Route Origin Authorization
$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34322e302f32332d3234203d3e203530303538.roa
File: 3130342e33372e34322e302f32332d3234203d3e203530303538.roa (raw, json)
Hash identifier: b+rRYvEzJvGR/zRH7HCeul6S6ckLquX+fhFPtFeo8CM=
Subject key identifier: 4C:8E:5A:2F:BB:8D:FB:88:CC:67:54:92:29:EA:AF:96:6E:D0:06:98
Certificate issuer: /CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
Certificate serial: 22E1908AC0D2E961F832BFF92B780184128B3162
Authority key identifier: 7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer
Subject info access: rsync://repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34322e302f32332d3234203d3e203530303538.roa
Signing time: Mon 10 Apr 2023 06:24:38 +0000
ROA not before: Mon 10 Apr 2023 06:19:38 +0000
ROA not after: Mon 08 Apr 2024 06:24:38 +0000
asID: 50058
IP address blocks: 104.37.42.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:e1:90:8a:c0:d2:e9:61:f8:32:bf:f9:2b:78:01:84:12:8b:31:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
Validity
Not Before: Apr 10 06:19:38 2023 GMT
Not After : Apr 8 06:24:38 2024 GMT
Subject: CN=4C8E5A2FBB8DFB88CC67549229EAAF966ED00698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:37:51:82:c2:ff:de:7a:5d:6b:0d:bf:73:00:
fd:92:a3:c8:9b:bc:59:a9:2f:5f:2b:42:9b:27:66:
4d:7d:cb:e8:d5:92:69:4f:1a:11:65:aa:c0:3b:fe:
7a:0f:0f:6d:b9:73:f4:35:c2:44:b1:f6:2f:ec:0d:
4a:30:66:9e:08:9b:7c:63:42:44:85:42:79:b2:0a:
12:63:35:4a:f6:ec:4d:66:e1:17:01:39:60:71:40:
a1:48:74:c7:69:60:8f:c5:9c:be:e8:f5:b0:1f:2d:
b9:28:90:31:11:48:16:aa:d8:fb:c9:9b:f0:5a:67:
ac:9d:21:27:e8:e6:11:fa:05:13:96:75:3d:ea:c3:
e3:47:18:1d:56:ff:ba:ab:42:5c:3f:3d:8e:2e:7f:
99:60:84:b9:f5:44:8e:f0:6e:dd:3e:ad:e1:58:bf:
a4:71:17:21:b6:6d:b9:d8:d7:39:18:71:53:54:0a:
f6:15:e9:82:da:3e:af:6f:50:62:84:5b:57:1c:08:
4d:03:21:23:d2:15:93:ee:df:f6:84:3b:99:d7:cf:
c3:88:b9:ff:35:19:a1:67:3d:b0:ff:27:28:14:64:
c5:84:71:99:c3:3c:c8:79:9e:d7:f1:9a:97:0f:a1:
b3:ef:cd:14:e3:cf:2f:95:83:db:7e:7f:1a:22:c6:
f8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:8E:5A:2F:BB:8D:FB:88:CC:67:54:92:29:EA:AF:96:6E:D0:06:98
X509v3 Authority Key Identifier:
keyid:7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer
Subject Information Access:
Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/3130342e33372e34322e302f32332d3234203d3e203530303538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.37.42.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:3b:85:45:88:24:26:c7:f6:98:7d:b7:0b:da:36:7b:75:50:
5b:51:b3:2b:a9:be:c2:20:b4:38:19:26:f2:07:11:11:60:36:
4a:e3:db:33:81:66:85:12:4e:56:fb:bd:d3:d7:22:7b:96:65:
ab:ee:af:a1:3e:18:6b:3d:0d:01:9d:6c:63:22:05:db:60:50:
96:4e:2c:04:be:30:94:65:f3:3a:d0:81:8b:56:19:70:fe:de:
66:08:57:5b:3d:44:bb:cd:78:30:52:ca:47:9d:98:03:db:36:
7a:4e:d5:45:ba:39:47:0e:15:36:b0:2e:18:e6:74:ae:57:38:
b2:5d:61:b7:23:34:10:53:c6:15:40:54:0c:ca:e2:8f:16:c7:
ae:c1:87:35:b6:39:a7:36:54:21:8d:87:11:db:85:a1:dd:4a:
66:2f:82:f1:a0:3f:4f:48:86:18:60:4e:fc:5a:c2:58:9f:2b:
4b:76:84:df:1f:f9:b9:ff:03:56:8b:93:43:61:42:fc:4b:84:
3c:01:38:85:6b:48:7e:7a:65:f9:88:50:b5:73:ad:6e:91:4c:
75:4d:41:8a:4d:72:51:de:bd:e8:09:be:7a:e3:3c:b9:96:0a:
c9:13:fa:22:33:7f:de:16:2a:e7:94:c8:72:fa:eb:00:94:b7:
02:8f:d5:ef
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUIuGQisDS6WH4Mr/5K3gBhBKLMWIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5
YzA1ODliOTk1NmM1MWUzNTEwHhcNMjMwNDEwMDYxOTM4WhcNMjQwNDA4MDYyNDM4
WjAzMTEwLwYDVQQDEyg0QzhFNUEyRkJCOERGQjg4Q0M2NzU0OTIyOUVBQUY5NjZF
RDAwNjk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTdRgsL/3npd
aw2/cwD9kqPIm7xZqS9fK0KbJ2ZNfcvo1ZJpTxoRZarAO/56Dw9tuXP0NcJEsfYv
7A1KMGaeCJt8Y0JEhUJ5sgoSYzVK9uxNZuEXATlgcUChSHTHaWCPxZy+6PWwHy25
KJAxEUgWqtj7yZvwWmesnSEn6OYR+gUTlnU96sPjRxgdVv+6q0JcPz2OLn+ZYIS5
9USO8G7dPq3hWL+kcRchtm252Nc5GHFTVAr2FemC2j6vb1BihFtXHAhNAyEj0hWT
7t/2hDuZ18/DiLn/NRmhZz2w/ycoFGTFhHGZwzzIeZ7X8ZqXD6Gz780U488vlYPb
fn8aIsb4IQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFEyOWi+7jfuIzGdUkinqr5Zu
0AaYMB8GA1UdIwQYMBaAFH7JtdIlCMAjHBXava9RNZkLZr/tMA4GA1UdDwEB/wQE
AwIHgDBmBgNVHR8EXzBdMFugWaBXhlVyc3luYzovL3JlcG8ua2FnbC5tZS9ycGtp
L0tlYXRvbkFHTGFpci8wLzdFQzlCNUQyMjUwOEMwMjMxQzE1REFCREFGNTEzNTk5
MEI2NkJGRUQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEt
NDViZi05NTg2LTkyZGQ0OWVmMzIyMy8zOTA2NWFjYy1iZWVkLTQxMTUtYmM2Yy02
M2RlMjMyZjJhMDQvMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5YzA1
ODliOTk1NmM1MWUzNTEuY2VyMH0GCCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4Zh
cnN5bmM6Ly9yZXBvLmthZ2wubWUvcnBraS9LZWF0b25BR0xhaXIvMC8zMTMwMzQy
ZTMzMzcyZTM0MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNTMwMzAzNTM4LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBaCUqMA0GCSqGSIb3DQEBCwUAA4IBAQA6O4VFiCQmx/aYfbcL2jZ7
dVBbUbMrqb7CILQ4GSbyBxERYDZK49szgWaFEk5W+73T1yJ7lmWr7q+hPhhrPQ0B
nWxjIgXbYFCWTiwEvjCUZfM60IGLVhlw/t5mCFdbPUS7zXgwUspHnZgD2zZ6TtVF
ujlHDhU2sC4Y5nSuVziyXWG3IzQQU8YVQFQMyuKPFseuwYc1tjmnNlQhjYcR24Wh
3UpmL4LxoD9PSIYYYE78WsJYnytLdoTfH/m5/wNWi5NDYUL8S4Q8ATiFa0h+emX5
iFC1c61ukUx1TUGKTXJR3r3oCb564zy5lgrJE/oiM3/eFirnlMhy+usAlLcCj9Xv
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:16 2024 by rpki-client on console-fra.rpki-client.org