Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/KknXKR2bNPxzwIX5EMnZSacFYFE.roa
File: KknXKR2bNPxzwIX5EMnZSacFYFE.roa (raw, json)
Hash identifier: xYRLOP4xVC+P3U6w3R8QWza9slo9ZHo5HyZU+A6Oe8w=
Subject key identifier: 2A:49:D7:29:1D:9B:34:FC:73:C0:85:F9:10:C9:D9:49:A7:05:60:51
Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Certificate serial: 041BA6E5
Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/KknXKR2bNPxzwIX5EMnZSacFYFE.roa
Signing time: Sat 01 Jan 2022 10:55:33 +0000
ROA not before: Sat 01 Jan 2022 10:55:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47530
IP address blocks: 2a00:e78:8000::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68921061 (0x41ba6e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Validity
Not Before: Jan 1 10:55:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a49d7291d9b34fc73c085f910c9d949a7056051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cc:1d:dd:d2:35:53:bc:de:5d:a5:ea:8d:56:
44:59:26:fa:2f:5d:84:ca:2d:5a:2d:f1:03:6e:86:
58:2c:f7:31:38:fb:e3:1d:1c:8f:9a:8a:7d:ca:db:
79:67:97:c6:fc:f9:4d:5b:c2:ae:9d:15:6a:73:eb:
9a:f0:08:b8:12:d6:e0:5d:42:49:d7:31:24:0e:12:
71:f5:7e:95:32:df:d8:f6:6b:9a:6b:2b:6d:09:37:
f5:a7:cb:58:69:28:39:00:b0:0b:4c:a1:de:68:e4:
84:a5:d5:c8:67:b4:6c:96:32:64:e9:19:d7:a3:09:
c0:cf:8f:75:ed:fd:dd:a1:39:bf:bd:57:8a:48:86:
ec:16:91:cf:84:00:c6:1d:e4:e5:c9:4d:3b:7a:cb:
23:59:ca:b0:c4:33:4e:69:bd:af:fb:94:cd:a1:94:
07:b7:e1:62:1e:d0:3b:ff:f7:a7:bf:a4:2d:20:cf:
d6:49:f5:11:86:5b:ee:f3:20:5e:39:5b:79:9c:fd:
a9:79:b4:c1:93:03:8a:24:c8:8e:8c:72:1f:82:d1:
81:24:75:fe:89:38:e1:35:fb:9f:96:d0:cc:c6:f1:
f0:f3:fa:93:b8:93:24:ee:4d:70:75:cc:db:59:ef:
1b:e1:5e:0e:12:68:61:1f:6a:1d:7a:de:ea:7c:ba:
72:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:49:D7:29:1D:9B:34:FC:73:C0:85:F9:10:C9:D9:49:A7:05:60:51
X509v3 Authority Key Identifier:
keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/KknXKR2bNPxzwIX5EMnZSacFYFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:e78:8000::/46
Signature Algorithm: sha256WithRSAEncryption
0f:68:10:82:37:1f:8e:67:ee:dc:3d:8d:3d:36:b4:cc:f5:47:
09:23:43:2b:2e:79:78:fb:14:6c:03:c4:bb:4e:07:ec:b1:30:
37:13:33:5a:33:74:58:12:39:29:43:99:e7:62:0a:33:a4:30:
23:74:85:13:97:8a:c9:59:83:cc:cb:b3:47:db:4e:37:5c:e8:
b9:e2:35:dd:98:af:b7:c7:8d:8c:3e:b7:79:12:70:67:ae:f0:
f8:c4:10:4b:3d:a8:11:df:e4:06:35:f0:4c:16:5c:13:d6:61:
7a:83:9b:18:1a:9b:26:ea:62:6b:4b:36:8e:9c:b1:f9:d0:6c:
0d:19:8e:66:45:50:1c:1b:66:57:36:96:10:9b:b2:96:85:13:
79:59:43:31:38:60:d3:42:c2:23:b8:86:44:45:7e:c9:70:7f:
07:1d:62:26:d6:0a:2e:56:cd:d5:79:08:49:e9:ba:db:54:dc:
28:8e:5e:20:1b:90:05:4b:87:ba:30:2d:52:5c:02:e8:ac:b1:
65:02:f0:39:22:b7:16:1e:5a:4a:73:2d:e7:3a:cf:e9:40:7e:
5c:74:84:e6:dd:11:5f:57:a4:33:35:09:e6:6b:8e:81:74:59:
50:40:8b:a1:cc:74:1b:0a:47:31:ee:69:67:2e:a1:d5:ab:bd:
6e:46:ee:75
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBBum5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YzcxYzk2MDA1ZTEzYTg0YTNmMzFlZjFkOTkxNzc3ZjRiNmUzMWE3MB4XDTIyMDEw
MTEwNTUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE0OWQ3MjkxZDli
MzRmYzczYzA4NWY5MTBjOWQ5NDlhNzA1NjA1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPMHd3SNVO83l2l6o1WRFkm+i9dhMotWi3xA26GWCz3MTj7
4x0cj5qKfcrbeWeXxvz5TVvCrp0VanPrmvAIuBLW4F1CSdcxJA4ScfV+lTLf2PZr
mmsrbQk39afLWGkoOQCwC0yh3mjkhKXVyGe0bJYyZOkZ16MJwM+Pde393aE5v71X
ikiG7BaRz4QAxh3k5clNO3rLI1nKsMQzTmm9r/uUzaGUB7fhYh7QO//3p7+kLSDP
1kn1EYZb7vMgXjlbeZz9qXm0wZMDiiTIjoxyH4LRgSR1/ok44TX7n5bQzMbx8PP6
k7iTJO5NcHXM21nvG+FeDhJoYR9qHXre6ny6cmECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQqSdcpHZs0/HPAhfkQydlJpwVgUTAfBgNVHSMEGDAWgBQscclgBeE6hKPz
HvHZkXd/S24xpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xISEpZQVhoT29Tajh4N3gyWkYzZjB0dU1hYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvZmEzNTQ0LTEwMjUtNGU4Zi1hOGZlLTdhMjhhZjI5Y2RjMi8x
L0trblhLUjJiTlB4endJWDVFTW5aU2FjRllGRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
ZmEzNTQ0LTEwMjUtNGU4Zi1hOGZlLTdhMjhhZjI5Y2RjMi8xL0xISEpZQVhoT29T
ajh4N3gyWkYzZjB0dU1hYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioADniAADANBgkqhkiG9w0BAQsF
AAOCAQEAD2gQgjcfjmfu3D2NPTa0zPVHCSNDKy55ePsUbAPEu04H7LEwNxMzWjN0
WBI5KUOZ52IKM6QwI3SFE5eKyVmDzMuzR9tON1zoueI13Zivt8eNjD63eRJwZ67w
+MQQSz2oEd/kBjXwTBZcE9ZheoObGBqbJupia0s2jpyx+dBsDRmOZkVQHBtmVzaW
EJuyloUTeVlDMThg00LCI7iGREV+yXB/Bx1iJtYKLlbN1XkISem621TcKI5eIBuQ
BUuHujAtUlwC6KyxZQLwOSK3Fh5aSnMt5zrP6UB+XHSE5t0RX1ekMzUJ5muOgXRZ
UECLocx0GwpHMe5pZy6h1au9bkbudQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:02 2024 by rpki-client on console-fra.rpki-client.org