Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/KU7hlcR3odOHcoGbSz3RzdYP1SE.roa
File: KU7hlcR3odOHcoGbSz3RzdYP1SE.roa (raw, json)
Hash identifier: VmfMNKEf1xfa5KPYhkWoc7HThh+rJcXo5OCXEqJfIIQ=
Subject key identifier: 29:4E:E1:95:C4:77:A1:D3:87:72:81:9B:4B:3D:D1:CD:D6:0F:D5:21
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 05944BEF
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/KU7hlcR3odOHcoGbSz3RzdYP1SE.roa
Signing time: Sat 01 Jan 2022 06:05:27 +0000
ROA not before: Sat 01 Jan 2022 06:05:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44486
IP address blocks: 2a05:bec0:40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93604847 (0x5944bef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Jan 1 06:05:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=294ee195c477a1d38772819b4b3dd1cdd60fd521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:85:88:4e:f6:ef:05:7a:ea:2b:4a:90:ea:0f:
83:b0:c4:e6:2c:8c:2d:e8:42:8b:ac:00:41:7c:ae:
56:fc:1e:b3:79:dd:94:fb:97:b1:a8:75:f7:3c:9f:
00:66:57:ba:e7:d6:d9:ce:74:be:c0:bf:2b:14:a1:
96:aa:84:91:5d:69:89:05:71:2f:01:db:9e:6f:5d:
e8:7b:8c:4d:20:16:85:1f:a5:23:3d:66:b4:fa:2a:
82:02:c8:0e:50:f9:a7:fb:54:e6:cd:a5:2c:5c:e8:
28:68:10:78:a2:e6:c6:32:d2:bc:02:90:a3:ef:41:
bf:82:4b:c1:9c:b4:b0:a8:c7:2c:91:5d:b0:ad:1a:
3c:ad:be:27:06:12:d5:ab:dd:16:69:4f:f3:d4:23:
8b:5a:8c:9d:6b:0a:17:b0:ef:77:a5:b8:a6:51:4f:
f6:76:9a:fc:8b:37:cb:35:3e:56:00:bc:11:a6:7e:
74:0a:22:fd:2f:ac:c0:77:5d:6b:b0:e9:00:0a:cc:
31:9b:ca:04:d3:fe:9f:aa:a2:3d:f8:e3:24:a1:0c:
eb:08:d0:65:a4:54:f5:1d:53:81:ea:33:a7:62:fe:
86:2c:d1:1c:ca:2f:a3:cd:ae:1e:77:59:db:8a:f6:
4d:40:47:59:aa:fe:74:80:2e:a7:59:03:21:5c:99:
d1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:4E:E1:95:C4:77:A1:D3:87:72:81:9B:4B:3D:D1:CD:D6:0F:D5:21
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/KU7hlcR3odOHcoGbSz3RzdYP1SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:bec0:40::/48
Signature Algorithm: sha256WithRSAEncryption
19:e2:c0:f1:51:02:1b:c1:44:d4:9d:97:79:e7:5d:2b:cf:30:
56:69:86:92:b2:6b:8c:ad:ac:a4:c9:ac:95:bb:53:86:91:9f:
64:0e:88:54:73:46:5e:c0:36:62:5b:ea:ae:33:d7:9e:06:73:
d0:f7:f0:55:81:48:9b:85:a0:1b:58:ce:e5:e7:85:41:a9:8b:
9c:ba:d9:9c:71:78:ac:01:01:52:0c:6e:91:b1:f0:ff:bd:54:
06:bf:72:0a:9d:16:47:b5:7c:41:d2:44:0c:73:7e:17:a1:16:
26:fa:08:0d:bd:7b:76:d9:29:70:80:62:25:07:d5:6e:9f:12:
0e:94:89:ec:2f:74:d3:fd:82:fe:3f:91:63:50:25:0c:d7:db:
14:f8:a9:ac:cb:ac:bc:f5:08:1d:40:32:69:0c:0d:58:5a:0e:
3f:a1:af:37:a1:b8:b7:2f:ea:65:6b:f4:38:dd:c9:c9:89:29:
2b:71:ac:c4:eb:53:b1:35:1e:18:56:b0:2a:78:45:ae:83:cd:
05:f1:4c:22:90:9a:6f:ef:c2:df:b6:1c:ac:8a:96:a7:43:89:
77:14:45:e3:a4:32:e0:92:38:1e:8d:3d:27:b9:4d:56:c4:6c:
35:26:e9:ea:f7:d0:07:e4:b3:e8:58:d7:2b:8c:1f:96:68:b9:
fe:ce:16:dd
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBZRL7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTM3NmM4MDA4ZDZhYmQ5NjIzNDE1NjNkZDJhNGRjY2FmMTUzY2JhMB4XDTIyMDEw
MTA2MDUyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk0ZWUxOTVjNDc3
YTFkMzg3NzI4MTliNGIzZGQxY2RkNjBmZDUyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6FiE727wV66itKkOoPg7DE5iyMLehCi6wAQXyuVvwes3nd
lPuXsah19zyfAGZXuufW2c50vsC/KxShlqqEkV1piQVxLwHbnm9d6HuMTSAWhR+l
Iz1mtPoqggLIDlD5p/tU5s2lLFzoKGgQeKLmxjLSvAKQo+9Bv4JLwZy0sKjHLJFd
sK0aPK2+JwYS1avdFmlP89Qji1qMnWsKF7Dvd6W4plFP9naa/Is3yzU+VgC8EaZ+
dAoi/S+swHdda7DpAArMMZvKBNP+n6qiPfjjJKEM6wjQZaRU9R1Tgeozp2L+hizR
HMovo82uHndZ24r2TUBHWar+dIAup1kDIVyZ0c0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQpTuGVxHeh04dygZtLPdHN1g/VITAfBgNVHSMEGDAWgBRaN2yACNar2WI0
FWPdKk3MrxU8ujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dqZHNnQWpXcTlsaU5CVmozU3BOeks4VlBMby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDIvY2FhNzQzLTFjMTMtNGEyNS05ZjZhLTY1YmU1NTAzMTY1ZC8x
L0tVN2hsY1Izb2RPSGNvR2JTejNSemRZUDFTRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIv
Y2FhNzQzLTFjMTMtNGEyNS05ZjZhLTY1YmU1NTAzMTY1ZC8xL1dqZHNnQWpXcTls
aU5CVmozU3BOeks4VlBMby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoFvsAAQDANBgkqhkiG9w0BAQsF
AAOCAQEAGeLA8VECG8FE1J2XeeddK88wVmmGkrJrjK2spMmslbtThpGfZA6IVHNG
XsA2YlvqrjPXngZz0PfwVYFIm4WgG1jO5eeFQamLnLrZnHF4rAEBUgxukbHw/71U
Br9yCp0WR7V8QdJEDHN+F6EWJvoIDb17dtkpcIBiJQfVbp8SDpSJ7C900/2C/j+R
Y1AlDNfbFPiprMusvPUIHUAyaQwNWFoOP6GvN6G4ty/qZWv0ON3JyYkpK3GsxOtT
sTUeGFawKnhFroPNBfFMIpCab+/C37YcrIqWp0OJdxRF46Qy4JI4Ho09J7lNVsRs
NSbp6vfQB+Sz6FjXK4wflmi5/s4W3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:28 2024 by rpki-client on console-ams.rpki-client.org