Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ksid380WHNCyp9bm7GRCycS9on0.roa
File: Ksid380WHNCyp9bm7GRCycS9on0.roa (raw, json)
Hash identifier: fa4W7Z8bPagxVlk8NnL6g6bL6qJ9VXCKDndSXntmJhQ=
Subject key identifier: 2A:C8:9D:DF:CD:16:1C:D0:B2:A7:D6:E6:EC:64:42:C9:C4:BD:A2:7D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 13F7ED0F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ksid380WHNCyp9bm7GRCycS9on0.roa
Signing time: Sat 23 Apr 2022 04:57:41 +0000
ROA not before: Sat 23 Apr 2022 04:57:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213312
IP address blocks: 2a0e:b107:1a40::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 335015183 (0x13f7ed0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 23 04:57:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ac89ddfcd161cd0b2a7d6e6ec6442c9c4bda27d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0c:72:c3:78:6a:aa:c3:e2:ad:bb:0d:2c:08:
b3:43:3a:4e:21:d2:a8:ef:7f:c6:24:81:04:f7:7c:
89:c7:3c:68:33:99:0a:6c:97:55:82:1c:12:96:94:
96:73:5d:06:a1:aa:8c:12:3e:66:32:d8:a5:d9:67:
06:ea:b2:c8:a0:71:83:5e:6b:c7:54:c4:24:51:c7:
5e:be:f0:3e:bd:35:36:4c:f7:4b:f1:d6:1c:b3:2d:
40:a8:9c:f7:1d:f6:98:c7:3f:82:ef:c9:29:22:a8:
e5:fd:92:3a:8d:08:88:f7:44:ae:fe:33:a9:18:75:
6e:99:e6:73:cd:20:6e:30:a7:ec:92:20:d5:03:fc:
c0:52:3b:c3:1b:5a:73:7a:96:c8:a3:39:a6:de:ac:
db:24:fa:80:f6:25:c9:b9:92:88:04:97:f4:44:24:
9f:c0:4d:a0:be:cc:1c:93:c1:26:4d:ff:69:17:d6:
e1:33:97:1c:41:05:e6:8a:44:a4:4e:2d:04:fc:6c:
6c:d0:4d:54:00:df:13:10:61:f0:b6:96:f2:73:df:
fe:fa:9a:f1:83:69:58:05:bb:7f:dd:75:6f:04:23:
29:8d:e5:74:de:e1:58:ce:24:2c:b6:3f:bc:6e:90:
d9:2f:7c:0d:97:d6:c8:d1:d4:c5:01:33:69:3c:af:
d2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C8:9D:DF:CD:16:1C:D0:B2:A7:D6:E6:EC:64:42:C9:C4:BD:A2:7D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ksid380WHNCyp9bm7GRCycS9on0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1a40::/44
Signature Algorithm: sha256WithRSAEncryption
20:c7:5b:1b:ff:62:e7:1d:79:fc:10:a9:03:29:cb:a8:54:87:
31:24:eb:27:52:f6:22:0c:99:51:3b:90:a2:cf:75:4f:f4:45:
b9:72:92:4a:18:7c:be:2a:d9:db:9b:91:60:35:00:43:87:e6:
d7:37:53:3f:68:bd:01:c4:04:2f:b0:00:49:b1:67:5c:fb:bc:
b0:07:6b:77:81:09:a2:df:45:93:87:7d:11:d9:3d:5d:f9:ca:
0a:85:51:9e:d0:35:fb:4f:c3:d2:96:48:28:32:8a:aa:b3:d3:
ac:e8:14:6d:76:61:b0:1a:bd:20:c5:5b:4e:46:2f:9e:ae:75:
c1:0b:6d:d8:5f:e3:b9:9a:73:7c:4f:c5:54:3b:1d:49:64:e9:
5e:dd:bb:a6:2c:1b:a8:22:d3:4a:2a:54:1a:c1:dd:dd:13:ec:
30:69:48:73:bd:1e:d2:c8:ba:c6:d5:7e:97:93:e3:c5:8d:59:
ab:3b:30:b6:52:95:77:c0:73:aa:bf:d0:3c:c3:36:af:4a:73:
d4:ef:16:ac:1e:71:bd:fb:06:f9:c1:38:08:10:3e:f7:e3:d5:
47:ad:a3:fc:8a:cf:ea:89:48:c8:26:53:77:fc:0f:78:65:fe:
ff:1b:a0:7f:77:9e:a7:fc:eb:fb:f3:11:23:00:85:ea:73:f1:
40:40:62:44
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEE/ftDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDQy
MzA0NTc0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFjODlkZGZjZDE2
MWNkMGIyYTdkNmU2ZWM2NDQyYzljNGJkYTI3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwMcsN4aqrD4q27DSwIs0M6TiHSqO9/xiSBBPd8icc8aDOZ
CmyXVYIcEpaUlnNdBqGqjBI+ZjLYpdlnBuqyyKBxg15rx1TEJFHHXr7wPr01Nkz3
S/HWHLMtQKic9x32mMc/gu/JKSKo5f2SOo0IiPdErv4zqRh1bpnmc80gbjCn7JIg
1QP8wFI7wxtac3qWyKM5pt6s2yT6gPYlybmSiASX9EQkn8BNoL7MHJPBJk3/aRfW
4TOXHEEF5opEpE4tBPxsbNBNVADfExBh8LaW8nPf/vqa8YNpWAW7f911bwQjKY3l
dN7hWM4kLLY/vG6Q2S98DZfWyNHUxQEzaTyv0rECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQqyJ3fzRYc0LKn1ubsZELJxL2ifTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L0tzaWQzODBXSE5DeXA5Ym03R1JDeWNTOW9uMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOsQcaQDANBgkqhkiG9w0BAQsF
AAOCAQEAIMdbG/9i5x15/BCpAynLqFSHMSTrJ1L2IgyZUTuQos91T/RFuXKSShh8
virZ25uRYDUAQ4fm1zdTP2i9AcQEL7AASbFnXPu8sAdrd4EJot9Fk4d9Edk9XfnK
CoVRntA1+0/D0pZIKDKKqrPTrOgUbXZhsBq9IMVbTkYvnq51wQtt2F/juZpzfE/F
VDsdSWTpXt27piwbqCLTSipUGsHd3RPsMGlIc70e0si6xtV+l5PjxY1ZqzswtlKV
d8Bzqr/QPMM2r0pz1O8WrB5xvfsG+cE4CBA+9+PVR62j/IrP6olIyCZTd/wPeGX+
/xugf3eep/zr+/MRIwCF6nPxQEBiRA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org