Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/korHn7952LM9GDLvdRlTfIt9W3o.roa
File: korHn7952LM9GDLvdRlTfIt9W3o.roa (raw, json)
Hash identifier: C5IZNv83KOaVVifiAFOE+SNwCsK1PepL1Efine3EZno=
Subject key identifier: 92:8A:C7:9F:BF:79:D8:B3:3D:18:32:EF:75:19:53:7C:8B:7D:5B:7A
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018A85798C53AE5F7C7344870442283EA5DA
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/korHn7952LM9GDLvdRlTfIt9W3o.roa
Signing time: Mon 11 Sep 2023 18:20:50 +0000
ROA not before: Mon 11 Sep 2023 18:20:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50375
IP address blocks: 2a01:d0:3a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:85:79:8c:53:ae:5f:7c:73:44:87:04:42:28:3e:a5:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Sep 11 18:20:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=928ac79fbf79d8b33d1832ef7519537c8b7d5b7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b9:f1:93:2b:5e:16:5e:e8:9f:70:39:de:50:
a2:ee:7a:ff:52:67:f9:29:a4:de:83:97:2a:e0:07:
c3:45:87:e5:28:99:2c:25:49:78:ab:9d:2e:b1:ad:
35:ea:c2:54:33:e7:62:98:e1:63:c2:30:81:a9:ab:
ab:08:bf:96:7d:ad:9e:d3:e6:95:bf:55:5a:d0:bc:
88:3f:d8:31:68:00:7c:8d:fb:90:96:fe:af:f6:67:
ec:d1:f4:35:dc:c0:97:ca:ab:28:21:2e:c5:e6:c6:
05:06:88:24:8a:13:5e:bd:f8:b1:52:8b:5f:c9:e8:
e7:f5:09:71:56:26:aa:a3:e4:43:56:35:07:15:d2:
20:01:e4:d2:2a:d2:a6:3f:4a:ac:37:14:95:03:e4:
c5:aa:71:63:4a:6c:97:37:4a:82:d0:62:f5:66:db:
15:a6:90:a5:ce:8f:63:90:1e:08:6d:85:84:15:71:
ba:a5:79:a7:69:63:c4:94:06:ee:40:32:33:cf:32:
6c:3a:50:6b:77:4c:01:e7:db:e8:13:d7:8a:8c:5f:
ff:dc:6d:13:4f:3b:5c:87:85:55:b9:8e:1c:30:a3:
12:10:b7:74:e5:07:00:cd:c4:6b:8b:eb:7e:3b:84:
13:d3:dd:cf:5b:1e:ba:af:29:ec:87:1d:e0:e4:bd:
c7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:8A:C7:9F:BF:79:D8:B3:3D:18:32:EF:75:19:53:7C:8B:7D:5B:7A
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/korHn7952LM9GDLvdRlTfIt9W3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:d0:3a::/48
Signature Algorithm: sha256WithRSAEncryption
36:52:e7:a1:45:81:71:57:7e:55:d5:02:eb:1d:b6:08:e7:85:
c6:41:97:fc:cd:c1:d4:0f:fa:24:c4:e7:90:65:ff:3b:f2:03:
1f:13:a6:a9:a6:f8:aa:8c:b5:e8:ae:4f:bb:ad:6c:f7:1d:b5:
05:96:4b:aa:4a:4e:b1:c7:4f:8d:e3:74:51:5e:5b:bf:9c:f8:
e5:2b:e3:79:9f:8e:6b:53:e2:6e:ec:09:df:76:31:5f:0d:97:
86:f4:6b:73:e1:0f:60:83:d8:44:de:e0:4c:b2:cc:42:6e:35:
f7:94:21:3f:91:b7:cf:d4:94:cc:ea:a5:ad:23:86:68:40:0e:
cc:65:69:cd:fd:4c:6c:b9:ec:74:ab:45:85:aa:2f:ce:09:a7:
12:6e:2b:9d:55:e9:48:55:be:54:87:f3:83:85:88:36:66:6d:
1f:ee:e5:23:f6:1c:12:68:63:a4:62:a9:20:67:9a:36:36:9e:
60:b0:b2:2f:01:72:6d:a3:9e:9d:10:db:e9:f7:be:80:19:d1:
d7:4a:34:aa:17:dd:fa:55:86:05:a8:70:0e:0b:88:e5:a3:c2:
2e:ae:26:b6:7b:3c:91:03:c9:f8:ab:7a:83:32:64:6b:00:bb:
1a:e5:bc:2b:4d:be:32:07:a7:b6:0c:d7:3f:e2:3a:af:fa:71:
af:f5:81:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYqFeYxTrl98c0SHBEIoPqXaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwOTExMTgyMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjhhYzc5ZmJmNzlkOGIzM2QxODMyZWY3NTE5NTM3YzhiN2Q1YjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7nxkyteFl7on3A53lCi7nr/Umf5
KaTeg5cq4AfDRYflKJksJUl4q50usa016sJUM+dimOFjwjCBqaurCL+Wfa2e0+aV
v1Va0LyIP9gxaAB8jfuQlv6v9mfs0fQ13MCXyqsoIS7F5sYFBogkihNevfixUotf
yejn9QlxViaqo+RDVjUHFdIgAeTSKtKmP0qsNxSVA+TFqnFjSmyXN0qC0GL1ZtsV
ppClzo9jkB4IbYWEFXG6pXmnaWPElAbuQDIzzzJsOlBrd0wB59voE9eKjF//3G0T
Tztch4VVuY4cMKMSELd05QcAzcRri+t+O4QT093PWx66rynshx3g5L3HNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJKKx5+/edizPRgy73UZU3yLfVt6MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEva29ySG43OTUyTE05R0RMdmRSbFRmSXQ5VzNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEA0AA6
MA0GCSqGSIb3DQEBCwUAA4IBAQA2UuehRYFxV35V1QLrHbYI54XGQZf8zcHUD/ok
xOeQZf878gMfE6appviqjLXork+7rWz3HbUFlkuqSk6xx0+N43RRXlu/nPjlK+N5
n45rU+Ju7AnfdjFfDZeG9Gtz4Q9gg9hE3uBMssxCbjX3lCE/kbfP1JTM6qWtI4Zo
QA7MZWnN/Uxsuex0q0WFqi/OCacSbiudVelIVb5Uh/ODhYg2Zm0f7uUj9hwSaGOk
YqkgZ5o2Np5gsLIvAXJto56dENvp976AGdHXSjSqF936VYYFqHAOC4jlo8Iuria2
ezyRA8n4q3qDMmRrALsa5bwrTb4yB6e2DNc/4jqv+nGv9YFj
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:07:17 2025 by rpki-client