Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/rKpalLnjN4hIldLdWD2g28DVFTU.roa
File: rKpalLnjN4hIldLdWD2g28DVFTU.roa (raw, json)
Hash identifier: 9hR14xrWSs9KJ/jpD8FbZfaQHTz8l7Mkgn017wZ3lTY=
Subject key identifier: AC:AA:5A:94:B9:E3:37:88:48:95:D2:DD:58:3D:A0:DB:C0:D5:15:35
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 08CB0D73
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/rKpalLnjN4hIldLdWD2g28DVFTU.roa
Signing time: Sat 01 Jan 2022 14:02:06 +0000
ROA not before: Sat 01 Jan 2022 14:02:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213033
IP address blocks: 2a0e:8f02:f003::/48 maxlen: 48
2a0e:8f02:20e0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147524979 (0x8cb0d73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 14:02:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=acaa5a94b9e337884895d2dd583da0dbc0d51535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:45:62:06:0e:16:a1:dd:de:5a:49:af:22:58:
51:7a:4c:5a:05:21:48:e6:e0:bd:35:eb:86:2a:f8:
30:f5:5b:c2:ef:1f:46:1c:7e:c5:bb:0c:9e:c4:03:
2b:fb:4d:56:b2:16:b3:48:d6:52:84:b3:9f:ae:b9:
0c:eb:39:2b:06:39:1c:69:78:b6:a5:b1:6f:7c:d7:
d1:62:29:57:ed:20:64:a4:96:3b:dd:4a:e1:e1:7e:
46:57:3e:b5:3d:10:1a:ff:2c:b7:90:ad:d3:27:fd:
87:08:e5:4c:cb:0a:7d:49:10:ba:e1:fe:06:a7:57:
36:65:a3:40:81:16:cc:cd:6b:9f:fa:b2:69:c0:9a:
04:99:e4:a9:f8:1d:26:1c:a0:2b:5d:ff:1c:be:06:
af:9c:6a:84:d7:75:6d:f5:04:ae:1d:93:35:e2:27:
e5:0e:d3:6d:f7:57:d9:35:1c:10:c1:a1:d6:df:d1:
31:26:05:0f:69:27:4a:fb:ce:ba:ba:75:6a:c8:c2:
df:7a:68:d1:f4:29:94:d8:f6:df:ca:e1:64:85:29:
b2:e0:fe:90:4c:49:e7:26:ac:49:25:fa:8f:75:e8:
5e:c2:64:b7:72:53:f3:56:ed:2f:3e:0a:a4:68:65:
95:79:48:22:90:7a:b4:e7:61:02:77:d3:7c:a2:7f:
74:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:AA:5A:94:B9:E3:37:88:48:95:D2:DD:58:3D:A0:DB:C0:D5:15:35
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/rKpalLnjN4hIldLdWD2g28DVFTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:20e0::/44
2a0e:8f02:f003::/48
Signature Algorithm: sha256WithRSAEncryption
a6:e5:3d:90:a1:dd:6d:ca:50:d4:d7:42:b2:8c:b1:95:39:ef:
c4:35:c0:c6:08:35:20:07:72:f1:3e:8b:c1:7c:a2:5a:68:9d:
9c:35:5b:65:39:67:81:33:07:3e:d3:2f:24:bf:e4:1a:8a:0f:
53:bf:6e:90:78:76:88:ba:47:f7:82:69:26:8e:e8:d7:0a:1d:
95:2a:e8:9c:8f:82:da:e2:7e:3d:24:1e:d6:da:e5:84:0a:85:
68:f3:4d:6a:a3:f3:a3:01:5b:06:d2:72:e1:ee:13:21:88:4f:
ba:a9:bc:d8:51:3c:fa:66:07:05:de:8a:5d:46:3e:6b:bd:05:
14:9e:d2:da:88:c7:18:af:d3:65:22:14:74:7e:57:e9:8a:dd:
2d:1a:bb:22:b5:1f:c1:66:cd:0c:83:76:66:19:0a:7e:97:a1:
cc:fe:30:25:7f:45:c6:e4:ae:d1:bb:26:a0:8a:46:9e:a6:cd:
75:93:53:3a:15:77:99:47:89:be:02:20:ea:6a:91:4e:3d:36:
11:84:c9:2a:eb:7b:40:c9:05:cf:2f:a3:4c:1b:22:dd:61:c8:
7a:73:e4:70:9a:62:32:b9:be:a6:10:69:b4:91:74:d1:f6:54:
f3:3b:8d:c8:72:a8:9e:9c:e4:0d:0e:be:57:b2:c5:de:6f:62:
5b:22:3a:31
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECMsNczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDIwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNhYTVhOTRiOWUz
Mzc4ODQ4OTVkMmRkNTgzZGEwZGJjMGQ1MTUzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNFYgYOFqHd3lpJryJYUXpMWgUhSObgvTXrhir4MPVbwu8f
Rhx+xbsMnsQDK/tNVrIWs0jWUoSzn665DOs5KwY5HGl4tqWxb3zX0WIpV+0gZKSW
O91K4eF+Rlc+tT0QGv8st5Ct0yf9hwjlTMsKfUkQuuH+BqdXNmWjQIEWzM1rn/qy
acCaBJnkqfgdJhygK13/HL4Gr5xqhNd1bfUErh2TNeIn5Q7TbfdX2TUcEMGh1t/R
MSYFD2knSvvOurp1asjC33po0fQplNj238rhZIUpsuD+kExJ5yasSSX6j3XoXsJk
t3JT81btLz4KpGhllXlIIpB6tOdhAnfTfKJ/dMsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSsqlqUueM3iEiV0t1YPaDbwNUVNTAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
L3JLcGFsTG5qTjRoSWxkTGRXRDJnMjhEVkZUVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoOjwIg4AMHACoOjwLwAzANBgkq
hkiG9w0BAQsFAAOCAQEApuU9kKHdbcpQ1NdCsoyxlTnvxDXAxgg1IAdy8T6LwXyi
WmidnDVbZTlngTMHPtMvJL/kGooPU79ukHh2iLpH94JpJo7o1wodlSronI+C2uJ+
PSQe1trlhAqFaPNNaqPzowFbBtJy4e4TIYhPuqm82FE8+mYHBd6KXUY+a70FFJ7S
2ojHGK/TZSIUdH5X6YrdLRq7IrUfwWbNDIN2ZhkKfpehzP4wJX9FxuSu0bsmoIpG
nqbNdZNTOhV3mUeJvgIg6mqRTj02EYTJKut7QMkFzy+jTBsi3WHIenPkcJpiMrm+
phBptJF00fZU8zuNyHKonpzkDQ6+V7LF3m9iWyI6MQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:24 2023 by rpki-client on console-fra.rpki-client.org