Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/KoqMz_xLrP1XNXisPuO5OkDV7XE.roa
File: KoqMz_xLrP1XNXisPuO5OkDV7XE.roa (raw, json)
Hash identifier: jLuZylXAafhiMvvliOE67y2U8F51yW+N2Kq7pu0EPlo=
Subject key identifier: 2A:8A:8C:CF:FC:4B:AC:FD:57:35:78:AC:3E:E3:B9:3A:40:D5:ED:71
Certificate issuer: /CN=8e702a616c04941e2c9f071651e49c5df3aed0b1
Certificate serial: 0183133F747E4DA508481F1FE0D57B8992EE
Authority key identifier: 8E:70:2A:61:6C:04:94:1E:2C:9F:07:16:51:E4:9C:5D:F3:AE:D0:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnAqYWwElB4snwcWUeScXfOu0LE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/KoqMz_xLrP1XNXisPuO5OkDV7XE.roa
Signing time: Tue 06 Sep 2022 14:41:08 +0000
ROA not before: Tue 06 Sep 2022 14:41:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200325
IP address blocks: 91.200.176.0/24 maxlen: 24
193.162.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:13:3f:74:7e:4d:a5:08:48:1f:1f:e0:d5:7b:89:92:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e702a616c04941e2c9f071651e49c5df3aed0b1
Validity
Not Before: Sep 6 14:41:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a8a8ccffc4bacfd573578ac3ee3b93a40d5ed71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:55:df:2f:99:8f:8d:23:45:6b:70:06:ed:f1:
24:41:d3:ad:71:23:d6:2e:3c:fb:68:77:b2:19:51:
6f:6a:15:19:ed:78:f1:d1:6c:ab:28:ad:41:39:1f:
be:3a:e7:a9:b2:fb:76:02:6c:20:7d:25:49:f0:b3:
fe:3a:d9:67:c9:e5:cb:89:cc:8d:34:ca:aa:c6:fc:
f4:9a:76:77:b3:11:42:38:5c:2c:90:1a:21:3a:20:
72:61:76:7e:f0:53:66:04:ee:33:57:70:2e:99:05:
7c:40:56:cd:80:3f:04:20:46:b7:aa:c4:e1:3d:b6:
c3:1a:9a:43:15:91:9f:f9:4b:bf:27:12:20:3b:48:
18:74:f1:c8:27:6e:45:59:0a:6d:67:21:c5:bc:d1:
9d:44:9a:00:9c:1c:c4:e6:3d:8b:2c:89:1b:da:f1:
2a:62:8b:13:12:5d:40:cd:41:68:7a:3a:50:66:56:
bc:99:4f:69:07:aa:3a:f4:75:70:5e:2a:71:d4:be:
47:d3:d2:81:5e:e3:d7:47:7b:28:6e:20:92:a3:3a:
44:47:43:a2:3f:a6:95:4f:9c:33:cb:89:62:0c:b6:
44:ec:d5:74:e7:1d:9b:69:89:71:d7:8b:73:04:d1:
c7:cd:fd:48:d1:78:fd:da:fd:53:28:e7:0c:70:7a:
97:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8A:8C:CF:FC:4B:AC:FD:57:35:78:AC:3E:E3:B9:3A:40:D5:ED:71
X509v3 Authority Key Identifier:
keyid:8E:70:2A:61:6C:04:94:1E:2C:9F:07:16:51:E4:9C:5D:F3:AE:D0:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnAqYWwElB4snwcWUeScXfOu0LE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/KoqMz_xLrP1XNXisPuO5OkDV7XE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/jnAqYWwElB4snwcWUeScXfOu0LE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.176.0/24
193.162.131.0/24
Signature Algorithm: sha256WithRSAEncryption
28:03:40:45:4f:71:a1:a6:dc:2e:10:49:2f:fb:58:b9:3c:07:
59:57:72:55:1d:ff:4e:53:3e:40:4d:5a:c8:ec:a0:a3:ad:c9:
2e:13:1d:7c:fa:01:71:f5:d1:76:3e:33:76:e1:c8:ca:dd:4b:
78:45:f7:2c:04:1e:cd:c8:7b:23:74:e3:18:e0:dd:21:11:fb:
25:6f:07:f0:63:cd:42:f5:22:b3:d9:b3:e3:20:dd:94:c5:68:
33:21:ce:31:52:95:95:22:88:02:3b:10:ac:4e:65:e1:dd:c9:
53:ee:6d:ba:96:69:dc:4f:7d:f3:b7:fb:b3:1f:d5:d2:4e:8b:
a5:61:19:d1:49:2e:1c:33:4b:5a:4d:87:4c:d8:4d:8d:8c:05:
49:9d:bd:96:3e:eb:51:a9:dd:04:05:ea:92:c0:13:59:69:60:
b0:f9:fb:8c:93:ab:f6:81:87:ee:43:79:28:97:05:1e:12:c3:
7c:fc:5e:11:9d:39:e5:32:1f:e0:a0:c1:2c:37:ef:ab:83:ef:
f5:ba:1b:c9:bd:1d:1c:0e:f2:63:ee:1a:a7:d7:de:cb:0d:2a:
ad:90:a4:95:9a:eb:c1:4c:92:33:3f:4d:f6:0d:e6:d3:d7:a7:
dc:8c:08:77:31:6f:1b:b5:95:02:75:f4:28:33:f7:96:fb:7a:
13:88:ed:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMTP3R+TaUISB8f4NV7iZLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzAyYTYxNmMwNDk0MWUyYzlmMDcxNjUxZTQ5YzVkZjNh
ZWQwYjEwHhcNMjIwOTA2MTQ0MTA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYThhOGNjZmZjNGJhY2ZkNTczNTc4YWMzZWUzYjkzYTQwZDVlZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlXfL5mPjSNFa3AG7fEkQdOtcSPW
Ljz7aHeyGVFvahUZ7Xjx0WyrKK1BOR++Ouepsvt2AmwgfSVJ8LP+OtlnyeXLicyN
NMqqxvz0mnZ3sxFCOFwskBohOiByYXZ+8FNmBO4zV3AumQV8QFbNgD8EIEa3qsTh
PbbDGppDFZGf+Uu/JxIgO0gYdPHIJ25FWQptZyHFvNGdRJoAnBzE5j2LLIkb2vEq
YosTEl1AzUFoejpQZla8mU9pB6o69HVwXipx1L5H09KBXuPXR3sobiCSozpER0Oi
P6aVT5wzy4liDLZE7NV05x2baYlx14tzBNHHzf1I0Xj92v1TKOcMcHqXqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCqKjM/8S6z9VzV4rD7juTpA1e1xMB8GA1UdIwQY
MBaAFI5wKmFsBJQeLJ8HFlHknF3zrtCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5BcVlXd0VsQjRzbndjV1VlU2NYZk91MExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8yYjg4NzctZTUyMy00ZTljLTlmYzMt
Y2Q2MGM4OTEwMDFiLzEvS29xTXpfeExyUDFYTlhpc1B1TzVPa0RWN1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8yYjg4NzctZTUyMy00ZTljLTlmYzMtY2Q2MGM4OTEwMDFi
LzEvam5BcVlXd0VsQjRzbndjV1VlU2NYZk91MExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8iwAwQA
waKDMA0GCSqGSIb3DQEBCwUAA4IBAQAoA0BFT3GhptwuEEkv+1i5PAdZV3JVHf9O
Uz5ATVrI7KCjrckuEx18+gFx9dF2PjN24cjK3Ut4RfcsBB7NyHsjdOMY4N0hEfsl
bwfwY81C9SKz2bPjIN2UxWgzIc4xUpWVIogCOxCsTmXh3clT7m26lmncT33zt/uz
H9XSToulYRnRSS4cM0taTYdM2E2NjAVJnb2WPutRqd0EBeqSwBNZaWCw+fuMk6v2
gYfuQ3kolwUeEsN8/F4RnTnlMh/goMEsN++rg+/1uhvJvR0cDvJj7hqn197LDSqt
kKSVmuvBTJIzP032DebT16fcjAh3MW8btZUCdfQoM/eW+3oTiO0g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:08 2024 by rpki-client on console-ams.rpki-client.org