Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/3KfyxZt9Dh8YUf4Yf0gIUoj9Ljc.roa
File: 3KfyxZt9Dh8YUf4Yf0gIUoj9Ljc.roa (raw, json)
Hash identifier: ayyAIQ5o73zoaHhybNgwCzppjoSspiLzI4jaSwDk8nA=
Subject key identifier: DC:A7:F2:C5:9B:7D:0E:1F:18:51:FE:18:7F:48:08:52:88:FD:2E:37
Certificate issuer: /CN=b9ab361394683e4f24397cfc8f23eab2c6828dea
Certificate serial: 01852ABBC1FDE3C2513C5AA670AC8C9EF301
Authority key identifier: B9:AB:36:13:94:68:3E:4F:24:39:7C:FC:8F:23:EA:B2:C6:82:8D:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uas2E5RoPk8kOXz8jyPqssaCjeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/3KfyxZt9Dh8YUf4Yf0gIUoj9Ljc.roa
Signing time: Mon 19 Dec 2022 14:13:45 +0000
ROA not before: Mon 19 Dec 2022 14:13:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 2a13:2e02::/36 maxlen: 48
2a13:2e01::/36 maxlen: 48
2a13:2e00::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:bb:c1:fd:e3:c2:51:3c:5a:a6:70:ac:8c:9e:f3:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ab361394683e4f24397cfc8f23eab2c6828dea
Validity
Not Before: Dec 19 14:13:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dca7f2c59b7d0e1f1851fe187f48085288fd2e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:20:52:ae:ac:77:d8:38:ff:af:e5:ef:c8:3a:
30:4b:42:b5:89:48:cc:c0:4f:10:ff:94:9a:26:35:
aa:39:00:72:fe:4c:c4:11:c1:2f:da:e5:ab:4c:6e:
3e:3b:ff:68:04:d7:91:94:d8:ea:2d:34:12:2d:d1:
af:0a:63:46:59:33:d0:d9:45:64:b4:f5:c5:b6:21:
c8:bf:48:5a:35:73:e2:20:e4:a9:69:75:6a:d4:2e:
0d:79:f5:60:11:bf:0f:b5:91:f6:85:11:55:7f:8b:
0b:70:df:a9:c7:67:d1:c7:25:85:fd:81:0a:e0:a4:
be:87:c7:84:a9:8c:82:0c:d9:37:7a:5f:ba:88:3b:
d3:be:72:28:d8:35:30:f8:ca:8a:be:03:24:aa:1c:
68:d9:6a:9e:86:3d:c8:93:bb:6b:d2:68:46:7c:09:
5f:95:c3:ce:cf:aa:24:91:4c:58:f3:dd:f6:a0:0a:
0f:b3:79:a1:74:14:8d:6e:47:ad:05:cd:20:53:f8:
9c:1e:bf:fa:5d:63:34:30:d0:75:32:21:ba:fb:3d:
9b:45:37:31:a5:75:f0:23:0f:d3:1f:1b:d6:ad:67:
da:d3:88:d9:03:35:b1:ed:53:06:c3:9e:d3:c4:93:
01:d6:81:49:a2:bb:47:b0:fc:ce:5a:84:86:3f:37:
b6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A7:F2:C5:9B:7D:0E:1F:18:51:FE:18:7F:48:08:52:88:FD:2E:37
X509v3 Authority Key Identifier:
keyid:B9:AB:36:13:94:68:3E:4F:24:39:7C:FC:8F:23:EA:B2:C6:82:8D:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uas2E5RoPk8kOXz8jyPqssaCjeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/3KfyxZt9Dh8YUf4Yf0gIUoj9Ljc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/360ef9-ec20-4e13-9647-ddfeb424adf5/1/uas2E5RoPk8kOXz8jyPqssaCjeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2e00::/36
2a13:2e01::/36
2a13:2e02::/36
Signature Algorithm: sha256WithRSAEncryption
65:8c:3c:71:9e:fd:7d:b8:8d:03:da:f7:cf:f8:f5:3f:46:e6:
e0:63:a4:dd:d8:ee:ac:81:ca:42:fa:bb:67:c0:75:08:7a:fa:
96:0d:8e:35:f6:d9:a3:b0:be:b6:8f:d7:09:23:10:7d:ff:a7:
05:d8:3f:33:37:4f:bb:bd:09:16:fa:1c:43:04:73:c0:0b:fe:
bc:24:aa:da:fc:4c:fc:1a:7d:12:75:ff:71:2c:83:10:a6:bb:
a2:a9:91:81:97:50:9f:f8:40:a7:61:e5:58:ac:eb:7a:f4:4a:
18:22:32:73:c5:c9:57:cb:05:7a:51:ec:cd:92:d6:90:45:1e:
0d:bb:19:88:14:20:ef:63:96:a8:a8:4c:db:b6:d1:68:f8:27:
53:5b:67:9b:0b:d7:18:7c:c0:ef:21:9a:b6:12:e4:b1:26:92:
68:35:b7:a6:0f:53:b7:c3:36:97:b8:12:b7:e8:81:c9:00:4f:
ca:1b:ec:4d:60:7e:cc:4e:09:f3:24:1c:65:04:b7:3f:3c:34:
e8:35:f8:e8:3d:94:71:e3:a0:14:bd:50:7d:4c:71:fe:35:81:
88:bd:61:90:d9:e7:ea:c7:bb:2c:27:55:d4:9d:01:2c:d4:a7:
62:ae:ef:73:cf:b2:80:8c:88:25:25:c0:5c:58:0c:c6:4c:4b:
60:37:3d:d1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUqu8H948JRPFqmcKyMnvMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YWIzNjEzOTQ2ODNlNGYyNDM5N2NmYzhmMjNlYWIyYzY4
MjhkZWEwHhcNMjIxMjE5MTQxMzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2E3ZjJjNTliN2QwZTFmMTg1MWZlMTg3ZjQ4MDg1Mjg4ZmQyZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyBSrqx32Dj/r+XvyDowS0K1iUjM
wE8Q/5SaJjWqOQBy/kzEEcEv2uWrTG4+O/9oBNeRlNjqLTQSLdGvCmNGWTPQ2UVk
tPXFtiHIv0haNXPiIOSpaXVq1C4NefVgEb8PtZH2hRFVf4sLcN+px2fRxyWF/YEK
4KS+h8eEqYyCDNk3el+6iDvTvnIo2DUw+MqKvgMkqhxo2Wqehj3Ik7tr0mhGfAlf
lcPOz6okkUxY8932oAoPs3mhdBSNbketBc0gU/icHr/6XWM0MNB1MiG6+z2bRTcx
pXXwIw/THxvWrWfa04jZAzWx7VMGw57TxJMB1oFJortHsPzOWoSGPze2lQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNyn8sWbfQ4fGFH+GH9ICFKI/S43MB8GA1UdIwQY
MBaAFLmrNhOUaD5PJDl8/I8j6rLGgo3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWFzMkU1Um9QazhrT1h6OGp5UHFzc2FDamVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8zNjBlZjktZWMyMC00ZTEzLTk2NDct
ZGRmZWI0MjRhZGY1LzEvM0tmeXhadDlEaDhZVWY0WWYwZ0lVb2o5TGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8zNjBlZjktZWMyMC00ZTEzLTk2NDctZGRmZWI0MjRhZGY1
LzEvdWFzMkU1Um9QazhrT1h6OGp5UHFzc2FDamVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYEKhMuAAAD
BgQqEy4BAAMGBCoTLgIAMA0GCSqGSIb3DQEBCwUAA4IBAQBljDxxnv19uI0D2vfP
+PU/RubgY6Td2O6sgcpC+rtnwHUIevqWDY419tmjsL62j9cJIxB9/6cF2D8zN0+7
vQkW+hxDBHPAC/68JKra/Ez8Gn0Sdf9xLIMQpruiqZGBl1Cf+ECnYeVYrOt69EoY
IjJzxclXywV6UezNktaQRR4NuxmIFCDvY5aoqEzbttFo+CdTW2ebC9cYfMDvIZq2
EuSxJpJoNbemD1O3wzaXuBK36IHJAE/KG+xNYH7MTgnzJBxlBLc/PDToNfjoPZRx
46AUvVB9THH+NYGIvWGQ2efqx7ssJ1XUnQEs1Kdiru9zz7KAjIglJcBcWAzGTEtg
Nz3R
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:37 2024 by rpki-client on console-ams.rpki-client.org