Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/kevq0O9MOvvyBbStfKZeLELcIrA.roa
File: kevq0O9MOvvyBbStfKZeLELcIrA.roa (raw, json)
Hash identifier: oVWawvgRoTrwbjqAZIbGMMdvkynQUzkTfGjIvYNRAYI=
Subject key identifier: 91:EB:EA:D0:EF:4C:3A:FB:F2:05:B4:AD:7C:A6:5E:2C:42:DC:22:B0
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAEDD917399FCAD4C17C073240ADC9
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/kevq0O9MOvvyBbStfKZeLELcIrA.roa
Signing time: Sun 01 Jan 2023 14:44:53 +0000
ROA not before: Sun 01 Jan 2023 14:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52207
IP address blocks: 2a02:2698:7c00::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ed:d9:17:39:9f:ca:d4:c1:7c:07:32:40:ad:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91ebead0ef4c3afbf205b4ad7ca65e2c42dc22b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d4:1a:d8:a0:8e:8b:43:fa:80:06:96:86:10:
07:5b:2c:94:a5:c6:76:77:97:4a:0f:76:76:86:e2:
af:f6:05:69:eb:4b:3c:df:83:17:08:49:25:d0:98:
f6:30:6e:e0:31:cf:f8:cf:32:6d:43:09:29:3a:89:
f8:7a:d5:cd:3c:f4:15:2d:30:cb:79:42:9a:6c:82:
e1:83:58:91:b5:1d:5a:a9:df:b6:7e:09:32:d0:28:
2a:13:19:62:fe:1a:4a:f7:69:13:23:ae:10:7f:22:
7b:b2:27:e8:e6:21:0d:84:57:d8:76:3e:d7:f4:0a:
48:61:2e:f7:af:f3:e9:3f:e3:75:d7:57:36:e1:26:
5c:b2:4c:b7:04:ac:bd:f1:67:90:42:fd:da:55:41:
b2:59:12:6c:35:6c:55:78:8b:73:45:0f:2c:71:66:
34:c0:e0:bb:79:44:71:c7:20:95:dd:68:db:cf:b1:
2d:25:f6:61:4b:bd:bd:42:89:e2:77:e8:19:22:3a:
11:6d:4e:fe:e2:b9:03:7e:ff:b0:da:55:5e:e6:d3:
68:04:1a:fe:69:15:96:aa:25:ca:8a:da:c5:5b:05:
8c:b1:5b:01:c8:46:d0:2e:c7:f1:25:6c:25:71:d8:
97:d1:3b:7b:2a:6b:e1:ab:be:60:c8:24:d2:34:54:
fe:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:EB:EA:D0:EF:4C:3A:FB:F2:05:B4:AD:7C:A6:5E:2C:42:DC:22:B0
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/kevq0O9MOvvyBbStfKZeLELcIrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:7c00::/38
Signature Algorithm: sha256WithRSAEncryption
d0:de:32:5f:c2:5e:f0:ee:fc:c2:d4:9e:90:d8:4a:99:3e:c6:
5d:92:da:22:de:f4:86:91:7e:05:a2:3c:00:3a:47:a4:f5:31:
16:45:56:2f:35:e8:0f:cc:7a:f0:78:87:72:e3:96:18:83:05:
68:5c:80:66:d8:f9:79:03:20:cd:6a:10:f8:9a:ed:32:06:66:
96:c2:4d:7d:a3:16:d9:38:ee:5f:61:07:90:b6:31:1b:f5:92:
08:ca:ce:38:42:a6:ad:12:a5:18:32:4f:14:9d:47:04:6c:54:
5b:ed:82:61:70:8d:ef:87:e6:3b:f7:33:16:c5:5f:77:1a:48:
cb:2b:e2:60:13:a2:0a:54:74:b8:4f:7b:da:2b:30:88:2d:6c:
15:b4:44:d0:e7:6f:79:6f:1a:10:dd:d2:af:6b:ba:f5:55:65:
88:9d:cb:c3:74:62:f3:af:c8:9c:e3:d4:d4:d1:5c:82:f4:fc:
ec:d2:ba:a1:f0:68:3f:ba:b5:23:5f:ee:f9:32:b6:3a:88:35:
ed:47:ba:7a:10:76:2e:3d:24:cd:0e:b7:de:2e:1c:0b:71:ad:
f7:8f:5a:8f:1b:4f:80:1f:e6:ec:25:46:24:d1:1a:db:36:f9:
3f:09:f2:d1:a9:3d:40:c3:a7:0b:da:95:ff:41:a3:0c:83:b4:
1f:d8:52:c3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyu3ZFzmfytTBfAcyQK3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWViZWFkMGVmNGMzYWZiZjIwNWI0YWQ3Y2E2NWUyYzQyZGMyMmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtQa2KCOi0P6gAaWhhAHWyyUpcZ2
d5dKD3Z2huKv9gVp60s834MXCEkl0Jj2MG7gMc/4zzJtQwkpOon4etXNPPQVLTDL
eUKabILhg1iRtR1aqd+2fgky0CgqExli/hpK92kTI64QfyJ7sifo5iENhFfYdj7X
9ApIYS73r/PpP+N111c24SZcsky3BKy98WeQQv3aVUGyWRJsNWxVeItzRQ8scWY0
wOC7eURxxyCV3Wjbz7EtJfZhS729Qonid+gZIjoRbU7+4rkDfv+w2lVe5tNoBBr+
aRWWqiXKitrFWwWMsVsByEbQLsfxJWwlcdiX0Tt7Kmvhq75gyCTSNFT+dwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJHr6tDvTDr78gW0rXymXixC3CKwMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEva2V2cTBPOU1PdnZ5QmJTdGZLWmVMRUxjSXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmHww
DQYJKoZIhvcNAQELBQADggEBANDeMl/CXvDu/MLUnpDYSpk+xl2S2iLe9IaRfgWi
PAA6R6T1MRZFVi816A/MevB4h3LjlhiDBWhcgGbY+XkDIM1qEPia7TIGZpbCTX2j
Ftk47l9hB5C2MRv1kgjKzjhCpq0SpRgyTxSdRwRsVFvtgmFwje+H5jv3MxbFX3ca
SMsr4mATogpUdLhPe9orMIgtbBW0RNDnb3lvGhDd0q9ruvVVZYidy8N0YvOvyJzj
1NTRXIL0/OzSuqHwaD+6tSNf7vkytjqINe1HunoQdi49JM0Ot94uHAtxrfePWo8b
T4Af5uwlRiTRGts2+T8J8tGpPUDDpwvalf9BowyDtB/YUsM=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:29 2025 by rpki-client