Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/UkfZMVhiDRBJhW-A5FCL6bncAHc.roa
File: UkfZMVhiDRBJhW-A5FCL6bncAHc.roa (raw, json)
Hash identifier: kKQuzqhZZlQNozznflmPXTUOH7QTZDAn11h5bjREFTA=
Subject key identifier: 52:47:D9:31:58:62:0D:10:49:85:6F:80:E4:50:8B:E9:B9:DC:00:77
Certificate issuer: /CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Certificate serial: 0F247805
Authority key identifier: 5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/UkfZMVhiDRBJhW-A5FCL6bncAHc.roa
Signing time: Sat 01 Jan 2022 04:52:26 +0000
ROA not before: Sat 01 Jan 2022 04:52:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 2a06:6541:2002::/48 maxlen: 48
2a06:6540:2002::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 254048261 (0xf247805)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Validity
Not Before: Jan 1 04:52:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5247d93158620d1049856f80e4508be9b9dc0077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:38:a5:92:cd:bb:9a:2c:98:54:2a:eb:7b:4a:
cb:10:d4:5f:56:e1:47:f7:1f:d6:79:f7:d8:06:1d:
02:ac:69:ae:84:3e:9b:6b:54:be:23:73:60:1f:f7:
df:bb:31:cc:ad:49:98:ad:b8:7a:a3:d8:9f:49:4a:
78:f5:8b:76:e1:db:d9:98:87:b7:ef:3a:70:34:52:
f7:f4:60:30:ef:c5:58:c2:a8:f5:6d:be:66:ec:e5:
1d:7d:6b:60:76:20:60:62:43:b3:a0:af:0a:37:b3:
97:d1:f1:09:a7:4e:e6:d1:d8:43:e9:ff:4b:eb:0b:
6f:ea:fe:2b:38:f9:5a:49:55:8d:62:7f:73:83:c3:
01:34:21:9e:22:9a:c3:59:5c:76:11:3c:32:fc:14:
53:e5:68:e5:f2:02:21:41:a0:3d:e0:d9:e4:98:8e:
b8:39:b0:40:68:9d:90:5d:c3:a4:da:a0:04:2b:19:
aa:a3:02:20:c2:b8:35:42:94:a7:2e:6f:1b:18:35:
d1:f1:cb:ee:2a:bc:27:0e:a9:6f:50:ea:c2:63:df:
2c:0b:60:de:69:5c:39:29:20:78:1e:e1:90:0a:aa:
ad:0f:65:58:d7:b0:33:b2:4e:0b:46:92:99:e9:9c:
77:85:ae:18:fa:43:a3:77:48:43:ab:a4:87:e6:3c:
8f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:47:D9:31:58:62:0D:10:49:85:6F:80:E4:50:8B:E9:B9:DC:00:77
X509v3 Authority Key Identifier:
keyid:5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/UkfZMVhiDRBJhW-A5FCL6bncAHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:6540:2002::/48
2a06:6541:2002::/48
Signature Algorithm: sha256WithRSAEncryption
1a:d5:25:2d:8b:dc:c9:84:91:06:4f:ea:50:2c:8a:97:99:a1:
ce:41:63:ed:d2:97:61:ee:d7:f9:9a:79:3a:2a:d6:d3:fc:2a:
35:f6:19:e7:f2:4c:0e:85:c7:32:30:c5:57:0d:e0:fa:39:f5:
f6:df:0f:6c:46:b6:dc:01:87:11:dd:3f:ac:d7:e6:d5:ba:cc:
d4:7f:c1:7f:9a:08:2f:fc:bf:bf:f6:56:22:5c:d5:1e:1c:6e:
e2:92:10:82:75:52:d1:ac:b3:1d:9c:1f:19:4d:83:40:d6:28:
a4:31:83:70:41:20:82:f8:e9:5c:74:7e:ec:0e:87:73:56:d0:
d6:9d:84:e4:3b:f9:ec:e8:60:92:2e:a4:71:12:47:10:73:27:
be:44:87:ac:ea:83:f2:d3:87:3a:cd:2a:e8:82:dd:ec:e5:af:
3e:81:90:aa:cf:71:b8:82:7f:3e:be:33:3f:b2:d5:ee:2e:77:
65:68:f6:7d:ed:32:fb:32:bb:28:7f:8e:4a:06:24:8f:72:c7:
8c:15:61:6c:f6:6b:e3:eb:40:b7:75:c6:8e:08:a4:8a:df:07:
ca:9c:4f:67:9a:9e:27:f9:08:47:6a:96:27:8c:37:c3:0a:06:
df:a2:08:27:1c:cf:aa:72:54:9a:c6:dd:6c:b7:83:ea:57:f4:
35:9a:4d:d3
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDyR4BTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YWM0NjZjYzg5ZjlkYjRlMzFjNTQwMGQyYWU3YTJiZmZkYjIyNTQ3MB4XDTIyMDEw
MTA0NTIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTI0N2Q5MzE1ODYy
MGQxMDQ5ODU2ZjgwZTQ1MDhiZTliOWRjMDA3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJw4pZLNu5osmFQq63tKyxDUX1bhR/cf1nn32AYdAqxproQ+
m2tUviNzYB/337sxzK1JmK24eqPYn0lKePWLduHb2ZiHt+86cDRS9/RgMO/FWMKo
9W2+ZuzlHX1rYHYgYGJDs6CvCjezl9HxCadO5tHYQ+n/S+sLb+r+Kzj5WklVjWJ/
c4PDATQhniKaw1lcdhE8MvwUU+Vo5fICIUGgPeDZ5JiOuDmwQGidkF3DpNqgBCsZ
qqMCIMK4NUKUpy5vGxg10fHL7iq8Jw6pb1DqwmPfLAtg3mlcOSkgeB7hkAqqrQ9l
WNewM7JOC0aSmemcd4WuGPpDo3dIQ6ukh+Y8j60CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRSR9kxWGINEEmFb4DkUIvpudwAdzAfBgNVHSMEGDAWgBRaxGbMifnbTjHF
QA0q56K//bIlRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dzUm16SW41MjA0eHhVQU5LdWVpdl8yeUpVYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvZTI5Yzg3LTQ2ODMtNDQzZS04ODNmLTlhYmQxYWE2NGJlMS8x
L1VrZlpNVmhpRFJCSmhXLUE1RkNMNmJuY0FIYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
ZTI5Yzg3LTQ2ODMtNDQzZS04ODNmLTlhYmQxYWE2NGJlMS8xL1dzUm16SW41MjA0
eHhVQU5LdWVpdl8yeUpVYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoGZUAgAgMHACoGZUEgAjANBgkq
hkiG9w0BAQsFAAOCAQEAGtUlLYvcyYSRBk/qUCyKl5mhzkFj7dKXYe7X+Zp5OirW
0/wqNfYZ5/JMDoXHMjDFVw3g+jn19t8PbEa23AGHEd0/rNfm1brM1H/Bf5oIL/y/
v/ZWIlzVHhxu4pIQgnVS0ayzHZwfGU2DQNYopDGDcEEggvjpXHR+7A6Hc1bQ1p2E
5Dv57Ohgki6kcRJHEHMnvkSHrOqD8tOHOs0q6ILd7OWvPoGQqs9xuIJ/Pr4zP7LV
7i53ZWj2fe0y+zK7KH+OSgYkj3LHjBVhbPZr4+tAt3XGjgikit8HypxPZ5qeJ/kI
R2qWJ4w3wwoG36IIJxzPqnJUmsbdbLeD6lf0NZpN0w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:17 2023 by rpki-client on console-ams.rpki-client.org