Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/8KK7rnkeouV-E_Z42JmYkXek6Ow.roa
File: 8KK7rnkeouV-E_Z42JmYkXek6Ow.roa (raw, json)
Hash identifier: wxwGR6t1MYP4AKSf32BP4KCx1FLEVjKDf8yyvZmgn6s=
Subject key identifier: F0:A2:BB:AE:79:1E:A2:E5:7E:13:F6:78:D8:99:98:91:77:A4:E8:EC
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 06F17CC1
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/8KK7rnkeouV-E_Z42JmYkXek6Ow.roa
Signing time: Sat 01 Jan 2022 11:01:33 +0000
ROA not before: Sat 01 Jan 2022 11:01:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60251
IP address blocks: 192.42.253.0/24 maxlen: 24
2a0f:6b40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116489409 (0x6f17cc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Jan 1 11:01:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0a2bbae791ea2e57e13f678d899989177a4e8ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:54:9f:11:33:c5:bb:9f:a4:cf:a3:38:e6:87:
fe:67:ec:ce:0c:0e:c5:23:36:5d:cc:1f:f1:cf:84:
3c:35:c7:22:1a:c8:f0:cb:5d:42:dc:a2:6d:06:85:
db:b1:c3:b5:55:55:b3:6b:7b:16:43:53:11:68:be:
1d:c6:3b:03:43:d8:e9:0a:10:3c:77:a3:46:71:a7:
cc:b0:87:fa:f0:af:0a:01:94:ac:ff:49:a9:fd:0f:
a7:e7:27:01:eb:f6:02:43:cd:85:da:ba:be:02:f5:
f5:42:d5:52:c3:88:c3:d7:1f:32:63:37:83:68:02:
6c:ec:dd:22:f4:55:f4:f2:fe:85:da:d3:3c:f5:8b:
80:cc:e5:8b:b0:0b:c7:84:1c:e1:97:e7:32:1d:d5:
92:26:7e:80:d5:3e:a5:06:dc:57:d4:62:6a:48:aa:
b0:1e:8b:46:4d:c0:ae:ce:4d:fa:f3:ce:80:11:d6:
34:c4:67:3c:92:e6:14:9b:20:bd:9a:52:50:89:b8:
22:06:49:5a:f3:52:0a:d8:f9:04:66:98:4b:42:a7:
bc:da:8b:58:ad:d7:29:f2:0f:5e:5d:70:65:46:c8:
65:52:52:fe:38:65:2a:c8:00:cb:89:99:21:1a:d7:
ad:38:d8:84:f6:e3:c7:e0:ad:e8:6d:0a:65:f2:31:
94:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A2:BB:AE:79:1E:A2:E5:7E:13:F6:78:D8:99:98:91:77:A4:E8:EC
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/8KK7rnkeouV-E_Z42JmYkXek6Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.42.253.0/24
IPv6:
2a0f:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
95:7b:3d:fd:0a:2c:60:0d:4c:9a:bb:b3:ba:25:4d:18:68:cb:
0e:d4:bb:d0:a9:5d:4f:4f:7d:ce:fd:f0:08:4e:ec:b4:4f:5f:
0d:2c:e7:e3:18:64:f5:82:5f:58:e0:24:77:09:36:c6:f2:32:
c0:c2:a5:d0:bb:fd:15:cf:b0:08:26:d6:6e:ca:1e:19:66:9c:
85:b2:15:ca:83:8a:71:a4:34:ab:5f:b5:5f:4e:ed:c2:d2:ef:
a9:f6:9b:86:20:40:f0:7f:4e:f5:96:0f:27:d2:f2:2b:93:5c:
f8:dd:8c:fd:cc:c2:9d:ec:9d:53:be:e9:28:8a:f0:61:32:6f:
26:90:77:83:12:58:5e:78:36:81:0b:00:83:a9:66:a7:9e:67:
fc:f3:21:86:c5:5f:21:a5:7f:71:c8:65:09:35:0c:05:45:37:
f9:1e:61:5f:02:44:8b:8a:d5:0b:f9:58:f5:f8:25:41:2b:b7:
fe:38:8a:ca:90:e8:1a:2d:3d:b4:02:7a:64:af:00:8f:09:b1:
8a:e8:93:96:c6:a8:d6:8e:1b:b2:bf:44:de:9e:e7:ce:e5:86:
23:0c:a6:6f:e2:57:80:1b:d5:93:0b:e0:7d:c8:0b:a2:d4:b9:
e3:49:05:3c:69:1a:ac:4f:4f:b7:b5:f6:1d:bd:02:32:60:50:
6c:86:ec:72
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBvF8wTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDk5OGQzYzlkOGJkYzljMWRmZjhlMzE5NDI0NDEyYjZjZGMxZGQzMB4XDTIyMDEw
MTExMDEzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjBhMmJiYWU3OTFl
YTJlNTdlMTNmNjc4ZDg5OTk4OTE3N2E0ZThlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpUnxEzxbufpM+jOOaH/mfszgwOxSM2Xcwf8c+EPDXHIhrI
8MtdQtyibQaF27HDtVVVs2t7FkNTEWi+HcY7A0PY6QoQPHejRnGnzLCH+vCvCgGU
rP9Jqf0Pp+cnAev2AkPNhdq6vgL19ULVUsOIw9cfMmM3g2gCbOzdIvRV9PL+hdrT
PPWLgMzli7ALx4Qc4ZfnMh3VkiZ+gNU+pQbcV9RiakiqsB6LRk3Ars5N+vPOgBHW
NMRnPJLmFJsgvZpSUIm4IgZJWvNSCtj5BGaYS0KnvNqLWK3XKfIPXl1wZUbIZVJS
/jhlKsgAy4mZIRrXrTjYhPbjx+Ct6G0KZfIxlL0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTworuueR6i5X4T9njYmZiRd6To7DAfBgNVHSMEGDAWgBRgmY08nYvcnB3/
jjGUJEErbNwd0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lKbU5QSjJMM0p3ZF80NHhsQ1JCSzJ6Y0hkTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNzc5YWU5LTdkMjItNDI1Mi04YzViLTBlYTRkNTMxYjc5My8x
LzhLSzdybmtlb3VWLUVfWjQySm1Za1hlazZPdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
Nzc5YWU5LTdkMjItNDI1Mi04YzViLTBlYTRkNTMxYjc5My8xL1lKbU5QSjJMM0p3
ZF80NHhsQ1JCSzJ6Y0hkTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMAq/TANBAIAAjAHAwUDKg9rQDAN
BgkqhkiG9w0BAQsFAAOCAQEAlXs9/QosYA1MmruzuiVNGGjLDtS70KldT099zv3w
CE7stE9fDSzn4xhk9YJfWOAkdwk2xvIywMKl0Lv9Fc+wCCbWbsoeGWachbIVyoOK
caQ0q1+1X07twtLvqfabhiBA8H9O9ZYPJ9LyK5Nc+N2M/czCneydU77pKIrwYTJv
JpB3gxJYXng2gQsAg6lmp55n/PMhhsVfIaV/cchlCTUMBUU3+R5hXwJEi4rVC/lY
9fglQSu3/jiKypDoGi09tAJ6ZK8AjwmxiuiTlsao1o4bsr9E3p7nzuWGIwymb+JX
gBvVkwvgfcgLotS540kFPGkarE9Pt7X2Hb0CMmBQbIbscg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:06 2024 by rpki-client on console-ams.rpki-client.org