Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/KJ-hw-g4LDVeCu8DeXyW1U9qWGo.roa
File: KJ-hw-g4LDVeCu8DeXyW1U9qWGo.roa (raw, json)
Hash identifier: 27YiVws9hiZyWSBgd+y/+p5/0kPSFABBQW2MLmIu9j0=
Subject key identifier: 28:9F:A1:C3:E8:38:2C:35:5E:0A:EF:03:79:7C:96:D5:4F:6A:58:6A
Certificate issuer: /CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Certificate serial: 09E56CE0
Authority key identifier: 62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/KJ-hw-g4LDVeCu8DeXyW1U9qWGo.roa
Signing time: Wed 23 Feb 2022 12:50:09 +0000
ROA not before: Wed 23 Feb 2022 12:50:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397881
IP address blocks: 2a0f:300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166030560 (0x9e56ce0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Validity
Not Before: Feb 23 12:50:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=289fa1c3e8382c355e0aef03797c96d54f6a586a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:90:a9:23:fc:1e:c6:c5:e9:6f:42:7a:ea:be:
d9:91:34:16:a8:04:b5:b0:3a:0f:83:a9:bd:41:98:
fa:49:f0:31:48:a7:59:05:cd:09:54:2a:39:da:32:
14:3e:40:0b:2c:a7:7c:06:d5:02:eb:11:43:6f:05:
fc:26:e1:22:1f:04:51:cb:d1:a9:a6:0d:36:7b:d4:
c3:87:5f:cb:1d:cd:52:df:ea:3c:4b:b0:e6:28:fb:
11:b0:0c:55:83:4b:43:12:33:89:21:27:e7:aa:7b:
71:06:83:05:05:26:d1:65:c5:77:6f:56:5e:6f:6b:
03:26:8e:4d:2f:2d:f1:b4:33:b2:ad:31:fe:a9:f0:
5a:34:88:f3:d1:7b:c4:8c:ad:33:1d:11:c7:6d:55:
3c:98:49:a6:f5:e0:b2:23:0a:30:9e:a6:4f:49:78:
bb:00:8b:89:87:75:ae:3f:4a:13:17:e5:6b:07:ad:
33:46:e8:3e:12:09:5a:8e:a8:0f:d1:b6:e6:fe:57:
ce:6d:b3:14:36:ac:ec:13:d3:42:56:c6:8b:cf:d0:
ee:b5:e2:2c:51:0c:f7:cc:5d:6f:fa:f0:da:6e:36:
d1:c0:c2:96:6e:c7:ac:94:8c:c7:c2:ef:b6:e7:94:
60:6b:56:3a:eb:ff:18:75:2a:e6:70:b7:23:6e:aa:
e4:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9F:A1:C3:E8:38:2C:35:5E:0A:EF:03:79:7C:96:D5:4F:6A:58:6A
X509v3 Authority Key Identifier:
keyid:62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/KJ-hw-g4LDVeCu8DeXyW1U9qWGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:300::/32
Signature Algorithm: sha256WithRSAEncryption
41:c5:5c:7e:9c:6c:c6:60:53:92:1e:ce:0b:bb:f2:a1:0b:2b:
fe:79:4c:c0:3b:46:86:65:de:6d:bc:36:6e:96:c3:da:1a:61:
2f:e0:25:56:21:65:6a:0a:67:f3:26:f8:78:e0:3b:4e:11:58:
e5:26:a5:fe:17:44:ba:e9:32:42:7e:43:a2:ac:29:7e:a9:ee:
a1:a9:33:fd:8b:b7:71:29:a4:83:0b:a8:5e:b3:f7:49:25:af:
67:72:f1:1e:62:38:5b:27:30:e4:16:96:54:4d:46:a4:41:5b:
c0:e9:8a:ab:79:70:24:b9:f4:2f:60:dc:88:67:b1:20:b1:b5:
76:c0:66:0b:c1:c4:f2:aa:78:bd:ed:0d:4a:84:86:b9:a9:0a:
82:bc:4b:8a:15:7e:b0:6e:3f:e0:cc:45:32:25:38:32:f7:12:
b6:2e:82:8e:e8:5c:2a:cb:96:38:3c:52:78:5a:c1:ac:8c:43:
cc:3c:95:d9:19:7a:06:ed:e6:9d:6a:46:4f:d1:93:b6:a9:f0:
54:03:31:cc:33:88:0e:da:ef:78:d1:d4:13:5e:0c:ea:55:c2:
9c:78:63:d6:eb:d1:f8:51:10:db:26:e8:e8:8a:8a:29:76:3e:
1e:7f:13:28:d4:bb:e5:15:17:1a:cb:2d:9d:a6:71:1c:24:7a:
1c:92:6e:c5
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECeVs4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MmJlY2M0YmE4YTRkNTI0OThhMGQyOTgzYTY4YjYxMzgzYWE3ZmQ3MB4XDTIyMDIy
MzEyNTAwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjg5ZmExYzNlODM4
MmMzNTVlMGFlZjAzNzk3Yzk2ZDU0ZjZhNTg2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2QqSP8HsbF6W9Ceuq+2ZE0FqgEtbA6D4OpvUGY+knwMUin
WQXNCVQqOdoyFD5ACyynfAbVAusRQ28F/CbhIh8EUcvRqaYNNnvUw4dfyx3NUt/q
PEuw5ij7EbAMVYNLQxIziSEn56p7cQaDBQUm0WXFd29WXm9rAyaOTS8t8bQzsq0x
/qnwWjSI89F7xIytMx0Rx21VPJhJpvXgsiMKMJ6mT0l4uwCLiYd1rj9KExflawet
M0boPhIJWo6oD9G25v5Xzm2zFDas7BPTQlbGi8/Q7rXiLFEM98xdb/rw2m420cDC
lm7HrJSMx8LvtueUYGtWOuv/GHUq5nC3I26q5PcCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQon6HD6DgsNV4K7wN5fJbVT2pYajAfBgNVHSMEGDAWgBRivsxLqKTVJJig
0pg6aLYTg6p/1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lyN01TNmlrMVNTWW9OS1lPbWkyRTRPcWY5Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvOWM0OTNiLTQxN2ItNGFmNi05ZjQzLTJmZjE0YzIxODcxOS8x
L0tKLWh3LWc0TERWZUN1OERlWHlXMVU5cVdHby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
OWM0OTNiLTQxN2ItNGFmNi05ZjQzLTJmZjE0YzIxODcxOS8xL1lyN01TNmlrMVNT
WW9OS1lPbWkyRTRPcWY5Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoPAwAwDQYJKoZIhvcNAQELBQAD
ggEBAEHFXH6cbMZgU5Iezgu78qELK/55TMA7RoZl3m28Nm6Ww9oaYS/gJVYhZWoK
Z/Mm+HjgO04RWOUmpf4XRLrpMkJ+Q6KsKX6p7qGpM/2Lt3EppIMLqF6z90klr2dy
8R5iOFsnMOQWllRNRqRBW8Dpiqt5cCS59C9g3IhnsSCxtXbAZgvBxPKqeL3tDUqE
hrmpCoK8S4oVfrBuP+DMRTIlODL3ErYugo7oXCrLljg8UnhawayMQ8w8ldkZegbt
5p1qRk/Rk7ap8FQDMcwziA7a73jR1BNeDOpVwpx4Y9br0fhRENsm6OiKiil2Ph5/
EyjUu+UVFxrLLZ2mcRwkehySbsU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:55 2023 by rpki-client on console-fra.rpki-client.org