Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/kahzbQRGU_x4eaIr2Ca0lz2-Pg0.roa
File: kahzbQRGU_x4eaIr2Ca0lz2-Pg0.roa (raw, json)
Hash identifier: SGukj2F4aBrvGj8DUZ/Z0Gy2ZieI7yArDf0KP+4YHDo=
Subject key identifier: 91:A8:73:6D:04:46:53:FC:78:79:A2:2B:D8:26:B4:97:3D:BE:3E:0D
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 01842CDD4AF1C22CD6F7889A8D4534C322F3
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/kahzbQRGU_x4eaIr2Ca0lz2-Pg0.roa
Signing time: Mon 31 Oct 2022 07:06:50 +0000
ROA not before: Mon 31 Oct 2022 07:06:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 212.30.58.0/24 maxlen: 24
212.30.57.0/24 maxlen: 24
212.30.56.0/24 maxlen: 24
212.30.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2c:dd:4a:f1:c2:2c:d6:f7:88:9a:8d:45:34:c3:22:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Oct 31 07:06:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91a8736d044653fc7879a22bd826b4973dbe3e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b1:0c:98:c9:8a:80:90:b8:87:04:0a:29:b7:
54:56:a5:06:52:4e:ec:c8:89:46:20:fb:18:ed:ec:
9e:e2:34:43:08:f8:72:d5:9e:12:40:99:0c:ff:df:
ba:88:6b:ff:ba:29:f4:41:4b:62:20:e2:be:2c:b4:
cf:80:5a:b8:47:ac:dd:a6:f5:3f:40:ff:a0:ac:c2:
a5:24:11:f0:3a:85:f7:f1:71:34:cb:a2:55:53:14:
7c:61:89:b9:ae:32:75:d1:49:47:2a:3b:78:a7:db:
c8:65:f8:7b:91:e3:b1:cc:f2:b2:6c:75:29:88:be:
f4:b5:74:ae:02:f6:0c:80:77:70:24:d5:38:47:55:
ab:26:d0:39:0e:a0:15:8e:b8:79:ee:9b:4a:18:4c:
90:0c:9c:e2:fa:04:22:fc:7b:71:98:57:91:ea:1d:
9d:52:a2:5a:a9:57:b6:17:72:e6:f4:2d:69:cf:fc:
31:60:49:d0:93:17:d9:ff:0f:c5:53:32:7e:99:d2:
58:d6:97:76:d1:33:9e:f7:e5:8c:11:06:a1:81:78:
d5:b0:6e:6d:d9:ac:7a:0e:9f:01:d8:b0:0c:a4:af:
0b:04:88:29:c1:5e:53:0b:28:29:1b:a7:0b:6d:55:
4f:26:5f:e1:1c:9a:6f:c5:c6:4e:3e:8c:d2:40:3d:
3c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A8:73:6D:04:46:53:FC:78:79:A2:2B:D8:26:B4:97:3D:BE:3E:0D
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/kahzbQRGU_x4eaIr2Ca0lz2-Pg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.30.56.0/22
Signature Algorithm: sha256WithRSAEncryption
89:1b:6d:9b:46:1d:4c:82:f1:26:19:b0:07:e5:4f:09:16:1d:
db:4c:f5:90:d8:d8:cd:d4:bb:16:15:4a:78:a4:57:d7:1c:bf:
ed:ad:1f:2e:db:0c:a5:e0:46:1c:04:25:1c:dd:2b:cc:36:ed:
26:f1:09:d1:8c:e0:d5:db:0f:f3:fd:fd:05:c6:7e:7b:dd:d6:
0d:58:4e:d8:8a:90:37:a8:84:fb:08:a6:5a:fd:0c:94:d0:d5:
05:8c:89:09:cb:77:10:2e:d6:b9:49:5d:af:bb:05:72:20:2d:
73:02:38:57:da:fa:5b:87:67:e6:48:82:4b:3d:41:10:8d:85:
35:81:4d:1c:a8:d7:ac:e3:d1:8f:ce:34:75:75:34:d3:4b:e3:
02:e3:50:1e:ff:86:95:1c:12:db:15:6c:96:0a:ef:72:4e:da:
72:7b:6a:a8:5b:28:ac:5c:d3:16:12:54:4a:53:ae:9f:a9:6c:
40:4c:77:4f:3d:f8:b7:b4:a6:2f:59:6f:f6:5a:c7:e7:c5:fe:
3c:7c:6d:dc:b9:af:8c:0a:14:22:58:03:0e:3a:58:8e:ad:b2:
aa:6e:28:e2:65:a9:51:50:5f:3e:8e:7d:73:be:24:15:62:79:
d5:5c:8d:89:93:c9:aa:6d:be:c9:7a:89:15:a9:5d:9a:60:00:
e9:56:4c:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQs3UrxwizW94iajUU0wyLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjIxMDMxMDcwNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWE4NzM2ZDA0NDY1M2ZjNzg3OWEyMmJkODI2YjQ5NzNkYmUzZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7EMmMmKgJC4hwQKKbdUVqUGUk7s
yIlGIPsY7eye4jRDCPhy1Z4SQJkM/9+6iGv/uin0QUtiIOK+LLTPgFq4R6zdpvU/
QP+grMKlJBHwOoX38XE0y6JVUxR8YYm5rjJ10UlHKjt4p9vIZfh7keOxzPKybHUp
iL70tXSuAvYMgHdwJNU4R1WrJtA5DqAVjrh57ptKGEyQDJzi+gQi/HtxmFeR6h2d
UqJaqVe2F3Lm9C1pz/wxYEnQkxfZ/w/FUzJ+mdJY1pd20TOe9+WMEQahgXjVsG5t
2ax6Dp8B2LAMpK8LBIgpwV5TCygpG6cLbVVPJl/hHJpvxcZOPozSQD08WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGoc20ERlP8eHmiK9gmtJc9vj4NMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEva2FoemJRUkdVX3g0ZWFJcjJDYTBsejItUGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1B44MA0G
CSqGSIb3DQEBCwUAA4IBAQCJG22bRh1MgvEmGbAH5U8JFh3bTPWQ2NjN1LsWFUp4
pFfXHL/trR8u2wyl4EYcBCUc3SvMNu0m8QnRjODV2w/z/f0Fxn573dYNWE7YipA3
qIT7CKZa/QyU0NUFjIkJy3cQLta5SV2vuwVyIC1zAjhX2vpbh2fmSIJLPUEQjYU1
gU0cqNes49GPzjR1dTTTS+MC41Ae/4aVHBLbFWyWCu9yTtpye2qoWyisXNMWElRK
U66fqWxATHdPPfi3tKYvWW/2Wsfnxf48fG3cua+MChQiWAMOOliOrbKqbijiZalR
UF8+jn1zviQVYnnVXI2Jk8mqbb7JeokVqV2aYADpVkxf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:35 2023 by rpki-client on console-fra.rpki-client.org