Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/kwChSkpRlLNui2Jal-eaq7PkeQU.roa
File: kwChSkpRlLNui2Jal-eaq7PkeQU.roa (raw, json)
Hash identifier: pEzGRUYO+L0s2kq6cttAjxa2IA2UtFuSOL43yDr5tDI=
Subject key identifier: 93:00:A1:4A:4A:51:94:B3:6E:8B:62:5A:97:E7:9A:AB:B3:E4:79:05
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 0F224779
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/kwChSkpRlLNui2Jal-eaq7PkeQU.roa
Signing time: Sat 01 Jan 2022 12:57:31 +0000
ROA not before: Sat 01 Jan 2022 12:57:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3303
IP address blocks: 2a07:2902:400::/38 maxlen: 38
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 253904761 (0xf224779)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 1 12:57:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9300a14a4a5194b36e8b625a97e79aabb3e47905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:93:f7:55:84:0a:18:12:b6:59:ba:65:e5:ff:
1e:a0:95:0d:45:55:40:15:83:81:ec:44:ff:54:fc:
7f:10:23:65:2f:43:a6:12:29:8d:9e:b4:b5:b4:aa:
45:a6:53:7b:20:ac:97:3b:37:6b:6c:1f:1d:d8:f1:
e6:7c:ab:a9:05:5d:d2:06:89:76:68:cb:d3:73:8e:
2d:fb:43:c1:c7:ff:c0:99:18:5c:a5:3a:a5:9c:d8:
e3:2f:8d:b8:e6:42:0d:60:53:4e:84:78:9c:9f:71:
59:fd:11:1c:14:fd:5f:b4:7a:e3:82:ba:e1:45:f1:
2f:64:05:41:f8:b1:4f:55:f4:04:63:31:5f:fe:f2:
fe:e5:bb:d9:09:39:c2:f5:22:d4:0f:c5:9f:be:dc:
38:d5:d8:5b:cd:8d:35:85:d7:aa:c9:6d:c6:77:de:
34:31:ca:87:74:c0:a5:96:64:bc:68:4d:5a:ee:50:
8b:ff:d8:6c:13:b9:bc:cc:a4:50:b6:cd:c7:88:47:
28:3c:24:fd:2a:97:a1:52:f5:8a:eb:7a:33:74:b2:
6c:b4:14:14:45:fd:a7:94:d0:ae:84:80:c5:3d:38:
5e:d2:ab:a6:f0:6b:18:32:90:5d:0f:1a:e0:24:70:
51:9d:bc:ee:00:a4:1c:0a:47:6a:da:45:9d:57:26:
6c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:00:A1:4A:4A:51:94:B3:6E:8B:62:5A:97:E7:9A:AB:B3:E4:79:05
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/kwChSkpRlLNui2Jal-eaq7PkeQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2902:400::/38
Signature Algorithm: sha256WithRSAEncryption
12:a7:e5:d1:d8:36:ad:cd:00:fa:88:21:a6:fa:d5:b8:d5:a4:
b6:0c:80:c0:f9:bb:88:7f:40:52:b6:fa:f7:cf:b1:f0:83:fd:
11:e0:1e:2a:e4:65:44:cc:cc:db:15:d7:66:02:0d:ee:01:0e:
1d:dc:f6:d1:12:da:f7:75:13:a7:57:b9:29:6a:35:64:ba:6f:
fc:f1:4a:ca:f3:41:a3:24:17:9f:fa:cf:38:6b:af:17:24:58:
44:7f:06:ce:45:5c:bc:d2:1f:29:68:85:18:81:f8:d8:c5:78:
29:6d:a4:48:bd:07:41:22:8d:e5:4b:31:f7:4d:32:8a:d5:b0:
ea:3d:3c:ad:ca:b1:86:41:6a:8d:87:fd:ae:da:58:6c:7a:4e:
33:9e:da:b1:2d:3a:7d:81:1f:48:2e:56:f2:63:7b:3e:6e:5f:
4b:65:c7:50:04:d7:2a:f7:87:f3:a9:10:7c:0a:e8:00:14:78:
a8:d4:d4:cf:53:2d:cd:45:03:40:5a:27:48:1c:81:73:a3:09:
8d:cd:45:e7:1a:a7:93:ca:cd:9e:ec:9c:0c:d9:f1:e6:88:36:
96:f2:c5:3c:b4:88:da:50:80:45:0b:0e:56:99:95:cf:05:8b:
fd:e3:46:f7:37:72:8f:0d:ff:06:44:d2:6f:5a:a0:f6:99:a8:
14:53:92:ec
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEDyJHeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDVjNjgzY2IxZWI5YzBmNDliOTY3ZTNiZDliOGI4NGNmMDk5YmI4MB4XDTIyMDEw
MTEyNTczMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTMwMGExNGE0YTUx
OTRiMzZlOGI2MjVhOTdlNzlhYWJiM2U0NzkwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANuT91WEChgStlm6ZeX/HqCVDUVVQBWDgexE/1T8fxAjZS9D
phIpjZ60tbSqRaZTeyCslzs3a2wfHdjx5nyrqQVd0gaJdmjL03OOLftDwcf/wJkY
XKU6pZzY4y+NuOZCDWBTToR4nJ9xWf0RHBT9X7R644K64UXxL2QFQfixT1X0BGMx
X/7y/uW72Qk5wvUi1A/Fn77cONXYW82NNYXXqsltxnfeNDHKh3TApZZkvGhNWu5Q
i//YbBO5vMykULbNx4hHKDwk/SqXoVL1iut6M3SybLQUFEX9p5TQroSAxT04XtKr
pvBrGDKQXQ8a4CRwUZ287gCkHApHatpFnVcmbP0CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSTAKFKSlGUs26LYlqX55qrs+R5BTAfBgNVHSMEGDAWgBTEXGg8seucD0m5
Z+O9m4uEzwmbuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hGeG9QTEhybkE5SnVXZmp2WnVMaE04Sm03Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvNDM5YTEwLTYwYzQtNGMyOC05MWJmLTg4ZDJkZjEwZDE1Yi8x
L2t3Q2hTa3BSbExOdWkySmFsLWVhcTdQa2VRVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
NDM5YTEwLTYwYzQtNGMyOC05MWJmLTg4ZDJkZjEwZDE1Yi8xL3hGeG9QTEhybkE5
SnVXZmp2WnVMaE04Sm03Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioHKQIEMA0GCSqGSIb3DQEBCwUA
A4IBAQASp+XR2DatzQD6iCGm+tW41aS2DIDA+buIf0BStvr3z7Hwg/0R4B4q5GVE
zMzbFddmAg3uAQ4d3PbREtr3dROnV7kpajVkum/88UrK80GjJBef+s84a68XJFhE
fwbORVy80h8paIUYgfjYxXgpbaRIvQdBIo3lSzH3TTKK1bDqPTytyrGGQWqNh/2u
2lhsek4zntqxLTp9gR9ILlbyY3s+bl9LZcdQBNcq94fzqRB8CugAFHio1NTPUy3N
RQNAWidIHIFzowmNzUXnGqeTys2e7JwM2fHmiDaW8sU8tIjaUIBFCw5WmZXPBYv9
40b3N3KPDf8GRNJvWqD2magUU5Ls
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:54 2024 by rpki-client on console-ams.rpki-client.org