Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/KiyKV2oEC6IR3szF--6up4H70L0.roa
File: KiyKV2oEC6IR3szF--6up4H70L0.roa (raw, json)
Hash identifier: U6gXwCnXWf2ckMWLrZ3u5M6E4Lwn1jyPfy2H4CO7Q48=
Subject key identifier: 2A:2C:8A:57:6A:04:0B:A2:11:DE:CC:C5:FB:EE:AE:A7:81:FB:D0:BD
Certificate issuer: /CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Certificate serial: 01838DA9A4FBFCED369B074C91C196235984
Authority key identifier: D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/KiyKV2oEC6IR3szF--6up4H70L0.roa
Signing time: Fri 30 Sep 2022 09:10:48 +0000
ROA not before: Fri 30 Sep 2022 09:10:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212517
IP address blocks: 45.159.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8d:a9:a4:fb:fc:ed:36:9b:07:4c:91:c1:96:23:59:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Validity
Not Before: Sep 30 09:10:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a2c8a576a040ba211deccc5fbeeaea781fbd0bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b5:f0:c2:56:56:f9:4f:81:c0:46:c1:ab:7e:
12:49:43:27:ba:3f:e0:57:7e:e1:70:bb:fb:33:c5:
2c:5c:07:2b:f9:15:67:fd:24:fb:57:71:2a:bb:0d:
62:e1:7d:ff:8b:d1:8a:b5:04:34:86:5e:6e:89:21:
b4:85:6a:a9:70:bd:b6:33:78:ff:7a:84:01:b5:19:
6f:f4:3f:4d:c1:bf:f5:9a:2b:4c:f3:a9:06:46:9c:
b0:4a:a2:86:eb:ab:53:4f:55:f6:df:03:4e:c9:09:
4c:3a:ee:4d:69:15:ed:43:9a:b5:90:a3:f9:63:a6:
37:94:b0:e7:fd:d1:d6:bd:fb:05:74:ff:c6:1e:df:
fb:4c:54:f5:d1:07:1d:86:31:83:24:88:22:58:ff:
48:83:2c:c4:18:f5:62:bc:18:3f:88:68:5e:29:83:
41:af:bd:1e:e3:7e:33:c2:d8:b1:ee:b0:70:1b:92:
e3:7e:33:74:b2:ad:c6:c9:ce:4c:79:3f:44:93:f8:
51:eb:a3:9c:31:0d:5b:c9:23:c5:4e:6f:65:73:82:
75:fa:cb:b7:63:4a:a3:52:d9:fc:6a:d9:0b:05:5d:
6e:fd:34:18:5b:f3:c1:b5:c1:93:69:97:df:72:76:
1e:c8:53:a1:60:f1:88:b2:74:6b:97:61:34:62:1d:
a9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2C:8A:57:6A:04:0B:A2:11:DE:CC:C5:FB:EE:AE:A7:81:FB:D0:BD
X509v3 Authority Key Identifier:
keyid:D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/KiyKV2oEC6IR3szF--6up4H70L0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.12.0/24
Signature Algorithm: sha256WithRSAEncryption
60:ce:9d:f6:3d:b8:03:84:dd:d1:1a:f3:d1:bd:3b:0d:00:2c:
b7:1e:1c:94:c7:66:8d:96:81:5b:46:36:5f:61:38:89:14:9d:
4b:1c:d2:5a:e3:60:da:c3:27:42:9b:e4:81:88:eb:2e:6e:ed:
34:72:f2:b1:1f:b8:3e:13:15:4f:56:4a:a3:a1:cb:07:30:95:
18:ee:0a:c4:36:65:08:1b:76:cb:4b:c3:02:2b:6c:05:0a:93:
87:98:44:01:53:0a:58:ba:6a:3d:3b:5d:26:49:8a:17:99:10:
40:1a:1c:03:a9:e0:4c:c2:df:5e:a7:ea:e6:19:55:c8:c5:8e:
3f:33:cb:4a:16:6c:b0:8e:84:85:2b:b1:77:b6:ed:bd:7b:51:
43:61:5a:81:91:21:72:43:d5:e9:6e:14:7e:9f:75:ee:89:9d:
65:1b:cf:51:76:0f:17:77:86:17:bb:ac:19:76:ca:0b:43:ad:
8f:83:c7:fc:e2:7f:f5:06:7e:b1:80:9f:2a:68:5f:b5:4c:4c:
67:d3:6b:a9:37:76:5e:c7:87:2d:ee:2c:44:d2:86:b3:99:12:
72:1e:87:61:ba:d8:ec:63:d0:4e:fb:6f:b3:6d:dd:b3:cd:b5:
7f:1c:26:bd:dd:8c:76:cc:f3:d3:24:3c:bc:96:f2:e6:4d:f8:
9b:d3:71:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYONqaT7/O02mwdMkcGWI1mEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYzM1YmM5YjdmODU1MGJlM2U0NjdjNTRhOWQzYTY2ZTI0
NDNiZDQwHhcNMjIwOTMwMDkxMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTJjOGE1NzZhMDQwYmEyMTFkZWNjYzVmYmVlYWVhNzgxZmJkMGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7XwwlZW+U+BwEbBq34SSUMnuj/g
V37hcLv7M8UsXAcr+RVn/ST7V3Equw1i4X3/i9GKtQQ0hl5uiSG0hWqpcL22M3j/
eoQBtRlv9D9Nwb/1mitM86kGRpywSqKG66tTT1X23wNOyQlMOu5NaRXtQ5q1kKP5
Y6Y3lLDn/dHWvfsFdP/GHt/7TFT10QcdhjGDJIgiWP9IgyzEGPVivBg/iGheKYNB
r70e434zwtix7rBwG5LjfjN0sq3Gyc5MeT9Ek/hR66OcMQ1bySPFTm9lc4J1+su3
Y0qjUtn8atkLBV1u/TQYW/PBtcGTaZffcnYeyFOhYPGIsnRrl2E0Yh2pbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCosildqBAuiEd7MxfvurqeB+9C9MB8GA1UdIwQY
MBaAFNPDW8m3+FUL4+RnxUqdOmbiRDvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTct
Y2RhNWMzNzY2ZjAzLzEvS2l5S1Yyb0VDNklSM3N6Ri0tNnVwNEg3MEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTctY2RhNWMzNzY2ZjAz
LzEvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ8MMA0G
CSqGSIb3DQEBCwUAA4IBAQBgzp32PbgDhN3RGvPRvTsNACy3HhyUx2aNloFbRjZf
YTiJFJ1LHNJa42DawydCm+SBiOsubu00cvKxH7g+ExVPVkqjocsHMJUY7grENmUI
G3bLS8MCK2wFCpOHmEQBUwpYumo9O10mSYoXmRBAGhwDqeBMwt9ep+rmGVXIxY4/
M8tKFmywjoSFK7F3tu29e1FDYVqBkSFyQ9XpbhR+n3XuiZ1lG89Rdg8Xd4YXu6wZ
dsoLQ62Pg8f84n/1Bn6xgJ8qaF+1TExn02upN3Zex4ct7ixE0oazmRJyHodhutjs
Y9BO+2+zbd2zzbV/HCa93Yx2zPPTJDy8lvLmTfib03E5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:01 2024 by rpki-client on console-ams.rpki-client.org