Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KmOohsR-OZ0MABT9V4REfSs5_MU.roa
File: KmOohsR-OZ0MABT9V4REfSs5_MU.roa (raw, json)
Hash identifier: cZ3f7smKem6KWj34dJcB5vlcMESSbYJYS8JKf1hVh+Q=
Subject key identifier: 2A:63:A8:86:C4:7E:39:9D:0C:00:14:FD:57:84:44:7D:2B:39:FC:C5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 10DE27A2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KmOohsR-OZ0MABT9V4REfSs5_MU.roa
Signing time: Sat 01 Jan 2022 09:05:45 +0000
ROA not before: Sat 01 Jan 2022 09:05:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212271
IP address blocks: 2a0e:97c0:210::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 282994594 (0x10de27a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 09:05:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a63a886c47e399d0c0014fd5784447d2b39fcc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:75:19:12:b4:44:6d:99:b8:31:28:d5:4b:c6:
4d:cc:d2:4d:53:74:67:b2:38:28:fe:a1:6f:ac:ba:
c4:e5:c1:ea:6a:12:ca:6c:ee:46:af:e9:b1:46:a7:
70:69:6b:96:4d:b0:23:d1:84:ec:e1:6c:3c:ab:09:
5a:77:c2:70:95:2a:35:1d:3b:32:ba:21:60:15:28:
03:02:0d:36:c5:44:5a:9c:cf:36:59:ab:6f:a0:0d:
45:02:55:ff:7b:e1:69:3f:6c:ae:00:b9:ff:4c:b0:
ff:f0:54:35:4e:68:4f:aa:68:0b:00:2c:78:47:7c:
fb:d9:8e:4c:d6:18:28:3c:f8:ac:c9:2b:ad:2f:51:
9a:ca:62:76:56:a8:b1:97:2c:43:cf:90:cf:ac:f9:
4b:c5:09:24:a0:89:ea:23:c3:1b:cf:20:47:ad:a9:
08:94:ae:43:84:f1:b7:4c:2c:84:98:49:1c:9b:8b:
c3:9a:ca:ae:35:f9:db:72:b5:9c:e5:50:a0:4d:14:
bc:94:da:bc:3c:ad:2c:ec:a6:92:9c:e9:6a:c9:f2:
3c:18:a2:4c:b3:45:05:4b:10:f1:76:f3:9e:8a:43:
a1:5f:c1:88:2c:f6:5a:a3:39:a7:42:f5:b0:e7:41:
a9:b9:d0:4e:e4:4e:1a:bb:3b:a2:a7:f8:71:aa:bf:
84:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:63:A8:86:C4:7E:39:9D:0C:00:14:FD:57:84:44:7D:2B:39:FC:C5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KmOohsR-OZ0MABT9V4REfSs5_MU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:210::/44
Signature Algorithm: sha256WithRSAEncryption
89:b2:08:17:91:5e:c9:cd:82:36:c0:c0:94:70:8a:f1:b1:8f:
e7:81:26:84:29:f1:44:10:73:cb:60:1c:89:01:4c:be:cf:90:
60:79:bc:ea:9c:7b:5c:33:c9:fb:1a:58:14:ba:79:87:e8:89:
e9:d8:ca:ab:56:c9:34:cf:bd:0e:9a:de:0f:50:bf:55:a6:2a:
c7:2e:77:e5:b6:b4:5f:8e:40:18:01:d3:65:8b:9f:4c:68:29:
5f:64:45:64:bc:6d:e2:f2:4e:aa:db:95:cd:39:e9:47:f8:fb:
73:0e:53:3a:73:e1:9a:71:96:1a:88:3a:b2:ec:a0:05:ac:8a:
7a:7c:78:f8:f4:be:cb:40:ab:b3:80:ba:61:ee:47:42:b3:f1:
4d:d8:3a:11:0f:60:cf:10:3f:e1:33:a0:9c:e5:81:c2:ff:71:
00:b3:f7:78:d9:d2:91:e0:33:68:aa:22:15:44:ab:37:70:61:
6e:5d:27:9e:3c:f1:90:d8:3d:57:bc:e7:57:92:68:7b:81:4f:
4b:c2:c2:77:aa:7e:f9:e4:1a:e6:9d:99:08:6e:a2:ca:01:28:
a5:b5:52:12:f7:ad:84:93:08:ce:5b:69:16:bd:1c:aa:a1:ab:
56:7a:c8:87:33:72:27:89:03:d0:03:d4:fd:f8:83:a5:85:c8:
8c:af:a0:70
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEN4nojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
MTA5MDU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE2M2E4ODZjNDdl
Mzk5ZDBjMDAxNGZkNTc4NDQ0N2QyYjM5ZmNjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ11GRK0RG2ZuDEo1UvGTczSTVN0Z7I4KP6hb6y6xOXB6moS
ymzuRq/psUancGlrlk2wI9GE7OFsPKsJWnfCcJUqNR07MrohYBUoAwINNsVEWpzP
Nlmrb6ANRQJV/3vhaT9srgC5/0yw//BUNU5oT6poCwAseEd8+9mOTNYYKDz4rMkr
rS9RmspidlaosZcsQ8+Qz6z5S8UJJKCJ6iPDG88gR62pCJSuQ4Txt0wshJhJHJuL
w5rKrjX523K1nOVQoE0UvJTavDytLOymkpzpasnyPBiiTLNFBUsQ8XbznopDoV/B
iCz2WqM5p0L1sOdBqbnQTuROGrs7oqf4caq/hMcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQqY6iGxH45nQwAFP1XhER9Kzn8xTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0ttT29oc1ItT1owTUFCVDlWNFJFZlNzNV9NVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOl8ACEDANBgkqhkiG9w0BAQsF
AAOCAQEAibIIF5Feyc2CNsDAlHCK8bGP54EmhCnxRBBzy2AciQFMvs+QYHm86px7
XDPJ+xpYFLp5h+iJ6djKq1bJNM+9DpreD1C/VaYqxy535ba0X45AGAHTZYufTGgp
X2RFZLxt4vJOqtuVzTnpR/j7cw5TOnPhmnGWGog6suygBayKenx4+PS+y0Crs4C6
Ye5HQrPxTdg6EQ9gzxA/4TOgnOWBwv9xALP3eNnSkeAzaKoiFUSrN3Bhbl0nnjzx
kNg9V7znV5Joe4FPS8LCd6p++eQa5p2ZCG6iygEopbVSEvethJMIzltpFr0cqqGr
VnrIhzNyJ4kD0APU/fiDpYXIjK+gcA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org