Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/fbbdfa-dcfa-4ded-97a1-4e3807a38158/1/KCJcIRh5MfI67NBK7qsJRmTXCOs.roa
File: KCJcIRh5MfI67NBK7qsJRmTXCOs.roa (raw, json)
Hash identifier: z2XsJjswrtul4TuVb8bKnkU1MS/jMgzZc3DV0rbjWBM=
Subject key identifier: 28:22:5C:21:18:79:31:F2:3A:EC:D0:4A:EE:AB:09:46:64:D7:08:EB
Certificate issuer: /CN=1740132e505f78bad0112f91b55986879535cac0
Certificate serial: 018481738B65BBAD204CBB15C412A1466787
Authority key identifier: 17:40:13:2E:50:5F:78:BA:D0:11:2F:91:B5:59:86:87:95:35:CA:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0ATLlBfeLrQES-RtVmGh5U1ysA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/fbbdfa-dcfa-4ded-97a1-4e3807a38158/1/KCJcIRh5MfI67NBK7qsJRmTXCOs.roa
Signing time: Wed 16 Nov 2022 17:19:03 +0000
ROA not before: Wed 16 Nov 2022 17:19:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56987
IP address blocks: 2a13:1080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:81:73:8b:65:bb:ad:20:4c:bb:15:c4:12:a1:46:67:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1740132e505f78bad0112f91b55986879535cac0
Validity
Not Before: Nov 16 17:19:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28225c21187931f23aecd04aeeab094664d708eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:35:73:50:cc:4a:03:8c:e4:80:36:e2:85:09:
84:a7:e6:ed:25:bd:5d:bc:44:dc:4a:e9:e2:aa:67:
53:c9:5e:71:95:28:eb:9e:47:45:8a:fa:75:0a:d6:
12:e5:e6:d0:b5:1e:db:30:10:0a:eb:71:36:20:1e:
18:73:9e:b8:ff:40:15:33:29:fe:b2:8d:35:f7:94:
f5:41:4f:cf:30:4c:38:c1:b9:39:fd:1c:76:11:2d:
85:67:cf:20:bc:74:29:65:cb:27:82:fc:b1:67:6b:
22:04:4d:84:51:4b:a0:eb:b7:1a:e6:ca:83:74:40:
ea:5c:40:02:21:bc:8a:cc:57:47:ab:30:ad:ac:cf:
58:37:a6:ef:10:89:60:56:d6:cc:47:20:3f:e2:5d:
e4:75:0e:f9:9c:5a:89:77:39:85:b9:e1:dd:71:ce:
0c:99:1e:85:96:ed:a7:92:c0:00:b9:f8:5b:68:bb:
f9:05:0b:ea:f3:fb:84:05:9d:a7:49:e7:33:72:8c:
82:68:09:e5:49:49:3c:5f:00:f7:5b:ba:db:95:57:
a8:56:18:ef:44:22:c3:91:af:a4:fb:93:c1:07:98:
1a:45:d0:62:3a:1a:c6:27:7b:e6:7d:db:9b:a8:44:
d4:65:25:06:f8:00:b7:3c:7e:75:69:d5:00:0e:80:
b1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:22:5C:21:18:79:31:F2:3A:EC:D0:4A:EE:AB:09:46:64:D7:08:EB
X509v3 Authority Key Identifier:
keyid:17:40:13:2E:50:5F:78:BA:D0:11:2F:91:B5:59:86:87:95:35:CA:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0ATLlBfeLrQES-RtVmGh5U1ysA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/fbbdfa-dcfa-4ded-97a1-4e3807a38158/1/KCJcIRh5MfI67NBK7qsJRmTXCOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/fbbdfa-dcfa-4ded-97a1-4e3807a38158/1/F0ATLlBfeLrQES-RtVmGh5U1ysA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:1080::/29
Signature Algorithm: sha256WithRSAEncryption
2a:d9:95:c1:c2:89:f0:29:22:17:04:b1:66:4e:bc:4c:d2:5e:
78:e7:a6:79:85:e6:28:ff:75:86:3a:dd:7f:a6:58:a6:e9:a9:
5e:d9:33:53:a3:28:ff:dc:4f:8e:05:1a:2a:34:71:1f:8e:5b:
bb:6c:67:db:c5:9e:d7:2f:5e:30:90:d1:95:cb:66:32:53:e6:
c7:62:7b:2e:04:18:fc:54:86:2f:c9:68:46:d8:cf:ce:2c:f3:
8c:2d:32:dc:10:0a:df:a9:e7:84:c9:37:14:41:eb:92:78:88:
52:fa:cd:ee:e7:f0:92:90:43:27:e9:73:b0:16:08:eb:23:95:
aa:79:83:4f:22:61:30:d0:2e:1e:10:51:6f:15:e3:9b:74:e3:
2f:04:4a:b6:c7:cf:8c:24:79:70:cd:eb:8d:6f:7c:c0:95:b8:
72:f9:65:68:eb:79:55:10:c6:87:3b:19:d7:10:9b:2c:e5:00:
69:33:d8:ba:24:97:5c:97:47:5a:42:55:8a:e5:1b:6e:0d:8c:
f6:32:98:56:35:53:08:0e:95:82:c5:be:2b:6d:12:6e:e7:73:
d2:6f:e8:6f:86:d3:17:c6:72:87:4d:d8:09:7c:7a:24:04:3f:
52:39:75:7a:f9:7e:5f:b4:dc:35:8a:e2:ba:c7:75:10:50:68:
87:53:59:a5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSBc4tlu60gTLsVxBKhRmeHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDAxMzJlNTA1Zjc4YmFkMDExMmY5MWI1NTk4Njg3OTUz
NWNhYzAwHhcNMjIxMTE2MTcxOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODIyNWMyMTE4NzkzMWYyM2FlY2QwNGFlZWFiMDk0NjY0ZDcwOGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjVzUMxKA4zkgDbihQmEp+btJb1d
vETcSuniqmdTyV5xlSjrnkdFivp1CtYS5ebQtR7bMBAK63E2IB4Yc564/0AVMyn+
so0195T1QU/PMEw4wbk5/Rx2ES2FZ88gvHQpZcsngvyxZ2siBE2EUUug67ca5sqD
dEDqXEACIbyKzFdHqzCtrM9YN6bvEIlgVtbMRyA/4l3kdQ75nFqJdzmFueHdcc4M
mR6Flu2nksAAufhbaLv5BQvq8/uEBZ2nSeczcoyCaAnlSUk8XwD3W7rblVeoVhjv
RCLDka+k+5PBB5gaRdBiOhrGJ3vmfdubqETUZSUG+AC3PH51adUADoCxewIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCgiXCEYeTHyOuzQSu6rCUZk1wjrMB8GA1UdIwQY
MBaAFBdAEy5QX3i60BEvkbVZhoeVNcrAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBBVExsQmZlTHJRRVMtUnRWbUdoNVUxeXNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9mYmJkZmEtZGNmYS00ZGVkLTk3YTEt
NGUzODA3YTM4MTU4LzEvS0NKY0lSaDVNZkk2N05CSzdxc0pSbVRYQ09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9mYmJkZmEtZGNmYS00ZGVkLTk3YTEtNGUzODA3YTM4MTU4
LzEvRjBBVExsQmZlTHJRRVMtUnRWbUdoNVUxeXNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMQgDAN
BgkqhkiG9w0BAQsFAAOCAQEAKtmVwcKJ8CkiFwSxZk68TNJeeOemeYXmKP91hjrd
f6ZYpumpXtkzU6Mo/9xPjgUaKjRxH45bu2xn28We1y9eMJDRlctmMlPmx2J7LgQY
/FSGL8loRtjPzizzjC0y3BAK36nnhMk3FEHrkniIUvrN7ufwkpBDJ+lzsBYI6yOV
qnmDTyJhMNAuHhBRbxXjm3TjLwRKtsfPjCR5cM3rjW98wJW4cvllaOt5VRDGhzsZ
1xCbLOUAaTPYuiSXXJdHWkJViuUbbg2M9jKYVjVTCA6VgsW+K20Sbudz0m/ob4bT
F8Zyh03YCXx6JAQ/Ujl1evl+X7TcNYriusd1EFBoh1NZpQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:35 2023 by rpki-client on console-ams.rpki-client.org