Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KHPv1U0J6ePPOVeOSzfFAKSmMR8.roa
File: KHPv1U0J6ePPOVeOSzfFAKSmMR8.roa (raw, json)
Hash identifier: cNTeeymTeBD/iZVw5ZzvEniCMM/AtX35lKlE/91SvGA=
Subject key identifier: 28:73:EF:D5:4D:09:E9:E3:CF:39:57:8E:4B:37:C5:00:A4:A6:31:1F
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01849DE22E15CA432CC369D35FE55C03F70B
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KHPv1U0J6ePPOVeOSzfFAKSmMR8.roa
Signing time: Tue 22 Nov 2022 05:49:16 +0000
ROA not before: Tue 22 Nov 2022 05:49:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 109.122.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9d:e2:2e:15:ca:43:2c:c3:69:d3:5f:e5:5c:03:f7:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Nov 22 05:49:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2873efd54d09e9e3cf39578e4b37c500a4a6311f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:71:c6:32:cc:18:da:7e:4e:79:ef:56:fa:1d:
e1:93:74:17:24:5f:49:ae:4d:d7:05:ee:58:e7:bc:
e5:5a:d1:e2:44:42:35:6a:8b:f5:01:99:0e:73:49:
39:47:3f:d3:ec:e0:25:d1:2c:f7:f0:a2:f3:ae:fc:
79:7e:00:f0:58:b1:6c:b2:34:09:8c:bb:f0:fd:e9:
77:3d:54:f0:c7:f1:db:32:e6:e4:c0:44:31:3c:e3:
43:82:c5:e6:2f:80:63:cb:75:7b:a8:ad:e6:30:f4:
a7:09:b2:41:97:7d:35:da:d6:84:1a:e4:70:2a:d9:
9b:7c:9e:36:27:89:6c:aa:55:e2:93:d0:f2:bb:2a:
94:cb:64:1a:f7:7b:54:d0:0a:e3:a4:58:8c:fd:ec:
9e:18:11:c1:5f:c4:34:c7:f0:51:16:f6:bd:5e:d5:
96:5b:c8:cb:4a:24:b3:30:96:94:cf:58:c9:95:d1:
96:2b:8f:9c:05:b4:b5:70:ba:02:14:4e:70:53:28:
42:23:dd:e3:1e:00:69:bc:4f:81:64:c3:e3:c2:8e:
3e:e3:af:d0:ef:a9:99:09:a5:af:e0:8a:2f:99:f5:
39:24:86:ac:5e:d5:62:fd:f9:89:bc:97:9a:87:d4:
a4:a4:a7:f8:ab:89:79:05:41:76:8e:3f:ac:b3:d3:
62:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:73:EF:D5:4D:09:E9:E3:CF:39:57:8E:4B:37:C5:00:A4:A6:31:1F
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/KHPv1U0J6ePPOVeOSzfFAKSmMR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.45.0/24
Signature Algorithm: sha256WithRSAEncryption
73:d9:52:57:c2:89:f7:b3:d6:13:c9:57:29:b5:10:39:0c:b8:
51:5a:e3:92:a4:b7:d3:cc:62:79:5e:16:af:dc:00:84:9e:16:
57:4b:6c:24:1b:6a:64:20:db:5c:f8:c4:94:9a:e5:4f:29:01:
87:d5:66:b0:0d:4a:8e:0a:27:1a:56:33:88:e3:6d:6b:e8:ca:
14:bc:a3:b9:db:03:7e:18:cd:75:ff:af:ff:29:3f:24:8d:98:
f4:1e:85:ec:2f:ec:e1:81:72:ed:02:27:0f:01:1d:7d:a8:d6:
2d:89:55:c4:fa:2c:7e:e5:7f:e9:17:c4:b4:88:e9:e4:35:09:
32:88:43:b9:e3:2e:23:f8:fb:6f:c0:03:37:e4:23:21:4b:90:
ad:b7:b1:a8:88:d2:13:36:76:00:4c:0a:04:c5:46:34:2b:75:
bc:24:56:9a:10:05:05:f5:6e:c4:f8:44:d1:e9:f8:7e:65:b6:
b4:50:88:2a:d7:f1:cd:63:76:c5:cf:5e:73:b7:d0:50:0b:89:
d7:23:2a:05:e2:5f:e1:e4:83:e3:c2:f1:71:1e:73:c0:16:b9:
00:4d:17:7b:a5:84:ca:8c:68:d2:9a:6e:7e:11:3d:99:19:7f:
11:04:57:0d:e6:96:5b:a2:16:bc:ee:46:70:29:65:52:b9:6d:
a3:83:54:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSd4i4VykMsw2nTX+VcA/cLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjIxMTIyMDU0OTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODczZWZkNTRkMDllOWUzY2YzOTU3OGU0YjM3YzUwMGE0YTYzMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnHGMswY2n5Oee9W+h3hk3QXJF9J
rk3XBe5Y57zlWtHiREI1aov1AZkOc0k5Rz/T7OAl0Sz38KLzrvx5fgDwWLFssjQJ
jLvw/el3PVTwx/HbMubkwEQxPONDgsXmL4Bjy3V7qK3mMPSnCbJBl3012taEGuRw
KtmbfJ42J4lsqlXik9DyuyqUy2Qa93tU0ArjpFiM/eyeGBHBX8Q0x/BRFva9XtWW
W8jLSiSzMJaUz1jJldGWK4+cBbS1cLoCFE5wUyhCI93jHgBpvE+BZMPjwo4+46/Q
76mZCaWv4IovmfU5JIasXtVi/fmJvJeah9SkpKf4q4l5BUF2jj+ss9NiRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChz79VNCenjzzlXjks3xQCkpjEfMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvS0hQdjFVMEo2ZVBQT1ZlT1N6ZkZBS1NtTVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXotMA0G
CSqGSIb3DQEBCwUAA4IBAQBz2VJXwon3s9YTyVcptRA5DLhRWuOSpLfTzGJ5Xhav
3ACEnhZXS2wkG2pkINtc+MSUmuVPKQGH1WawDUqOCicaVjOI421r6MoUvKO52wN+
GM11/6//KT8kjZj0HoXsL+zhgXLtAicPAR19qNYtiVXE+ix+5X/pF8S0iOnkNQky
iEO54y4j+PtvwAM35CMhS5Ctt7GoiNITNnYATAoExUY0K3W8JFaaEAUF9W7E+ETR
6fh+Zba0UIgq1/HNY3bFz15zt9BQC4nXIyoF4l/h5IPjwvFxHnPAFrkATRd7pYTK
jGjSmm5+ET2ZGX8RBFcN5pZboha87kZwKWVSuW2jg1Qv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org