Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/KiB9pB9Q7xNp677pVHv9FBWkSjg.roa
File: KiB9pB9Q7xNp677pVHv9FBWkSjg.roa (raw, json)
Hash identifier: xKe1Q46+us77jT+y3vjnMCb2JxgRym/msArEaRFKhVY=
Subject key identifier: 2A:20:7D:A4:1F:50:EF:13:69:EB:BE:E9:54:7B:FD:14:15:A4:4A:38
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01835B088F0566189B93BBCA07BFACF060F0
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/KiB9pB9Q7xNp677pVHv9FBWkSjg.roa
Signing time: Tue 20 Sep 2022 13:13:50 +0000
ROA not before: Tue 20 Sep 2022 13:13:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 328126
IP address blocks: 90.84.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5b:08:8f:05:66:18:9b:93:bb:ca:07:bf:ac:f0:60:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Sep 20 13:13:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a207da41f50ef1369ebbee9547bfd1415a44a38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0b:e0:9d:56:a7:54:a4:1d:5b:12:ea:85:33:
67:64:ca:ea:9d:be:11:35:6c:da:78:d7:58:7b:57:
7c:5c:2e:12:cb:2f:a2:d9:6a:26:1d:7b:31:54:a2:
89:4a:52:c2:ef:ad:45:56:2c:47:c2:38:07:74:b1:
ad:b3:56:ce:f4:73:56:47:9c:c0:ab:f7:f3:ca:91:
e1:58:51:89:bf:ba:79:21:2c:d4:cb:4b:b2:00:2c:
4c:0a:93:8e:fc:7d:36:31:e4:58:96:1d:d5:02:3d:
5d:3a:9e:96:6d:66:6e:80:ac:60:3a:94:6b:f1:fc:
7b:43:cf:07:da:1f:7a:10:61:20:bb:bb:21:dc:87:
1f:87:28:ce:fa:b8:fa:e3:d3:e4:3e:af:02:f7:1f:
fd:5e:82:cd:1d:ea:6e:b5:1e:6d:fd:6e:51:29:45:
2c:a3:4d:4e:ac:35:bb:0f:b3:9a:b1:e1:09:59:eb:
29:41:dd:00:1b:99:99:a1:00:58:4f:8b:73:63:15:
be:58:85:18:29:3e:65:32:43:ec:d1:1e:c1:53:45:
88:e6:1d:50:5e:b6:28:41:4d:a5:9b:b4:db:85:23:
8e:d0:95:40:52:96:69:bf:f9:9a:eb:ac:e9:06:11:
22:0b:11:02:0a:24:1b:8e:cc:de:27:62:90:d4:67:
c6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:20:7D:A4:1F:50:EF:13:69:EB:BE:E9:54:7B:FD:14:15:A4:4A:38
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/KiB9pB9Q7xNp677pVHv9FBWkSjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.84.148.0/24
Signature Algorithm: sha256WithRSAEncryption
29:eb:a4:22:39:f3:6e:bc:b6:0c:49:dc:ed:40:37:f2:0e:8a:
fd:db:ce:2c:63:05:b4:fb:85:ad:3e:cb:7e:58:4e:60:30:d8:
0f:e5:93:c3:6e:18:fd:8e:7d:7d:26:97:fe:82:79:c5:4c:6e:
ae:e1:c9:2c:d5:c1:c9:d6:df:37:7d:43:2d:5f:10:f0:f4:75:
34:f3:23:a5:ec:21:1a:62:09:71:82:0b:45:ab:5e:90:f7:53:
a0:5b:e0:b0:be:e9:1d:aa:00:d3:2e:24:3e:3f:72:16:0f:4e:
c4:6f:48:56:08:f4:50:56:cf:86:64:32:49:c2:55:b8:4f:a6:
48:9d:bc:7a:eb:70:c0:7c:f2:a0:43:69:e4:39:cc:97:85:19:
1a:fd:9f:17:39:22:01:6b:9e:60:6a:39:4f:52:23:b6:fb:a7:
b0:0b:7f:b3:46:67:9c:85:1c:dd:9b:ec:0d:4d:53:e4:4c:3b:
9f:e2:7d:66:97:e1:7c:5b:cf:56:d5:7b:6a:bd:b4:73:04:1a:
18:5d:b2:0f:a4:79:0e:48:76:46:de:15:cd:18:61:c9:09:26:
1f:9c:3d:4b:19:b3:d0:1c:84:4b:af:9e:11:b8:1e:6b:05:64:
0f:6b:d0:72:b2:25:9d:3c:64:4a:1f:19:d0:8f:47:09:58:16:
54:d6:cc:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNbCI8FZhibk7vKB7+s8GDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjIwOTIwMTMxMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTIwN2RhNDFmNTBlZjEzNjllYmJlZTk1NDdiZmQxNDE1YTQ0YTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAvgnVanVKQdWxLqhTNnZMrqnb4R
NWzaeNdYe1d8XC4Syy+i2WomHXsxVKKJSlLC761FVixHwjgHdLGts1bO9HNWR5zA
q/fzypHhWFGJv7p5ISzUy0uyACxMCpOO/H02MeRYlh3VAj1dOp6WbWZugKxgOpRr
8fx7Q88H2h96EGEgu7sh3IcfhyjO+rj649PkPq8C9x/9XoLNHeputR5t/W5RKUUs
o01OrDW7D7OaseEJWespQd0AG5mZoQBYT4tzYxW+WIUYKT5lMkPs0R7BU0WI5h1Q
XrYoQU2lm7TbhSOO0JVAUpZpv/ma66zpBhEiCxECCiQbjszeJ2KQ1GfGVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCogfaQfUO8Taeu+6VR7/RQVpEo4MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvS2lCOXBCOVE3eE5wNjc3cFZIdjlGQldrU2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWlSUMA0G
CSqGSIb3DQEBCwUAA4IBAQAp66QiOfNuvLYMSdztQDfyDor9284sYwW0+4WtPst+
WE5gMNgP5ZPDbhj9jn19Jpf+gnnFTG6u4cks1cHJ1t83fUMtXxDw9HU08yOl7CEa
YglxggtFq16Q91OgW+CwvukdqgDTLiQ+P3IWD07Eb0hWCPRQVs+GZDJJwlW4T6ZI
nbx663DAfPKgQ2nkOcyXhRka/Z8XOSIBa55gajlPUiO2+6ewC3+zRmechRzdm+wN
TVPkTDuf4n1ml+F8W89W1XtqvbRzBBoYXbIPpHkOSHZG3hXNGGHJCSYfnD1LGbPQ
HIRLr54RuB5rBWQPa9BysiWdPGRKHxnQj0cJWBZU1syb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org