Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kqFMSRMdavh3iJpUeRETsxXQ4o4.roa
File: kqFMSRMdavh3iJpUeRETsxXQ4o4.roa (raw, json)
Hash identifier: /ruD/dWFhdho6AwTsFq78wiY71xXfF/baR2B687hlCs=
Subject key identifier: 92:A1:4C:49:13:1D:6A:F8:77:88:9A:54:79:11:13:B3:15:D0:E2:8E
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 06F9237F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kqFMSRMdavh3iJpUeRETsxXQ4o4.roa
Signing time: Sat 01 Jan 2022 03:54:06 +0000
ROA not before: Sat 01 Jan 2022 03:54:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2601
IP address blocks: 45.9.31.0/24 maxlen: 24
193.28.177.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116990847 (0x6f9237f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 1 03:54:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92a14c49131d6af877889a54791113b315d0e28e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:27:e5:9a:e1:dc:b0:a7:cc:26:65:42:84:c1:
5d:44:c2:35:4f:7c:0c:32:b2:94:74:f9:67:22:89:
aa:d2:89:3f:cd:c1:22:bc:ec:9c:d7:f2:57:da:bf:
34:bf:09:f0:52:44:06:68:55:89:98:3c:24:a9:f4:
64:b8:c5:f2:20:ce:5e:d5:71:8e:c4:89:4a:c3:60:
01:e8:00:e9:1f:60:29:99:99:43:17:36:6d:d6:29:
55:2d:30:3b:8c:cb:b5:82:72:05:b9:14:ce:a3:35:
ad:fe:38:8b:50:38:66:e1:4e:14:29:15:79:ce:f6:
a0:ed:ef:bf:8a:c3:d7:2d:53:d4:e1:21:79:7a:e4:
d0:eb:cb:36:4f:da:6b:64:25:4b:33:fd:42:fc:f1:
81:d0:66:95:7a:ad:00:b5:16:75:72:ae:dc:41:25:
e1:85:be:ec:d9:9a:95:75:e9:bf:0b:4f:74:56:e3:
77:6e:7d:0a:54:9b:3e:1a:69:d4:59:a1:1d:76:0a:
9d:69:3b:44:79:ad:ea:03:cf:e4:1b:2f:93:29:ff:
8b:59:74:6e:48:e9:18:dc:ec:12:8a:aa:d3:93:ab:
f6:b0:5a:68:81:a2:2b:02:97:66:2d:85:3a:49:99:
69:19:fb:93:af:b8:c4:3b:c5:86:7b:ef:0f:55:bd:
26:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A1:4C:49:13:1D:6A:F8:77:88:9A:54:79:11:13:B3:15:D0:E2:8E
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kqFMSRMdavh3iJpUeRETsxXQ4o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.31.0/24
193.28.177.0/24
Signature Algorithm: sha256WithRSAEncryption
20:be:87:4f:55:fd:e5:93:5c:47:49:a3:bc:b4:6a:b0:3a:55:
94:18:5e:0d:61:f1:43:cc:72:a3:34:e0:6e:98:77:bd:64:6a:
9d:74:41:53:a1:ca:b0:c2:b7:27:7a:24:39:97:ed:28:69:a7:
21:15:d1:00:0b:59:37:1d:18:5b:e9:53:fc:8b:a8:62:0e:ef:
ed:b4:7d:d8:8c:52:cf:fc:be:ce:06:2e:9d:ea:4b:af:b9:70:
72:03:6c:aa:22:c9:5b:ff:c5:1b:a5:ad:70:c4:0a:7b:7a:53:
82:04:62:5d:13:29:91:0f:00:55:1f:56:7b:c2:b5:38:f7:66:
1a:77:40:c7:ab:73:04:0c:f6:11:4b:d9:1a:9a:e4:fb:10:da:
e2:ca:bc:d5:61:d9:4c:3a:0c:73:63:03:79:f8:3b:25:09:1a:
ee:4c:c2:80:fb:e8:e0:e7:54:1f:3a:85:cb:ad:db:e7:8a:87:
45:3c:10:e6:fc:43:93:3d:35:f9:fd:af:66:e0:dc:ba:58:44:
90:4d:85:86:ef:ac:28:1a:f0:91:c6:39:d6:40:83:2d:ba:9e:
8b:d8:93:0e:40:e4:20:56:2d:ef:c4:d8:80:8a:17:b6:52:37:
eb:eb:6f:9f:04:46:fa:ad:2b:ef:39:ac:83:bb:87:09:f6:c7:
37:54:70:93
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBvkjfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDEw
MTAzNTQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTJhMTRjNDkxMzFk
NmFmODc3ODg5YTU0NzkxMTEzYjMxNWQwZTI4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKMn5Zrh3LCnzCZlQoTBXUTCNU98DDKylHT5ZyKJqtKJP83B
IrzsnNfyV9q/NL8J8FJEBmhViZg8JKn0ZLjF8iDOXtVxjsSJSsNgAegA6R9gKZmZ
Qxc2bdYpVS0wO4zLtYJyBbkUzqM1rf44i1A4ZuFOFCkVec72oO3vv4rD1y1T1OEh
eXrk0OvLNk/aa2QlSzP9QvzxgdBmlXqtALUWdXKu3EEl4YW+7NmalXXpvwtPdFbj
d259ClSbPhpp1FmhHXYKnWk7RHmt6gPP5Bsvkyn/i1l0bkjpGNzsEoqq05Or9rBa
aIGiKwKXZi2FOkmZaRn7k6+4xDvFhnvvD1W9JjsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSSoUxJEx1q+HeImlR5EROzFdDijjAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L2txRk1TUk1kYXZoM2lKcFVlUkVUc3hYUTRvNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC0JHwMEAMEcsTANBgkqhkiG9w0B
AQsFAAOCAQEAIL6HT1X95ZNcR0mjvLRqsDpVlBheDWHxQ8xyozTgbph3vWRqnXRB
U6HKsMK3J3okOZftKGmnIRXRAAtZNx0YW+lT/IuoYg7v7bR92IxSz/y+zgYunepL
r7lwcgNsqiLJW//FG6WtcMQKe3pTggRiXRMpkQ8AVR9We8K1OPdmGndAx6tzBAz2
EUvZGprk+xDa4sq81WHZTDoMc2MDefg7JQka7kzCgPvo4OdUHzqFy63b54qHRTwQ
5vxDkz01+f2vZuDculhEkE2Fhu+sKBrwkcY51kCDLbqei9iTDkDkIFYt78TYgIoX
tlI36+tvnwRG+q0r7zmsg7uHCfbHN1Rwkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org