Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/kwOsndM-nV1UuG0SJRZo-JXt2oA.roa
File: kwOsndM-nV1UuG0SJRZo-JXt2oA.roa (raw, json)
Hash identifier: P27H3Tjhq2+T6EzpsjD1KVKvRqoBgFBUly2AO3lx7R0=
Subject key identifier: 93:03:AC:9D:D3:3E:9D:5D:54:B8:6D:12:25:16:68:F8:95:ED:DA:80
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 01855EDD554D6B51E890B581DE7AB52A5C50
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/kwOsndM-nV1UuG0SJRZo-JXt2oA.roa
Signing time: Thu 29 Dec 2022 17:10:41 +0000
ROA not before: Thu 29 Dec 2022 17:10:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a0d:ecc0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5e:dd:55:4d:6b:51:e8:90:b5:81:de:7a:b5:2a:5c:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Dec 29 17:10:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9303ac9dd33e9d5d54b86d12251668f895edda80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6c:0c:67:61:a3:84:6d:69:2c:29:e1:f0:0f:
bf:d7:7d:a7:5d:92:ea:14:60:d0:33:3c:9e:99:fa:
52:98:aa:3e:7d:c0:61:cc:c9:3c:35:1b:1d:2b:02:
00:b2:70:b9:9c:62:a2:18:ac:52:13:21:38:9a:16:
76:4d:f8:84:29:84:49:ba:46:a7:26:18:7e:dc:56:
a7:70:a2:e4:04:14:b4:aa:cb:91:7d:94:65:c4:9e:
13:27:bc:72:cb:27:6b:0f:80:32:be:d2:48:9f:6e:
fb:11:8f:c7:48:f6:79:2f:74:70:83:60:35:99:2e:
17:eb:58:59:82:a6:04:aa:6c:a9:03:94:af:97:0b:
7e:02:9b:0c:c4:3a:4a:49:58:2d:e1:cd:11:ae:fb:
fb:10:88:62:e2:78:7d:d6:61:5a:ff:7c:82:66:1c:
98:09:d5:ef:83:e6:fd:32:68:7b:4e:8c:cf:37:0e:
1f:56:ee:89:1d:54:e0:f4:d0:eb:88:dd:a5:a8:26:
2f:3f:a9:f4:9a:ff:04:7f:09:8a:f9:75:c6:f1:54:
6f:9a:c8:c6:6d:ad:a3:a3:f0:4c:54:d3:ba:49:db:
5c:a3:dc:52:51:8f:08:97:27:56:09:f2:61:bd:aa:
66:70:a7:8c:5f:b7:81:19:99:3c:e5:da:1f:a8:81:
f7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:03:AC:9D:D3:3E:9D:5D:54:B8:6D:12:25:16:68:F8:95:ED:DA:80
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/kwOsndM-nV1UuG0SJRZo-JXt2oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
08:0e:7a:1a:40:56:3e:cb:a9:30:9a:9d:f3:b5:d4:dd:7e:fe:
c1:35:7e:e4:16:69:87:7a:f3:ca:1b:0e:3c:38:eb:ee:69:cd:
bb:32:52:b5:72:19:44:d1:0f:05:83:f8:d5:46:f5:c4:51:26:
70:b6:2b:16:ef:95:a9:91:d4:75:57:03:bf:d8:ed:b9:dd:f8:
71:32:36:36:4c:da:d5:88:56:ca:1b:ff:a4:17:bb:9a:50:98:
95:c4:c4:e3:ad:07:2e:00:b5:32:ac:9d:48:29:b4:31:76:65:
38:9a:b4:d4:c3:10:e9:6d:7a:b5:f1:9d:23:42:0a:15:cf:d9:
83:26:89:6a:a9:12:e5:50:d3:c7:4f:a9:eb:6c:8f:a7:d2:ba:
e6:cb:c6:06:1e:7d:5b:98:d3:37:25:92:12:cd:93:82:04:1e:
9f:32:7c:f4:b0:f7:c1:42:08:4f:84:aa:54:3d:d8:67:98:a2:
18:4c:37:8f:5d:9a:53:1f:c6:4b:2e:73:27:85:67:42:2c:5a:
ac:f6:d6:23:e2:42:50:1f:42:26:89:fa:97:19:7a:f9:dc:32:
e0:f9:ce:d5:13:6a:e9:6b:00:16:8d:e5:41:ee:bd:44:1d:66:
3a:6d:2d:6d:32:d4:59:c4:64:74:3d:e0:6f:42:1d:d3:ff:1c:
e3:4e:9d:61
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVe3VVNa1HokLWB3nq1KlxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjIxMjI5MTcxMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzAzYWM5ZGQzM2U5ZDVkNTRiODZkMTIyNTE2NjhmODk1ZWRkYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWwMZ2GjhG1pLCnh8A+/132nXZLq
FGDQMzyemfpSmKo+fcBhzMk8NRsdKwIAsnC5nGKiGKxSEyE4mhZ2TfiEKYRJukan
Jhh+3FancKLkBBS0qsuRfZRlxJ4TJ7xyyydrD4AyvtJIn277EY/HSPZ5L3Rwg2A1
mS4X61hZgqYEqmypA5Svlwt+ApsMxDpKSVgt4c0Rrvv7EIhi4nh91mFa/3yCZhyY
CdXvg+b9Mmh7TozPNw4fVu6JHVTg9NDriN2lqCYvP6n0mv8EfwmK+XXG8VRvmsjG
ba2jo/BMVNO6Sdtco9xSUY8IlydWCfJhvapmcKeMX7eBGZk85dofqIH3twIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJMDrJ3TPp1dVLhtEiUWaPiV7dqAMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEva3dPc25kTS1uVjFVdUcwU0pSWm8tSlh0Mm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg3swDAN
BgkqhkiG9w0BAQsFAAOCAQEACA56GkBWPsupMJqd87XU3X7+wTV+5BZph3rzyhsO
PDjr7mnNuzJStXIZRNEPBYP41Ub1xFEmcLYrFu+VqZHUdVcDv9jtud34cTI2Nkza
1YhWyhv/pBe7mlCYlcTE460HLgC1MqydSCm0MXZlOJq01MMQ6W16tfGdI0IKFc/Z
gyaJaqkS5VDTx0+p62yPp9K65svGBh59W5jTNyWSEs2TggQenzJ89LD3wUIIT4Sq
VD3YZ5iiGEw3j12aUx/GSy5zJ4VnQixarPbWI+JCUB9CJon6lxl6+dwy4PnO1RNq
6WsAFo3lQe69RB1mOm0tbTLUWcRkdD3gb0Id0/8c406dYQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:34 2023 by rpki-client on console-fra.rpki-client.org