Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/KfMfQLrNU6awMDrStd-zNSSoiSc.roa
File: KfMfQLrNU6awMDrStd-zNSSoiSc.roa (raw, json)
Hash identifier: wQ+R/SsOS+rVIMPnBwbrG2UnKEuMWXpuUS800ral3dw=
Subject key identifier: 29:F3:1F:40:BA:CD:53:A6:B0:30:3A:D2:B5:DF:B3:35:24:A8:89:27
Certificate issuer: /CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Certificate serial: 0151EF
Authority key identifier: F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/KfMfQLrNU6awMDrStd-zNSSoiSc.roa
Signing time: Mon 27 Jun 2022 07:59:52 +0000
ROA not before: Mon 27 Jun 2022 07:59:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 91.199.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86511 (0x151ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Validity
Not Before: Jun 27 07:59:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29f31f40bacd53a6b0303ad2b5dfb33524a88927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3e:6f:42:62:f8:10:8c:aa:66:92:87:d9:76:
2b:b8:63:68:99:e7:88:26:44:d2:16:5c:7b:1c:db:
30:88:ef:cf:3f:a9:0b:8f:c8:b0:c3:e2:9f:33:05:
43:51:84:60:30:b6:0f:6a:f3:c2:0c:c6:35:e1:2c:
91:ea:40:60:9a:fc:a9:2d:7c:43:41:46:f6:ef:c7:
71:d0:0f:2e:fe:08:5a:44:d2:ef:ff:17:ab:68:1e:
6f:07:2c:8e:e5:e2:dc:1d:1e:39:e8:69:a6:46:ba:
99:94:a5:0b:db:f7:e3:3b:ea:bc:ca:b9:89:61:ca:
44:52:f7:a7:5d:de:80:9e:95:63:d8:03:53:d3:53:
9a:59:c3:b5:70:c8:ac:6a:04:3a:73:64:2b:b8:5b:
d0:7a:fa:63:bc:8a:56:03:6e:9a:5c:65:24:6f:80:
db:e7:e1:1d:b0:84:11:e2:0e:fc:e8:7b:78:65:d8:
35:7c:ee:16:91:e0:4a:d4:c0:95:ae:c5:5e:c4:04:
30:1d:a3:56:77:8f:ba:22:70:11:2d:d8:ff:ff:8d:
e2:53:70:c1:01:fb:8c:19:e8:e0:32:aa:6e:bb:52:
1a:67:f8:99:92:1f:87:16:8c:c8:30:c1:c9:40:32:
1b:ec:56:26:1e:43:f5:00:93:f9:ca:fa:a3:2b:8b:
8c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F3:1F:40:BA:CD:53:A6:B0:30:3A:D2:B5:DF:B3:35:24:A8:89:27
X509v3 Authority Key Identifier:
keyid:F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/KfMfQLrNU6awMDrStd-zNSSoiSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/1-N164S0qN_IarG-Btq9n1mF8oo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.58.0/24
Signature Algorithm: sha256WithRSAEncryption
71:2c:a7:79:20:bf:c5:7f:03:d4:7f:09:5f:34:d9:96:df:cd:
a3:af:8e:9c:52:e2:9e:d4:fb:45:38:aa:89:45:f2:60:a8:ec:
17:6a:a7:3e:2c:f7:cd:90:72:ba:f4:22:d4:cf:8d:33:0e:7b:
37:6d:91:5e:c2:06:75:0b:70:18:92:6a:97:5d:c6:dd:cf:d0:
d4:27:bf:bc:2e:5b:56:03:49:15:27:44:06:25:8c:ad:56:d9:
b6:ca:98:cc:74:96:cf:1c:71:3b:68:ae:08:81:2f:1f:2c:c1:
d0:4a:b0:6a:58:88:ae:74:b3:f9:0b:73:6a:02:46:f5:a0:11:
49:c5:ea:c5:56:a0:ab:90:03:b9:24:e9:ce:f1:07:d5:6d:97:
0d:45:09:4f:7d:c1:61:2f:41:94:f6:f0:b1:c3:27:33:84:6a:
45:c8:29:4b:b5:da:c1:9f:59:02:48:9b:c9:f4:6e:05:e3:40:
1a:cd:ee:73:cd:51:31:bc:8c:10:4d:e5:b9:3b:b4:fc:69:a0:
fd:12:26:dc:d6:d5:17:11:a9:22:1c:44:0a:07:cd:51:9d:0b:
6b:68:69:91:9e:10:a3:2d:68:76:52:2a:f5:b9:4d:a5:83:19:
76:7a:b9:11:36:6d:56:30:b4:0c:28:52:ad:9c:c0:43:26:6e:
23:87:39:18
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIDAVHvMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY4
ZGQ3YWUxMmQyYTM3ZjIxYWFjNmY4MWI2YWY2N2Q2NjE3Y2EyOGUwHhcNMjIwNjI3
MDc1OTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOWYzMWY0MGJhY2Q1
M2E2YjAzMDNhZDJiNWRmYjMzNTI0YTg4OTI3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiT5vQmL4EIyqZpKH2XYruGNomeeIJkTSFlx7HNswiO/PP6kL
j8iww+KfMwVDUYRgMLYPavPCDMY14SyR6kBgmvypLXxDQUb278dx0A8u/ghaRNLv
/xeraB5vByyO5eLcHR456GmmRrqZlKUL2/fjO+q8yrmJYcpEUvenXd6AnpVj2ANT
01OaWcO1cMisagQ6c2QruFvQevpjvIpWA26aXGUkb4Db5+EdsIQR4g786Ht4Zdg1
fO4WkeBK1MCVrsVexAQwHaNWd4+6InARLdj//43iU3DBAfuMGejgMqpuu1IaZ/iZ
kh+HFozIMMHJQDIb7FYmHkP1AJP5yvqjK4uMZQIDAQABo4ICCzCCAgcwHQYDVR0O
BBYEFCnzH0C6zVOmsDA60rXfszUkqIknMB8GA1UdIwQYMBaAFPjdeuEtKjfyGqxv
gbavZ9ZhfKKOMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEFBQcBAQRZMFcwVQYIKwYB
BQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MS1OMTY0UzBxTl9JYXJHLUJ0cTluMW1GOG9vNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDYvMmMwZDgwLTM5MzctNDQ1NS1iOWNmLTJiNGEzNTM4YzVlMy8x
L0tmTWZRTHJOVTZhd01EclN0ZC16TlNTb2lTYy5yb2EwgYIGA1UdHwR7MHkwd6B1
oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYv
MmMwZDgwLTM5MzctNDQ1NS1iOWNmLTJiNGEzNTM4YzVlMy8xLzEtTjE2NFMwcU5f
SWFyRy1CdHE5bjFtRjhvbzQuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABbxzowDQYJKoZIhvcNAQELBQAD
ggEBAHEsp3kgv8V/A9R/CV802ZbfzaOvjpxS4p7U+0U4qolF8mCo7Bdqpz4s982Q
crr0ItTPjTMOezdtkV7CBnULcBiSapddxt3P0NQnv7wuW1YDSRUnRAYljK1W2bbK
mMx0ls8ccTtorgiBLx8swdBKsGpYiK50s/kLc2oCRvWgEUnF6sVWoKuQA7kk6c7x
B9Vtlw1FCU99wWEvQZT28LHDJzOEakXIKUu12sGfWQJIm8n0bgXjQBrN7nPNUTG8
jBBN5bk7tPxpoP0SJtzW1RcRqSIcRAoHzVGdC2toaZGeEKMtaHZSKvW5TaWDGXZ6
uRE2bVYwtAwoUq2cwEMmbiOHORg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:55 2023 by rpki-client on console-ams.rpki-client.org