Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/K8unpS9pKT9Rwe5vHd7XzO96hbY.roa
File: K8unpS9pKT9Rwe5vHd7XzO96hbY.roa (raw, json)
Hash identifier: Y0TmMF1oX046zRLXIgOiPDPS1qx4tR/Zgn7zmGmojHA=
Subject key identifier: 2B:CB:A7:A5:2F:69:29:3F:51:C1:EE:6F:1D:DE:D7:CC:EF:7A:85:B6
Certificate issuer: /CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Certificate serial: 0182C2102BB394C3731E6E2F98D8294F815C
Authority key identifier: 62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/K8unpS9pKT9Rwe5vHd7XzO96hbY.roa
Signing time: Sun 21 Aug 2022 20:20:15 +0000
ROA not before: Sun 21 Aug 2022 20:20:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a09:9f44::/30 maxlen: 30
2a09:9f40::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c2:10:2b:b3:94:c3:73:1e:6e:2f:98:d8:29:4f:81:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Validity
Not Before: Aug 21 20:20:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2bcba7a52f69293f51c1ee6f1dded7ccef7a85b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:39:91:40:a4:21:88:1c:2a:47:85:2f:f6:d0:
7b:8b:04:23:7a:33:c8:7f:50:91:95:23:d5:4d:a2:
f1:03:b5:20:8f:d7:f6:74:26:19:e6:5d:49:d4:6d:
82:c8:13:d1:49:76:a6:e8:4b:79:89:07:e0:0c:23:
fc:e2:0d:78:d6:b5:77:94:30:b7:0b:bc:7a:bf:d3:
43:b3:da:d8:1d:60:30:61:1e:5e:8b:9a:6e:7f:3f:
80:cd:1e:c8:45:cf:3b:76:8d:f6:1b:5d:dc:08:f3:
c7:b7:78:50:8e:ab:06:c7:cf:8d:1d:42:5d:ae:c8:
d5:71:ce:33:e3:8b:c6:d2:f7:73:91:8c:a8:71:76:
a5:a5:fb:83:fe:9f:54:09:2a:32:76:e6:81:04:a9:
0f:6c:93:c6:54:e9:42:63:42:a7:79:94:db:ea:04:
0a:52:2b:e9:04:d1:d9:71:7a:0c:14:d6:d9:09:1b:
c5:f6:ac:dc:e8:3a:5e:b2:f3:d7:17:82:44:5d:61:
b9:b9:24:1b:5a:5e:8b:64:c0:d7:19:30:51:42:17:
04:00:0b:b2:18:1a:80:6c:ec:de:df:0f:22:90:e9:
c3:17:bd:43:7f:6c:16:1f:09:69:cc:5f:0e:b2:b5:
3c:43:6d:7f:83:ee:96:cd:1f:5c:e6:ed:1c:49:55:
74:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:CB:A7:A5:2F:69:29:3F:51:C1:EE:6F:1D:DE:D7:CC:EF:7A:85:B6
X509v3 Authority Key Identifier:
keyid:62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/K8unpS9pKT9Rwe5vHd7XzO96hbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
6a:57:53:3a:58:bd:41:56:66:58:73:60:25:0a:85:7f:4f:14:
be:d6:02:b2:d2:59:db:7b:66:d6:94:41:4a:b7:9b:2e:b5:0c:
b1:e4:e2:d5:96:fd:5c:41:d1:7f:69:5a:47:08:89:ec:0c:f1:
6f:aa:48:01:16:b2:4e:20:89:60:f4:e1:b1:7b:f0:38:e7:50:
5b:58:9a:10:e2:8c:c9:97:8b:e6:91:09:f2:7d:7e:ab:8a:41:
09:99:74:1d:d3:28:0a:58:0e:72:a6:84:75:bb:1e:71:d9:d3:
16:44:40:49:b7:db:43:68:6c:d6:30:ad:e5:dc:8b:c8:4d:e3:
60:67:db:38:b1:51:3e:3b:5f:54:62:67:9c:f1:4b:11:8c:bf:
7c:fe:91:3c:2d:1b:7b:1f:e9:19:34:cb:55:bf:5b:7f:2e:b9:
9a:3c:6c:15:1e:5d:f5:2e:d2:1e:e1:61:37:d9:08:ed:2f:97:
dc:9a:17:46:70:19:5c:2d:5f:1f:aa:b4:57:6b:be:fe:02:74:
1e:ca:13:8d:69:71:25:3b:a0:4e:73:7f:03:7e:91:2b:82:25:
83:3b:7a:c5:ac:f1:31:d9:df:68:77:53:74:e5:ba:15:ff:3c:
91:04:19:79:27:86:d4:5d:12:a6:c8:80:09:fc:1d:d8:d4:99:
1f:42:6a:c5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYLCECuzlMNzHm4vmNgpT4FcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmVjYzRiYThhNGQ1MjQ5OGEwZDI5ODNhNjhiNjEzODNh
YTdmZDcwHhcNMjIwODIxMjAyMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmNiYTdhNTJmNjkyOTNmNTFjMWVlNmYxZGRlZDdjY2VmN2E4NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDmRQKQhiBwqR4Uv9tB7iwQjejPI
f1CRlSPVTaLxA7Ugj9f2dCYZ5l1J1G2CyBPRSXam6Et5iQfgDCP84g141rV3lDC3
C7x6v9NDs9rYHWAwYR5ei5pufz+AzR7IRc87do32G13cCPPHt3hQjqsGx8+NHUJd
rsjVcc4z44vG0vdzkYyocXalpfuD/p9UCSoyduaBBKkPbJPGVOlCY0KneZTb6gQK
UivpBNHZcXoMFNbZCRvF9qzc6DpesvPXF4JEXWG5uSQbWl6LZMDXGTBRQhcEAAuy
GBqAbOze3w8ikOnDF71Df2wWHwlpzF8OsrU8Q21/g+6WzR9c5u0cSVV0SwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCvLp6UvaSk/UcHubx3e18zveoW2MB8GA1UdIwQY
MBaAFGK+zEuopNUkmKDSmDpothODqn/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMt
MmZmMTRjMjE4NzE5LzEvSzh1bnBTOXBLVDlSd2U1dkhkN1h6Tzk2aGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMtMmZmMTRjMjE4NzE5
LzEvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgmfQDAN
BgkqhkiG9w0BAQsFAAOCAQEAaldTOli9QVZmWHNgJQqFf08UvtYCstJZ23tm1pRB
SrebLrUMseTi1Zb9XEHRf2laRwiJ7Azxb6pIARayTiCJYPThsXvwOOdQW1iaEOKM
yZeL5pEJ8n1+q4pBCZl0HdMoClgOcqaEdbsecdnTFkRASbfbQ2hs1jCt5dyLyE3j
YGfbOLFRPjtfVGJnnPFLEYy/fP6RPC0bex/pGTTLVb9bfy65mjxsFR5d9S7SHuFh
N9kI7S+X3JoXRnAZXC1fH6q0V2u+/gJ0HsoTjWlxJTugTnN/A36RK4Ilgzt6xazx
MdnfaHdTdOW6Ff88kQQZeSeG1F0SpsiACfwd2NSZH0JqxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:39 2024 by rpki-client on console-fra.rpki-client.org