Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KVyk0sknpAKYDn-6aFvpWeOUoaY.roa
File: KVyk0sknpAKYDn-6aFvpWeOUoaY.roa (raw, json)
Hash identifier: 4uJKH96xECLPQppUDM/tNA/K15M4mjPTj0gUGh3mvkg=
Subject key identifier: 29:5C:A4:D2:C9:27:A4:02:98:0E:7F:BA:68:5B:E9:59:E3:94:A1:A6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182DC76CF1566AACD7893D7194F510D4811
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KVyk0sknpAKYDn-6aFvpWeOUoaY.roa
Signing time: Fri 26 Aug 2022 23:22:29 +0000
ROA not before: Fri 26 Aug 2022 23:22:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212120
IP address blocks: 2a0e:b107:eb0::/48 maxlen: 48
2a0e:b107:ebf::/48 maxlen: 48
2a0e:b107:eb1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:dc:76:cf:15:66:aa:cd:78:93:d7:19:4f:51:0d:48:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 26 23:22:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=295ca4d2c927a402980e7fba685be959e394a1a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:61:0c:41:48:bf:b5:f3:95:ea:89:05:2d:b0:
23:d0:47:b2:46:db:df:03:d9:4e:bd:ea:78:cf:1a:
16:29:48:64:b2:a0:a9:31:0d:36:f1:40:0d:b9:d9:
13:0e:6b:99:a7:69:6c:e1:d9:18:df:92:0d:71:f6:
03:b5:ec:08:07:3a:34:fc:b4:d9:7a:73:6c:b2:31:
3c:ca:4a:49:b5:43:3b:0e:7f:75:47:4f:87:81:22:
e9:44:71:86:ee:92:a2:be:c2:e8:41:40:6d:2e:38:
9f:af:26:e0:13:64:a0:81:a1:b9:ce:47:05:a2:fd:
a1:8d:8d:c6:e6:fc:d6:95:6d:cc:1a:35:36:23:6f:
4d:4e:6a:0b:44:5f:d0:cc:56:cb:ed:02:bc:ca:1c:
2c:9a:08:a4:70:72:46:94:03:18:a5:b0:2c:d7:ff:
c7:f6:25:a2:81:f8:96:1d:22:7c:0c:9b:dd:ef:8f:
a9:60:f9:84:9a:bf:d8:a9:10:cc:a5:95:4a:42:2e:
f9:91:99:f8:56:9f:38:dd:a9:43:44:9f:72:68:a8:
f1:73:7e:64:ec:55:54:97:4b:51:7b:2f:f0:b4:95:
c8:0b:98:07:ff:bb:9d:41:b0:07:8c:ea:71:dd:ce:
43:e4:bd:86:ff:8b:d0:40:b2:44:79:64:e5:b3:33:
4a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5C:A4:D2:C9:27:A4:02:98:0E:7F:BA:68:5B:E9:59:E3:94:A1:A6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KVyk0sknpAKYDn-6aFvpWeOUoaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:eb0::/47
2a0e:b107:ebf::/48
Signature Algorithm: sha256WithRSAEncryption
7c:22:9f:7d:24:fb:91:a9:3a:98:80:51:c4:e7:4e:61:4b:ae:
6b:22:f2:02:99:73:44:e6:e1:46:5d:af:09:9f:1b:6e:c6:08:
16:d6:ed:64:c6:08:22:30:af:00:ea:79:45:c9:4e:d5:0e:dc:
4e:ed:79:84:fd:d9:3a:a3:e1:18:e3:f4:59:d4:a7:17:0d:bf:
e6:80:83:bb:e3:ae:36:36:4f:98:e8:be:4e:f9:d1:56:8a:20:
aa:56:31:95:de:2e:a8:4c:b8:ac:26:b5:95:6f:07:48:a8:91:
08:91:ed:b4:52:ca:b5:bd:ca:72:4d:47:60:0a:51:99:32:04:
70:68:90:42:63:60:9e:63:87:d9:20:71:56:cc:12:a4:c7:fc:
84:c2:97:28:36:3c:69:3c:42:63:e8:ab:11:e7:64:21:7d:de:
5a:5f:88:13:8b:f2:ea:fe:e5:96:a2:0c:dd:9e:43:04:40:99:
c5:67:15:8d:9f:c8:b6:ab:07:54:ca:33:65:c4:87:19:65:93:
ba:69:29:87:84:ba:3c:21:c5:80:97:ca:ff:4f:3e:34:dc:5b:
ef:53:06:4c:2a:b6:24:52:1e:93:ef:f1:43:7d:76:78:b6:54:
bf:24:9a:c2:af:32:6f:16:b8:27:3b:f4:bb:f8:d7:5e:b6:5a:
67:7b:f6:7b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLcds8VZqrNeJPXGU9RDUgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODI2MjMyMjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTVjYTRkMmM5MjdhNDAyOTgwZTdmYmE2ODViZTk1OWUzOTRhMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2EMQUi/tfOV6okFLbAj0EeyRtvf
A9lOvep4zxoWKUhksqCpMQ028UANudkTDmuZp2ls4dkY35INcfYDtewIBzo0/LTZ
enNssjE8ykpJtUM7Dn91R0+HgSLpRHGG7pKivsLoQUBtLjifrybgE2SggaG5zkcF
ov2hjY3G5vzWlW3MGjU2I29NTmoLRF/QzFbL7QK8yhwsmgikcHJGlAMYpbAs1//H
9iWigfiWHSJ8DJvd74+pYPmEmr/YqRDMpZVKQi75kZn4Vp843alDRJ9yaKjxc35k
7FVUl0tRey/wtJXIC5gH/7udQbAHjOpx3c5D5L2G/4vQQLJEeWTlszNKbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFClcpNLJJ6QCmA5/umhb6VnjlKGmMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS1Z5azBza25wQUtZRG4tNmFGdnBXZU9Vb2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKg6xBw6w
AwcAKg6xBw6/MA0GCSqGSIb3DQEBCwUAA4IBAQB8Ip99JPuRqTqYgFHE505hS65r
IvICmXNE5uFGXa8JnxtuxggW1u1kxggiMK8A6nlFyU7VDtxO7XmE/dk6o+EY4/RZ
1KcXDb/mgIO74642Nk+Y6L5O+dFWiiCqVjGV3i6oTLisJrWVbwdIqJEIke20Usq1
vcpyTUdgClGZMgRwaJBCY2CeY4fZIHFWzBKkx/yEwpcoNjxpPEJj6KsR52Qhfd5a
X4gTi/Lq/uWWogzdnkMEQJnFZxWNn8i2qwdUyjNlxIcZZZO6aSmHhLo8IcWAl8r/
Tz403FvvUwZMKrYkUh6T7/FDfXZ4tlS/JJrCrzJvFrgnO/S7+Ndetlpne/Z7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org