Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KKAC96uDC3sGNtVFokroj9-KgdQ.roa
File: KKAC96uDC3sGNtVFokroj9-KgdQ.roa (raw, json)
Hash identifier: MMPK3ytxlMjKKkCIy7tHuefKR9oWUylXnMje8FJXb0U=
Subject key identifier: 28:A0:02:F7:AB:83:0B:7B:06:36:D5:45:A2:4A:E8:8F:DF:8A:81:D4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01845C1EF8FBF137C695A6623557017B0A47
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KKAC96uDC3sGNtVFokroj9-KgdQ.roa
Signing time: Wed 09 Nov 2022 11:20:44 +0000
ROA not before: Wed 09 Nov 2022 11:20:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202256
IP address blocks: 2a10:cc44:800::/37 maxlen: 48
2a0e:97c6:4000::/40 maxlen: 48
2a0e:97c1:800::/37 maxlen: 48
2a0e:97c7:800::/37 maxlen: 48
2a10:cc42:1000::/40 maxlen: 48
2a10:cc42:1000::/36 maxlen: 48
2a10:cc42:1800::/37 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5c:1e:f8:fb:f1:37:c6:95:a6:62:35:57:01:7b:0a:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 9 11:20:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28a002f7ab830b7b0636d545a24ae88fdf8a81d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:99:c5:13:32:cd:37:04:44:75:33:9b:5d:8a:
ba:7e:65:9d:65:0d:69:4f:50:52:fd:d6:b7:e3:2a:
9f:31:cc:94:e4:6f:ed:c2:3e:f8:52:e2:f5:e1:78:
c5:88:ac:d6:65:a6:bf:3f:94:22:ec:3e:59:02:9f:
49:4a:20:9f:c7:ef:4b:eb:b0:87:cb:3b:09:87:d7:
4e:cd:29:c5:28:5e:f9:05:36:10:88:7d:96:74:37:
6f:6f:a9:f2:a3:6d:82:64:c3:ca:6f:21:40:62:83:
e2:11:34:14:42:a5:71:af:2e:d5:54:5b:41:18:e2:
20:9d:3f:ec:ea:b4:fc:7b:10:96:3d:57:61:b2:9c:
4d:37:0c:dc:1d:7c:58:ab:96:08:7d:e9:b7:e9:ef:
bc:2d:61:d9:23:e5:12:8f:c4:4d:c8:99:ee:85:8f:
36:51:18:6d:55:dd:54:6c:d6:b4:d8:52:ff:5c:a9:
9d:87:49:18:bc:9b:88:54:39:16:6b:9d:72:4c:c0:
d6:c4:5c:9c:7a:a1:0a:a7:d8:1c:13:81:62:a0:75:
d1:45:4f:b6:b9:b7:b6:54:e2:e9:e9:e0:78:67:f0:
9f:4b:6d:35:81:5a:cc:39:c0:3e:f7:64:3d:b7:ed:
ee:ea:2c:f3:bb:a8:59:b0:63:3e:95:86:19:f1:1d:
8c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A0:02:F7:AB:83:0B:7B:06:36:D5:45:A2:4A:E8:8F:DF:8A:81:D4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KKAC96uDC3sGNtVFokroj9-KgdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c1:800::/37
2a0e:97c6:4000::/40
2a0e:97c7:800::/37
2a10:cc42:1000::/36
2a10:cc44:800::/37
Signature Algorithm: sha256WithRSAEncryption
9d:20:bf:2d:f9:dd:54:eb:fa:2b:b8:2d:07:2f:d5:0c:9c:a2:
62:d2:04:6a:6c:50:3a:ac:52:6f:f5:2a:5c:b3:1b:62:78:7f:
f0:5e:ab:8d:59:99:3b:37:90:c4:bb:6c:1c:74:28:34:dc:ea:
8e:cb:bd:78:2c:46:9e:4b:f0:4a:c0:8a:05:18:3b:f7:09:ec:
a6:82:21:9f:c4:84:3b:21:f3:b8:b7:d1:2b:7e:72:d1:09:c9:
0c:ea:59:7a:7d:c8:26:73:9c:89:a0:ec:b3:35:e2:f5:05:cc:
7f:ec:77:f2:2f:e3:8f:b4:d3:cb:49:72:f3:5d:f6:e1:64:b7:
9a:7b:db:5d:4b:f8:22:f6:87:e6:db:3f:e5:3a:34:71:bf:2a:
59:a6:d1:09:d6:6c:f0:32:f2:c1:20:d2:65:c0:d5:56:b8:07:
7f:cd:25:1a:d3:ff:57:13:d8:48:93:30:f6:bb:98:f8:6f:d1:
f2:91:4d:64:30:d8:34:6d:50:86:b2:b3:cd:42:b0:9f:79:24:
1e:48:65:62:24:19:f8:db:22:35:d9:f0:5b:31:f9:c6:73:70:
7f:fe:8f:16:bc:75:9d:d0:8b:51:43:35:6b:9a:78:78:b0:91:
a7:a1:62:1a:f5:33:60:df:70:84:ae:1b:7a:b1:ba:83:cc:a6:
58:65:5f:b4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYRcHvj78TfGlaZiNVcBewpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTA5MTEyMDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGEwMDJmN2FiODMwYjdiMDYzNmQ1NDVhMjRhZTg4ZmRmOGE4MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJnFEzLNNwREdTObXYq6fmWdZQ1p
T1BS/da34yqfMcyU5G/twj74UuL14XjFiKzWZaa/P5Qi7D5ZAp9JSiCfx+9L67CH
yzsJh9dOzSnFKF75BTYQiH2WdDdvb6nyo22CZMPKbyFAYoPiETQUQqVxry7VVFtB
GOIgnT/s6rT8exCWPVdhspxNNwzcHXxYq5YIfem36e+8LWHZI+USj8RNyJnuhY82
URhtVd1UbNa02FL/XKmdh0kYvJuIVDkWa51yTMDWxFyceqEKp9gcE4FioHXRRU+2
ube2VOLp6eB4Z/CfS201gVrMOcA+92Q9t+3u6izzu6hZsGM+lYYZ8R2MpQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCigAvergwt7BjbVRaJK6I/fioHUMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS0tBQzk2dURDM3NHTnRWRm9rcm9qOS1LZ2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoAwYDKg6XwQgD
BgAqDpfGQAMGAyoOl8cIAwYEKhDMQhADBgMqEMxECDANBgkqhkiG9w0BAQsFAAOC
AQEAnSC/LfndVOv6K7gtBy/VDJyiYtIEamxQOqxSb/UqXLMbYnh/8F6rjVmZOzeQ
xLtsHHQoNNzqjsu9eCxGnkvwSsCKBRg79wnspoIhn8SEOyHzuLfRK35y0QnJDOpZ
en3IJnOciaDsszXi9QXMf+x38i/jj7TTy0ly81324WS3mnvbXUv4IvaH5ts/5To0
cb8qWabRCdZs8DLywSDSZcDVVrgHf80lGtP/VxPYSJMw9ruY+G/R8pFNZDDYNG1Q
hrKzzUKwn3kkHkhlYiQZ+NsiNdnwWzH5xnNwf/6PFrx1ndCLUUM1a5p4eLCRp6Fi
GvUzYN9whK4berG6g8ymWGVftA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org