Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/2BwpBCxCoO7w1Oh_CPK_4T5gRe0.roa
File: 2BwpBCxCoO7w1Oh_CPK_4T5gRe0.roa (raw, json)
Hash identifier: fKE+uSPf5c9NPAReme5K9jHLvwJFoIDSzxy8OPnN3Fk=
Subject key identifier: D8:1C:29:04:2C:42:A0:EE:F0:D4:E8:7F:08:F2:BF:E1:3E:60:45:ED
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 08B5258E
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/2BwpBCxCoO7w1Oh_CPK_4T5gRe0.roa
Signing time: Tue 05 Apr 2022 10:02:20 +0000
ROA not before: Tue 05 Apr 2022 10:02:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210625
IP address blocks: 2a09:4e07:9000::/36 maxlen: 36
2a09:4e07:7000::/36 maxlen: 36
2a09:4e06::/32 maxlen: 32
2a0d:60c5::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146089358 (0x8b5258e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Apr 5 10:02:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d81c29042c42a0eef0d4e87f08f2bfe13e6045ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d4:77:78:3f:cf:2c:f8:6d:88:6b:ed:06:20:
1e:97:1e:e1:52:12:eb:87:f0:1a:ad:91:73:1e:21:
fe:7a:a0:5f:e8:94:c1:55:ed:de:1a:79:ba:0a:ec:
1a:44:7f:36:78:cd:1d:9a:24:0d:8a:56:11:e4:2e:
14:91:99:f2:c3:1d:67:f3:3c:01:6c:d4:0e:cd:98:
9d:d8:6b:f9:b4:1e:76:bd:b8:ae:08:8e:c4:96:dc:
b2:59:45:bf:58:cb:91:a7:31:23:db:c3:9d:6b:68:
7c:99:09:79:c0:a8:c8:68:13:43:8b:8c:3a:53:d2:
46:f1:c9:7b:b6:ee:73:fa:6f:c8:c8:2c:3b:91:83:
3b:38:a4:50:17:27:86:0d:08:40:6d:12:47:ea:b5:
7c:29:d1:43:34:09:23:86:13:59:90:7c:e1:9d:6a:
37:fd:b9:b9:23:fa:f6:fe:0d:ca:ad:f8:02:f9:f8:
1a:84:fc:d5:7d:69:83:31:52:20:a4:ba:30:39:4f:
5a:0f:af:5e:48:42:07:61:27:bb:fc:dd:53:52:a2:
d4:11:b9:4d:2a:4d:3f:1e:1b:0a:b6:79:71:7a:c1:
aa:7d:7e:f9:da:08:20:b9:a2:50:5f:a0:28:3a:54:
ca:9a:36:36:ce:bb:cf:a5:a9:e1:ff:2e:28:16:3a:
9f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:1C:29:04:2C:42:A0:EE:F0:D4:E8:7F:08:F2:BF:E1:3E:60:45:ED
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/2BwpBCxCoO7w1Oh_CPK_4T5gRe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:4e06::/32
2a09:4e07:7000::/36
2a09:4e07:9000::/36
2a0d:60c5::/32
Signature Algorithm: sha256WithRSAEncryption
42:d2:ce:19:86:ea:61:51:33:ab:be:d0:77:92:fe:78:56:82:
3e:66:13:f9:8c:02:92:f1:20:85:a0:d9:c5:09:7f:e4:d5:3e:
80:65:71:0f:25:ba:62:9d:c7:9e:61:08:b6:c5:9c:5f:a2:7e:
68:09:86:74:07:68:ed:c3:a9:f7:e5:55:18:a1:75:0e:03:08:
af:de:52:86:c0:f6:92:ac:2b:4f:f0:c2:fe:15:31:9a:e7:e1:
1f:69:eb:0e:29:0c:0f:66:f8:27:a9:ce:e2:13:c7:d2:82:60:
cd:0a:29:fe:99:6f:68:3d:5d:fb:82:48:5a:b5:bb:e5:17:43:
b3:c4:06:cf:97:51:d5:a7:e1:78:53:60:81:9f:bb:d1:94:71:
97:90:0a:e2:40:c8:1e:17:f1:eb:c0:ec:96:99:48:0a:8e:87:
b1:cf:d7:4a:cd:a0:d0:97:cd:e7:5e:32:de:5b:de:9b:b4:1e:
bf:cd:9b:7f:b2:ef:da:3a:c6:3c:e8:f4:69:c7:14:9c:3b:f0:
4e:02:ed:e1:e8:2f:63:3c:62:84:76:83:e4:b2:c9:bd:08:6e:
35:5f:30:cc:7d:c4:56:f1:f4:15:41:c9:bf:48:d4:9a:96:f9:
fc:35:e4:bd:9e:8f:65:a8:fa:72:ff:03:8d:ed:07:3a:bc:f4:
2d:bd:26:3d
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECLUljjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDU5ZWMyYTVmZDUzOTA5YzUyMzlmNGNjOGQ2ZDMyOWEyNzc5YmIxMB4XDTIyMDQw
NTEwMDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDgxYzI5MDQyYzQy
YTBlZWYwZDRlODdmMDhmMmJmZTEzZTYwNDVlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXUd3g/zyz4bYhr7QYgHpce4VIS64fwGq2Rcx4h/nqgX+iU
wVXt3hp5ugrsGkR/NnjNHZokDYpWEeQuFJGZ8sMdZ/M8AWzUDs2Yndhr+bQedr24
rgiOxJbcsllFv1jLkacxI9vDnWtofJkJecCoyGgTQ4uMOlPSRvHJe7buc/pvyMgs
O5GDOzikUBcnhg0IQG0SR+q1fCnRQzQJI4YTWZB84Z1qN/25uSP69v4Nyq34Avn4
GoT81X1pgzFSIKS6MDlPWg+vXkhCB2Enu/zdU1Ki1BG5TSpNPx4bCrZ5cXrBqn1+
+doIILmiUF+gKDpUypo2Ns67z6Wp4f8uKBY6n7kCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTYHCkELEKg7vDU6H8I8r/hPmBF7TAfBgNVHSMEGDAWgBREWewqX9U5CcUj
n0zI1tMponebsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JGbnNLbF9WT1FuRkk1OU15TmJUS2FKM203RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvZjBhZTYyLWMxMDctNDNjZS1hOGE5LTZiNDM3MjYwMjA5Ni8x
LzJCd3BCQ3hDb083dzFPaF9DUEtfNFQ1Z1JlMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
ZjBhZTYyLWMxMDctNDNjZS1hOGE5LTZiNDM3MjYwMjA5Ni8xL1JGbnNLbF9WT1Fu
Rkk1OU15TmJUS2FKM203RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAIwHgMFACoJTgYDBgQqCU4HcAMGBCoJTgeQ
AwUAKg1gxTANBgkqhkiG9w0BAQsFAAOCAQEAQtLOGYbqYVEzq77Qd5L+eFaCPmYT
+YwCkvEghaDZxQl/5NU+gGVxDyW6Yp3HnmEItsWcX6J+aAmGdAdo7cOp9+VVGKF1
DgMIr95ShsD2kqwrT/DC/hUxmufhH2nrDikMD2b4J6nO4hPH0oJgzQop/plvaD1d
+4JIWrW75RdDs8QGz5dR1afheFNggZ+70ZRxl5AK4kDIHhfx68DslplICo6Hsc/X
Ss2g0JfN514y3lvem7Qev82bf7Lv2jrGPOj0accUnDvwTgLt4egvYzxihHaD5LLJ
vQhuNV8wzH3EVvH0FUHJv0jUmpb5/DXkvZ6PZaj6cv8Dje0HOrz0Lb0mPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org