Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/99488d-3bd6-462a-9cc8-9bc3816a0e15/1/KKTNgSsX-MIdjp8k2LogMRB9Iqw.roa
File: KKTNgSsX-MIdjp8k2LogMRB9Iqw.roa (raw, json)
Hash identifier: dXYEvpW+i84sFCiY0d69Xw8o4B89iOLIxk7iQLbSX/0=
Subject key identifier: 28:A4:CD:81:2B:17:F8:C2:1D:8E:9F:24:D8:BA:20:31:10:7D:22:AC
Certificate issuer: /CN=3f501b4b8afc239ce256cd1d391d7174f93b2515
Certificate serial: 0128C8
Authority key identifier: 3F:50:1B:4B:8A:FC:23:9C:E2:56:CD:1D:39:1D:71:74:F9:3B:25:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P1AbS4r8I5ziVs0dOR1xdPk7JRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/99488d-3bd6-462a-9cc8-9bc3816a0e15/1/KKTNgSsX-MIdjp8k2LogMRB9Iqw.roa
Signing time: Fri 14 Jan 2022 18:05:36 +0000
ROA not before: Fri 14 Jan 2022 18:05:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a11:5740::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75976 (0x128c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f501b4b8afc239ce256cd1d391d7174f93b2515
Validity
Not Before: Jan 14 18:05:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28a4cd812b17f8c21d8e9f24d8ba2031107d22ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c8:dc:79:f7:f2:8f:66:ab:59:5f:45:74:0f:
29:6a:95:91:ed:19:6c:d6:55:a3:62:74:40:bd:be:
a1:69:27:c9:30:62:da:91:16:b1:0b:74:75:c9:9e:
25:91:ca:2d:2f:41:96:7b:7c:67:f5:37:6b:f6:72:
03:95:c6:70:1a:4c:a5:e0:9a:4a:66:6e:72:e7:08:
88:db:95:19:71:d6:d9:a6:f2:2e:e1:2c:43:d1:23:
e5:ea:88:e8:d1:e1:56:cb:9a:9a:26:b1:58:24:d6:
f2:83:37:35:2a:7b:c3:ab:ab:fc:8d:d8:da:f0:19:
6f:77:78:d4:07:a0:42:41:66:b7:f2:39:dc:16:5b:
58:e6:4a:e2:50:1a:17:f6:0d:26:4b:7c:80:5e:dd:
49:d0:71:e1:f4:21:a1:b1:32:a9:2f:fe:2f:a6:b9:
86:57:26:89:84:2e:43:09:85:2a:48:9b:89:51:29:
42:5e:83:b8:97:6d:ee:b3:1a:3b:c6:a4:98:4a:74:
b2:d1:a9:05:bf:13:6f:2c:41:38:1a:8d:6a:fb:08:
8e:b2:18:65:b0:fa:00:c7:8b:d6:f8:a9:99:b9:a8:
aa:a7:ff:40:1a:7a:76:68:41:a5:6e:fe:45:43:e7:
0d:54:bc:03:f1:5f:d4:1e:29:64:66:a4:12:3f:30:
fb:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A4:CD:81:2B:17:F8:C2:1D:8E:9F:24:D8:BA:20:31:10:7D:22:AC
X509v3 Authority Key Identifier:
keyid:3F:50:1B:4B:8A:FC:23:9C:E2:56:CD:1D:39:1D:71:74:F9:3B:25:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P1AbS4r8I5ziVs0dOR1xdPk7JRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/99488d-3bd6-462a-9cc8-9bc3816a0e15/1/KKTNgSsX-MIdjp8k2LogMRB9Iqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/99488d-3bd6-462a-9cc8-9bc3816a0e15/1/P1AbS4r8I5ziVs0dOR1xdPk7JRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5740::/29
Signature Algorithm: sha256WithRSAEncryption
48:3c:b6:02:b3:d6:f2:69:2f:f9:70:ef:6d:d7:c7:65:a2:24:
7d:53:37:20:9b:0e:c0:1b:81:1b:da:e1:06:0c:27:c5:59:0a:
4c:f9:39:9b:81:0f:9e:2d:7f:01:83:a0:bb:d4:80:75:d2:5e:
4d:da:1e:94:7c:3e:e9:59:ae:67:6f:1e:1e:46:ef:07:6e:76:
a6:60:2f:f5:d8:30:aa:e9:f6:b9:5f:cb:2a:d0:d7:de:0e:aa:
f8:4a:9d:95:ef:fa:e3:6a:b2:bb:ab:89:81:07:6a:1c:64:95:
92:d0:a6:51:5f:e6:99:fb:2a:e5:c5:fb:4c:fd:69:c3:7c:29:
5e:07:a9:e5:45:31:7b:6d:de:64:3a:85:aa:aa:5a:23:6a:81:
94:be:2c:3b:16:4e:59:24:50:63:3b:b7:b5:27:cb:13:69:30:
05:ee:4d:bb:56:b7:17:99:81:5e:5f:bd:07:c4:32:52:65:4d:
58:8a:db:4f:94:c4:bb:dd:66:11:6d:39:9f:e7:7a:66:7c:bb:
d1:a5:7a:9b:f2:fa:65:eb:68:9d:fb:41:ad:9b:0f:c3:5c:fb:
d9:85:72:54:49:34:76:a8:5f:2b:d7:d0:77:ef:29:dd:78:3f:
15:53:59:29:fc:a2:f1:43:8f:d2:10:a4:59:66:7b:2b:c4:82:
48:ef:8b:35
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDASjIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNm
NTAxYjRiOGFmYzIzOWNlMjU2Y2QxZDM5MWQ3MTc0ZjkzYjI1MTUwHhcNMjIwMTE0
MTgwNTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOGE0Y2Q4MTJiMTdm
OGMyMWQ4ZTlmMjRkOGJhMjAzMTEwN2QyMmFjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAl8jceffyj2arWV9FdA8papWR7Rls1lWjYnRAvb6haSfJMGLa
kRaxC3R1yZ4lkcotL0GWe3xn9Tdr9nIDlcZwGkyl4JpKZm5y5wiI25UZcdbZpvIu
4SxD0SPl6ojo0eFWy5qaJrFYJNbygzc1KnvDq6v8jdja8Blvd3jUB6BCQWa38jnc
FltY5kriUBoX9g0mS3yAXt1J0HHh9CGhsTKpL/4vprmGVyaJhC5DCYUqSJuJUSlC
XoO4l23usxo7xqSYSnSy0akFvxNvLEE4Go1q+wiOshhlsPoAx4vW+KmZuaiqp/9A
Gnp2aEGlbv5FQ+cNVLwD8V/UHilkZqQSPzD76wIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFCikzYErF/jCHY6fJNi6IDEQfSKsMB8GA1UdIwQYMBaAFD9QG0uK/COc4lbN
HTkdcXT5OyUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UDFBYlM0cjhJNXppVnMwZE9SMXhkUGs3SlJVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yMi85OTQ4OGQtM2JkNi00NjJhLTljYzgtOWJjMzgxNmEwZTE1LzEv
S0tUTmdTc1gtTUlkanA4azJMb2dNUkI5SXF3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi85
OTQ4OGQtM2JkNi00NjJhLTljYzgtOWJjMzgxNmEwZTE1LzEvUDFBYlM0cjhJNXpp
VnMwZE9SMXhkUGs3SlJVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFXQDANBgkqhkiG9w0BAQsFAAOC
AQEASDy2ArPW8mkv+XDvbdfHZaIkfVM3IJsOwBuBG9rhBgwnxVkKTPk5m4EPni1/
AYOgu9SAddJeTdoelHw+6VmuZ28eHkbvB252pmAv9dgwqun2uV/LKtDX3g6q+Eqd
le/642qyu6uJgQdqHGSVktCmUV/mmfsq5cX7TP1pw3wpXgep5UUxe23eZDqFqqpa
I2qBlL4sOxZOWSRQYzu3tSfLE2kwBe5Nu1a3F5mBXl+9B8QyUmVNWIrbT5TEu91m
EW05n+d6Zny70aV6m/L6ZetonftBrZsPw1z72YVyVEk0dqhfK9fQd+8p3Xg/FVNZ
Kfyi8UOP0hCkWWZ7K8SCSO+LNQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:01 2023 by rpki-client on console-ams.rpki-client.org