Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/HKY0f-IzPaV3Zbk6ctDBCJz3g7k.roa
File: HKY0f-IzPaV3Zbk6ctDBCJz3g7k.roa (raw, json)
Hash identifier: l0lUCbX+uU+oFwg5VZiLz0ApEYNtIm8WyV3qtGi4tCY=
Subject key identifier: 1C:A6:34:7F:E2:33:3D:A5:77:65:B9:3A:72:D0:C1:08:9C:F7:83:B9
Certificate issuer: /CN=a5a56ebf01e00349f673019180560c9a31aea871
Certificate serial: 0183D8DE1598BAAAF3B5620B4846A3CC07B6
Authority key identifier: A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/HKY0f-IzPaV3Zbk6ctDBCJz3g7k.roa
Signing time: Fri 14 Oct 2022 23:39:36 +0000
ROA not before: Fri 14 Oct 2022 23:39:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44445
IP address blocks: 2a12:c6c1::/32 maxlen: 48
2a12:c6c0::/29 maxlen: 64
2a12:c6c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d8:de:15:98:ba:aa:f3:b5:62:0b:48:46:a3:cc:07:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a56ebf01e00349f673019180560c9a31aea871
Validity
Not Before: Oct 14 23:39:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ca6347fe2333da57765b93a72d0c1089cf783b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b1:9c:20:7f:d3:f0:b6:73:54:25:48:34:c3:
a5:8d:41:80:f2:ef:88:23:7d:96:14:d4:e9:9e:d2:
b3:80:83:85:6a:b6:7f:4e:7f:68:dc:bc:2a:86:18:
02:b1:bc:ff:48:47:d7:ab:de:17:68:09:64:ab:7e:
ab:0c:37:f7:1d:0d:f4:43:5e:98:1f:fd:c7:ea:7a:
09:a9:d3:6b:1f:21:ec:2d:5c:29:e5:d9:93:51:af:
c4:ce:ed:96:64:96:30:b7:76:b1:38:c7:53:c8:71:
ff:75:ca:89:f2:ab:01:e9:6e:6a:e4:10:c6:81:06:
8e:50:6a:26:e7:56:f6:3c:4d:41:93:e5:cb:62:13:
c9:5a:56:a6:27:c5:90:d1:7c:d0:72:d5:ac:89:47:
01:7b:96:f4:d0:59:ee:dd:61:24:75:69:c9:ee:ec:
6f:2f:f0:cc:9e:92:d9:1a:c2:29:26:1c:5e:7a:a2:
94:15:52:0c:8a:87:fb:7a:4a:4d:fc:ba:92:8e:86:
a9:59:15:64:1c:ed:52:b8:57:f9:aa:f1:05:5c:15:
55:c8:5d:a4:38:0a:97:0f:a0:d2:f2:7d:81:53:dd:
ba:ce:bb:07:b9:98:de:c9:c3:1a:1f:f3:7f:c5:fc:
63:ec:d9:90:2d:2c:1a:0b:da:b8:68:42:35:98:03:
f3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A6:34:7F:E2:33:3D:A5:77:65:B9:3A:72:D0:C1:08:9C:F7:83:B9
X509v3 Authority Key Identifier:
keyid:A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/HKY0f-IzPaV3Zbk6ctDBCJz3g7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:c6c0::/29
Signature Algorithm: sha256WithRSAEncryption
b8:ca:ba:a4:8c:00:46:86:b5:05:57:73:f7:f2:46:fc:b5:d7:
48:07:69:fc:19:fc:0d:2e:9b:c9:1e:39:d7:1b:44:29:4f:5d:
a6:9d:89:a6:b3:5b:66:85:8b:29:44:32:31:d7:6a:20:22:f5:
a4:28:11:f3:b7:49:95:50:5a:50:71:4c:95:27:3d:0a:7d:78:
8d:1b:41:af:47:01:13:dc:04:32:ba:ab:a9:31:c2:da:b3:f5:
ca:3c:0d:85:ac:59:e4:83:f7:b8:80:74:c8:39:ba:66:d7:ae:
8f:ab:2a:86:7b:9b:57:fd:ab:52:59:d4:0b:77:df:61:42:91:
34:65:46:4b:e9:08:44:1c:c6:80:82:3b:b8:ab:c1:8a:3c:a5:
5d:2b:65:a3:d3:67:3d:2a:7a:49:2c:63:34:8e:56:ac:9c:76:
c8:59:4f:29:a6:8b:d0:3c:6d:36:4a:6b:28:ae:34:c7:17:04:
b0:b5:97:86:20:aa:93:92:f8:2c:6e:77:f3:44:8e:c0:4a:0f:
cf:b6:72:c4:84:07:75:d6:cb:f9:b6:3c:41:25:69:d3:9e:1c:
d8:aa:6d:0c:99:d9:b5:9e:be:d2:88:22:c5:fb:51:fc:f3:81:
6f:77:58:f0:d0:4e:ac:2f:80:a0:18:e4:47:2e:de:d6:44:9d:
2b:9e:ba:40
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYPY3hWYuqrztWILSEajzAe2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTU2ZWJmMDFlMDAzNDlmNjczMDE5MTgwNTYwYzlhMzFh
ZWE4NzEwHhcNMjIxMDE0MjMzOTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2E2MzQ3ZmUyMzMzZGE1Nzc2NWI5M2E3MmQwYzEwODljZjc4M2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibGcIH/T8LZzVCVINMOljUGA8u+I
I32WFNTpntKzgIOFarZ/Tn9o3LwqhhgCsbz/SEfXq94XaAlkq36rDDf3HQ30Q16Y
H/3H6noJqdNrHyHsLVwp5dmTUa/Ezu2WZJYwt3axOMdTyHH/dcqJ8qsB6W5q5BDG
gQaOUGom51b2PE1Bk+XLYhPJWlamJ8WQ0XzQctWsiUcBe5b00Fnu3WEkdWnJ7uxv
L/DMnpLZGsIpJhxeeqKUFVIMiof7ekpN/LqSjoapWRVkHO1SuFf5qvEFXBVVyF2k
OAqXD6DS8n2BU926zrsHuZjeycMaH/N/xfxj7NmQLSwaC9q4aEI1mAPzcQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBymNH/iMz2ld2W5OnLQwQic94O5MB8GA1UdIwQY
MBaAFKWlbr8B4ANJ9nMBkYBWDJoxrqhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQt
MmQ0NmQzMGRhY2JmLzEvSEtZMGYtSXpQYVYzWmJrNmN0REJDSnozZzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQtMmQ0NmQzMGRhY2Jm
LzEvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhLGwDAN
BgkqhkiG9w0BAQsFAAOCAQEAuMq6pIwARoa1BVdz9/JG/LXXSAdp/Bn8DS6byR45
1xtEKU9dpp2JprNbZoWLKUQyMddqICL1pCgR87dJlVBaUHFMlSc9Cn14jRtBr0cB
E9wEMrqrqTHC2rP1yjwNhaxZ5IP3uIB0yDm6Zteuj6sqhnubV/2rUlnUC3ffYUKR
NGVGS+kIRBzGgII7uKvBijylXStlo9NnPSp6SSxjNI5WrJx2yFlPKaaL0DxtNkpr
KK40xxcEsLWXhiCqk5L4LG5380SOwEoPz7ZyxIQHddbL+bY8QSVp054c2KptDJnZ
tZ6+0ogixftR/POBb3dY8NBOrC+AoBjkRy7e1kSdK566QA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:55 2023 by rpki-client on console.sobornost.net