Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KMQ_DLDGio_5jebpMC-WORxp4uE.roa
File: KMQ_DLDGio_5jebpMC-WORxp4uE.roa (raw, json)
Hash identifier: kvvoLnIjlLCwuXCpxht7Zvci52XGbAnUlo3hQOd1KQE=
Subject key identifier: 28:C4:3F:0C:B0:C6:8A:8F:F9:8D:E6:E9:30:2F:96:39:1C:69:E2:E1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182631E4E60B56B05664152E3BA8BE57A11
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KMQ_DLDGio_5jebpMC-WORxp4uE.roa
Signing time: Wed 03 Aug 2022 09:51:46 +0000
ROA not before: Wed 03 Aug 2022 09:51:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203490
IP address blocks: 2a0e:97c0:ba0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:63:1e:4e:60:b5:6b:05:66:41:52:e3:ba:8b:e5:7a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 3 09:51:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28c43f0cb0c68a8ff98de6e9302f96391c69e2e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ce:8e:ac:6c:c3:16:bb:6b:0c:a4:bf:e1:1f:
39:4b:a0:a2:fe:4c:f8:e9:da:82:ae:dc:22:91:5f:
b4:76:52:4a:08:b7:f9:e0:93:94:da:26:63:a0:4a:
70:c1:40:b0:e7:17:46:d6:37:fb:da:a6:8e:bb:eb:
09:92:6b:8f:42:dd:32:d7:5c:77:e2:25:90:06:80:
f3:b4:24:2f:5d:c1:4f:63:61:c6:82:f0:6f:1f:e3:
f0:8c:5d:5d:74:69:10:51:47:e4:3c:7a:0a:fa:40:
1c:ac:18:65:b2:ba:a8:3d:20:e7:8d:53:11:7f:cd:
36:b6:90:cb:ee:b7:60:4e:c3:3d:98:27:c9:f6:0d:
a7:11:bb:82:56:79:79:41:11:0f:37:b0:47:a3:1c:
46:be:b9:e8:f3:db:15:d7:ef:9b:a7:c8:58:5f:16:
d3:d6:b2:cf:12:ea:8f:e9:d9:50:75:e9:c7:20:96:
24:b2:35:54:73:34:39:3f:ea:76:67:bf:d5:54:f4:
5f:bd:41:11:69:c9:b7:94:f9:8a:09:b8:35:84:1a:
aa:a6:4b:cd:72:a5:41:c1:ee:65:3d:7e:9d:6f:ce:
61:b2:3e:65:a7:90:8a:a3:db:04:e2:cf:7d:a3:2b:
a1:de:9d:9b:c2:f8:41:88:54:57:ae:25:1f:16:80:
55:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C4:3F:0C:B0:C6:8A:8F:F9:8D:E6:E9:30:2F:96:39:1C:69:E2:E1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KMQ_DLDGio_5jebpMC-WORxp4uE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:ba0::/44
Signature Algorithm: sha256WithRSAEncryption
9f:ca:70:5e:dd:b8:32:95:f9:cc:86:25:68:57:70:86:d7:1e:
a5:6d:9d:26:69:ab:12:f8:bf:4b:30:c6:36:14:8f:8c:9b:84:
82:00:08:39:35:3e:1d:72:a3:c8:de:76:ab:18:8c:09:1c:8c:
23:95:5f:dc:9f:8b:89:b5:40:ad:82:42:47:17:7f:ff:74:93:
07:98:d1:f3:8c:ac:25:a9:49:ea:b3:5b:42:97:cf:93:53:9e:
00:0d:59:bd:93:e8:f2:ff:f6:9a:ba:0a:ef:b3:3f:52:a2:8c:
3a:c4:18:3d:a9:a8:15:a6:47:6e:97:84:ff:96:79:e6:2a:c4:
33:aa:3a:a2:51:ec:e1:95:e0:bd:b0:2a:c0:e5:e0:05:9f:cf:
de:53:e7:39:63:fa:1f:73:3c:06:70:e3:7e:7d:ef:22:e0:f3:
01:75:33:24:28:24:94:a5:70:8c:27:86:2e:2f:1f:d6:b4:79:
32:4c:d5:75:64:28:de:e1:25:7c:bd:dc:cc:fa:9c:90:30:85:
b0:b5:02:9b:c6:6a:98:8f:b0:52:af:18:59:7e:5b:47:57:c8:
e8:d3:0f:5e:37:44:69:f9:a1:dd:75:42:83:21:f0:85:38:8d:
77:f8:2d:0f:58:59:2b:16:3c:47:4d:3a:ad:42:7a:1f:ba:b7:
25:34:37:88
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYJjHk5gtWsFZkFS47qL5XoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODAzMDk1MTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM0M2YwY2IwYzY4YThmZjk4ZGU2ZTkzMDJmOTYzOTFjNjllMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv86OrGzDFrtrDKS/4R85S6Ci/kz4
6dqCrtwikV+0dlJKCLf54JOU2iZjoEpwwUCw5xdG1jf72qaOu+sJkmuPQt0y11x3
4iWQBoDztCQvXcFPY2HGgvBvH+PwjF1ddGkQUUfkPHoK+kAcrBhlsrqoPSDnjVMR
f802tpDL7rdgTsM9mCfJ9g2nEbuCVnl5QREPN7BHoxxGvrno89sV1++bp8hYXxbT
1rLPEuqP6dlQdenHIJYksjVUczQ5P+p2Z7/VVPRfvUERacm3lPmKCbg1hBqqpkvN
cqVBwe5lPX6db85hsj5lp5CKo9sE4s99oyuh3p2bwvhBiFRXriUfFoBVqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCjEPwywxoqP+Y3m6TAvljkcaeLhMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS01RX0RMREdpb181amVicE1DLVdPUnhwNHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAug
MA0GCSqGSIb3DQEBCwUAA4IBAQCfynBe3bgylfnMhiVoV3CG1x6lbZ0maasS+L9L
MMY2FI+Mm4SCAAg5NT4dcqPI3narGIwJHIwjlV/cn4uJtUCtgkJHF3//dJMHmNHz
jKwlqUnqs1tCl8+TU54ADVm9k+jy//aaugrvsz9Soow6xBg9qagVpkdul4T/lnnm
KsQzqjqiUezhleC9sCrA5eAFn8/eU+c5Y/ofczwGcON+fe8i4PMBdTMkKCSUpXCM
J4YuLx/WtHkyTNV1ZCje4SV8vdzM+pyQMIWwtQKbxmqYj7BSrxhZfltHV8jo0w9e
N0Rp+aHddUKDIfCFOI13+C0PWFkrFjxHTTqtQnofurclNDeI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:58 2023 by rpki-client on console-ams.rpki-client.org