Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/KpVkEs4cOc2gMvcEOFLO-X2G3_g.roa
File: KpVkEs4cOc2gMvcEOFLO-X2G3_g.roa (raw, json)
Hash identifier: dn8rTenXRA8AAWd4IdXbUaYrZ4+WL13gNM7ckd/oGvI=
Subject key identifier: 2A:95:64:12:CE:1C:39:CD:A0:32:F7:04:38:52:CE:F9:7D:86:DF:F8
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0183141B053DFACCBFF542A7266B18388A56
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/KpVkEs4cOc2gMvcEOFLO-X2G3_g.roa
Signing time: Tue 06 Sep 2022 18:40:58 +0000
ROA not before: Tue 06 Sep 2022 18:40:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51765
IP address blocks: 2a11:840:21::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:14:1b:05:3d:fa:cc:bf:f5:42:a7:26:6b:18:38:8a:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Sep 6 18:40:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a956412ce1c39cda032f7043852cef97d86dff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:8e:75:c6:71:b3:15:ed:06:69:51:3a:55:d9:
ec:67:f1:c8:6a:df:db:79:af:77:8d:98:0f:d2:aa:
56:ea:42:ba:26:39:32:2d:61:2a:61:d6:c3:d6:df:
76:08:8d:27:2d:f6:44:b5:4e:60:b2:42:da:71:50:
06:90:47:2a:8e:d1:3f:95:ac:be:7c:d6:33:be:83:
48:4f:d8:8e:82:9d:77:6f:12:86:29:02:21:6d:01:
61:77:c2:8f:9a:47:43:c0:ad:a4:45:80:0d:55:22:
4c:5b:f6:a9:f6:9a:53:c1:07:17:79:c2:19:77:68:
b2:ba:31:6c:bd:c2:2a:70:8e:60:94:6e:c7:43:03:
e6:84:46:3a:22:c7:ff:6b:b3:62:37:a3:a3:60:8a:
c1:c1:09:73:ae:b2:f8:e3:dd:26:83:e4:44:ed:ef:
f0:5d:d1:8f:d4:3c:1e:0d:a6:c2:b1:2a:a5:12:6f:
e4:53:32:d3:ee:3c:ba:10:95:0f:0b:3e:50:5b:84:
e2:6c:e8:ec:7d:2d:67:3c:aa:84:d3:4b:21:bb:3d:
f2:6d:c3:9f:33:90:33:d7:53:5c:a4:46:e7:86:94:
89:ce:e6:da:79:d0:f4:cc:47:38:0a:d4:b3:1e:7a:
c8:44:8f:bd:9c:71:b3:1d:ca:1e:a1:30:6f:df:36:
10:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:95:64:12:CE:1C:39:CD:A0:32:F7:04:38:52:CE:F9:7D:86:DF:F8
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/KpVkEs4cOc2gMvcEOFLO-X2G3_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:840:21::/48
Signature Algorithm: sha256WithRSAEncryption
8a:05:dd:12:d4:dd:e5:6c:5c:dd:83:12:45:69:9c:d7:81:40:
da:73:e5:93:5f:a7:81:a8:a7:c6:ee:0d:cb:1e:7c:76:aa:82:
7c:e8:54:b0:0d:d0:38:8c:68:51:0c:f5:0e:0a:b0:60:19:fb:
84:49:f4:a5:9f:89:d8:51:e2:45:da:30:75:a3:69:84:73:be:
73:dd:2e:79:bf:d1:4d:b6:90:0b:4a:5a:27:70:2a:1b:2c:cd:
c0:ff:80:03:c5:78:0f:a6:f7:22:32:65:9c:6e:86:43:d4:5c:
a6:78:79:2b:e5:2e:4c:c0:45:78:df:7e:28:18:46:40:f8:10:
e3:c0:e4:58:4b:ec:df:4d:e4:d5:cf:63:9d:1a:6f:69:eb:05:
8b:b3:a6:ab:24:0e:52:69:e2:1b:75:7d:b6:29:c5:6c:25:33:
c7:90:8b:31:55:f1:e0:9f:a3:4e:d3:b0:4b:53:9a:ab:58:c2:
4f:41:df:c4:fb:07:17:63:3a:ab:2f:77:3e:71:d1:05:51:75:
cc:6f:86:ca:49:f6:2c:a9:21:2a:76:ae:ee:73:44:e8:b9:b2:
c9:dc:8a:74:57:85:15:7e:e6:96:28:55:96:4b:3f:c0:eb:bb:
0e:45:9e:5e:49:46:df:96:1a:7f:ff:d2:6a:6f:c6:1f:1b:c5:
95:ac:f0:db
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYMUGwU9+sy/9UKnJmsYOIpWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjIwOTA2MTg0MDU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTk1NjQxMmNlMWMzOWNkYTAzMmY3MDQzODUyY2VmOTdkODZkZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8o51xnGzFe0GaVE6VdnsZ/HIat/b
ea93jZgP0qpW6kK6JjkyLWEqYdbD1t92CI0nLfZEtU5gskLacVAGkEcqjtE/lay+
fNYzvoNIT9iOgp13bxKGKQIhbQFhd8KPmkdDwK2kRYANVSJMW/ap9ppTwQcXecIZ
d2iyujFsvcIqcI5glG7HQwPmhEY6Isf/a7NiN6OjYIrBwQlzrrL4490mg+RE7e/w
XdGP1DweDabCsSqlEm/kUzLT7jy6EJUPCz5QW4TibOjsfS1nPKqE00shuz3ybcOf
M5Az11NcpEbnhpSJzubaedD0zEc4CtSzHnrIRI+9nHGzHcoeoTBv3zYQzQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCqVZBLOHDnNoDL3BDhSzvl9ht/4MB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvS3BWa0VzNGNPYzJnTXZjRU9GTE8tWDJHM19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhEIQAAh
MA0GCSqGSIb3DQEBCwUAA4IBAQCKBd0S1N3lbFzdgxJFaZzXgUDac+WTX6eBqKfG
7g3LHnx2qoJ86FSwDdA4jGhRDPUOCrBgGfuESfSln4nYUeJF2jB1o2mEc75z3S55
v9FNtpALSloncCobLM3A/4ADxXgPpvciMmWcboZD1FymeHkr5S5MwEV4334oGEZA
+BDjwORYS+zfTeTVz2OdGm9p6wWLs6arJA5SaeIbdX22KcVsJTPHkIsxVfHgn6NO
07BLU5qrWMJPQd/E+wcXYzqrL3c+cdEFUXXMb4bKSfYsqSEqdq7uc0ToubLJ3Ip0
V4UVfuaWKFWWSz/A67sORZ5eSUbflhp//9Jqb8YfG8WVrPDb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org