Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/082f12-513b-4eb9-a171-c6f6d444915f/1/kEs-0KgIsbmvKTHtPIV6vkO8PEc.roa
File: kEs-0KgIsbmvKTHtPIV6vkO8PEc.roa (raw, json)
Hash identifier: ZoZNNbKRqr7zvL4ryQhJzpMahn6AGIoTBUypTkrHwNc=
Subject key identifier: 90:4B:3E:D0:A8:08:B1:B9:AF:29:31:ED:3C:85:7A:BE:43:BC:3C:47
Certificate issuer: /CN=cbd942d96ee94a7a5a652ef7ac855dc9401415df
Certificate serial: 0AAF55A3
Authority key identifier: CB:D9:42:D9:6E:E9:4A:7A:5A:65:2E:F7:AC:85:5D:C9:40:14:15:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9lC2W7pSnpaZS73rIVdyUAUFd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/082f12-513b-4eb9-a171-c6f6d444915f/1/kEs-0KgIsbmvKTHtPIV6vkO8PEc.roa
Signing time: Sat 01 Jan 2022 14:55:01 +0000
ROA not before: Sat 01 Jan 2022 14:55:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64404
IP address blocks: 2001:678:814::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179262883 (0xaaf55a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd942d96ee94a7a5a652ef7ac855dc9401415df
Validity
Not Before: Jan 1 14:55:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=904b3ed0a808b1b9af2931ed3c857abe43bc3c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3f:00:ad:5e:f8:66:a5:ef:3a:63:70:20:e4:
0f:94:38:bc:3d:69:fe:bb:b8:33:9b:d5:df:55:15:
db:4c:f6:c2:37:90:8f:cd:e6:1a:18:b8:73:35:c6:
5d:d5:1f:25:fe:ac:dd:04:6e:b8:02:3a:43:3d:cd:
51:f9:d6:62:d4:36:aa:6b:1a:aa:d3:b8:9d:96:c7:
42:6c:97:a0:d9:19:d0:5b:94:b1:c8:bb:26:49:f7:
3f:c8:5a:41:b4:1a:0a:a4:5e:c5:20:e3:6a:af:45:
f9:ef:26:ae:d6:23:a7:76:b6:c9:fe:c2:f9:d4:59:
3b:7b:59:61:43:45:e0:38:97:1e:c4:cf:19:88:2d:
96:be:61:1d:46:6a:55:e3:63:0c:c3:13:19:00:e4:
51:d5:6c:2f:51:5e:d4:91:17:f9:7a:6f:ca:52:82:
c7:de:16:3c:4c:5d:ad:1b:ee:00:b7:66:4a:c5:d4:
cb:dc:5d:f3:48:35:89:a3:5e:3d:cf:80:7d:7a:4f:
2c:ba:97:7e:14:3f:66:ff:ee:e7:28:ed:7a:cc:ae:
9f:18:0c:d6:41:09:fc:8a:8e:cd:f6:b3:0d:b2:26:
b9:99:0c:8f:ba:1c:0e:b9:46:fb:c7:b8:df:33:9b:
d7:85:24:fe:e2:da:3f:c7:61:4c:70:5b:8c:fe:7d:
f5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4B:3E:D0:A8:08:B1:B9:AF:29:31:ED:3C:85:7A:BE:43:BC:3C:47
X509v3 Authority Key Identifier:
keyid:CB:D9:42:D9:6E:E9:4A:7A:5A:65:2E:F7:AC:85:5D:C9:40:14:15:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9lC2W7pSnpaZS73rIVdyUAUFd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/082f12-513b-4eb9-a171-c6f6d444915f/1/kEs-0KgIsbmvKTHtPIV6vkO8PEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/082f12-513b-4eb9-a171-c6f6d444915f/1/y9lC2W7pSnpaZS73rIVdyUAUFd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:814::/48
Signature Algorithm: sha256WithRSAEncryption
38:1b:21:64:74:6e:37:78:4c:3e:ac:19:55:4a:44:f4:bc:35:
78:2b:98:0e:a2:c5:ed:18:d7:68:a5:97:85:81:72:84:9c:f6:
a4:2f:2e:22:54:dc:05:63:0f:ed:0c:e1:df:fc:47:5d:03:cf:
da:1b:4a:ce:69:01:ac:06:08:30:5d:be:89:72:a0:92:05:59:
2a:35:81:28:23:d3:2a:53:39:50:44:2e:b7:3e:b2:f7:7b:cc:
a9:9c:09:9d:b6:8a:14:b2:fa:6f:90:50:21:17:bc:c9:04:ab:
b8:4a:a8:97:3b:82:fc:d6:27:45:9c:e2:30:80:df:7b:47:63:
d8:c6:84:60:b5:c3:90:dc:ea:8b:8c:98:53:b6:f5:da:57:eb:
73:86:b5:30:f3:10:30:93:35:b5:88:ee:71:6f:3d:c4:81:a1:
ce:20:d7:bd:8c:74:d6:cf:c5:49:11:11:1f:ab:46:1d:f2:e6:
7a:ad:c4:92:92:04:36:25:88:d7:7c:5e:51:cd:82:59:a3:b5:
55:f3:60:d6:02:34:2a:75:2f:f1:02:07:9b:49:33:de:cf:85:
d0:f7:15:b0:22:c9:bf:4b:3c:9b:3b:a0:64:75:f3:c0:61:65:
00:8b:92:8c:40:e4:29:c5:bb:97:f0:66:09:a3:9c:5c:98:c1:
7f:92:c2:cd
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECq9VozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YmQ5NDJkOTZlZTk0YTdhNWE2NTJlZjdhYzg1NWRjOTQwMTQxNWRmMB4XDTIyMDEw
MTE0NTUwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTA0YjNlZDBhODA4
YjFiOWFmMjkzMWVkM2M4NTdhYmU0M2JjM2M0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8/AK1e+Gal7zpjcCDkD5Q4vD1p/ru4M5vV31UV20z2wjeQ
j83mGhi4czXGXdUfJf6s3QRuuAI6Qz3NUfnWYtQ2qmsaqtO4nZbHQmyXoNkZ0FuU
sci7Jkn3P8haQbQaCqRexSDjaq9F+e8mrtYjp3a2yf7C+dRZO3tZYUNF4DiXHsTP
GYgtlr5hHUZqVeNjDMMTGQDkUdVsL1Fe1JEX+XpvylKCx94WPExdrRvuALdmSsXU
y9xd80g1iaNePc+AfXpPLLqXfhQ/Zv/u5yjtesyunxgM1kEJ/IqOzfazDbImuZkM
j7ocDrlG+8e43zOb14Uk/uLaP8dhTHBbjP599Y8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSQSz7QqAixua8pMe08hXq+Q7w8RzAfBgNVHSMEGDAWgBTL2ULZbulKelpl
LveshV3JQBQV3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3k5bEMyVzdwU25wYVpTNzNySVZkeVVBVUZkOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvMDgyZjEyLTUxM2ItNGViOS1hMTcxLWM2ZjZkNDQ0OTE1Zi8x
L2tFcy0wS2dJc2JtdktUSHRQSVY2dmtPOFBFYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
MDgyZjEyLTUxM2ItNGViOS1hMTcxLWM2ZjZkNDQ0OTE1Zi8xL3k5bEMyVzdwU25w
YVpTNzNySVZkeVVBVUZkOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngIFDANBgkqhkiG9w0BAQsF
AAOCAQEAOBshZHRuN3hMPqwZVUpE9Lw1eCuYDqLF7RjXaKWXhYFyhJz2pC8uIlTc
BWMP7Qzh3/xHXQPP2htKzmkBrAYIMF2+iXKgkgVZKjWBKCPTKlM5UEQutz6y93vM
qZwJnbaKFLL6b5BQIRe8yQSruEqolzuC/NYnRZziMIDfe0dj2MaEYLXDkNzqi4yY
U7b12lfrc4a1MPMQMJM1tYjucW89xIGhziDXvYx01s/FSRERH6tGHfLmeq3EkpIE
NiWI13xeUc2CWaO1VfNg1gI0KnUv8QIHm0kz3s+F0PcVsCLJv0s8mzugZHXzwGFl
AIuSjEDkKcW7l/BmCaOcXJjBf5LCzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:31 2024 by rpki-client on console-ams.rpki-client.org