Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KkXCjJTF-NOel_iqrhoKBEmDiy4.roa
File: KkXCjJTF-NOel_iqrhoKBEmDiy4.roa (raw, json)
Hash identifier: ZyGl9+7jaVgrQj6OyOtCWmx6W86dVhZvjo2xLM+mg4U=
Subject key identifier: 2A:45:C2:8C:94:C5:F8:D3:9E:97:F8:AA:AE:1A:0A:04:49:83:8B:2E
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0181D750C9CA1F582BA5769B63891283E5D0
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KkXCjJTF-NOel_iqrhoKBEmDiy4.roa
Signing time: Thu 07 Jul 2022 06:20:04 +0000
ROA not before: Thu 07 Jul 2022 06:20:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 89.185.24.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d7:50:c9:ca:1f:58:2b:a5:76:9b:63:89:12:83:e5:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jul 7 06:20:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a45c28c94c5f8d39e97f8aaae1a0a0449838b2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2b:5f:35:89:26:af:e9:43:b9:90:76:cb:f3:
13:98:b0:f1:f1:9b:d9:0d:3f:80:d7:93:32:80:89:
97:7e:56:32:08:7a:09:2c:43:5d:39:f9:51:3b:95:
46:5b:8f:25:ab:50:83:55:ef:a8:ca:ec:a4:b1:2f:
c1:94:9f:49:c3:b7:12:2a:d9:80:91:39:5e:6c:59:
23:de:d5:7f:bb:82:1a:fc:9e:1b:3e:2a:d5:a9:f9:
aa:c7:2f:2c:63:d6:26:4d:27:5b:c5:b9:d0:4f:d9:
b4:f6:be:72:64:0c:39:c5:ba:55:af:2a:b7:54:0f:
ad:0c:1b:15:c3:f8:b6:9e:dc:9c:65:d4:ae:d2:cd:
a0:5a:20:bb:59:b8:0b:75:86:cf:3a:64:77:09:d7:
b2:c0:b2:a6:b2:9a:3f:3f:6d:df:b3:22:eb:1e:b2:
f5:74:76:c6:43:40:04:01:71:82:f2:c5:64:32:41:
77:4f:b2:14:a3:ae:3f:56:fc:50:00:34:bd:a7:1b:
eb:db:f0:4a:79:5f:11:17:65:f7:58:b1:9d:2a:78:
e2:32:0f:9d:e4:30:67:98:99:0c:1c:ea:07:01:09:
a5:29:14:6f:10:d4:01:31:fe:38:53:29:bf:4d:93:
cc:d9:51:61:d0:d9:72:29:3b:fa:72:db:13:32:8e:
0b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:45:C2:8C:94:C5:F8:D3:9E:97:F8:AA:AE:1A:0A:04:49:83:8B:2E
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/KkXCjJTF-NOel_iqrhoKBEmDiy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.24.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:f1:9b:70:1f:b1:14:1e:40:c9:fd:35:db:d6:b7:1b:34:5e:
22:9d:4b:83:1c:94:43:2b:a5:df:14:32:10:47:1e:d3:57:fd:
4c:94:51:29:7f:b4:35:c1:a1:71:b1:57:1d:5e:45:55:05:22:
9f:6f:f9:b2:f9:7b:1c:b3:fc:0f:89:97:f9:4b:88:02:bb:63:
06:0d:2b:18:02:ec:d7:da:03:88:e2:ff:c1:6d:4b:67:9f:e4:
35:0f:73:f4:50:58:f0:7a:3c:7b:ab:97:01:dd:90:15:3d:d0:
55:2a:28:03:41:ae:46:41:fb:59:31:77:8c:f2:53:e7:49:5a:
d8:56:24:63:0f:20:9f:10:9e:f4:69:a7:f3:f7:d9:32:db:41:
ab:dd:04:da:01:31:ed:12:4e:0c:7c:c9:41:66:df:14:5b:a3:
86:cc:5b:27:38:76:28:86:20:2a:5e:21:42:1a:de:a0:fa:5a:
aa:db:fa:d1:31:2e:8d:22:b1:47:88:3d:e1:d4:75:32:59:99:
bd:b5:03:7b:48:7b:9f:2d:9f:86:5b:5c:de:2a:e8:48:0d:40:
b9:3f:46:ec:83:c5:ca:6b:67:51:9b:ff:fc:8c:83:c1:4e:49:
7c:6f:18:8a:a2:ea:9c:09:9e:ef:ed:b4:0c:36:6d:ea:0b:85:
e6:c6:f6:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHXUMnKH1grpXabY4kSg+XQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIwNzA3MDYyMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQ1YzI4Yzk0YzVmOGQzOWU5N2Y4YWFhZTFhMGEwNDQ5ODM4YjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCtfNYkmr+lDuZB2y/MTmLDx8ZvZ
DT+A15MygImXflYyCHoJLENdOflRO5VGW48lq1CDVe+oyuyksS/BlJ9Jw7cSKtmA
kTlebFkj3tV/u4Ia/J4bPirVqfmqxy8sY9YmTSdbxbnQT9m09r5yZAw5xbpVryq3
VA+tDBsVw/i2ntycZdSu0s2gWiC7WbgLdYbPOmR3CdeywLKmspo/P23fsyLrHrL1
dHbGQ0AEAXGC8sVkMkF3T7IUo64/VvxQADS9pxvr2/BKeV8RF2X3WLGdKnjiMg+d
5DBnmJkMHOoHAQmlKRRvENQBMf44Uym/TZPM2VFh0NlyKTv6ctsTMo4LwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpFwoyUxfjTnpf4qq4aCgRJg4suMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvS2tYQ2pKVEYtTk9lbF9pcXJob0tCRW1EaXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWbkYMA0G
CSqGSIb3DQEBCwUAA4IBAQBt8ZtwH7EUHkDJ/TXb1rcbNF4inUuDHJRDK6XfFDIQ
Rx7TV/1MlFEpf7Q1waFxsVcdXkVVBSKfb/my+Xscs/wPiZf5S4gCu2MGDSsYAuzX
2gOI4v/BbUtnn+Q1D3P0UFjwejx7q5cB3ZAVPdBVKigDQa5GQftZMXeM8lPnSVrY
ViRjDyCfEJ70aafz99ky20Gr3QTaATHtEk4MfMlBZt8UW6OGzFsnOHYohiAqXiFC
Gt6g+lqq2/rRMS6NIrFHiD3h1HUyWZm9tQN7SHufLZ+GW1zeKuhIDUC5P0bsg8XK
a2dRm//8jIPBTkl8bxiKouqcCZ7v7bQMNm3qC4Xmxvbo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org