Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/jK5KvEiTjEVP4vtCVG9e8dGniSM.roa
File: jK5KvEiTjEVP4vtCVG9e8dGniSM.roa (raw, json)
Hash identifier: lZ0rR6lAPPH01tpq8oN6QmdOJoCslwDSTU5Y91LVvdg=
Subject key identifier: 8C:AE:4A:BC:48:93:8C:45:4F:E2:FB:42:54:6F:5E:F1:D1:A7:89:23
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 0608AB0B
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/jK5KvEiTjEVP4vtCVG9e8dGniSM.roa
Signing time: Sat 01 Jan 2022 16:01:26 +0000
ROA not before: Sat 01 Jan 2022 16:01:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211880
IP address blocks: 2a0d:f407:1025::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101231371 (0x608ab0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 1 16:01:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8cae4abc48938c454fe2fb42546f5ef1d1a78923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f6:49:a9:4f:e7:28:3b:d9:49:b0:5c:c8:dc:
b5:1e:c6:07:2f:e2:b6:dd:8e:de:86:e3:e4:95:75:
14:00:42:63:df:41:cc:07:b6:18:a3:5d:ca:4b:d9:
a0:02:f7:02:42:60:11:3a:4d:f4:11:a3:3a:a9:23:
21:6b:d8:f4:37:8f:c1:bd:fb:56:c9:b3:1a:15:03:
c7:19:64:f8:d4:05:69:85:61:6d:b5:62:24:8e:42:
54:9e:b4:63:8e:2f:aa:12:e6:71:08:9d:0b:dd:89:
df:88:85:ee:c8:01:45:ae:43:e4:c1:b6:7b:81:1b:
03:25:3a:33:2f:5d:1f:68:f2:09:51:5c:0d:ef:7a:
b8:1c:eb:71:35:1c:7e:dd:43:d8:99:0e:d1:5d:f5:
ea:f6:f9:68:18:03:97:26:a8:75:cb:6a:d8:e8:1b:
e9:e8:78:df:de:18:ec:43:75:32:71:21:15:fe:b0:
d7:92:14:da:3e:b4:26:18:52:d7:80:88:e6:a3:29:
2b:3c:9f:22:ac:d1:fb:76:e3:02:be:18:65:c8:9d:
a5:85:f5:a2:b2:a9:c6:ce:8a:54:85:a3:67:c8:5c:
32:3b:8c:cc:b4:3d:89:42:66:d6:61:4a:07:0a:a3:
05:61:d3:a2:a0:3c:73:97:1a:93:bd:8a:73:66:fa:
b8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:AE:4A:BC:48:93:8C:45:4F:E2:FB:42:54:6F:5E:F1:D1:A7:89:23
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/jK5KvEiTjEVP4vtCVG9e8dGniSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:f407:1025::/48
Signature Algorithm: sha256WithRSAEncryption
30:76:e4:86:d3:0f:b5:a7:46:f8:50:1c:67:07:16:0a:f5:42:
36:5a:9c:77:e7:a5:0e:d4:eb:80:82:8c:2b:0e:3c:09:54:ab:
43:22:5d:4f:8f:40:5e:08:7a:fc:e2:bd:5d:bb:37:95:5b:86:
ed:ab:57:aa:7e:fd:68:31:e7:e3:68:7d:b4:4e:01:a7:bb:a3:
a2:e9:62:17:88:30:8b:2b:76:7c:6b:37:7c:b1:d9:8f:e6:76:
73:df:08:8e:e3:7c:bb:c5:1a:a4:0c:bf:88:93:cc:7a:2e:51:
7a:81:45:c0:f6:d3:a8:c9:bd:c8:7d:70:79:57:87:07:14:cc:
c9:2d:2f:36:d4:90:ef:e3:76:13:b1:6b:50:8f:24:2e:d1:03:
28:8b:c8:e2:bb:50:da:b0:18:59:36:4f:4e:45:fc:92:0f:55:
c6:13:ef:d6:27:ad:5e:0b:ff:ad:9e:64:c3:4b:93:31:17:73:
18:c3:2e:7c:11:fc:04:f8:70:e1:79:08:6f:71:8e:5e:8e:b3:
f7:d2:8e:c8:86:88:52:64:9a:b6:5f:f5:a4:bc:f2:ce:dc:ca:
b4:cb:3a:80:d4:91:d1:a0:87:62:69:5a:25:fd:4c:ee:d2:1b:
04:6e:70:01:3f:ba:44:55:01:b8:1a:9a:cd:30:c2:c3:3d:6a:
80:3c:41:46
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBgirCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjZkOWQ1MGIzYjg5ZDUxYzhhYTI0OTNlN2VmNDcwMWQ2MjUxZGFkMB4XDTIyMDEw
MTE2MDEyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNhZTRhYmM0ODkz
OGM0NTRmZTJmYjQyNTQ2ZjVlZjFkMWE3ODkyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALf2SalP5yg72UmwXMjctR7GBy/itt2O3obj5JV1FABCY99B
zAe2GKNdykvZoAL3AkJgETpN9BGjOqkjIWvY9DePwb37VsmzGhUDxxlk+NQFaYVh
bbViJI5CVJ60Y44vqhLmcQidC92J34iF7sgBRa5D5MG2e4EbAyU6My9dH2jyCVFc
De96uBzrcTUcft1D2JkO0V316vb5aBgDlyaodctq2Ogb6eh4394Y7EN1MnEhFf6w
15IU2j60JhhS14CI5qMpKzyfIqzR+3bjAr4YZcidpYX1orKpxs6KVIWjZ8hcMjuM
zLQ9iUJm1mFKBwqjBWHToqA8c5cak72Kc2b6uFkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSMrkq8SJOMRU/i+0JUb17x0aeJIzAfBgNVHSMEGDAWgBTGbZ1Qs7idUciq
JJPn70cB1iUdrTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3htMmRVTE80blZISXFpU1Q1LTlIQWRZbEhhMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvNGJiNzRiLThkNmQtNDUxNC1hMzljLWI3YzU3OGI3NGUzNS8x
L2pLNUt2RWlUakVWUDR2dENWRzllOGRHbmlTTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
NGJiNzRiLThkNmQtNDUxNC1hMzljLWI3YzU3OGI3NGUzNS8xL3htMmRVTE80blZI
SXFpU1Q1LTlIQWRZbEhhMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoN9AcQJTANBgkqhkiG9w0BAQsF
AAOCAQEAMHbkhtMPtadG+FAcZwcWCvVCNlqcd+elDtTrgIKMKw48CVSrQyJdT49A
Xgh6/OK9Xbs3lVuG7atXqn79aDHn42h9tE4Bp7ujouliF4gwiyt2fGs3fLHZj+Z2
c98IjuN8u8UapAy/iJPMei5ReoFFwPbTqMm9yH1weVeHBxTMyS0vNtSQ7+N2E7Fr
UI8kLtEDKIvI4rtQ2rAYWTZPTkX8kg9VxhPv1ietXgv/rZ5kw0uTMRdzGMMufBH8
BPhw4XkIb3GOXo6z99KOyIaIUmSatl/1pLzyztzKtMs6gNSR0aCHYmlaJf1M7tIb
BG5wAT+6RFUBuBqazTDCwz1qgDxBRg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:37 2023 by rpki-client on console-ams.rpki-client.org