Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/KHK9jPwFb1Wg_CDa2fEzpctzLxI.roa
File: KHK9jPwFb1Wg_CDa2fEzpctzLxI.roa (raw, json)
Hash identifier: hCl3TEsdoJVGTaP+0fdEx4JC3AcT3K4PfyD/aN3epFg=
Subject key identifier: 28:72:BD:8C:FC:05:6F:55:A0:FC:20:DA:D9:F1:33:A5:CB:73:2F:12
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 018400F2A3BDB8A6EE03A9E60DA6B8E1F1A6
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/KHK9jPwFb1Wg_CDa2fEzpctzLxI.roa
Signing time: Sat 22 Oct 2022 18:26:52 +0000
ROA not before: Sat 22 Oct 2022 18:26:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 81.31.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:00:f2:a3:bd:b8:a6:ee:03:a9:e6:0d:a6:b8:e1:f1:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Oct 22 18:26:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2872bd8cfc056f55a0fc20dad9f133a5cb732f12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e8:35:a3:7a:b7:86:aa:9a:aa:ca:07:da:60:
1b:73:f3:d8:40:26:56:b1:4d:bf:70:9e:cf:a6:93:
2e:a1:04:d4:ac:d8:60:88:31:a3:d7:e7:5d:a4:7e:
6e:67:6b:e7:d5:16:72:09:0f:43:74:80:8e:8c:0a:
53:95:4a:81:fc:d7:bc:72:db:f7:f8:5c:19:22:ab:
c3:b4:a3:20:37:40:15:7f:83:14:b4:81:02:ad:d6:
0f:85:40:bc:f1:3c:90:2c:05:7e:2f:32:49:b2:de:
15:d8:c3:87:71:d2:0f:3f:b7:af:d1:3c:eb:3d:0f:
d2:04:d9:cf:1f:bc:1c:67:f4:0b:97:c8:a5:54:81:
0e:70:f5:e1:7d:4f:d9:68:91:ad:c4:c2:8e:8d:8b:
1a:f0:60:4d:54:45:2f:9d:43:fe:bf:1b:81:b2:37:
5f:5d:b1:fc:e9:48:b9:a3:a8:04:9b:5d:36:82:29:
75:6c:da:b4:11:d0:4c:ad:8e:3c:cf:6e:46:9f:b4:
16:7a:9d:94:83:0f:38:45:d8:0e:f7:18:58:aa:da:
3b:9e:29:09:a4:40:86:85:08:54:a8:da:9b:74:4c:
af:0c:7f:2b:ef:68:b4:0b:17:6e:f2:83:fb:9a:06:
8a:ba:2f:0c:00:84:3c:86:67:19:c3:70:e6:e0:d4:
9c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:72:BD:8C:FC:05:6F:55:A0:FC:20:DA:D9:F1:33:A5:CB:73:2F:12
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/KHK9jPwFb1Wg_CDa2fEzpctzLxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.244.0/22
Signature Algorithm: sha256WithRSAEncryption
90:54:75:8f:22:fe:0d:dc:de:39:71:37:a5:93:74:6a:94:0e:
7c:8b:a8:41:31:10:fe:50:f6:9d:69:e6:71:47:86:90:59:26:
95:57:13:62:2b:b4:00:5a:ee:3a:f6:d4:bf:75:a3:bc:34:29:
22:c8:47:a9:30:5d:94:3a:a5:d0:fe:f4:cd:1c:6e:4b:47:24:
98:91:26:a8:48:2e:81:76:93:bf:5e:f6:35:e0:ed:bd:ca:f7:
98:25:4b:bf:de:22:da:7b:e1:06:7e:a1:13:6f:40:31:6c:b0:
f5:f6:86:d8:75:00:17:9c:42:5f:d6:ab:54:56:bd:1b:d4:7b:
a9:8f:23:90:fd:0f:d2:34:40:59:f8:c8:6a:fa:b3:55:e4:69:
99:55:8e:58:c2:53:9a:1e:fe:78:80:f6:3e:b7:e2:f6:1a:a7:
21:bc:4f:52:46:25:77:27:f2:b2:64:c8:8b:ef:1a:05:17:32:
1e:0c:e4:1a:0a:4f:21:f4:c4:ff:1f:54:95:a5:10:eb:61:15:
d2:f0:96:5b:71:64:cf:81:73:7a:79:a7:51:aa:4e:fa:ee:d0:
34:22:05:6a:af:66:fe:a6:3d:a0:df:50:ba:27:c7:db:d2:5e:
40:9c:e2:51:ac:a1:81:86:19:5d:31:d2:3a:1b:3b:fc:03:b7:
23:3d:e7:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQA8qO9uKbuA6nmDaa44fGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjIxMDIyMTgyNjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODcyYmQ4Y2ZjMDU2ZjU1YTBmYzIwZGFkOWYxMzNhNWNiNzMyZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgug1o3q3hqqaqsoH2mAbc/PYQCZW
sU2/cJ7PppMuoQTUrNhgiDGj1+ddpH5uZ2vn1RZyCQ9DdICOjApTlUqB/Ne8ctv3
+FwZIqvDtKMgN0AVf4MUtIECrdYPhUC88TyQLAV+LzJJst4V2MOHcdIPP7ev0Tzr
PQ/SBNnPH7wcZ/QLl8ilVIEOcPXhfU/ZaJGtxMKOjYsa8GBNVEUvnUP+vxuBsjdf
XbH86Ui5o6gEm102gil1bNq0EdBMrY48z25Gn7QWep2Ugw84RdgO9xhYqto7nikJ
pECGhQhUqNqbdEyvDH8r72i0Cxdu8oP7mgaKui8MAIQ8hmcZw3Dm4NScOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChyvYz8BW9VoPwg2tnxM6XLcy8SMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvS0hLOWpQd0ZiMVdnX0NEYTJmRXpwY3R6THhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUR/0MA0G
CSqGSIb3DQEBCwUAA4IBAQCQVHWPIv4N3N45cTelk3RqlA58i6hBMRD+UPadaeZx
R4aQWSaVVxNiK7QAWu469tS/daO8NCkiyEepMF2UOqXQ/vTNHG5LRySYkSaoSC6B
dpO/XvY14O29yveYJUu/3iLae+EGfqETb0AxbLD19obYdQAXnEJf1qtUVr0b1Hup
jyOQ/Q/SNEBZ+Mhq+rNV5GmZVY5YwlOaHv54gPY+t+L2GqchvE9SRiV3J/KyZMiL
7xoFFzIeDOQaCk8h9MT/H1SVpRDrYRXS8JZbcWTPgXN6eadRqk767tA0IgVqr2b+
pj2g31C6J8fb0l5AnOJRrKGBhhldMdI6Gzv8A7cjPec+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:01 2023 by rpki-client on console-ams.rpki-client.org