Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/KiGRNT_VqGh979A-g6WR-t3VQFY.roa
File: KiGRNT_VqGh979A-g6WR-t3VQFY.roa (raw, json)
Hash identifier: /wTkvLmdulTqh74AwVNzu2w9xOK6sHPEmAt2uon1RQ4=
Subject key identifier: 2A:21:91:35:3F:D5:A8:68:7D:EF:D0:3E:83:A5:91:FA:DD:D5:40:56
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 0182D54726C74D65AB4FA68543A453537D28
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/KiGRNT_VqGh979A-g6WR-t3VQFY.roa
Signing time: Thu 25 Aug 2022 13:53:06 +0000
ROA not before: Thu 25 Aug 2022 13:53:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30823
IP address blocks: 87.248.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d5:47:26:c7:4d:65:ab:4f:a6:85:43:a4:53:53:7d:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Aug 25 13:53:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a2191353fd5a8687defd03e83a591faddd54056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:11:50:f5:c0:93:d3:a6:3f:f7:2c:a2:29:db:
a5:59:bc:d9:33:3a:63:fb:8f:ad:51:66:35:cc:b5:
b6:31:0b:19:82:51:fa:cc:70:01:5b:88:89:0a:1d:
a2:73:b3:69:fb:66:9d:5c:1f:f9:48:07:85:01:3d:
b3:bb:01:77:fa:2e:16:2b:69:ef:f5:77:7c:f7:4c:
3a:aa:d2:73:0b:0d:0b:7b:de:82:36:2c:13:c8:67:
40:b4:bc:79:f2:e8:90:6f:a6:29:84:3e:eb:f4:3d:
eb:02:12:ca:ec:15:19:b1:c0:3c:d0:ac:e5:1d:9c:
fd:f7:67:33:09:e6:10:60:67:c2:24:10:f3:54:82:
d0:4a:6d:17:4a:35:6d:d6:6d:66:1a:47:77:8a:25:
bc:c9:f2:d6:b1:64:5f:b9:f5:d5:1e:bd:e8:3a:5a:
c3:3d:57:5c:65:b7:d2:18:37:30:f6:a6:6d:5d:d1:
62:28:f2:33:9c:bc:51:c3:10:b8:f0:71:d5:98:34:
50:85:d4:d1:49:55:83:20:00:71:e5:5c:6f:91:a1:
4b:06:00:60:02:54:44:8b:e8:90:bf:f7:25:7c:ee:
dc:f7:96:a8:4a:72:29:e7:fb:a9:8e:b9:fe:eb:19:
64:00:ca:df:2b:3e:ed:1a:19:ad:9a:ae:5e:a5:f6:
d3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:21:91:35:3F:D5:A8:68:7D:EF:D0:3E:83:A5:91:FA:DD:D5:40:56
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/KiGRNT_VqGh979A-g6WR-t3VQFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.145.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:21:01:c6:30:fa:ac:55:6c:af:ce:c3:32:7d:dc:b3:35:83:
8b:4e:d9:b9:a0:73:ea:80:ef:d7:89:f3:b7:2c:8f:69:4a:0e:
68:fd:aa:9b:22:d9:65:1e:7c:28:a3:5e:21:e4:4d:89:f1:4a:
bb:89:85:99:11:85:0e:d6:7f:23:a2:f5:1f:6d:7a:1f:2f:f2:
ac:20:eb:5b:b7:95:2d:86:eb:39:19:7b:c2:c2:ca:f6:5a:3d:
c5:26:d6:7f:aa:8b:e8:14:cc:c0:c3:58:e2:63:cc:f4:f1:8c:
6a:32:de:2d:e6:bf:68:b7:5a:48:3f:93:e6:ad:9b:b2:12:61:
e7:8e:c7:e0:70:e7:e3:bf:71:91:a2:49:df:85:a2:42:81:6f:
95:b2:5f:4a:44:1d:a3:0b:25:66:df:79:c2:c3:f2:22:14:b2:
b2:4b:79:05:42:f3:df:2e:1c:3d:38:10:1e:47:75:14:05:1f:
ff:d8:c4:9e:c4:fa:52:ea:a9:d1:97:1e:75:ff:af:58:f0:e2:
27:6e:2f:e9:fa:0e:21:8c:b7:c0:ea:3e:fc:78:15:4b:77:b9:
ac:66:ea:67:24:89:45:ce:dd:3d:b4:3f:71:c8:bc:dc:08:a4:
23:7b:c0:70:f6:72:c2:41:41:cd:94:e3:53:20:c4:21:3d:09:
2a:59:68:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLVRybHTWWrT6aFQ6RTU30oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjIwODI1MTM1MzA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTIxOTEzNTNmZDVhODY4N2RlZmQwM2U4M2E1OTFmYWRkZDU0MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBFQ9cCT06Y/9yyiKdulWbzZMzpj
+4+tUWY1zLW2MQsZglH6zHABW4iJCh2ic7Np+2adXB/5SAeFAT2zuwF3+i4WK2nv
9Xd890w6qtJzCw0Le96CNiwTyGdAtLx58uiQb6YphD7r9D3rAhLK7BUZscA80Kzl
HZz992czCeYQYGfCJBDzVILQSm0XSjVt1m1mGkd3iiW8yfLWsWRfufXVHr3oOlrD
PVdcZbfSGDcw9qZtXdFiKPIznLxRwxC48HHVmDRQhdTRSVWDIABx5VxvkaFLBgBg
AlREi+iQv/clfO7c95aoSnIp5/upjrn+6xlkAMrfKz7tGhmtmq5epfbTFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCohkTU/1ahofe/QPoOlkfrd1UBWMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvS2lHUk5UX1ZxR2g5NzlBLWc2V1ItdDNWUUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/iRMA0G
CSqGSIb3DQEBCwUAA4IBAQBKIQHGMPqsVWyvzsMyfdyzNYOLTtm5oHPqgO/XifO3
LI9pSg5o/aqbItllHnwoo14h5E2J8Uq7iYWZEYUO1n8jovUfbXofL/KsIOtbt5Ut
hus5GXvCwsr2Wj3FJtZ/qovoFMzAw1jiY8z08YxqMt4t5r9ot1pIP5PmrZuyEmHn
jsfgcOfjv3GRoknfhaJCgW+Vsl9KRB2jCyVm33nCw/IiFLKyS3kFQvPfLhw9OBAe
R3UUBR//2MSexPpS6qnRlx51/69Y8OInbi/p+g4hjLfA6j78eBVLd7msZupnJIlF
zt09tD9xyLzcCKQje8Bw9nLCQUHNlONTIMQhPQkqWWhk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:09 2023 by rpki-client on console-ams.rpki-client.org