Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/k_KvbxFAhLviisyhMI4l7zeLXDs.roa
File: k_KvbxFAhLviisyhMI4l7zeLXDs.roa (raw, json)
Hash identifier: hp2nc8u7KGjjoD6fFXUZIo7hKYu7uHNuFHmyvOAcAew=
Subject key identifier: 93:F2:AF:6F:11:40:84:BB:E2:8A:CC:A1:30:8E:25:EF:37:8B:5C:3B
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 08CD5E7D
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/k_KvbxFAhLviisyhMI4l7zeLXDs.roa
Signing time: Sat 01 Jan 2022 07:04:38 +0000
ROA not before: Sat 01 Jan 2022 07:04:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399073
IP address blocks: 2a09:ff00:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147676797 (0x8cd5e7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 07:04:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93f2af6f114084bbe28acca1308e25ef378b5c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a2:aa:d5:db:8d:45:66:e2:f2:c9:36:77:01:
d3:26:13:ac:23:6c:cf:b1:15:ef:55:e4:d9:89:08:
1f:54:f8:90:a7:fd:96:a7:79:49:f6:8a:0b:9b:00:
06:dc:5a:f9:9e:66:63:15:a2:01:83:e0:f4:70:4b:
cf:49:e9:8d:6c:a3:98:03:b0:34:cd:14:c7:b2:74:
94:c0:e0:18:55:20:0a:74:01:26:d6:6c:ef:c7:4b:
9a:9c:12:e0:15:d8:60:49:eb:a6:ec:de:03:4e:1c:
d7:7a:35:bc:28:2d:5f:3d:df:37:31:3a:20:87:59:
de:b1:d1:63:fc:15:42:52:13:ca:17:60:b1:09:1e:
59:7c:03:3d:2c:e4:3d:84:2b:66:a7:e1:bd:bf:66:
3b:cd:0c:9e:9b:f5:43:a7:fa:c7:93:2d:b9:cf:3d:
f1:1b:db:f1:74:83:db:f1:fb:d2:f7:40:72:93:3e:
e6:91:ca:af:e3:f2:72:bc:64:61:78:43:0d:e8:b2:
cf:47:1a:1f:89:41:24:96:a2:35:c7:cf:ad:8c:ef:
e6:37:8d:1d:56:0a:11:8c:7b:ee:90:42:48:30:85:
b3:84:85:9c:1b:eb:2b:e6:f0:9a:a0:dc:6d:a0:a5:
36:fd:5d:5b:13:51:bd:1d:45:1c:ee:0b:a8:78:57:
e8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F2:AF:6F:11:40:84:BB:E2:8A:CC:A1:30:8E:25:EF:37:8B:5C:3B
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/k_KvbxFAhLviisyhMI4l7zeLXDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:ff00:100::/48
Signature Algorithm: sha256WithRSAEncryption
4a:ef:2d:19:20:77:92:8e:0c:e2:30:0a:a7:b7:18:00:99:e0:
4b:f4:dc:6a:e7:a6:cc:b9:04:ed:3e:6d:07:f6:c7:7f:ad:03:
ad:3c:b8:c3:ca:a1:7a:50:5d:0c:d3:cd:0a:2c:d1:4d:da:b7:
a7:4a:4e:36:5e:b1:d0:1e:4c:c0:1d:69:55:62:7c:2d:9f:ef:
37:2e:10:12:85:ac:4c:20:92:6e:cb:dc:e7:20:7c:81:8c:21:
53:f3:1b:a5:e3:96:b5:a3:13:b0:0c:02:68:9f:ed:c7:a4:f5:
c2:4b:2d:96:5b:af:af:d8:01:56:5d:7b:94:3a:39:48:e1:c3:
07:36:bb:5f:fc:fa:d4:da:b7:45:1f:2f:3a:81:b5:ee:4e:b3:
9c:3d:b2:6f:9d:99:1b:76:6c:95:09:dd:a2:68:72:98:6f:42:
77:b1:48:70:5b:80:ee:e7:1a:cd:03:e1:07:bb:6e:3e:fc:6d:
ad:d0:f5:d9:99:e8:4c:d0:45:96:bc:05:0b:c7:2b:44:86:ef:
73:6b:e9:4e:28:f5:0b:51:64:ce:93:3c:4e:83:aa:64:b2:dd:
ed:e9:e7:96:a8:96:f5:0d:08:01:95:06:c7:c5:82:76:0e:9a:
21:87:6c:74:c6:f0:8a:32:7a:0f:b6:04:6a:c7:8f:c3:0f:c9:
37:0a:a6:72
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECM1efTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjhhZWEyZjAyNWY0OTViZWFjZWU3Y2U1YTg4MjA1MTlkZGExMzcwMB4XDTIyMDEw
MTA3MDQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTNmMmFmNmYxMTQw
ODRiYmUyOGFjY2ExMzA4ZTI1ZWYzNzhiNWMzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6iqtXbjUVm4vLJNncB0yYTrCNsz7EV71Xk2YkIH1T4kKf9
lqd5SfaKC5sABtxa+Z5mYxWiAYPg9HBLz0npjWyjmAOwNM0Ux7J0lMDgGFUgCnQB
JtZs78dLmpwS4BXYYEnrpuzeA04c13o1vCgtXz3fNzE6IIdZ3rHRY/wVQlITyhdg
sQkeWXwDPSzkPYQrZqfhvb9mO80Mnpv1Q6f6x5Mtuc898Rvb8XSD2/H70vdAcpM+
5pHKr+PycrxkYXhDDeiyz0caH4lBJJaiNcfPrYzv5jeNHVYKEYx77pBCSDCFs4SF
nBvrK+bwmqDcbaClNv1dWxNRvR1FHO4LqHhX6NsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBST8q9vEUCEu+KKzKEwjiXvN4tcOzAfBgNVHSMEGDAWgBRPiuovAl9JW+rO
585aiCBRndoTcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q0cnFMd0pmU1Z2cXp1Zk9Xb2dnVVozYUUzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8x
L2tfS3ZieEZBaEx2aWlzeWhNSTRsN3plTFhEcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
ZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8xL1Q0cnFMd0pmU1Z2
cXp1Zk9Xb2dnVVozYUUzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoJ/wABADANBgkqhkiG9w0BAQsF
AAOCAQEASu8tGSB3ko4M4jAKp7cYAJngS/TcauemzLkE7T5tB/bHf60DrTy4w8qh
elBdDNPNCizRTdq3p0pONl6x0B5MwB1pVWJ8LZ/vNy4QEoWsTCCSbsvc5yB8gYwh
U/MbpeOWtaMTsAwCaJ/tx6T1wkstlluvr9gBVl17lDo5SOHDBza7X/z61Nq3RR8v
OoG17k6znD2yb52ZG3ZslQndomhymG9Cd7FIcFuA7ucazQPhB7tuPvxtrdD12Zno
TNBFlrwFC8crRIbvc2vpTij1C1FkzpM8ToOqZLLd7ennlqiW9Q0IAZUGx8WCdg6a
IYdsdMbwijJ6D7YEasePww/JNwqmcg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:27 2023 by rpki-client on console-ams.rpki-client.org