Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/KErZ-zwwwHw6dIwaEbr_hx0sPNo.roa
File: KErZ-zwwwHw6dIwaEbr_hx0sPNo.roa (raw, json)
Hash identifier: KRdoWtLSMYUcqqfthKyhbW+OoItFHcN0ZtVHtfjtxUY=
Subject key identifier: 28:4A:D9:FB:3C:30:C0:7C:3A:74:8C:1A:11:BA:FF:87:1D:2C:3C:DA
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 377DD099
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/KErZ-zwwwHw6dIwaEbr_hx0sPNo.roa
Signing time: Mon 10 Jan 2022 13:19:03 +0000
ROA not before: Mon 10 Jan 2022 13:19:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60084
IP address blocks: 2a00:ab00:7000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 930992281 (0x377dd099)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Jan 10 13:19:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=284ad9fb3c30c07c3a748c1a11baff871d2c3cda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:82:70:73:05:05:3c:f6:73:28:67:61:af:02:
1f:01:be:39:ec:45:68:a9:67:92:a0:aa:b3:9c:8d:
42:f4:e9:03:2b:43:0b:d8:16:94:5d:4c:8e:cd:12:
7a:b9:cc:f7:b5:2a:3e:ec:25:90:fc:a4:09:f6:20:
e6:a8:19:e7:43:34:44:eb:9f:e3:aa:54:de:24:9f:
3e:e4:11:aa:36:b4:f1:0a:7a:7d:70:d8:0c:40:ed:
ed:98:25:a4:4a:fb:e2:8e:de:e4:17:1a:6a:4d:e8:
f6:40:ce:19:07:a5:58:0a:dd:46:23:d7:19:e4:38:
13:1c:d9:7c:5b:7b:cc:0a:ed:09:1b:f0:82:b0:6c:
ec:49:04:bb:5e:29:6c:a7:84:68:35:d3:fb:db:33:
7b:82:a5:79:4f:f5:c4:ec:75:a3:ba:f0:e8:df:d5:
c3:2d:ee:36:d7:cf:68:23:23:75:65:a8:ab:9d:09:
12:de:75:16:ad:51:d1:a3:00:61:ae:0b:82:b4:f5:
61:0a:54:47:f0:0a:44:a8:2f:fc:56:cf:8d:ad:a1:
2a:91:c8:5e:a6:71:dd:ff:6a:1b:dc:43:34:d3:1a:
a3:9a:d5:a3:88:eb:a9:0c:46:dc:f0:d6:6b:ba:2e:
a8:ca:4f:58:fe:a5:cb:f2:a6:37:3e:46:79:b3:7d:
0a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:4A:D9:FB:3C:30:C0:7C:3A:74:8C:1A:11:BA:FF:87:1D:2C:3C:DA
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/KErZ-zwwwHw6dIwaEbr_hx0sPNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ab00:7000::/36
Signature Algorithm: sha256WithRSAEncryption
54:31:9c:13:2e:5a:76:6f:95:7e:3b:cb:1e:02:53:45:e2:59:
d0:0b:4a:f1:1e:8a:28:f0:23:7d:4b:d5:e9:28:0e:3b:42:e8:
2f:aa:92:ab:ed:8b:e2:50:a1:f8:64:30:8f:37:77:63:31:90:
29:04:da:15:d1:32:96:ac:a4:6a:c9:f0:6b:1a:ca:07:7f:5c:
6b:98:92:15:72:50:25:f8:7d:e9:99:61:ec:42:62:72:6a:ec:
14:34:25:59:c8:ea:28:6e:7f:56:c6:d5:34:e2:bc:7c:01:bc:
5c:3e:a4:29:62:3e:bc:82:e4:31:c8:2d:d0:f1:89:09:93:a5:
1f:37:d1:44:2b:fb:f7:4f:1c:42:be:cd:68:27:46:8c:d2:46:
0b:eb:66:ea:74:39:de:2d:7d:dd:98:ca:e6:fc:28:77:49:b3:
36:fe:d9:aa:e9:bf:20:aa:74:c3:4a:78:1c:13:11:1a:54:7d:
4f:77:72:4b:df:c3:48:69:83:8e:5e:f2:a0:ce:d5:7f:fb:aa:
6d:fc:83:01:99:af:f9:9e:82:ff:2e:61:b2:9e:85:c9:e3:ff:
3a:9f:ae:01:84:b3:9e:83:a4:51:6d:e5:84:f0:f5:ce:35:b8:
71:df:32:e9:7d:52:10:69:30:0b:15:9c:85:b0:c3:f7:0d:1d:
28:d6:75:8e
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEN33QmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWI2OWI1OWQxOWYyOTg3ZTQ5ZjE4NTJkNjBiYjE3NzdmODBhMzAxMB4XDTIyMDEx
MDEzMTkwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjg0YWQ5ZmIzYzMw
YzA3YzNhNzQ4YzFhMTFiYWZmODcxZDJjM2NkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSCcHMFBTz2cyhnYa8CHwG+OexFaKlnkqCqs5yNQvTpAytD
C9gWlF1Mjs0SernM97UqPuwlkPykCfYg5qgZ50M0ROuf46pU3iSfPuQRqja08Qp6
fXDYDEDt7ZglpEr74o7e5Bcaak3o9kDOGQelWArdRiPXGeQ4ExzZfFt7zArtCRvw
grBs7EkEu14pbKeEaDXT+9sze4KleU/1xOx1o7rw6N/Vwy3uNtfPaCMjdWWoq50J
Et51Fq1R0aMAYa4LgrT1YQpUR/AKRKgv/FbPja2hKpHIXqZx3f9qG9xDNNMao5rV
o4jrqQxG3PDWa7ouqMpPWP6ly/KmNz5GebN9CkMCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQoStn7PDDAfDp0jBoRuv+HHSw82jAfBgNVHSMEGDAWgBQRtptZ0Z8ph+Sf
GFLWC7F3f4CjATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ViYWJXZEdmS1lma254aFMxZ3V4ZDMtQW93RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNWVkZjdhLWFiOWEtNDVlNy1hNjEyLWQxNjljMDg4YjQxMi8x
L0tFclotend3d0h3NmRJd2FFYnJfaHgwc1BOby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NWVkZjdhLWFiOWEtNDVlNy1hNjEyLWQxNjljMDg4YjQxMi8xL0ViYWJXZEdmS1lm
a254aFMxZ3V4ZDMtQW93RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoAqwBwMA0GCSqGSIb3DQEBCwUA
A4IBAQBUMZwTLlp2b5V+O8seAlNF4lnQC0rxHooo8CN9S9XpKA47QugvqpKr7Yvi
UKH4ZDCPN3djMZApBNoV0TKWrKRqyfBrGsoHf1xrmJIVclAl+H3pmWHsQmJyauwU
NCVZyOoobn9WxtU04rx8AbxcPqQpYj68guQxyC3Q8YkJk6UfN9FEK/v3TxxCvs1o
J0aM0kYL62bqdDneLX3dmMrm/Ch3SbM2/tmq6b8gqnTDSngcExEaVH1Pd3JL38NI
aYOOXvKgztV/+6pt/IMBma/5noL/LmGynoXJ4/86n64BhLOeg6RRbeWE8PXONbhx
3zLpfVIQaTALFZyFsMP3DR0o1nWO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:36 2024 by rpki-client on console-fra.rpki-client.org