Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/kCx1j2PY6SYDft2v0758dqCFDxU.roa
File: kCx1j2PY6SYDft2v0758dqCFDxU.roa (raw, json)
Hash identifier: ara/84793EcHhD3e/lVNoqgmeGRn8w1lMUhSV7My+3I=
Subject key identifier: 90:2C:75:8F:63:D8:E9:26:03:7E:DD:AF:D3:BE:7C:76:A0:85:0F:15
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 127AB267
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/kCx1j2PY6SYDft2v0758dqCFDxU.roa
Signing time: Sat 01 Jan 2022 15:05:36 +0000
ROA not before: Sat 01 Jan 2022 15:05:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49373
IP address blocks: 2a00:1e6a::/32 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 310030951 (0x127ab267)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 1 15:05:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=902c758f63d8e926037eddafd3be7c76a0850f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4a:e6:bd:82:db:25:db:d0:33:b1:ce:2e:2e:
e5:54:33:b1:50:65:b5:f1:ba:f9:c7:2f:a2:d9:e1:
0f:dc:fb:9b:42:53:8c:9b:ee:97:cc:62:ef:4b:b6:
95:fe:17:f6:bc:86:aa:05:1c:13:78:c0:b1:2c:cd:
d7:65:bd:77:f9:a7:d8:c1:53:83:a9:5f:d3:f6:e5:
bf:70:24:28:56:26:d7:f7:77:aa:fc:ae:66:bf:11:
4b:57:4b:6e:f4:29:c6:bb:fe:c6:d9:91:45:00:88:
c6:40:5d:c6:83:28:b5:40:ab:ef:bb:99:da:db:3f:
e9:7b:8b:d9:2f:3e:47:b2:ab:13:ca:16:4b:1a:47:
7f:ad:42:a1:7e:03:73:ab:92:03:b9:1c:c7:24:f0:
61:88:64:70:c1:03:57:dd:fe:88:39:f3:b2:fc:6d:
fd:26:50:3a:25:a8:55:fa:e7:8d:8e:8f:b3:f4:b6:
38:fa:ea:7c:2a:a1:0a:48:05:46:cf:c3:a9:1e:a6:
79:54:ac:31:09:04:b5:71:a3:95:27:e7:cf:04:fa:
59:3a:b6:7a:fb:64:95:f9:35:4d:46:6c:95:80:08:
f7:59:39:0f:c8:62:6e:31:16:4d:18:99:eb:11:8a:
61:aa:19:e4:c1:c6:4f:95:04:bc:b0:13:3d:03:15:
53:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:2C:75:8F:63:D8:E9:26:03:7E:DD:AF:D3:BE:7C:76:A0:85:0F:15
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/kCx1j2PY6SYDft2v0758dqCFDxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1e6a::/32
Signature Algorithm: sha256WithRSAEncryption
6c:ea:41:64:6e:8f:39:4a:a1:63:9b:0b:81:da:bf:41:8d:bb:
12:1f:88:dc:61:f6:4e:2c:c8:37:50:fa:0c:b2:01:73:09:73:
12:e4:b9:b5:1e:95:3d:cc:8a:ea:36:e0:19:2b:8b:4d:3a:ed:
0e:8b:1f:23:56:f3:f5:b6:69:f6:d2:9c:84:dc:e1:e1:32:db:
74:d5:c7:e3:23:7c:ed:fc:8d:90:45:62:d8:02:e7:ad:f6:d9:
c9:16:34:bf:e5:54:65:af:d4:33:f7:66:02:e4:d0:17:7c:46:
09:f8:5e:7c:e0:f4:b3:8b:52:c1:6f:83:71:93:9e:b7:61:0a:
e7:e9:98:8e:26:d8:fe:d0:87:d0:ac:61:8e:35:03:4a:86:79:
2c:ba:69:2c:e1:b2:ae:fb:92:84:97:74:30:2b:fc:ba:04:b9:
4a:b4:8a:3c:03:8a:d0:61:6c:dc:f5:37:f6:64:12:69:95:73:
f3:f8:7b:7b:7f:48:cb:8d:e0:34:b2:f8:42:00:90:90:68:ab:
a4:8b:61:68:55:52:2d:bb:74:ce:1a:4e:12:5d:95:7c:c0:65:
38:7e:9d:bc:cb:18:6a:74:b2:50:74:6e:c6:68:02:33:8a:db:
d6:b5:f1:05:24:41:13:4a:4b:87:8d:d0:b4:ef:4d:39:2b:f4:
71:bb:c5:52
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEnqyZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDEw
MTE1MDUzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTAyYzc1OGY2M2Q4
ZTkyNjAzN2VkZGFmZDNiZTdjNzZhMDg1MGYxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxK5r2C2yXb0DOxzi4u5VQzsVBltfG6+ccvotnhD9z7m0JT
jJvul8xi70u2lf4X9ryGqgUcE3jAsSzN12W9d/mn2MFTg6lf0/blv3AkKFYm1/d3
qvyuZr8RS1dLbvQpxrv+xtmRRQCIxkBdxoMotUCr77uZ2ts/6XuL2S8+R7KrE8oW
SxpHf61CoX4Dc6uSA7kcxyTwYYhkcMEDV93+iDnzsvxt/SZQOiWoVfrnjY6Ps/S2
OPrqfCqhCkgFRs/DqR6meVSsMQkEtXGjlSfnzwT6WTq2evtklfk1TUZslYAI91k5
D8hibjEWTRiZ6xGKYaoZ5MHGT5UEvLATPQMVU7kCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSQLHWPY9jpJgN+3a/Tvnx2oIUPFTAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9rQ3gxajJQWTZTWURmdDJ2MDc1OGRxQ0ZEeFUucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgAeajANBgkqhkiG9w0BAQsF
AAOCAQEAbOpBZG6POUqhY5sLgdq/QY27Eh+I3GH2TizIN1D6DLIBcwlzEuS5tR6V
PcyK6jbgGSuLTTrtDosfI1bz9bZp9tKchNzh4TLbdNXH4yN87fyNkEVi2ALnrfbZ
yRY0v+VUZa/UM/dmAuTQF3xGCfhefOD0s4tSwW+DcZOet2EK5+mYjibY/tCH0Kxh
jjUDSoZ5LLppLOGyrvuShJd0MCv8ugS5SrSKPAOK0GFs3PU39mQSaZVz8/h7e39I
y43gNLL4QgCQkGirpIthaFVSLbt0zhpOEl2VfMBlOH6dvMsYanSyUHRuxmgCM4rb
1rXxBSRBE0pLh43QtO9NOSv0cbvFUg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:07 2023 by rpki-client on console-ams.rpki-client.org