Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/KVQL7Kq1IH7S5eANjSe8ws2d77E.roa
File: KVQL7Kq1IH7S5eANjSe8ws2d77E.roa (raw, json)
Hash identifier: ye94lC/QBmTbhZX+cjyfz+gE7z4oa/aJm0YAEyUy+pk=
Subject key identifier: 29:54:0B:EC:AA:B5:20:7E:D2:E5:E0:0D:8D:27:BC:C2:CD:9D:EF:B1
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 08CE6B4C
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/KVQL7Kq1IH7S5eANjSe8ws2d77E.roa
Signing time: Sat 01 Jan 2022 14:02:08 +0000
ROA not before: Sat 01 Jan 2022 14:02:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213244
IP address blocks: 2a0e:8f02:f031::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147745612 (0x8ce6b4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 14:02:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29540becaab5207ed2e5e00d8d27bcc2cd9defb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:03:51:f5:44:d4:ad:ea:4d:73:84:9e:3d:71:
2c:92:67:28:83:c2:44:90:17:96:c6:ba:9c:a8:f1:
a8:b0:fe:06:76:99:b1:94:d9:1f:ed:df:02:05:d4:
52:e4:23:51:21:5c:7c:2c:47:2d:40:2e:b9:94:80:
a3:a9:9b:81:fd:48:21:ec:9e:a6:98:1a:6d:69:7d:
93:5c:7d:24:2d:98:3b:62:82:5e:fc:4a:75:56:04:
05:fc:bf:88:28:9d:da:6c:7a:f7:0a:42:d7:9f:d9:
bc:90:51:29:e2:b3:73:d4:71:bb:8e:94:15:b3:5f:
a7:b3:7f:a8:e8:2b:6f:74:2e:b0:ca:aa:1a:c8:78:
e1:80:2d:42:73:a4:a8:20:d5:52:9c:28:b6:2f:71:
34:89:34:de:f8:94:6e:03:db:84:21:32:17:8b:52:
46:db:33:b7:02:c8:ec:42:b7:18:17:e1:34:78:d2:
a8:c3:1c:2c:33:46:b3:1b:b6:2e:d5:dc:0e:75:76:
1e:e2:2b:cd:57:b1:7b:25:d8:73:f1:f1:44:0e:c4:
91:d6:18:bc:a4:14:3a:36:b8:f4:52:92:24:a1:94:
ff:06:6c:67:af:93:20:40:4d:c4:e8:af:d7:d5:7a:
97:73:c2:85:0e:11:2c:e8:1f:ca:3c:ca:82:13:0d:
2b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:54:0B:EC:AA:B5:20:7E:D2:E5:E0:0D:8D:27:BC:C2:CD:9D:EF:B1
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/KVQL7Kq1IH7S5eANjSe8ws2d77E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f031::/48
Signature Algorithm: sha256WithRSAEncryption
71:23:8e:76:d4:79:71:34:1b:22:19:9e:12:b7:2c:9a:0b:05:
c7:8f:17:95:f1:1e:7c:f0:d5:80:39:94:99:d0:e3:2e:c7:20:
2d:57:9e:2a:5a:72:2c:97:e5:1b:ce:22:db:50:f9:4c:6c:62:
81:89:85:f6:4d:d6:c7:f7:6b:cb:2a:25:60:71:ac:49:69:1a:
19:b9:f2:fe:dc:af:68:a2:dc:86:4a:70:9e:02:d1:9a:42:0a:
3e:a6:b3:32:a3:b6:89:7e:ae:ad:75:08:c6:87:90:bd:aa:c2:
03:e4:a1:a9:dc:21:eb:b7:7c:b8:26:f5:22:a3:df:d7:c0:14:
2d:4e:44:de:be:92:0f:02:53:2c:f3:8e:5b:b5:c0:ea:0c:8d:
d7:54:20:95:2a:fd:19:ff:40:5f:ab:be:2b:32:55:67:84:2f:
5c:a4:1a:c4:2b:a2:26:5c:10:e5:82:b3:f4:ea:e3:61:d2:8a:
43:8e:ff:57:80:d2:24:94:7c:c9:48:1e:07:c4:6c:04:0b:ae:
57:97:eb:ca:79:6d:0b:7d:01:7e:87:48:87:c0:97:c6:2b:16:
ed:20:6a:da:f6:93:61:dc:21:95:f9:3f:04:d6:56:90:6e:33:
f1:2d:27:1d:e5:35:d8:a9:16:40:29:a6:86:00:d8:79:4e:75:
a7:c4:72:4d
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECM5rTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDIwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk1NDBiZWNhYWI1
MjA3ZWQyZTVlMDBkOGQyN2JjYzJjZDlkZWZiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOIDUfVE1K3qTXOEnj1xLJJnKIPCRJAXlsa6nKjxqLD+BnaZ
sZTZH+3fAgXUUuQjUSFcfCxHLUAuuZSAo6mbgf1IIeyeppgabWl9k1x9JC2YO2KC
XvxKdVYEBfy/iCid2mx69wpC15/ZvJBRKeKzc9Rxu46UFbNfp7N/qOgrb3QusMqq
Gsh44YAtQnOkqCDVUpwoti9xNIk03viUbgPbhCEyF4tSRtsztwLI7EK3GBfhNHjS
qMMcLDNGsxu2LtXcDnV2HuIrzVexeyXYc/HxRA7EkdYYvKQUOja49FKSJKGU/wZs
Z6+TIEBNxOiv19V6l3PChQ4RLOgfyjzKghMNKzUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQpVAvsqrUgftLl4A2NJ7zCzZ3vsTAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
L0tWUUw3S3ExSUg3UzVlQU5qU2U4d3MyZDc3RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOjwLwMTANBgkqhkiG9w0BAQsF
AAOCAQEAcSOOdtR5cTQbIhmeErcsmgsFx48XlfEefPDVgDmUmdDjLscgLVeeKlpy
LJflG84i21D5TGxigYmF9k3Wx/dryyolYHGsSWkaGbny/tyvaKLchkpwngLRmkIK
PqazMqO2iX6urXUIxoeQvarCA+Shqdwh67d8uCb1IqPf18AULU5E3r6SDwJTLPOO
W7XA6gyN11QglSr9Gf9AX6u+KzJVZ4QvXKQaxCuiJlwQ5YKz9OrjYdKKQ47/V4DS
JJR8yUgeB8RsBAuuV5frynltC30BfodIh8CXxisW7SBq2vaTYdwhlfk/BNZWkG4z
8S0nHeU12KkWQCmmhgDYeU51p8RyTQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:24 2023 by rpki-client on console-fra.rpki-client.org