Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/8062a9-7f47-44ea-abb7-91dbc9f0e8db/1/KhJYgybFH2745qSucOIm_GQTsdo.roa
File: KhJYgybFH2745qSucOIm_GQTsdo.roa (raw, json)
Hash identifier: 21HgwVXg51+IKoiuA50YzHUjVwr+kIT7mPRdgL2/yTs=
Subject key identifier: 2A:12:58:83:26:C5:1F:6E:F8:E6:A4:AE:70:E2:26:FC:64:13:B1:DA
Certificate issuer: /CN=a1655282be419d21222b506fb7a368c3fe5db23d
Certificate serial: 180DC1D4
Authority key identifier: A1:65:52:82:BE:41:9D:21:22:2B:50:6F:B7:A3:68:C3:FE:5D:B2:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWVSgr5BnSEiK1Bvt6Now_5dsj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/8062a9-7f47-44ea-abb7-91dbc9f0e8db/1/KhJYgybFH2745qSucOIm_GQTsdo.roa
Signing time: Sat 01 Jan 2022 03:01:19 +0000
ROA not before: Sat 01 Jan 2022 03:01:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29329
IP address blocks: 109.197.8.0/21 maxlen: 32
93.157.120.0/21 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 403554772 (0x180dc1d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1655282be419d21222b506fb7a368c3fe5db23d
Validity
Not Before: Jan 1 03:01:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a12588326c51f6ef8e6a4ae70e226fc6413b1da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c3:65:06:4e:30:1b:60:79:9b:9f:17:a7:2b:
4b:e5:18:23:25:61:44:8f:f5:e9:58:3f:64:da:ed:
8f:a5:54:6a:e3:e4:1e:34:d7:3c:96:fa:5b:a3:b3:
16:0a:ed:7d:b4:32:a7:5a:cf:bd:86:b8:08:44:f3:
58:0c:05:fe:b7:7b:00:96:d3:f2:93:1b:ac:1b:03:
6d:c1:1f:90:de:15:ba:60:ec:71:b2:f5:3a:8b:c7:
8e:0f:03:3e:57:36:da:74:f7:1e:d3:36:cc:6c:00:
ae:91:3e:af:ec:34:73:40:5b:bf:ac:da:b6:3f:01:
58:54:31:67:a0:fb:d3:e7:f4:73:5b:d3:30:7b:a3:
e8:fe:65:c0:e5:dc:28:10:28:d1:2d:06:48:69:ee:
a5:87:c7:f5:a8:60:59:e6:32:df:23:77:4d:1e:c9:
29:fe:e2:e1:00:25:77:c5:16:22:e4:ab:8e:c3:4d:
ea:52:78:22:0e:4a:51:a1:46:1e:0b:fe:d9:2c:2c:
70:ed:a4:ae:f2:7b:b5:7a:ac:45:3f:42:54:82:c4:
d9:5d:ed:ff:f5:21:2a:ea:ca:7f:6f:b7:61:91:5f:
58:f0:c4:5a:4b:ec:f9:b5:f0:6b:39:4c:2a:cc:33:
ac:39:35:a1:57:f3:70:6f:b8:55:a4:9f:c9:f3:56:
bd:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:12:58:83:26:C5:1F:6E:F8:E6:A4:AE:70:E2:26:FC:64:13:B1:DA
X509v3 Authority Key Identifier:
keyid:A1:65:52:82:BE:41:9D:21:22:2B:50:6F:B7:A3:68:C3:FE:5D:B2:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWVSgr5BnSEiK1Bvt6Now_5dsj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8062a9-7f47-44ea-abb7-91dbc9f0e8db/1/KhJYgybFH2745qSucOIm_GQTsdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8062a9-7f47-44ea-abb7-91dbc9f0e8db/1/oWVSgr5BnSEiK1Bvt6Now_5dsj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.120.0/21
109.197.8.0/21
Signature Algorithm: sha256WithRSAEncryption
d8:3f:ee:9f:25:d3:d8:df:58:57:7f:af:55:a3:38:2b:6a:c1:
d5:23:ad:87:e2:a8:8a:be:ad:21:d0:f7:d0:68:1b:7a:58:ef:
2c:69:68:c7:73:ab:5d:3b:02:64:46:91:59:c4:29:54:bb:f0:
9c:76:82:08:76:cf:37:4f:00:8d:42:24:c4:8d:5c:4f:00:af:
3a:76:38:06:09:ee:3d:e5:e1:c4:29:bf:a7:15:24:17:c3:90:
5d:dc:75:24:7e:74:1b:f6:98:5c:63:7d:09:8f:12:92:00:92:
7b:98:f0:d7:2b:3a:48:bd:ab:fb:9f:55:1d:f9:94:a0:4f:0a:
5e:21:1b:aa:3b:99:6d:74:a7:b5:ea:85:0c:66:ce:d4:b6:38:
5c:7b:f6:08:16:f7:c5:89:c1:e8:3e:cf:c8:31:32:07:b7:c7:
e6:0d:3a:09:6e:24:67:1c:d6:62:d6:f4:29:8d:ed:b5:5b:b8:
cc:18:6e:20:c0:54:dd:da:81:a5:89:e6:77:6c:5b:b7:10:db:
37:50:ba:9c:7f:58:02:a6:5a:5f:cb:3c:8e:44:1a:24:14:46:
1a:d2:45:05:34:ed:35:cd:aa:a7:6d:fc:f7:c6:1c:fe:91:c8:
c7:56:1f:3a:dc:2e:53:3c:76:66:6d:16:c5:49:14:a1:dc:4e:
d8:f5:7c:73
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGA3B1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MTY1NTI4MmJlNDE5ZDIxMjIyYjUwNmZiN2EzNjhjM2ZlNWRiMjNkMB4XDTIyMDEw
MTAzMDExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmExMjU4ODMyNmM1
MWY2ZWY4ZTZhNGFlNzBlMjI2ZmM2NDEzYjFkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbDZQZOMBtgeZufF6crS+UYIyVhRI/16Vg/ZNrtj6VUauPk
HjTXPJb6W6OzFgrtfbQyp1rPvYa4CETzWAwF/rd7AJbT8pMbrBsDbcEfkN4VumDs
cbL1OovHjg8DPlc22nT3HtM2zGwArpE+r+w0c0Bbv6zatj8BWFQxZ6D70+f0c1vT
MHuj6P5lwOXcKBAo0S0GSGnupYfH9ahgWeYy3yN3TR7JKf7i4QAld8UWIuSrjsNN
6lJ4Ig5KUaFGHgv+2SwscO2krvJ7tXqsRT9CVILE2V3t//UhKurKf2+3YZFfWPDE
Wkvs+bXwazlMKswzrDk1oVfzcG+4VaSfyfNWvaECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQqEliDJsUfbvjmpK5w4ib8ZBOx2jAfBgNVHSMEGDAWgBShZVKCvkGdISIr
UG+3o2jD/l2yPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29XVlNncjVCblNFaUsxQnZ0Nk5vd181ZHNqMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvODA2MmE5LTdmNDctNDRlYS1hYmI3LTkxZGJjOWYwZThkYi8x
L0toSllneWJGSDI3NDVxU3VjT0ltX0dRVHNkby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
ODA2MmE5LTdmNDctNDRlYS1hYmI3LTkxZGJjOWYwZThkYi8xL29XVlNncjVCblNF
aUsxQnZ0Nk5vd181ZHNqMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA12deAMEA23FCDANBgkqhkiG9w0B
AQsFAAOCAQEA2D/unyXT2N9YV3+vVaM4K2rB1SOth+Koir6tIdD30GgbeljvLGlo
x3OrXTsCZEaRWcQpVLvwnHaCCHbPN08AjUIkxI1cTwCvOnY4BgnuPeXhxCm/pxUk
F8OQXdx1JH50G/aYXGN9CY8SkgCSe5jw1ys6SL2r+59VHfmUoE8KXiEbqjuZbXSn
teqFDGbO1LY4XHv2CBb3xYnB6D7PyDEyB7fH5g06CW4kZxzWYtb0KY3ttVu4zBhu
IMBU3dqBpYnmd2xbtxDbN1C6nH9YAqZaX8s8jkQaJBRGGtJFBTTtNc2qp23898Yc
/pHIx1YfOtwuUzx2Zm0WxUkUodxO2PV8cw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:35 2024 by rpki-client on console-fra.rpki-client.org