1/U15M=
Subject key identifier: A8:AA:FA:1A:33:65:18:06:16:6B:5C:0F:71:D3:7E:B3:C9:86:BD:F6
Certificate issuer: /CN=e3d89f8f2ab8e5446b4c9e125cacb027489ca7fb
Certificate serial: 0185316E8B1C218B1D5750DEF22CAB51F1A6
Authority key identifier: E3:D8:9F:8F:2A:B8:E5:44:6B:4C:9E:12:5C:AC:B0:27:48:9C:A7:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/49ifjyq45URrTJ4SXKywJ0icp_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/975c38-5998-4549-b16a-42f4202b4e52/1/qKr6GjNlGAYWa1wPcdN-s8mGvfY.roa
Signing time: Tue 20 Dec 2022 21:26:46 +0000
ROA not before: Tue 20 Dec 2022 21:26:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211603
IP address blocks: 2a12:8540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:31:6e:8b:1c:21:8b:1d:57:50:de:f2:2c:ab:51:f1:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3d89f8f2ab8e5446b4c9e125cacb027489ca7fb
Validity
Not Before: Dec 20 21:26:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8aafa1a33651806166b5c0f71d37eb3c986bdf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:26:77:b2:cf:16:16:4a:fa:c6:c2:be:35:df:
59:1f:1f:66:85:5c:4f:26:46:f2:4d:a5:2d:b0:eb:
db:e8:95:6d:ff:ce:f9:d6:12:8b:cb:a5:10:c8:db:
1a:50:e7:f4:48:a9:35:48:1f:16:6e:c2:3c:ac:de:
48:cd:ac:d9:38:20:41:e7:5e:05:00:d9:f3:42:aa:
cc:23:b8:63:40:4b:02:31:5e:bb:74:04:f3:44:2a:
6e:4d:f2:0f:b7:4e:d1:72:30:c4:6c:2f:a8:d2:7a:
b2:58:b0:92:f6:5a:73:2f:28:e9:35:c1:13:5e:fe:
81:2b:74:0f:53:a9:bf:94:1e:90:b2:df:f5:41:67:
26:05:aa:64:ac:52:3d:60:1a:f0:30:85:42:21:98:
18:38:ac:8f:9a:8f:b9:7b:6f:a4:99:33:5b:4f:95:
7b:c9:f7:c4:d0:30:a0:16:fe:a6:ee:e9:cd:76:23:
e9:a6:6d:80:d1:3d:06:61:c4:29:4c:29:b3:bb:40:
93:29:27:43:dd:cc:31:8c:45:df:cd:13:9e:8b:af:
1f:ad:aa:bf:77:f0:29:4d:41:8c:8e:40:1a:05:47:
c2:23:e9:df:13:c2:d5:a4:1a:ef:f0:87:3b:f2:58:
14:4f:b9:88:6d:6d:51:17:c0:ac:b2:89:dc:0c:39:
a2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:AA:FA:1A:33:65:18:06:16:6B:5C:0F:71:D3:7E:B3:C9:86:BD:F6
X509v3 Authority Key Identifier:
keyid:E3:D8:9F:8F:2A:B8:E5:44:6B:4C:9E:12:5C:AC:B0:27:48:9C:A7:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/49ifjyq45URrTJ4SXKywJ0icp_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/975c38-5998-4549-b16a-42f4202b4e52/1/qKr6GjNlGAYWa1wPcdN-s8mGvfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/975c38-5998-4549-b16a-42f4202b4e52/1/49ifjyq45URrTJ4SXKywJ0icp_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8540::/29
Signature Algorithm: sha256WithRSAEncryption
77:94:3f:ea:17:65:37:67:2b:29:ee:44:04:11:8e:ef:9d:a7:
37:d1:df:3f:bd:7c:56:1e:1a:5b:9d:5a:44:23:34:4e:07:51:
c3:07:ac:00:60:ba:41:29:25:5e:17:75:8c:55:a3:da:0e:3b:
0c:e5:db:f8:76:bb:50:c6:ab:d5:31:e6:5b:eb:27:af:66:70:
64:5b:e9:c5:ff:93:2c:1b:8a:57:12:5d:71:cd:6f:68:e7:ea:
ce:c8:9e:ed:a9:2c:3b:05:3d:85:36:03:1d:c5:f5:74:08:46:
bc:78:ed:b2:22:1d:9e:a2:22:f8:20:06:04:29:3e:96:33:c8:
64:d9:a9:a0:d7:02:37:d1:01:2b:01:9c:aa:fb:83:50:8e:fa:
67:84:b1:92:75:36:f4:7e:22:fd:b2:13:ea:40:e7:de:38:fc:
e5:c9:32:15:64:98:98:49:d1:04:08:6a:98:e5:cf:c7:d8:43:
98:e8:37:36:87:66:79:84:99:79:84:de:80:02:5a:87:bb:1f:
af:09:53:bc:ae:09:a1:ac:cd:52:e1:c5:44:5d:24:bf:31:33:
1b:67:3c:21:c2:40:ec:d6:bf:2e:0c:cf:be:92:72:66:91:f6:
8d:e8:a9:c4:ec:52:cb:0f:37:d5:86:c7:93:8c:2b:f8:38:91:
03:ac:0b:79
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYUxboscIYsdV1De8iyrUfGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZDg5ZjhmMmFiOGU1NDQ2YjRjOWUxMjVjYWNiMDI3NDg5
Y2E3ZmIwHhcNMjIxMjIwMjEyNjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGFhZmExYTMzNjUxODA2MTY2YjVjMGY3MWQzN2ViM2M5ODZiZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCZ3ss8WFkr6xsK+Nd9ZHx9mhVxP
JkbyTaUtsOvb6JVt/8751hKLy6UQyNsaUOf0SKk1SB8WbsI8rN5IzazZOCBB514F
ANnzQqrMI7hjQEsCMV67dATzRCpuTfIPt07RcjDEbC+o0nqyWLCS9lpzLyjpNcET
Xv6BK3QPU6m/lB6Qst/1QWcmBapkrFI9YBrwMIVCIZgYOKyPmo+5e2+kmTNbT5V7
yffE0DCgFv6m7unNdiPppm2A0T0GYcQpTCmzu0CTKSdD3cwxjEXfzROei68fraq/
d/ApTUGMjkAaBUfCI+nfE8LVpBrv8Ic78lgUT7mIbW1RF8CssoncDDmirwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKiq+hozZRgGFmtcD3HTfrPJhr32MB8GA1UdIwQY
MBaAFOPYn48quOVEa0yeElyssCdInKf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDlpZmp5cTQ1VVJyVEo0U1hLeXdKMGljcF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NzVjMzgtNTk5OC00NTQ5LWIxNmEt
NDJmNDIwMmI0ZTUyLzEvcUtyNkdqTmxHQVlXYTF3UGNkTi1zOG1HdmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NzVjMzgtNTk5OC00NTQ5LWIxNmEtNDJmNDIwMmI0ZTUy
LzEvNDlpZmp5cTQ1VVJyVEo0U1hLeXdKMGljcF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKFQDAN
BgkqhkiG9w0BAQsFAAOCAQEAd5Q/6hdlN2crKe5EBBGO752nN9HfP718Vh4aW51a
RCM0TgdRwwesAGC6QSklXhd1jFWj2g47DOXb+Ha7UMar1THmW+snr2ZwZFvpxf+T
LBuKVxJdcc1vaOfqzsie7aksOwU9hTYDHcX1dAhGvHjtsiIdnqIi+CAGBCk+ljPI
ZNmpoNcCN9EBKwGcqvuDUI76Z4SxknU29H4i/bIT6kDn3jj85ckyFWSYmEnRBAhq
mOXPx9hDmOg3NodmeYSZeYTegAJah7sfrwlTvK4JoazNUuHFRF0kvzEzG2c8IcJA
7Na/LgzPvpJyZpH2jeipxOxSyw831YbHk4wr+DiRA6wLeQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:31 2023 by rpki-client on console.sobornost.net