Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/khLZaNM-dGyS79xwRDdHlcPZOjY.roa
File: khLZaNM-dGyS79xwRDdHlcPZOjY.roa (raw, json)
Hash identifier: uHU4XBvq3G/zkCH/WQb556gn3Q/ybv9XeadC0S/1oUQ=
Subject key identifier: 92:12:D9:68:D3:3E:74:6C:92:EF:DC:70:44:37:47:95:C3:D9:3A:36
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018318ABEB20819B3909D0E92E250831A961
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/khLZaNM-dGyS79xwRDdHlcPZOjY.roa
Signing time: Wed 07 Sep 2022 15:57:43 +0000
ROA not before: Wed 07 Sep 2022 15:57:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204406
IP address blocks: 2a0e:8f02:f04b::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:18:ab:eb:20:81:9b:39:09:d0:e9:2e:25:08:31:a9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Sep 7 15:57:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9212d968d33e746c92efdc7044374795c3d93a36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d9:d5:af:15:44:23:7d:53:aa:d0:b3:12:a5:
bd:34:31:8e:6f:57:cc:16:49:11:1d:29:b4:cb:b7:
ca:6b:83:f6:05:84:d4:73:be:6f:99:4b:75:6b:e6:
8d:76:60:26:92:e1:fa:54:4d:85:f2:df:f3:77:4a:
74:7c:c9:a8:05:fb:ef:ad:94:9b:b0:1b:8b:fa:38:
8b:f5:8f:f8:d1:8a:f6:8b:39:94:c2:b7:49:f7:0f:
ca:d5:e0:33:23:07:11:b5:f9:7e:34:86:c7:36:07:
0c:2a:89:0a:65:39:34:81:48:4c:a6:99:8e:74:e8:
42:9f:2b:68:a4:22:c3:be:db:52:34:bf:12:db:61:
00:25:eb:fc:d2:e6:83:4b:22:7e:97:f8:ab:43:c7:
9e:ca:11:bd:90:ad:2e:59:1d:ea:62:21:5c:43:48:
09:52:60:a1:96:62:ba:66:3f:25:da:89:af:7d:d6:
ff:9a:a7:22:97:b9:9c:58:ed:c1:20:3d:3b:49:61:
2a:45:b4:68:54:4d:64:4c:f7:e3:e4:b2:ef:0f:a3:
fb:d0:bf:69:45:23:13:af:f4:50:72:62:ac:cd:75:
2c:e7:15:af:d4:23:87:34:c9:b1:65:fd:dc:56:a9:
ae:7e:de:7b:b2:3b:f2:8d:70:b1:56:09:f7:6a:1c:
99:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:12:D9:68:D3:3E:74:6C:92:EF:DC:70:44:37:47:95:C3:D9:3A:36
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/khLZaNM-dGyS79xwRDdHlcPZOjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f04b::/48
Signature Algorithm: sha256WithRSAEncryption
8d:44:61:fd:18:2c:9d:78:3c:83:91:a7:64:0d:8f:64:6a:5e:
50:29:8d:22:b2:30:b6:95:b2:ef:bc:d6:be:97:71:4b:d6:56:
da:07:84:86:19:38:51:3b:4a:c6:0c:3c:63:51:75:8c:e3:f6:
eb:11:36:2d:ae:2b:e0:24:6c:9c:07:c0:e5:32:b1:bf:e3:d5:
c1:30:3f:05:cd:c6:9f:19:fa:b0:2a:d1:f6:44:a8:c3:e2:cd:
48:36:a4:77:f1:d2:eb:89:4d:42:de:93:44:ba:fa:e0:b4:d7:
c7:6c:59:84:e3:77:26:94:81:83:92:9c:2b:c6:22:e8:ba:f8:
30:2e:26:e1:dd:d4:5f:eb:a1:37:36:8e:66:b9:ef:53:6b:61:
f5:4a:95:3c:63:3c:7a:64:bd:fe:ea:98:a8:e1:9c:f8:e8:16:
6e:95:ff:cf:48:f8:1f:da:3e:11:fd:3d:65:77:f2:21:c6:7e:
5c:09:db:51:ad:77:01:44:6a:cc:10:8e:69:dd:87:ec:ec:70:
40:b0:12:87:e8:03:ae:3f:12:9a:fa:1c:ff:51:77:16:36:a5:
25:10:3c:78:3f:5b:f3:06:45:f4:db:99:1d:19:28:d3:f0:b9:
9a:3f:99:a8:f7:5c:ed:71:aa:c1:0c:6e:e2:cf:81:f0:05:2f:
70:50:de:4e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYMYq+sggZs5CdDpLiUIMalhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjIwOTA3MTU1NzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjEyZDk2OGQzM2U3NDZjOTJlZmRjNzA0NDM3NDc5NWMzZDkzYTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNnVrxVEI31TqtCzEqW9NDGOb1fM
FkkRHSm0y7fKa4P2BYTUc75vmUt1a+aNdmAmkuH6VE2F8t/zd0p0fMmoBfvvrZSb
sBuL+jiL9Y/40Yr2izmUwrdJ9w/K1eAzIwcRtfl+NIbHNgcMKokKZTk0gUhMppmO
dOhCnytopCLDvttSNL8S22EAJev80uaDSyJ+l/irQ8eeyhG9kK0uWR3qYiFcQ0gJ
UmChlmK6Zj8l2omvfdb/mqcil7mcWO3BID07SWEqRbRoVE1kTPfj5LLvD6P70L9p
RSMTr/RQcmKszXUs5xWv1COHNMmxZf3cVqmuft57sjvyjXCxVgn3ahyZnQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJIS2WjTPnRsku/ccEQ3R5XD2To2MB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEva2hMWmFOTS1kR3lTNzl4d1JEZEhsY1BaT2pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBL
MA0GCSqGSIb3DQEBCwUAA4IBAQCNRGH9GCydeDyDkadkDY9kal5QKY0isjC2lbLv
vNa+l3FL1lbaB4SGGThRO0rGDDxjUXWM4/brETYtrivgJGycB8DlMrG/49XBMD8F
zcafGfqwKtH2RKjD4s1INqR38dLriU1C3pNEuvrgtNfHbFmE43cmlIGDkpwrxiLo
uvgwLibh3dRf66E3No5mue9Ta2H1SpU8Yzx6ZL3+6pio4Zz46BZulf/PSPgf2j4R
/T1ld/Ihxn5cCdtRrXcBRGrMEI5p3Yfs7HBAsBKH6AOuPxKa+hz/UXcWNqUlEDx4
P1vzBkX025kdGSjT8LmaP5mo91ztcarBDG7iz4HwBS9wUN5O
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:12 2023 by rpki-client on console-ams.rpki-client.org