Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/KnoPpa-OCFR6P2AKoNYVwrc5dtw.roa
File: KnoPpa-OCFR6P2AKoNYVwrc5dtw.roa (raw, json)
Hash identifier: VqWBR21An47wR/mgbrD05wZ5eMJq3DZOb1paB+VQ8Ks=
Subject key identifier: 2A:7A:0F:A5:AF:8E:08:54:7A:3F:60:0A:A0:D6:15:C2:B7:39:76:DC
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 083DD008
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/KnoPpa-OCFR6P2AKoNYVwrc5dtw.roa
Signing time: Thu 03 Feb 2022 15:32:53 +0000
ROA not before: Thu 03 Feb 2022 15:32:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 2a0e:5780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138268680 (0x83dd008)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Feb 3 15:32:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a7a0fa5af8e08547a3f600aa0d615c2b73976dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ab:5e:9e:d8:f5:45:ea:d3:f9:6b:3c:08:3d:
d2:dd:a2:2e:c5:a1:71:17:47:7f:ac:db:8e:cb:fc:
42:c1:3f:4b:80:59:86:8e:e4:0f:5d:f1:17:cb:48:
c2:22:78:46:8e:06:16:77:c1:be:13:74:6e:76:aa:
62:8b:a4:e3:01:57:f8:c6:33:98:85:68:2a:ae:e0:
b6:7d:8a:4f:99:0f:77:49:8c:37:b1:4b:f2:83:e6:
61:23:11:d4:0f:ab:13:fe:22:d7:e1:9e:3f:57:f6:
4b:ef:b3:da:fc:30:6f:9c:ae:54:36:7c:90:58:2c:
2e:b6:72:84:33:d6:d2:7e:14:bb:e2:8c:a0:53:bd:
27:aa:a9:fb:75:ce:7a:89:f1:af:57:94:ad:08:98:
ea:b3:b4:a5:1d:71:ea:69:fb:e1:cb:bd:c0:53:ec:
e9:ad:e6:af:b4:2e:dc:84:ae:fa:1f:c8:7a:fc:f4:
d6:7e:7b:55:c9:54:50:ca:d2:65:e1:6e:52:b4:6e:
02:83:a2:56:2f:2d:55:31:5a:f9:33:e4:49:ce:af:
bb:e3:d7:49:d8:f7:7c:c2:16:18:c4:dd:3f:1e:c2:
f0:37:a3:75:a3:10:c0:e6:b9:aa:74:ae:dc:34:56:
1a:fc:1e:6e:71:e2:7e:23:59:1b:08:1f:13:2e:dd:
2c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7A:0F:A5:AF:8E:08:54:7A:3F:60:0A:A0:D6:15:C2:B7:39:76:DC
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/KnoPpa-OCFR6P2AKoNYVwrc5dtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5780::/29
Signature Algorithm: sha256WithRSAEncryption
8c:7f:54:ee:d9:d3:02:0b:a2:c8:97:9a:98:cf:b2:92:ff:9d:
4a:7b:dc:7e:37:0d:b3:27:8c:a0:ba:65:db:8b:70:bb:fe:ed:
d4:63:4d:bc:43:e0:22:67:f0:b2:ce:60:fb:f4:22:cd:97:27:
04:7a:cf:a0:b6:dc:9e:6b:56:60:cb:4c:ea:c5:79:49:f3:a6:
59:26:85:38:ed:a1:95:0b:94:ef:12:15:15:2a:62:72:9a:21:
a0:de:5b:78:cb:07:10:75:09:5f:be:80:75:0d:6b:90:4f:3e:
ec:da:94:5c:28:0d:cf:04:f0:78:f0:04:d4:5a:41:31:f5:9b:
f9:8d:7b:c6:54:7f:bf:a8:e6:b0:88:35:7a:de:f0:56:4c:f7:
c7:f4:ca:86:d3:2d:81:ee:89:de:d0:ac:1b:b9:6a:07:71:f2:
67:08:f2:33:41:de:f5:8c:ad:1b:1f:b3:b5:d7:11:94:a8:b6:
d0:c6:e5:2d:0b:d4:76:70:c2:2f:fe:c3:75:e9:d8:c0:5a:12:
57:1a:09:8f:af:5c:09:3c:9b:8a:b7:8d:90:8b:f1:49:c2:3e:
85:e0:dc:c5:7e:de:9c:d7:e8:e9:49:a6:f6:8a:f8:29:c1:ec:
e7:7c:50:c5:01:86:8c:ae:72:c9:6f:f0:c8:03:28:c8:32:57:
1a:48:6b:8b
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECD3QCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDIw
MzE1MzI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE3YTBmYTVhZjhl
MDg1NDdhM2Y2MDBhYTBkNjE1YzJiNzM5NzZkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSrXp7Y9UXq0/lrPAg90t2iLsWhcRdHf6zbjsv8QsE/S4BZ
ho7kD13xF8tIwiJ4Ro4GFnfBvhN0bnaqYouk4wFX+MYzmIVoKq7gtn2KT5kPd0mM
N7FL8oPmYSMR1A+rE/4i1+GeP1f2S++z2vwwb5yuVDZ8kFgsLrZyhDPW0n4Uu+KM
oFO9J6qp+3XOeonxr1eUrQiY6rO0pR1x6mn74cu9wFPs6a3mr7Qu3ISu+h/Ievz0
1n57VclUUMrSZeFuUrRuAoOiVi8tVTFa+TPkSc6vu+PXSdj3fMIWGMTdPx7C8Dej
daMQwOa5qnSu3DRWGvwebnHifiNZGwgfEy7dLKUCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQqeg+lr44IVHo/YAqg1hXCtzl23DAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
L0tub1BwYS1PQ0ZSNlAyQUtvTllWd3JjNWR0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoOV4AwDQYJKoZIhvcNAQELBQAD
ggEBAIx/VO7Z0wILosiXmpjPspL/nUp73H43DbMnjKC6ZduLcLv+7dRjTbxD4CJn
8LLOYPv0Is2XJwR6z6C23J5rVmDLTOrFeUnzplkmhTjtoZULlO8SFRUqYnKaIaDe
W3jLBxB1CV++gHUNa5BPPuzalFwoDc8E8HjwBNRaQTH1m/mNe8ZUf7+o5rCINXre
8FZM98f0yobTLYHuid7QrBu5agdx8mcI8jNB3vWMrRsfs7XXEZSottDG5S0L1HZw
wi/+w3Xp2MBaElcaCY+vXAk8m4q3jZCL8UnCPoXg3MV+3pzX6OlJpvaK+CnB7Od8
UMUBhoyucslv8MgDKMgyVxpIa4s=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:00 2025 by rpki-client