Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/Ksm33Kbyev8k6yNT5wVYLqhymT0.roa
File: Ksm33Kbyev8k6yNT5wVYLqhymT0.roa (raw, json)
Hash identifier: UjqamzRyYsEwhfF6DmQCtI+JDxL832kK/8+BQValS5c=
Subject key identifier: 2A:C9:B7:DC:A6:F2:7A:FF:24:EB:23:53:E7:05:58:2E:A8:72:99:3D
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 025DE2B2
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/Ksm33Kbyev8k6yNT5wVYLqhymT0.roa
Signing time: Sat 01 Jan 2022 11:01:43 +0000
ROA not before: Sat 01 Jan 2022 11:01:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211358
IP address blocks: 2a05:4140:184::/48 maxlen: 48
2a05:4140:187::/48 maxlen: 48
2a05:4140:182::/48 maxlen: 48
2a05:4140:185::/48 maxlen: 48
2a05:4140:1a0::/48 maxlen: 48
2a05:4140:190::/48 maxlen: 48
2a05:4140:183::/48 maxlen: 48
2a05:4140:186::/48 maxlen: 48
2a05:4140:181::/48 maxlen: 48
2a05:4140:1a1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39707314 (0x25de2b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 11:01:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ac9b7dca6f27aff24eb2353e705582ea872993d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e9:ac:65:c4:be:8b:13:6d:f0:35:e9:3e:fe:
67:4e:91:7d:b0:f5:42:c1:c4:2d:16:03:69:81:7e:
74:ba:4b:58:4b:cb:07:dc:b5:c6:01:9f:0f:7b:fb:
af:66:33:96:04:29:3a:f0:3b:63:89:06:fe:33:3f:
29:05:86:14:0e:45:80:0e:1b:39:b1:f1:df:b8:5f:
68:6f:83:ed:cf:24:cd:e6:f1:6d:88:93:7d:58:be:
e6:b4:31:87:a1:1d:16:46:8c:f5:de:0a:6c:50:f9:
54:0f:57:5a:88:90:db:1f:f2:65:50:2a:a8:3f:2d:
23:dc:48:f7:ec:4d:c1:a4:35:fa:fb:f3:57:62:21:
95:d0:c9:c2:4b:a7:98:ee:be:30:50:65:f6:c7:77:
6f:8f:f0:4f:24:be:b6:11:47:3f:1c:68:75:03:a9:
8d:87:06:dd:a3:a0:06:e4:f8:72:e4:b5:07:1e:95:
f3:d3:aa:0b:fc:f3:30:8d:8e:6c:3d:6b:e1:9c:8c:
3d:ec:73:14:2a:7a:47:ed:f5:4c:06:f7:a4:1c:7d:
92:89:e6:36:09:f1:02:d7:05:23:d0:b8:24:aa:ed:
6d:b4:7e:1f:0b:24:db:5c:88:55:4b:4e:3a:af:2a:
0f:81:e0:63:cf:af:ca:2c:de:21:01:66:72:ce:d1:
66:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C9:B7:DC:A6:F2:7A:FF:24:EB:23:53:E7:05:58:2E:A8:72:99:3D
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/Ksm33Kbyev8k6yNT5wVYLqhymT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:181::-2a05:4140:187:ffff:ffff:ffff:ffff:ffff
2a05:4140:190::/48
2a05:4140:1a0::/47
Signature Algorithm: sha256WithRSAEncryption
19:ce:ef:a7:a7:06:73:fd:71:06:de:5e:bc:8b:d2:b7:13:97:
59:b1:94:5c:16:14:ff:3c:9f:49:81:53:2c:57:09:58:b2:ba:
c1:de:41:82:5d:0d:e0:5b:ef:ca:a0:90:9b:f4:a3:55:d6:b1:
51:fc:a3:e8:36:1f:32:dd:1a:90:2d:d2:21:82:aa:a3:57:47:
94:a0:a5:8e:c3:51:7f:01:5f:f2:0e:a5:f9:b7:48:ec:81:d5:
a4:1a:b7:c0:da:80:8a:cc:84:5c:5f:1e:4c:e0:f2:b5:3b:33:
7c:fa:3c:f2:e5:c5:3e:8d:18:ed:a7:eb:e8:86:53:0f:2a:a5:
cc:7d:4e:57:04:80:94:9d:13:17:61:51:2d:d3:52:dd:57:cf:
1f:eb:35:25:5a:77:de:18:b8:83:c6:e1:d5:9a:af:67:7b:98:
f1:32:19:ae:32:9e:d8:16:aa:0a:90:3c:a4:11:56:e7:15:ec:
af:3e:cd:21:35:74:ae:99:90:e4:60:c8:13:4c:65:65:27:08:
02:60:df:6f:af:46:3f:2f:0a:4a:4f:fb:12:bf:0d:91:1b:6f:
1b:49:40:6a:c7:d0:33:2f:41:bd:2e:97:ab:d0:0d:3d:b9:f5:
6e:9f:c9:80:83:d8:b0:81:68:0c:3c:ca:f7:08:d7:d5:9f:65:
94:88:90:8c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEAl3isjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzRjNjBhZGViMGNkNTc2OGNmNzU2ZjU2MmIxYjVjYzViOWMxODBhMB4XDTIyMDEw
MTExMDE0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFjOWI3ZGNhNmYy
N2FmZjI0ZWIyMzUzZTcwNTU4MmVhODcyOTkzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/prGXEvosTbfA16T7+Z06RfbD1QsHELRYDaYF+dLpLWEvL
B9y1xgGfD3v7r2YzlgQpOvA7Y4kG/jM/KQWGFA5FgA4bObHx37hfaG+D7c8kzebx
bYiTfVi+5rQxh6EdFkaM9d4KbFD5VA9XWoiQ2x/yZVAqqD8tI9xI9+xNwaQ1+vvz
V2IhldDJwkunmO6+MFBl9sd3b4/wTyS+thFHPxxodQOpjYcG3aOgBuT4cuS1Bx6V
89OqC/zzMI2ObD1r4ZyMPexzFCp6R+31TAb3pBx9konmNgnxAtcFI9C4JKrtbbR+
Hwsk21yIVUtOOq8qD4HgY8+vyizeIQFmcs7RZscCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBQqybfcpvJ6/yTrI1PnBVguqHKZPTAfBgNVHSMEGDAWgBTHTGCt6wzVdoz3
VvVisbXMW5wYCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gweGdyZXNNMVhhTTkxYjFZckcxekZ1Y0dBby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvYWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8x
L0tzbTMzS2J5ZXY4azZ5TlQ1d1ZZTHFoeW1UMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
YWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8xL3gweGdyZXNNMVhh
TTkxYjFZckcxekZ1Y0dBby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAIwJjASAwcAKgVBQAGBAwcDKgVBQAGAAwcA
KgVBQAGQAwcBKgVBQAGgMA0GCSqGSIb3DQEBCwUAA4IBAQAZzu+npwZz/XEG3l68
i9K3E5dZsZRcFhT/PJ9JgVMsVwlYsrrB3kGCXQ3gW+/KoJCb9KNV1rFR/KPoNh8y
3RqQLdIhgqqjV0eUoKWOw1F/AV/yDqX5t0jsgdWkGrfA2oCKzIRcXx5M4PK1OzN8
+jzy5cU+jRjtp+vohlMPKqXMfU5XBICUnRMXYVEt01LdV88f6zUlWnfeGLiDxuHV
mq9ne5jxMhmuMp7YFqoKkDykEVbnFeyvPs0hNXSumZDkYMgTTGVlJwgCYN9vr0Y/
LwpKT/sSvw2RG28bSUBqx9AzL0G9Lper0A09ufVun8mAg9iwgWgMPMr3CNfVn2WU
iJCM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:53 2023 by rpki-client on console-ams.rpki-client.org