Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/kDSnehlP1Bw6F3e98I3agFplCgE.roa
File: kDSnehlP1Bw6F3e98I3agFplCgE.roa (raw, json)
Hash identifier: rCPc492UmIOniQIOt4H8UmvzTZog0XcSU/JJlbVtExI=
Subject key identifier: 90:34:A7:7A:19:4F:D4:1C:3A:17:77:BD:F0:8D:DA:80:5A:65:0A:01
Certificate issuer: /CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Certificate serial: 07E1986D
Authority key identifier: 7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/kDSnehlP1Bw6F3e98I3agFplCgE.roa
Signing time: Sat 01 Jan 2022 01:55:51 +0000
ROA not before: Sat 01 Jan 2022 01:55:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208227
IP address blocks: 2a04:ff00:200::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132225133 (0x7e1986d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Validity
Not Before: Jan 1 01:55:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9034a77a194fd41c3a1777bdf08dda805a650a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7b:f5:90:b4:95:60:f6:fc:70:9d:aa:f2:d8:
48:95:69:95:ae:c2:45:67:b1:e1:fb:53:27:d8:32:
18:a9:60:18:64:20:ed:7d:0e:24:83:9d:b3:1b:f6:
d6:6a:c6:35:e3:05:26:96:92:5b:b5:e2:6a:1c:b0:
fd:46:67:de:08:99:03:a9:95:e7:76:cf:85:62:f3:
ed:96:ae:9b:c9:62:3c:88:79:bf:c9:00:4f:8c:0e:
ed:21:14:d3:68:ad:b3:c7:71:c6:3b:cd:e7:9e:2f:
d8:ab:4e:c0:51:7a:3e:23:11:51:29:0a:5b:cd:81:
ce:9c:5e:4c:ea:cf:00:7b:d1:35:1b:24:86:bf:50:
92:5a:28:dc:6d:b5:ac:17:d7:0f:ba:f2:62:aa:43:
57:3f:b6:20:fe:4c:c0:15:1e:7d:bb:4c:9c:77:99:
3f:2b:f4:e6:9f:89:dd:10:ad:77:89:17:97:c8:20:
50:c6:41:7f:a2:00:3f:0b:3f:c4:42:67:90:45:c8:
4f:a7:a6:e4:ad:a9:a3:bc:20:29:3b:fd:72:79:a0:
cb:60:a0:ed:f0:96:bc:3c:c5:ee:7f:e4:6c:98:de:
6a:40:bb:66:10:9e:8d:6c:0b:bd:df:9d:dd:6e:68:
da:3c:4b:cf:65:db:0b:26:a0:5e:6b:ac:c7:05:24:
29:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:34:A7:7A:19:4F:D4:1C:3A:17:77:BD:F0:8D:DA:80:5A:65:0A:01
X509v3 Authority Key Identifier:
keyid:7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/kDSnehlP1Bw6F3e98I3agFplCgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ff00:200::/40
Signature Algorithm: sha256WithRSAEncryption
0c:45:0a:1f:6a:de:b4:7e:26:59:98:b5:15:99:ba:36:88:ec:
eb:ce:9a:81:57:6e:d9:43:42:a1:81:d8:20:1a:44:de:c7:a7:
20:82:3e:86:8a:6e:bc:fc:95:0b:23:83:3c:04:b0:e2:19:c9:
9e:d5:f9:d1:af:d1:b3:c2:0e:bb:fe:81:f6:99:87:62:42:5d:
07:c8:af:83:02:84:bb:5b:00:21:10:48:11:c4:b8:97:0f:6f:
ce:f6:f2:e8:7b:8c:16:d9:d1:6e:fc:eb:d2:07:8f:e4:53:fa:
99:6a:5a:ec:be:fb:c3:82:c4:89:15:c2:12:b6:66:52:1c:71:
3c:4a:01:bb:ce:94:c0:da:a2:63:55:f9:a4:b6:b7:14:7e:89:
a5:3a:c7:22:22:59:e9:17:82:b4:9c:ff:16:60:71:7e:ac:14:
7b:ed:97:d3:0c:a1:4f:9d:85:2c:ca:fb:70:ec:d0:c4:80:31:
77:8e:5f:83:2b:8b:ef:96:c6:43:1c:a7:92:dd:97:d9:9e:f2:
67:42:94:56:4f:d8:03:e3:8f:1b:5f:f7:11:d4:07:7a:02:b6:
a0:02:ae:fd:40:33:20:1e:b3:5e:df:a0:00:25:70:d5:38:d2:
83:f3:46:fe:a3:4c:65:64:ea:6c:93:17:60:94:db:fc:47:73:
f9:ec:a5:40
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEB+GYbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDA0YzI1YzJmOGI0N2U1ZGFmNTJkMWM0YzVhNTA5OTlkZDBhMGE5MB4XDTIyMDEw
MTAxNTU1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTAzNGE3N2ExOTRm
ZDQxYzNhMTc3N2JkZjA4ZGRhODA1YTY1MGEwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANN79ZC0lWD2/HCdqvLYSJVpla7CRWex4ftTJ9gyGKlgGGQg
7X0OJIOdsxv21mrGNeMFJpaSW7Xiahyw/UZn3giZA6mV53bPhWLz7Zaum8liPIh5
v8kAT4wO7SEU02its8dxxjvN554v2KtOwFF6PiMRUSkKW82BzpxeTOrPAHvRNRsk
hr9Qkloo3G21rBfXD7ryYqpDVz+2IP5MwBUefbtMnHeZPyv05p+J3RCtd4kXl8gg
UMZBf6IAPws/xEJnkEXIT6em5K2po7wgKTv9cnmgy2Cg7fCWvDzF7n/kbJjeakC7
ZhCejWwLvd+d3W5o2jxLz2XbCyagXmusxwUkKVsCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSQNKd6GU/UHDoXd73wjdqAWmUKATAfBgNVHSMEGDAWgBR9BMJcL4tH5dr1
LRxMWlCZndCgqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZRVENYQy1MUi1YYTlTMGNURnBRbVozUW9Lay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvOTcxY2M0LTU0ZDUtNGMyOC1hMWMzLWU2M2U5NGNiYTA5Zi8x
L2tEU25laGxQMUJ3NkYzZTk4STNhZ0ZwbENnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
OTcxY2M0LTU0ZDUtNGMyOC1hMWMzLWU2M2U5NGNiYTA5Zi8xL2ZRVENYQy1MUi1Y
YTlTMGNURnBRbVozUW9Lay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoE/wACMA0GCSqGSIb3DQEBCwUA
A4IBAQAMRQofat60fiZZmLUVmbo2iOzrzpqBV27ZQ0KhgdggGkTex6cggj6Gim68
/JULI4M8BLDiGcme1fnRr9Gzwg67/oH2mYdiQl0HyK+DAoS7WwAhEEgRxLiXD2/O
9vLoe4wW2dFu/OvSB4/kU/qZalrsvvvDgsSJFcIStmZSHHE8SgG7zpTA2qJjVfmk
trcUfomlOsciIlnpF4K0nP8WYHF+rBR77ZfTDKFPnYUsyvtw7NDEgDF3jl+DK4vv
lsZDHKeS3ZfZnvJnQpRWT9gD448bX/cR1Ad6AragAq79QDMgHrNe36AAJXDVONKD
80b+o0xlZOpskxdglNv8R3P57KVA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:24 2023 by rpki-client on console-ams.rpki-client.org