Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/KrAsDEJKvUqO5puiQRjeR_XAeYg.roa
File: KrAsDEJKvUqO5puiQRjeR_XAeYg.roa (raw, json)
Hash identifier: nU2s5bwyhZKKSmoxYO1o8eQBo5Q9PzZ9D5Zu/D+qp2c=
Subject key identifier: 2A:B0:2C:0C:42:4A:BD:4A:8E:E6:9B:A2:41:18:DE:47:F5:C0:79:88
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 017791DA
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/KrAsDEJKvUqO5puiQRjeR_XAeYg.roa
Signing time: Tue 22 Mar 2022 20:43:59 +0000
ROA not before: Tue 22 Mar 2022 20:43:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8778
IP address blocks: 2a00:9060::/32 maxlen: 32
2a02:dd8::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24613338 (0x17791da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Mar 22 20:43:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ab02c0c424abd4a8ee69ba24118de47f5c07988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:67:b1:8c:40:b9:39:3b:94:ab:dc:1f:2b:07:
1e:0e:b2:3a:55:0b:79:c4:70:e5:e7:c1:54:e8:d6:
67:62:b7:3a:2e:02:23:31:5e:53:20:ca:b6:cd:e1:
ab:da:eb:f2:b4:98:32:c3:cf:1f:fe:8d:c3:a0:59:
f8:6a:3b:09:2b:54:da:cc:4e:a6:da:e4:a8:5e:b3:
98:50:58:4d:c3:59:f2:1f:46:a8:bf:5a:65:7a:96:
17:2c:f1:83:c6:64:3d:39:1e:70:1a:bf:6d:ef:23:
65:24:fd:31:1a:a8:d1:2d:4e:aa:83:ec:44:cd:af:
21:ff:2e:bd:79:98:50:3c:95:fe:89:5a:4c:bf:85:
83:0e:29:d2:7a:ec:7b:52:a9:3c:9e:41:81:60:ad:
11:70:1f:e7:80:05:7a:34:31:63:6f:5a:0f:ad:75:
0e:e7:d4:ad:29:f9:8a:9e:1d:32:35:88:b2:6a:38:
e2:6c:c2:49:03:3a:ad:ff:a8:47:6c:1f:b6:29:30:
da:cb:4e:dd:c2:bc:ea:1b:89:03:5f:fd:da:1c:ef:
bb:39:3a:ad:b2:e1:34:50:8b:ef:32:33:5b:56:18:
3f:f1:39:88:72:3e:6c:3e:66:02:ba:b3:7e:73:3e:
d4:fc:31:d7:5f:77:1d:ce:d4:a7:5b:a1:2e:00:a3:
db:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B0:2C:0C:42:4A:BD:4A:8E:E6:9B:A2:41:18:DE:47:F5:C0:79:88
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/KrAsDEJKvUqO5puiQRjeR_XAeYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:9060::/32
2a02:dd8::/29
Signature Algorithm: sha256WithRSAEncryption
17:fa:e1:d0:4a:ac:13:3e:8a:5e:fc:d1:42:65:a9:e8:63:5f:
36:87:cb:2f:ba:14:b4:31:59:6b:06:54:da:d8:1c:f1:d7:82:
14:cd:06:9e:47:99:4f:a8:c5:f5:d6:5b:2e:3a:66:c0:44:5c:
d1:b2:3f:3c:2d:ba:5c:d3:47:02:06:11:11:23:78:c8:7c:16:
cf:7a:3e:56:91:4d:62:99:6e:a1:d8:93:0e:a9:93:e2:b8:a1:
c5:d4:65:2d:c1:71:5f:8c:f9:44:61:46:6f:6d:90:56:c8:1c:
14:42:9e:d9:f6:47:e8:ff:c1:91:b6:28:0d:a1:af:b1:12:5d:
51:51:b6:f7:2d:89:78:d2:99:16:91:15:44:e9:a7:ac:9d:49:
dd:49:06:81:5e:5d:5f:6a:0c:f0:2f:2c:c9:18:7f:8e:84:08:
20:e1:9a:7f:f0:ca:35:4e:a7:f6:3f:e4:1c:98:5f:ae:49:e5:
52:e9:43:a1:53:1d:37:c3:5d:47:98:42:d5:94:c4:51:ba:de:
d0:56:b1:aa:85:51:fc:ae:1c:7f:2a:c4:d9:f2:c3:a6:15:de:
1a:6c:5e:bf:4c:69:1d:c0:ab:40:05:43:a0:fc:64:67:20:cf:
40:d6:18:d7:45:c1:da:d6:b9:5b:7c:f6:dd:17:e8:aa:da:54:
9d:74:0b:d5
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAXeR2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGEyYWUyY2QwOTQzMzMwMThjNDFkYWFmYjQ3NGM2Y2ZhODBkMDdkMB4XDTIyMDMy
MjIwNDM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFiMDJjMGM0MjRh
YmQ0YThlZTY5YmEyNDExOGRlNDdmNWMwNzk4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANBnsYxAuTk7lKvcHysHHg6yOlULecRw5efBVOjWZ2K3Oi4C
IzFeUyDKts3hq9rr8rSYMsPPH/6Nw6BZ+Go7CStU2sxOptrkqF6zmFBYTcNZ8h9G
qL9aZXqWFyzxg8ZkPTkecBq/be8jZST9MRqo0S1OqoPsRM2vIf8uvXmYUDyV/ola
TL+Fgw4p0nrse1KpPJ5BgWCtEXAf54AFejQxY29aD611DufUrSn5ip4dMjWIsmo4
4mzCSQM6rf+oR2wftikw2stO3cK86huJA1/92hzvuzk6rbLhNFCL7zIzW1YYP/E5
iHI+bD5mArqzfnM+1Pwx1193Hc7Up1uhLgCj27UCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQqsCwMQkq9So7mm6JBGN5H9cB5iDAfBgNVHSMEGDAWgBQEoq4s0JQzMBjE
Har7R0xs+oDQfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JLS3VMTkNVTXpBWXhCMnEtMGRNYlBxQTBIMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvNjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8x
L0tyQXNERUpLdlVxTzVwdWlRUmplUl9YQWVZZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
NjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8xL0JLS3VMTkNVTXpB
WXhCMnEtMGRNYlBxQTBIMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFACoAkGADBQMqAg3YMA0GCSqGSIb3
DQEBCwUAA4IBAQAX+uHQSqwTPope/NFCZanoY182h8svuhS0MVlrBlTa2Bzx14IU
zQaeR5lPqMX11lsuOmbARFzRsj88Lbpc00cCBhERI3jIfBbPej5WkU1imW6h2JMO
qZPiuKHF1GUtwXFfjPlEYUZvbZBWyBwUQp7Z9kfo/8GRtigNoa+xEl1RUbb3LYl4
0pkWkRVE6aesnUndSQaBXl1fagzwLyzJGH+OhAgg4Zp/8Mo1Tqf2P+QcmF+uSeVS
6UOhUx03w11HmELVlMRRut7QVrGqhVH8rhx/KsTZ8sOmFd4abF6/TGkdwKtABUOg
/GRnIM9A1hjXRcHa1rlbfPbdF+iq2lSddAvV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:46 2024 by rpki-client on console-ams.rpki-client.org