Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/kypoCvIXrS54JMYBG2l1HnevE4I.roa
File: kypoCvIXrS54JMYBG2l1HnevE4I.roa (raw, json)
Hash identifier: ZyL21bLU+zTP2yAd3HafLCPthvnZCUqI1k2pa8NI85g=
Subject key identifier: 93:2A:68:0A:F2:17:AD:2E:78:24:C6:01:1B:69:75:1E:77:AF:13:82
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 0184D2B5CF13EDE550E63924D9C60BB04F3C
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/kypoCvIXrS54JMYBG2l1HnevE4I.roa
Signing time: Fri 02 Dec 2022 12:00:41 +0000
ROA not before: Fri 02 Dec 2022 12:00:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212789
IP address blocks: 2a0e:a6c7:1000::/38 maxlen: 48
2a0e:a6c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:b5:cf:13:ed:e5:50:e6:39:24:d9:c6:0b:b0:4f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Dec 2 12:00:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=932a680af217ad2e7824c6011b69751e77af1382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2f:e8:4e:d7:c9:53:56:a0:90:5f:61:a9:f6:
9e:f1:76:4b:aa:21:38:46:c0:51:b7:07:e3:c8:2b:
9e:a0:4f:ee:96:2c:51:92:82:ed:fa:a3:06:c0:7a:
78:3f:19:cb:38:3f:5b:94:6c:3f:82:9c:e7:62:47:
5c:14:fa:56:59:9c:b7:f2:1c:1a:e3:c8:d5:2d:1e:
f2:dd:42:e4:bd:d9:bc:1a:ae:6f:f3:47:cc:f3:f8:
07:e9:dc:69:56:fb:bc:47:04:81:78:2b:89:db:ea:
e3:67:8e:a6:17:6b:1e:29:f3:5a:77:85:21:ed:75:
c6:6a:9f:d0:2c:d2:e5:06:b7:13:bd:ca:78:1f:f2:
17:91:b4:1d:a5:d5:ad:58:5c:fe:79:b9:7d:89:a7:
11:af:e3:4d:a6:e1:e8:d0:a8:9c:2b:8c:03:91:c5:
e7:54:5d:c4:d4:58:eb:dd:72:22:c9:7b:f5:e8:42:
9c:5a:f7:71:d9:bf:67:93:10:72:c0:7d:0c:4f:d3:
56:dd:b3:6d:38:72:60:88:ce:49:84:13:a6:79:fe:
a0:f2:24:e8:7e:62:ab:b5:87:6d:f7:58:8e:57:3b:
43:e0:87:6f:bd:54:09:46:03:2c:07:c1:82:80:ab:
17:80:e9:e0:ae:63:b7:13:e5:ae:3c:f1:79:b7:e2:
ed:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:2A:68:0A:F2:17:AD:2E:78:24:C6:01:1B:69:75:1E:77:AF:13:82
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/kypoCvIXrS54JMYBG2l1HnevE4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:a6c7::/32
Signature Algorithm: sha256WithRSAEncryption
8c:e4:bb:c0:84:90:f2:72:2f:76:cf:c6:f5:35:d6:de:64:c1:
ac:34:e2:22:e3:8f:82:2b:2b:af:32:b3:60:d5:c8:e6:a1:e1:
92:b3:0a:f2:f8:2f:5f:cc:a5:8d:57:8f:d0:8c:7c:21:8d:88:
ae:59:bc:1b:02:71:0e:9b:60:e9:17:e2:66:7e:53:2d:b3:9e:
36:f8:05:7d:94:ee:ec:85:71:9b:86:69:50:f1:4a:1d:c1:e8:
f9:f5:2b:64:f0:f1:46:73:c0:c3:e6:3e:0b:95:ea:5a:86:4b:
98:3e:4e:b7:37:2b:32:9c:cd:67:7f:50:9b:23:0e:7b:bb:7d:
fc:fa:c5:32:02:4d:e0:06:41:49:e9:19:f7:d4:ea:5a:ad:63:
d4:e1:9f:23:19:07:88:53:61:72:43:5a:54:55:a6:3c:00:ce:
69:1d:71:4a:00:d1:74:a7:bd:65:10:e0:ed:ab:8d:dd:8e:06:
58:ef:7f:49:70:97:8f:11:92:40:71:17:08:64:d4:ad:87:6c:
4b:04:e0:11:37:d5:41:a5:97:a9:84:7c:97:82:1e:40:24:01:
c9:b8:3b:14:3a:96:2f:4a:2d:b3:3f:67:b3:43:99:c0:66:ce:
26:27:33:12:ed:a6:94:1b:34:51:9a:f3:3b:59:77:e3:5c:82:
0c:c4:7a:31
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYTStc8T7eVQ5jkk2cYLsE88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjIxMjAyMTIwMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzJhNjgwYWYyMTdhZDJlNzgyNGM2MDExYjY5NzUxZTc3YWYxMzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiS/oTtfJU1agkF9hqfae8XZLqiE4
RsBRtwfjyCueoE/ulixRkoLt+qMGwHp4PxnLOD9blGw/gpznYkdcFPpWWZy38hwa
48jVLR7y3ULkvdm8Gq5v80fM8/gH6dxpVvu8RwSBeCuJ2+rjZ46mF2seKfNad4Uh
7XXGap/QLNLlBrcTvcp4H/IXkbQdpdWtWFz+ebl9iacRr+NNpuHo0KicK4wDkcXn
VF3E1Fjr3XIiyXv16EKcWvdx2b9nkxBywH0MT9NW3bNtOHJgiM5JhBOmef6g8iTo
fmKrtYdt91iOVztD4IdvvVQJRgMsB8GCgKsXgOngrmO3E+WuPPF5t+LtswIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJMqaAryF60ueCTGARtpdR53rxOCMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEva3lwb0N2SVhyUzU0Sk1ZQkcybDFIbmV2RTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg6mxzAN
BgkqhkiG9w0BAQsFAAOCAQEAjOS7wISQ8nIvds/G9TXW3mTBrDTiIuOPgisrrzKz
YNXI5qHhkrMK8vgvX8yljVeP0Ix8IY2Irlm8GwJxDptg6RfiZn5TLbOeNvgFfZTu
7IVxm4ZpUPFKHcHo+fUrZPDxRnPAw+Y+C5XqWoZLmD5OtzcrMpzNZ39QmyMOe7t9
/PrFMgJN4AZBSekZ99TqWq1j1OGfIxkHiFNhckNaVFWmPADOaR1xSgDRdKe9ZRDg
7auN3Y4GWO9/SXCXjxGSQHEXCGTUrYdsSwTgETfVQaWXqYR8l4IeQCQBybg7FDqW
L0otsz9ns0OZwGbOJiczEu2mlBs0UZrzO1l341yCDMR6MQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:21 2024 by rpki-client on console-ams.rpki-client.org