Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/530064-2482-45be-bffe-fdde58ab29f9/1/KpVgkHRsOjJCqraCDbtn8SQoaFo.roa
File: KpVgkHRsOjJCqraCDbtn8SQoaFo.roa (raw, json)
Hash identifier: CQBdfCObfZTwwq7jTlqUVXz0Q96zShRBk1QC51/t4fs=
Subject key identifier: 2A:95:60:90:74:6C:3A:32:42:AA:B6:82:0D:BB:67:F1:24:28:68:5A
Certificate issuer: /CN=1942817a29882d433bf1bb8ebc59b2ff256e803f
Certificate serial: 01835A7F39233E44EA75DDDD92BA40D83C5C
Authority key identifier: 19:42:81:7A:29:88:2D:43:3B:F1:BB:8E:BC:59:B2:FF:25:6E:80:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUKBeimILUM78buOvFmy_yVugD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/530064-2482-45be-bffe-fdde58ab29f9/1/KpVgkHRsOjJCqraCDbtn8SQoaFo.roa
Signing time: Tue 20 Sep 2022 10:43:50 +0000
ROA not before: Tue 20 Sep 2022 10:43:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15935
IP address blocks: 31.130.168.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5a:7f:39:23:3e:44:ea:75:dd:dd:92:ba:40:d8:3c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1942817a29882d433bf1bb8ebc59b2ff256e803f
Validity
Not Before: Sep 20 10:43:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a956090746c3a3242aab6820dbb67f12428685a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:92:ec:d9:1c:e3:7c:bc:57:b9:53:70:1d:4f:
b0:f4:1a:52:98:5b:3e:04:1d:bc:7d:72:38:7b:b9:
3d:78:d2:ab:cc:fc:dd:77:90:da:56:82:33:f9:36:
a7:ec:02:eb:9e:05:6c:0a:8a:4b:c8:52:ba:7b:5b:
9e:a7:c5:e5:fe:09:e4:5f:66:21:e2:95:eb:98:ab:
c7:c3:f6:63:3f:d8:a3:29:9e:d2:9b:8e:b5:a3:0c:
71:d1:b0:dd:8d:c1:a5:66:91:f5:ea:6a:ba:6a:18:
2d:ef:7b:90:bf:53:ca:c4:04:cb:ac:2a:a1:93:df:
da:e4:b6:b3:eb:5d:27:a7:b2:27:f2:1a:01:48:06:
d7:8d:f8:b4:77:da:8c:64:1d:96:d8:38:81:99:c4:
d1:84:96:ce:a3:f6:64:89:f4:d5:89:c4:70:c6:f8:
08:da:76:06:60:57:53:c8:82:62:c0:7a:40:af:6c:
9d:2b:6d:e4:a7:49:e6:c0:ff:82:dc:95:b0:56:9d:
45:a4:04:b6:4a:c5:e9:f4:a2:df:b0:3c:93:7a:7d:
95:fe:c5:79:bf:56:fe:77:cf:02:11:07:6e:5a:c7:
78:19:51:3e:37:7a:4d:d7:8e:30:7d:8e:64:73:a5:
af:6d:9d:c4:2c:27:6e:41:9b:d0:f9:28:5b:15:fd:
c2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:95:60:90:74:6C:3A:32:42:AA:B6:82:0D:BB:67:F1:24:28:68:5A
X509v3 Authority Key Identifier:
keyid:19:42:81:7A:29:88:2D:43:3B:F1:BB:8E:BC:59:B2:FF:25:6E:80:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUKBeimILUM78buOvFmy_yVugD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/530064-2482-45be-bffe-fdde58ab29f9/1/KpVgkHRsOjJCqraCDbtn8SQoaFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/530064-2482-45be-bffe-fdde58ab29f9/1/GUKBeimILUM78buOvFmy_yVugD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.168.0/21
Signature Algorithm: sha256WithRSAEncryption
b6:9f:b3:9e:f1:4a:c4:65:e7:13:b0:28:20:e6:2a:a1:c9:e3:
f5:5a:2b:5d:31:51:91:bd:bc:75:2c:3f:e5:17:d4:71:57:0c:
c9:d3:03:22:6b:f6:7a:59:79:67:d7:04:ea:66:46:c6:b8:48:
e4:fb:2a:c4:20:b6:e9:5c:09:74:76:75:b2:d4:f5:69:90:2d:
19:77:b1:1b:68:0c:9f:17:db:8c:d0:31:71:3b:bd:86:75:e9:
5b:7c:7d:2f:4b:39:43:f0:5c:44:c2:0f:04:63:ee:dc:03:b8:
49:b8:32:12:58:da:05:f6:e7:a5:a6:8d:59:de:21:81:21:06:
98:db:34:01:d1:8a:f5:53:1b:3d:5f:ee:7e:e5:5c:1f:9e:83:
de:06:68:db:a9:93:a7:df:a1:ef:aa:72:f3:e3:ed:74:c4:84:
26:d7:05:e5:f9:fa:7b:c2:d0:29:67:9d:1e:0d:68:97:ea:7d:
9d:ad:cf:61:fb:88:9e:e6:34:8e:bb:10:74:95:5f:4d:b3:3f:
e2:b1:ef:d1:4c:2d:d2:1b:33:ec:cf:57:8f:88:a2:0e:8d:80:
ef:8b:33:33:8c:53:07:06:c3:11:9a:a4:e1:88:3c:3e:90:37:
6b:f6:e1:ef:e6:1e:ec:7a:e3:bd:fc:6b:5f:f3:7b:8d:72:60:
e2:38:43:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNafzkjPkTqdd3dkrpA2DxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI4MTdhMjk4ODJkNDMzYmYxYmI4ZWJjNTliMmZmMjU2
ZTgwM2YwHhcNMjIwOTIwMTA0MzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTk1NjA5MDc0NmMzYTMyNDJhYWI2ODIwZGJiNjdmMTI0Mjg2ODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpLs2RzjfLxXuVNwHU+w9BpSmFs+
BB28fXI4e7k9eNKrzPzdd5DaVoIz+Tan7ALrngVsCopLyFK6e1uep8Xl/gnkX2Yh
4pXrmKvHw/ZjP9ijKZ7Sm461owxx0bDdjcGlZpH16mq6ahgt73uQv1PKxATLrCqh
k9/a5Laz610np7In8hoBSAbXjfi0d9qMZB2W2DiBmcTRhJbOo/ZkifTVicRwxvgI
2nYGYFdTyIJiwHpAr2ydK23kp0nmwP+C3JWwVp1FpAS2SsXp9KLfsDyTen2V/sV5
v1b+d88CEQduWsd4GVE+N3pN144wfY5kc6WvbZ3ELCduQZvQ+ShbFf3CNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqVYJB0bDoyQqq2gg27Z/EkKGhaMB8GA1UdIwQY
MBaAFBlCgXopiC1DO/G7jrxZsv8lboA/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VLQmVpbUlMVU03OGJ1T3ZGbXlfeVZ1Z0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81MzAwNjQtMjQ4Mi00NWJlLWJmZmUt
ZmRkZTU4YWIyOWY5LzEvS3BWZ2tIUnNPakpDcXJhQ0RidG44U1FvYUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81MzAwNjQtMjQ4Mi00NWJlLWJmZmUtZmRkZTU4YWIyOWY5
LzEvR1VLQmVpbUlMVU03OGJ1T3ZGbXlfeVZ1Z0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH4KoMA0G
CSqGSIb3DQEBCwUAA4IBAQC2n7Oe8UrEZecTsCgg5iqhyeP1WitdMVGRvbx1LD/l
F9RxVwzJ0wMia/Z6WXln1wTqZkbGuEjk+yrEILbpXAl0dnWy1PVpkC0Zd7EbaAyf
F9uM0DFxO72GdelbfH0vSzlD8FxEwg8EY+7cA7hJuDISWNoF9uelpo1Z3iGBIQaY
2zQB0Yr1Uxs9X+5+5VwfnoPeBmjbqZOn36HvqnLz4+10xIQm1wXl+fp7wtApZ50e
DWiX6n2drc9h+4ie5jSOuxB0lV9Nsz/ise/RTC3SGzPsz1ePiKIOjYDvizMzjFMH
BsMRmqThiDw+kDdr9uHv5h7seuO9/Gtf83uNcmDiOEPG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:45 2023 by rpki-client on console-fra.rpki-client.org