Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KkbbJcJ7WQCiBayqChAeCHnbkUY.roa
File: KkbbJcJ7WQCiBayqChAeCHnbkUY.roa (raw, json)
Hash identifier: IFhM6Dt1ksAkJ/zCnu7/y3R2I72HXUAqfcVYntkCm5w=
Subject key identifier: 2A:46:DB:25:C2:7B:59:00:A2:05:AC:AA:0A:10:1E:08:79:DB:91:46
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182470014E8872784FE62252C5D5DABCBA1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KkbbJcJ7WQCiBayqChAeCHnbkUY.roa
Signing time: Thu 28 Jul 2022 22:49:23 +0000
ROA not before: Thu 28 Jul 2022 22:49:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203790
IP address blocks: 2a0e:97c0:460::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:47:00:14:e8:87:27:84:fe:62:25:2c:5d:5d:ab:cb:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 28 22:49:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a46db25c27b5900a205acaa0a101e0879db9146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c7:34:fd:3b:0d:01:97:96:28:81:4b:02:a4:
11:c3:f4:9e:21:1b:22:dd:45:2b:bb:0c:ce:10:33:
1b:42:4d:24:95:71:b0:1f:5d:b3:94:e8:d8:e2:af:
c7:1e:d8:23:90:54:e8:c1:d3:55:b5:55:cd:f9:48:
4a:c7:d7:92:3f:1c:4e:aa:36:10:b3:da:07:93:c0:
9f:b3:1a:bc:75:7e:0a:2a:e3:86:f7:3e:e8:8a:55:
ea:bd:64:14:54:66:9a:3c:2b:16:49:58:b0:17:08:
a4:90:02:cf:9a:36:39:c8:27:1b:e5:a5:62:8a:39:
1a:fa:91:06:04:b2:6d:31:04:c5:fa:68:fb:5f:65:
76:70:58:b9:b5:4b:ee:f1:40:d2:27:90:84:28:0f:
97:7b:e4:7b:82:26:09:27:24:2a:c0:2c:c3:48:45:
0a:72:7c:e6:52:be:d8:ee:bf:a4:49:a5:6f:cc:b9:
b0:2e:3b:5a:82:a5:72:03:e0:cc:a0:0d:02:36:35:
6d:e6:e2:27:48:f7:e1:e9:c7:9f:60:4f:53:41:b3:
7c:ce:d2:fd:c4:00:20:7d:58:f8:f3:4c:1e:4f:06:
ce:20:9e:b6:6f:e1:75:40:d9:a1:83:bb:7f:6d:72:
be:27:10:1f:b0:70:56:5e:22:47:1f:6b:58:25:c6:
6f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:46:DB:25:C2:7B:59:00:A2:05:AC:AA:0A:10:1E:08:79:DB:91:46
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KkbbJcJ7WQCiBayqChAeCHnbkUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:460::/44
Signature Algorithm: sha256WithRSAEncryption
21:44:9e:6e:e2:ec:bf:8a:ca:36:7f:ba:eb:27:73:42:ff:fa:
b9:3d:6b:d1:05:22:d2:40:91:b7:1a:da:95:b7:12:df:07:3e:
8e:a3:72:5b:fc:d6:6a:f1:4c:6d:07:62:6e:ae:7f:03:62:4c:
0c:b5:5c:db:9e:cd:11:eb:ca:64:13:59:19:36:89:4a:c8:a7:
e2:7a:51:c3:3a:65:28:c6:f5:ce:f5:6c:3a:32:f7:88:fa:6f:
e8:39:51:3b:ea:5c:10:3d:63:aa:e6:b4:eb:1b:f5:1b:f4:f4:
87:52:5a:7b:28:03:81:cd:06:66:34:cc:9c:3e:48:dd:fd:c6:
2d:56:55:d4:3b:22:8c:4d:39:23:dc:d2:0c:2a:27:aa:9e:b0:
8b:52:fe:87:a7:58:0b:f4:86:c5:c0:d3:38:d5:55:1b:e3:32:
e5:8f:a9:bd:28:54:bb:41:3c:f5:ed:99:75:8c:18:d4:6c:84:
de:f3:f6:d0:00:ea:15:cf:4e:69:5d:a7:27:ed:f8:b4:12:85:
59:f0:e8:3b:7e:08:fe:1f:fc:e4:e6:0e:57:38:86:79:97:13:
be:61:10:6c:46:6e:de:ee:a6:6c:e6:07:df:26:d7:75:81:44:
9c:5c:be:ef:ee:5f:89:48:c5:59:13:80:2a:f5:dc:d9:95:48:
b0:1b:bd:7e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYJHABTohyeE/mIlLF1dq8uhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzI4MjI0OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQ2ZGIyNWMyN2I1OTAwYTIwNWFjYWEwYTEwMWUwODc5ZGI5MTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMc0/TsNAZeWKIFLAqQRw/SeIRsi
3UUruwzOEDMbQk0klXGwH12zlOjY4q/HHtgjkFTowdNVtVXN+UhKx9eSPxxOqjYQ
s9oHk8Cfsxq8dX4KKuOG9z7oilXqvWQUVGaaPCsWSViwFwikkALPmjY5yCcb5aVi
ijka+pEGBLJtMQTF+mj7X2V2cFi5tUvu8UDSJ5CEKA+Xe+R7giYJJyQqwCzDSEUK
cnzmUr7Y7r+kSaVvzLmwLjtagqVyA+DMoA0CNjVt5uInSPfh6cefYE9TQbN8ztL9
xAAgfVj480weTwbOIJ62b+F1QNmhg7t/bXK+JxAfsHBWXiJHH2tYJcZvtQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCpG2yXCe1kAogWsqgoQHgh525FGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS2tiYkpjSjdXUUNpQmF5cUNoQWVDSG5ia1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwARg
MA0GCSqGSIb3DQEBCwUAA4IBAQAhRJ5u4uy/iso2f7rrJ3NC//q5PWvRBSLSQJG3
GtqVtxLfBz6Oo3Jb/NZq8UxtB2Jurn8DYkwMtVzbns0R68pkE1kZNolKyKfielHD
OmUoxvXO9Ww6MveI+m/oOVE76lwQPWOq5rTrG/Ub9PSHUlp7KAOBzQZmNMycPkjd
/cYtVlXUOyKMTTkj3NIMKieqnrCLUv6Hp1gL9IbFwNM41VUb4zLlj6m9KFS7QTz1
7Zl1jBjUbITe8/bQAOoVz05pXacn7fi0EoVZ8Og7fgj+H/zk5g5XOIZ5lxO+YRBs
Rm7e7qZs5gffJtd1gUScXL7v7l+JSMVZE4Aq9dzZlUiwG71+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:58 2023 by rpki-client on console-ams.rpki-client.org