Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/ckaKbmJQ60yYa2TzQZxYge3UyBo.roa
File: ckaKbmJQ60yYa2TzQZxYge3UyBo.roa (raw, json)
Hash identifier: g5oMCSolGmsMusI5Viz9joaLRTKD82hB9lNAiBoEeXc=
Subject key identifier: 72:46:8A:6E:62:50:EB:4C:98:6B:64:F3:41:9C:58:81:ED:D4:C8:1A
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 2CA7F6E1
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/ckaKbmJQ60yYa2TzQZxYge3UyBo.roa
Signing time: Sat 01 Jan 2022 04:59:37 +0000
ROA not before: Sat 01 Jan 2022 04:59:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51373
IP address blocks: 2001:1a68:14::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 749205217 (0x2ca7f6e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 1 04:59:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72468a6e6250eb4c986b64f3419c5881edd4c81a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:41:43:e5:6b:d8:5d:f3:15:52:19:15:15:6a:
dc:71:15:df:50:2d:74:dd:03:87:3f:3b:8b:ac:88:
36:4c:e9:f7:81:c7:73:9f:33:bd:4e:46:a7:53:4a:
ed:c9:65:bf:ad:7a:a9:7d:a1:8f:2f:6a:8d:d9:3c:
34:ad:d4:b4:53:88:a5:10:18:67:eb:44:76:45:1f:
a8:06:42:fa:09:0e:d9:a9:52:09:9b:7c:35:dd:5d:
cf:05:4e:46:89:14:e4:f7:24:9f:5e:d5:48:c2:56:
c1:79:1d:ee:fd:88:f0:03:a2:03:6a:ad:96:c5:eb:
e5:2c:fc:7e:aa:eb:58:fd:3f:5b:3e:f1:eb:2c:27:
9e:9b:7c:75:54:34:d6:f3:a4:fb:42:18:f4:54:31:
d3:76:85:e7:8a:0c:1e:50:07:25:de:90:eb:ca:93:
6e:52:f9:37:6b:08:8e:ec:d7:b4:b5:2a:83:ac:9b:
ae:e8:18:46:64:12:75:a9:35:98:fc:a1:3e:ae:86:
2e:ca:85:80:ce:5f:1e:78:5c:06:99:38:a9:b1:0f:
b4:de:80:73:d7:f1:d6:62:b2:34:35:97:dd:61:6a:
9d:43:c4:dc:21:8d:ab:46:c0:34:e8:e6:ef:fb:db:
8b:83:5a:7a:1f:33:e3:17:b2:ac:6e:2a:b8:0a:62:
34:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:46:8A:6E:62:50:EB:4C:98:6B:64:F3:41:9C:58:81:ED:D4:C8:1A
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/ckaKbmJQ60yYa2TzQZxYge3UyBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:1a68:14::/48
Signature Algorithm: sha256WithRSAEncryption
04:3b:d7:87:bb:c6:71:39:c1:50:9d:35:59:3f:15:c8:78:82:
52:5d:fd:2b:3c:91:87:0e:d3:63:38:96:78:ec:c5:e9:7c:e0:
c1:96:64:fa:df:1b:4b:a5:6d:0b:97:ca:eb:06:dd:30:6d:46:
2b:f1:4c:c4:d5:56:72:ed:c6:50:2f:a4:2b:89:de:b4:cb:d7:
e9:6b:41:32:fa:2c:5a:dc:56:46:69:f9:ae:0c:5f:10:20:1e:
93:16:40:2f:25:d4:0f:e1:eb:aa:76:b1:75:64:49:11:2e:09:
2d:6c:be:de:81:21:18:22:74:db:89:40:af:c1:ed:03:8b:24:
b9:18:88:97:e8:47:02:b2:13:59:17:ea:53:e7:4f:7c:2c:df:
d8:eb:06:0b:4b:1e:f5:b8:9d:dd:a2:23:b7:d4:94:2c:50:b5:
8e:01:9a:a1:73:04:13:03:a8:39:bd:65:7c:35:bd:ec:ef:d0:
b9:80:42:d6:08:3c:b0:7a:e2:0a:5c:2d:af:b7:b8:33:da:42:
8e:a9:5a:ee:1d:45:b3:3f:08:f6:54:46:e8:51:55:c5:7b:8b:
de:ed:ba:57:14:66:8d:9b:4b:6c:d7:c7:30:5f:48:ba:56:74:
e2:06:0a:8b:0e:f6:c1:18:01:fb:84:96:fe:6b:ff:e2:88:6a:
9d:df:dc:70
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIELKf24TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGM1MTBmYzliODY1ZDk2ZTNhZmM3YzU2MDU2ZWZhZDlhMzMwYzViMB4XDTIyMDEw
MTA0NTkzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzI0NjhhNmU2MjUw
ZWI0Yzk4NmI2NGYzNDE5YzU4ODFlZGQ0YzgxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhBQ+Vr2F3zFVIZFRVq3HEV31AtdN0Dhz87i6yINkzp94HH
c58zvU5Gp1NK7cllv616qX2hjy9qjdk8NK3UtFOIpRAYZ+tEdkUfqAZC+gkO2alS
CZt8Nd1dzwVORokU5Pckn17VSMJWwXkd7v2I8AOiA2qtlsXr5Sz8fqrrWP0/Wz7x
6ywnnpt8dVQ01vOk+0IY9FQx03aF54oMHlAHJd6Q68qTblL5N2sIjuzXtLUqg6yb
rugYRmQSdak1mPyhPq6GLsqFgM5fHnhcBpk4qbEPtN6Ac9fx1mKyNDWX3WFqnUPE
3CGNq0bANOjm7/vbi4Naeh8z4xeyrG4quApiNBkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRyRopuYlDrTJhrZPNBnFiB7dTIGjAfBgNVHSMEGDAWgBRoxRD8m4ZdluOv
x8VgVu+tmjMMWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FNVVFfSnVHWFpianI4ZkZZRmJ2clpvekRGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8x
L2NrYUtibUpRNjB5WWEyVHpRWnhZZ2UzVXlCby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
ZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8xL2FNVVFfSnVHWFpi
anI4ZkZZRmJ2clpvekRGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABGmgAFDANBgkqhkiG9w0BAQsF
AAOCAQEABDvXh7vGcTnBUJ01WT8VyHiCUl39KzyRhw7TYziWeOzF6XzgwZZk+t8b
S6VtC5fK6wbdMG1GK/FMxNVWcu3GUC+kK4netMvX6WtBMvosWtxWRmn5rgxfECAe
kxZALyXUD+HrqnaxdWRJES4JLWy+3oEhGCJ024lAr8HtA4skuRiIl+hHArITWRfq
U+dPfCzf2OsGC0se9bid3aIjt9SULFC1jgGaoXMEEwOoOb1lfDW97O/QuYBC1gg8
sHriClwtr7e4M9pCjqla7h1Fsz8I9lRG6FFVxXuL3u26VxRmjZtLbNfHMF9IulZ0
4gYKiw72wRgB+4SW/mv/4ohqnd/ccA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:45 2025 by rpki-client