Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/okUWCK7knPQkO-IdEAfsz3XnQTQ.roa
File: okUWCK7knPQkO-IdEAfsz3XnQTQ.roa (raw, json)
Hash identifier: vwVoarPG0aMh5Y9UiyU0XgoIpob0AqJM7pWp19qiXm0=
Subject key identifier: A2:45:16:08:AE:E4:9C:F4:24:3B:E2:1D:10:07:EC:CF:75:E7:41:34
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 0184344BBE505E0474C9D8651B55510C0637
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/okUWCK7knPQkO-IdEAfsz3XnQTQ.roa
Signing time: Tue 01 Nov 2022 17:44:49 +0000
ROA not before: Tue 01 Nov 2022 17:44:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50926
IP address blocks: 2a0b:8f80:202::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:34:4b:be:50:5e:04:74:c9:d8:65:1b:55:51:0c:06:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Nov 1 17:44:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2451608aee49cf4243be21d1007eccf75e74134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:33:69:d6:76:6e:32:b8:84:e5:e1:17:92:db:
22:3f:d8:4d:e6:86:f0:d5:b3:eb:ad:2e:25:5e:db:
d3:53:10:27:29:5a:ab:de:04:14:6b:f7:58:43:c5:
97:65:3b:3b:a9:df:25:f1:ee:94:6d:3a:cf:da:cc:
f9:d9:83:2d:80:d2:ea:02:37:b0:01:56:a8:9d:84:
e5:da:8f:46:28:06:ec:40:35:2e:6b:28:d5:4e:8e:
73:16:16:20:e4:a2:ab:bc:12:a0:a2:61:40:6b:f6:
f0:8a:7e:24:61:5e:29:d9:21:0b:8e:8d:f5:0d:df:
95:fa:40:e5:29:18:25:b8:4e:8b:e0:e5:3d:c7:48:
7a:61:1c:d9:74:2c:6b:90:40:18:05:10:b9:c5:b0:
8e:d3:3e:78:7b:56:6a:7c:9c:bd:c7:24:3f:12:40:
19:a3:5e:b4:e0:d4:71:cf:17:d4:cd:05:8b:52:06:
a1:51:c5:f4:ec:13:a1:af:04:0f:52:66:a0:ed:ac:
05:e0:71:fc:68:94:b6:7d:66:39:90:fe:ea:30:87:
b2:45:d7:b0:b2:6b:38:e8:f0:33:ed:a2:1d:51:1c:
4b:df:94:dd:36:55:40:d7:8f:52:d6:d3:b1:1e:61:
4f:bc:e3:46:3d:19:83:b8:ed:5a:e0:bd:b4:29:e0:
f5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:45:16:08:AE:E4:9C:F4:24:3B:E2:1D:10:07:EC:CF:75:E7:41:34
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/okUWCK7knPQkO-IdEAfsz3XnQTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8f80:202::/48
Signature Algorithm: sha256WithRSAEncryption
6f:6d:e5:3a:e7:cc:03:90:de:4c:a6:8b:f3:52:52:07:d7:88:
60:da:7a:dd:7d:15:f0:10:ba:1f:fb:76:e3:3b:b7:e7:91:94:
3d:18:d9:0a:c1:93:e5:f5:52:54:0c:38:30:59:4a:71:4a:ef:
83:55:52:24:d6:b9:c0:b2:54:57:93:0f:1f:82:92:dd:bf:4d:
12:37:e5:94:ad:4f:b1:2d:42:4b:70:d9:92:8b:39:46:2e:68:
7f:f2:dd:36:87:ca:a1:b5:f4:f3:72:d7:13:65:c7:b0:b5:2f:
1a:44:a1:f3:27:f1:0f:0c:58:94:7c:f9:02:bc:46:43:5c:c6:
25:01:77:01:09:2a:75:61:e4:69:c0:e5:8b:b9:b3:31:3b:cc:
f0:7e:f8:11:7c:16:a3:59:11:83:8e:0a:b3:a8:a3:2f:70:bf:
f7:88:e7:d3:24:92:50:31:b4:57:2b:3a:97:0d:5a:bb:d5:c9:
25:1d:9b:62:b6:72:41:46:4f:b0:1a:24:2f:5f:67:bc:b0:fd:
de:34:43:c8:8c:b4:60:0e:04:dc:24:67:dd:3a:0d:79:f5:cd:
c1:a6:6d:24:c9:5c:ea:84:80:93:3a:58:66:1f:65:8c:84:e3:
9f:a9:ae:5f:87:ac:7b:96:86:c8:cc:d0:b7:c5:66:f5:f7:98:
fe:4a:e4:04
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYQ0S75QXgR0ydhlG1VRDAY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjIxMTAxMTc0NDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQ1MTYwOGFlZTQ5Y2Y0MjQzYmUyMWQxMDA3ZWNjZjc1ZTc0MTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzNp1nZuMriE5eEXktsiP9hN5obw
1bPrrS4lXtvTUxAnKVqr3gQUa/dYQ8WXZTs7qd8l8e6UbTrP2sz52YMtgNLqAjew
AVaonYTl2o9GKAbsQDUuayjVTo5zFhYg5KKrvBKgomFAa/bwin4kYV4p2SELjo31
Dd+V+kDlKRgluE6L4OU9x0h6YRzZdCxrkEAYBRC5xbCO0z54e1ZqfJy9xyQ/EkAZ
o1604NRxzxfUzQWLUgahUcX07BOhrwQPUmag7awF4HH8aJS2fWY5kP7qMIeyRdew
sms46PAz7aIdURxL35TdNlVA149S1tOxHmFPvONGPRmDuO1a4L20KeD1qwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKJFFgiu5Jz0JDviHRAH7M9150E0MB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvb2tVV0NLN2tuUFFrTy1JZEVBZnN6M1huUVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKguPgAIC
MA0GCSqGSIb3DQEBCwUAA4IBAQBvbeU658wDkN5MpovzUlIH14hg2nrdfRXwELof
+3bjO7fnkZQ9GNkKwZPl9VJUDDgwWUpxSu+DVVIk1rnAslRXkw8fgpLdv00SN+WU
rU+xLUJLcNmSizlGLmh/8t02h8qhtfTzctcTZcewtS8aRKHzJ/EPDFiUfPkCvEZD
XMYlAXcBCSp1YeRpwOWLubMxO8zwfvgRfBajWRGDjgqzqKMvcL/3iOfTJJJQMbRX
KzqXDVq71cklHZtitnJBRk+wGiQvX2e8sP3eNEPIjLRgDgTcJGfdOg159c3Bpm0k
yVzqhICTOlhmH2WMhOOfqa5fh6x7lobIzNC3xWb195j+SuQE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org