Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/KlXe9vzDGp5G_uBUZcX8XYDvQHc.roa
File: KlXe9vzDGp5G_uBUZcX8XYDvQHc.roa (raw, json)
Hash identifier: HraCzNgChZjV4LxA1ut3ti1NuEWt5ujtm5zZNzGqjMg=
Subject key identifier: 2A:55:DE:F6:FC:C3:1A:9E:46:FE:E0:54:65:C5:FC:5D:80:EF:40:77
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 3940538A
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/KlXe9vzDGp5G_uBUZcX8XYDvQHc.roa
Signing time: Sat 01 Jan 2022 03:52:59 +0000
ROA not before: Sat 01 Jan 2022 03:52:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8672
IP address blocks: 2001:648:2c10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 960517002 (0x3940538a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 03:52:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a55def6fcc31a9e46fee05465c5fc5d80ef4077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ec:1f:ea:eb:c1:22:2f:03:ce:6e:e7:5a:9b:
47:a5:0b:7a:da:86:90:e8:ba:46:19:4b:03:aa:f2:
83:20:58:1e:2a:17:06:04:3f:45:52:f8:63:e0:1e:
55:b8:c7:dc:3b:57:ab:87:9d:c9:1c:b0:5c:d7:4c:
31:cc:fc:2b:67:67:7d:e1:df:49:18:a4:72:17:0b:
b5:3f:ac:c3:1a:04:da:9f:f5:59:d0:08:22:d6:76:
b7:3d:69:86:67:b8:17:35:f3:e6:f3:7e:f5:d4:e8:
da:48:45:c9:f7:b8:23:47:1e:36:7b:8d:5d:38:e6:
d5:3e:fa:bb:26:9c:5f:7e:4e:37:4d:44:00:23:b6:
14:fd:e8:11:7b:5a:3b:5a:5c:d1:fe:02:4e:1c:6c:
bd:da:a9:83:22:04:b1:99:ce:d3:6f:44:28:34:65:
9f:60:1a:88:b2:47:e9:2b:24:2f:0a:f3:28:9f:58:
22:c8:ca:40:2f:9f:62:1a:77:85:8f:4f:96:c9:d6:
d8:47:96:3e:95:99:62:14:34:d8:e7:9e:ec:15:be:
10:94:cc:0c:1f:4a:ba:34:5b:fa:8f:54:f7:cc:9c:
39:ab:a1:14:39:a5:ad:17:7a:b1:d4:0f:ab:b8:e3:
21:70:94:67:53:8f:74:36:cf:69:d3:48:59:2e:11:
9f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:55:DE:F6:FC:C3:1A:9E:46:FE:E0:54:65:C5:FC:5D:80:EF:40:77
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/KlXe9vzDGp5G_uBUZcX8XYDvQHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:648:2c10::/48
Signature Algorithm: sha256WithRSAEncryption
3c:bb:b2:c4:59:d1:33:0b:ca:32:2f:c1:b1:95:a2:63:c6:81:
b2:61:dc:8a:c4:8c:31:97:70:65:a7:9d:af:ad:f6:16:44:5a:
74:ac:ec:1e:cf:84:e9:c7:5a:65:bf:0d:de:34:38:f0:5b:c3:
bf:f9:db:95:cb:b8:91:df:d2:d9:73:aa:3f:9b:c8:b8:b7:3b:
b9:b9:18:93:2f:58:65:c7:66:b1:09:2d:70:ae:2a:63:95:e2:
ce:c0:fe:7d:c5:10:d0:cd:92:b0:e7:fa:2a:ca:77:16:1d:bc:
24:ce:14:e0:51:1d:76:66:e7:34:1e:64:cc:60:47:b5:1b:ed:
c7:89:e0:2a:e0:45:c7:b4:a9:f2:b3:16:7a:f5:2e:ab:fb:e1:
40:1e:d2:c8:63:a0:23:2d:fb:32:0d:31:eb:8f:12:ed:a9:ef:
2a:aa:4e:70:aa:ec:0c:e9:52:68:07:05:98:1e:e1:96:d4:e7:
fc:d8:d1:f2:8b:a7:62:f8:f5:ed:99:ea:1c:90:cc:5a:7b:a1:
3f:d8:1d:15:c2:03:96:4d:b5:d4:3b:46:10:ac:23:3a:f3:43:
87:4b:ce:8b:a1:c9:18:94:6c:4a:c0:01:78:87:7c:20:3b:1d:
66:30:87:fa:f4:42:48:a6:2e:9f:d1:c1:a2:ff:64:72:fd:da:
80:8a:18:e8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEOUBTijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTZmOTI5NTUyMWRmMzBhMTU4ZjUwNmJhN2NiODczYWI5NTI5ZGMzMB4XDTIyMDEw
MTAzNTI1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE1NWRlZjZmY2Mz
MWE5ZTQ2ZmVlMDU0NjVjNWZjNWQ4MGVmNDA3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIzsH+rrwSIvA85u51qbR6ULetqGkOi6RhlLA6rygyBYHioX
BgQ/RVL4Y+AeVbjH3DtXq4edyRywXNdMMcz8K2dnfeHfSRikchcLtT+swxoE2p/1
WdAIItZ2tz1phme4FzXz5vN+9dTo2khFyfe4I0ceNnuNXTjm1T76uyacX35ON01E
ACO2FP3oEXtaO1pc0f4CThxsvdqpgyIEsZnO029EKDRln2AaiLJH6SskLwrzKJ9Y
IsjKQC+fYhp3hY9PlsnW2EeWPpWZYhQ02Oee7BW+EJTMDB9KujRb+o9U98ycOauh
FDmlrRd6sdQPq7jjIXCUZ1OPdDbPadNIWS4Rn7sCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQqVd72/MMankb+4FRlxfxdgO9AdzAfBgNVHSMEGDAWgBRab5KVUh3zChWP
UGuny4c6uVKdwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dtLVNsVklkOHdvVmoxQnJwOHVIT3JsU25jTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8x
L0tsWGU5dnpER3A1R191QlVaY1g4WFlEdlFIYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8xL1dtLVNsVklkOHdv
VmoxQnJwOHVIT3JsU25jTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBkgsEDANBgkqhkiG9w0BAQsF
AAOCAQEAPLuyxFnRMwvKMi/BsZWiY8aBsmHcisSMMZdwZaedr632FkRadKzsHs+E
6cdaZb8N3jQ48FvDv/nblcu4kd/S2XOqP5vIuLc7ubkYky9YZcdmsQktcK4qY5Xi
zsD+fcUQ0M2SsOf6Ksp3Fh28JM4U4FEddmbnNB5kzGBHtRvtx4ngKuBFx7Sp8rMW
evUuq/vhQB7SyGOgIy37Mg0x648S7anvKqpOcKrsDOlSaAcFmB7hltTn/NjR8oun
Yvj17ZnqHJDMWnuhP9gdFcIDlk211DtGEKwjOvNDh0vOi6HJGJRsSsABeId8IDsd
ZjCH+vRCSKYun9HBov9kcv3agIoY6A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:59 2025 by rpki-client