Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/KIPmRqhmpfTT8W1I8RFVEQlsrkw.roa
File: KIPmRqhmpfTT8W1I8RFVEQlsrkw.roa (raw, json)
Hash identifier: xu/iK0rAxKJFPhK5obJiH9KfH90LZNWj3uNKXu0igh4=
Subject key identifier: 28:83:E6:46:A8:66:A5:F4:D3:F1:6D:48:F1:11:55:11:09:6C:AE:4C
Certificate issuer: /CN=f8d40a2a1389f54c23e7871b5ae87f653f659008
Certificate serial: 0F0B
Authority key identifier: F8:D4:0A:2A:13:89:F5:4C:23:E7:87:1B:5A:E8:7F:65:3F:65:90:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-NQKKhOJ9Uwj54cbWuh_ZT9lkAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/KIPmRqhmpfTT8W1I8RFVEQlsrkw.roa
Signing time: Mon 24 Jan 2022 18:05:37 +0000
ROA not before: Mon 24 Jan 2022 18:05:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49788
IP address blocks: 91.232.32.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3851 (0xf0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8d40a2a1389f54c23e7871b5ae87f653f659008
Validity
Not Before: Jan 24 18:05:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2883e646a866a5f4d3f16d48f1115511096cae4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4d:f3:3d:47:c0:a4:dc:d9:74:89:d9:f4:0e:
8a:85:70:4c:b1:0b:cc:7a:83:a2:87:71:7a:c1:1d:
b2:ae:cd:f7:e6:78:07:60:b0:0c:7b:80:71:a9:90:
13:fe:25:fb:6c:98:ef:a1:2d:30:2e:c2:61:56:d2:
b6:2d:c8:87:96:26:d0:84:95:27:88:53:7a:89:bb:
be:19:13:35:82:92:13:58:7b:69:ac:9f:24:5a:60:
4e:91:59:75:36:26:aa:b8:76:a0:25:d1:2a:a6:08:
5f:63:d5:32:78:76:66:74:5e:28:9e:8d:87:73:0a:
95:3a:47:41:e8:56:8c:46:a6:c8:4e:76:59:df:3e:
8a:7e:6c:2a:d9:77:ef:59:06:6e:8b:b5:73:fb:7f:
26:53:b1:f0:7d:bc:d4:6d:f4:e6:e0:49:98:67:4a:
3e:e4:d8:14:ec:4e:3e:ca:17:7e:de:6d:0f:29:31:
92:c4:1d:6e:2e:96:59:09:fd:fb:09:63:ba:9d:2c:
d4:aa:ef:d4:6d:47:ef:ed:39:d1:ff:f9:59:e1:18:
a5:87:10:ec:b4:aa:29:27:2f:0e:f9:47:fe:0e:08:
ad:d9:b6:0f:55:2b:cf:78:97:87:1f:8e:96:90:20:
37:d0:0b:1c:58:17:8e:cc:81:4e:0a:ec:a0:70:1e:
40:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:83:E6:46:A8:66:A5:F4:D3:F1:6D:48:F1:11:55:11:09:6C:AE:4C
X509v3 Authority Key Identifier:
keyid:F8:D4:0A:2A:13:89:F5:4C:23:E7:87:1B:5A:E8:7F:65:3F:65:90:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-NQKKhOJ9Uwj54cbWuh_ZT9lkAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/KIPmRqhmpfTT8W1I8RFVEQlsrkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7bc5f0-e21b-423e-be1c-2d460e0726fa/1/1-NQKKhOJ9Uwj54cbWuh_ZT9lkAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.32.0/23
Signature Algorithm: sha256WithRSAEncryption
43:19:21:a9:2d:c1:fd:e6:04:e7:56:7d:b8:75:c6:86:fd:48:
e6:b7:33:cb:ce:52:8a:33:99:f2:6e:91:ea:8a:7e:fb:13:50:
06:0f:6e:f0:c7:37:06:be:51:6b:f7:4e:92:46:f1:4a:1e:26:
21:62:8a:c1:0f:96:b5:ae:dd:0d:a5:a2:c5:e4:e9:4e:e7:ee:
2d:62:73:44:48:f8:d6:26:e2:aa:69:50:51:f7:db:14:03:0e:
12:ec:55:e7:2a:d1:59:62:4c:9b:49:33:d4:39:cc:af:cb:ca:
b5:29:73:54:6c:35:ec:ea:ff:76:e6:79:0e:f9:45:90:89:16:
0a:66:83:9f:d6:1a:5a:bf:12:12:cc:f8:98:bf:41:65:cb:6e:
77:f1:08:65:c5:a4:00:2b:c5:72:67:12:89:90:58:08:fd:3d:
bb:e5:f3:98:0e:31:f8:ce:c4:3d:33:ee:ce:af:9f:0b:f8:85:
d3:05:bc:98:15:b3:c0:ae:dd:54:aa:ec:c1:ef:a9:eb:aa:85:
1d:fc:62:b9:09:dc:6c:1d:04:92:70:98:9b:ef:a9:c5:af:09:
5b:7c:58:15:2c:7d:6b:70:c9:44:b7:5b:54:52:41:58:63:0b:
d1:69:42:c2:87:97:69:b8:a0:52:48:1c:ac:0f:51:28:c1:9b:
28:39:e2:30
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgICDwswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoZjhk
NDBhMmExMzg5ZjU0YzIzZTc4NzFiNWFlODdmNjUzZjY1OTAwODAeFw0yMjAxMjQx
ODA1MzdaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDI4ODNlNjQ2YTg2NmE1
ZjRkM2YxNmQ0OGYxMTE1NTExMDk2Y2FlNGMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGTfM9R8Ck3Nl0idn0DoqFcEyxC8x6g6KHcXrBHbKuzffmeAdg
sAx7gHGpkBP+JftsmO+hLTAuwmFW0rYtyIeWJtCElSeIU3qJu74ZEzWCkhNYe2ms
nyRaYE6RWXU2Jqq4dqAl0SqmCF9j1TJ4dmZ0XiiejYdzCpU6R0HoVoxGpshOdlnf
Pop+bCrZd+9ZBm6LtXP7fyZTsfB9vNRt9ObgSZhnSj7k2BTsTj7KF37ebQ8pMZLE
HW4ullkJ/fsJY7qdLNSq79RtR+/tOdH/+VnhGKWHEOy0qiknLw75R/4OCK3Ztg9V
K894l4cfjpaQIDfQCxxYF47MgU4K7KBwHkDnAgMBAAGjggILMIICBzAdBgNVHQ4E
FgQUKIPmRqhmpfTT8W1I8RFVEQlsrkwwHwYDVR0jBBgwFoAU+NQKKhOJ9Uwj54cb
Wuh/ZT9lkAgwDgYDVR0PAQH/BAQDAgeAMGUGCCsGAQUFBwEBBFkwVzBVBggrBgEF
BQcwAoZJcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8x
LU5RS0toT0o5VXdqNTRjYld1aF9aVDlsa0FnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wNC83YmM1ZjAtZTIxYi00MjNlLWJlMWMtMmQ0NjBlMDcyNmZhLzEv
S0lQbVJxaG1wZlRUOFcxSThSRlZFUWxzcmt3LnJvYTCBggYDVR0fBHsweTB3oHWg
c4ZxcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC83
YmM1ZjAtZTIxYi00MjNlLWJlMWMtMmQ0NjBlMDcyNmZhLzEvMS1OUUtLaE9KOVV3
ajU0Y2JXdWhfWlQ5bGtBZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVvoIDANBgkqhkiG9w0BAQsFAAOC
AQEAQxkhqS3B/eYE51Z9uHXGhv1I5rczy85SijOZ8m6R6op++xNQBg9u8Mc3Br5R
a/dOkkbxSh4mIWKKwQ+Wta7dDaWixeTpTufuLWJzREj41ibiqmlQUffbFAMOEuxV
5yrRWWJMm0kz1DnMr8vKtSlzVGw17Or/duZ5DvlFkIkWCmaDn9YaWr8SEsz4mL9B
Zctud/EIZcWkACvFcmcSiZBYCP09u+XzmA4x+M7EPTPuzq+fC/iF0wW8mBWzwK7d
VKrswe+p66qFHfxiuQncbB0EknCYm++pxa8JW3xYFSx9a3DJRLdbVFJBWGML0WlC
woeXabigUkgcrA9RKMGbKDniMA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:55 2023 by rpki-client on console-fra.rpki-client.org