Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/8f5ef0-9a25-4946-aa71-0d3392a9eb93/1/KDS9iSuFD6XbTvHPhE9IUffb8Bg.roa
File: KDS9iSuFD6XbTvHPhE9IUffb8Bg.roa (raw, json)
Hash identifier: 9lluJyLWpGnQlRbzTB9XoGc559EGELpjqAxgcLk6N/Y=
Subject key identifier: 28:34:BD:89:2B:85:0F:A5:DB:4E:F1:CF:84:4F:48:51:F7:DB:F0:18
Certificate issuer: /CN=1196f87d5decfcbf04450b5fcf65b5b345f22464
Certificate serial: 092C85E1
Authority key identifier: 11:96:F8:7D:5D:EC:FC:BF:04:45:0B:5F:CF:65:B5:B3:45:F2:24:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EZb4fV3s_L8ERQtfz2W1s0XyJGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/8f5ef0-9a25-4946-aa71-0d3392a9eb93/1/KDS9iSuFD6XbTvHPhE9IUffb8Bg.roa
Signing time: Sat 01 Jan 2022 03:56:36 +0000
ROA not before: Sat 01 Jan 2022 03:56:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205394
IP address blocks: 139.28.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153912801 (0x92c85e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1196f87d5decfcbf04450b5fcf65b5b345f22464
Validity
Not Before: Jan 1 03:56:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2834bd892b850fa5db4ef1cf844f4851f7dbf018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:35:b3:25:08:7f:b1:b9:c7:6f:36:d3:ec:43:
53:d7:46:bc:b9:c3:7d:1c:fc:be:07:d2:46:6f:f7:
bc:e0:01:f2:fa:41:88:f3:22:cf:2a:58:34:6b:79:
16:27:d4:76:17:29:a7:5d:05:77:24:83:f4:c4:9a:
37:af:c9:d8:95:cd:e6:97:03:e6:85:d8:c9:df:66:
82:65:e4:63:68:64:e8:f0:69:f6:a6:a7:00:3b:4d:
3b:4f:ce:dd:c0:44:11:f0:49:40:ff:80:9d:45:2b:
54:77:48:95:ce:aa:7d:ff:b5:28:40:d8:cf:3f:4f:
dc:b6:f1:f4:c8:61:8a:80:56:47:d4:9d:a3:42:23:
7e:af:52:c2:9a:20:5c:f8:80:b0:51:54:f3:32:40:
6f:25:e8:36:7e:49:c6:df:8b:29:d4:0d:d0:bd:ca:
87:1d:71:57:ab:70:c6:6b:7f:f3:81:67:96:0b:24:
13:ee:5f:e9:da:f2:ec:b4:a1:b1:bb:ad:12:96:eb:
08:fd:b1:61:ae:7b:01:65:5a:f4:6e:8a:81:25:e2:
cf:64:89:7a:aa:5f:12:b7:de:e1:20:05:ee:cf:59:
ba:85:4b:75:dd:e7:ea:b3:ac:ff:c1:96:ad:c6:0b:
24:c4:e5:a9:df:0e:e8:23:15:48:40:fc:6c:8a:c8:
35:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:34:BD:89:2B:85:0F:A5:DB:4E:F1:CF:84:4F:48:51:F7:DB:F0:18
X509v3 Authority Key Identifier:
keyid:11:96:F8:7D:5D:EC:FC:BF:04:45:0B:5F:CF:65:B5:B3:45:F2:24:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EZb4fV3s_L8ERQtfz2W1s0XyJGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8f5ef0-9a25-4946-aa71-0d3392a9eb93/1/KDS9iSuFD6XbTvHPhE9IUffb8Bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8f5ef0-9a25-4946-aa71-0d3392a9eb93/1/EZb4fV3s_L8ERQtfz2W1s0XyJGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.100.0/22
Signature Algorithm: sha256WithRSAEncryption
41:ed:95:ff:56:a8:5d:88:88:26:63:d6:10:9b:a5:32:14:8c:
80:39:b8:65:ca:ef:fe:39:c8:c3:19:3a:1c:07:bd:53:ee:f5:
91:ac:47:b2:9a:0f:14:0d:d6:a5:41:e9:29:13:5a:5d:6f:49:
7e:fc:17:c7:bb:c7:fe:9f:cf:34:e6:54:93:e4:65:db:27:26:
a6:c1:08:a3:20:ba:c0:cc:64:ec:ed:27:7a:72:cb:60:dc:49:
85:45:9a:bd:42:dc:c1:8f:a9:38:0e:aa:29:03:8d:ef:7a:d1:
d0:61:0b:c7:a3:a5:97:91:31:e4:63:5a:e6:e3:7f:65:23:90:
79:96:15:22:15:fb:f3:9a:1b:31:45:d1:38:06:21:b5:a2:ab:
a7:35:f7:f6:ee:a5:35:d0:7b:0f:b7:bb:fa:7c:d5:43:75:34:
03:2c:58:cb:6b:9d:06:da:79:7b:fc:32:73:ec:15:1f:de:ca:
97:fb:00:3e:b9:71:78:10:a5:79:04:c9:c7:a8:21:c0:14:82:
26:8c:39:08:c2:d5:59:43:f4:d3:47:9f:97:3b:d7:18:84:30:
5a:90:75:f5:03:14:53:78:47:f2:0a:af:fc:80:f1:0a:c7:e7:
c8:2f:69:f6:44:d1:fa:db:02:50:26:8c:91:0d:ab:7b:b3:12:
b9:f2:ca:43
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECSyF4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MTk2Zjg3ZDVkZWNmY2JmMDQ0NTBiNWZjZjY1YjViMzQ1ZjIyNDY0MB4XDTIyMDEw
MTAzNTYzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjgzNGJkODkyYjg1
MGZhNWRiNGVmMWNmODQ0ZjQ4NTFmN2RiZjAxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMA1syUIf7G5x2820+xDU9dGvLnDfRz8vgfSRm/3vOAB8vpB
iPMizypYNGt5FifUdhcpp10FdySD9MSaN6/J2JXN5pcD5oXYyd9mgmXkY2hk6PBp
9qanADtNO0/O3cBEEfBJQP+AnUUrVHdIlc6qff+1KEDYzz9P3Lbx9MhhioBWR9Sd
o0Ijfq9SwpogXPiAsFFU8zJAbyXoNn5Jxt+LKdQN0L3Khx1xV6twxmt/84Fnlgsk
E+5f6dry7LShsbutEpbrCP2xYa57AWVa9G6KgSXiz2SJeqpfErfe4SAF7s9ZuoVL
dd3n6rOs/8GWrcYLJMTlqd8O6CMVSED8bIrINZkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQoNL2JK4UPpdtO8c+ET0hR99vwGDAfBgNVHSMEGDAWgBQRlvh9Xez8vwRF
C1/PZbWzRfIkZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VaYjRmVjNzX0w4RVJRdGZ6MlcxczBYeUpHUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvOGY1ZWYwLTlhMjUtNDk0Ni1hYTcxLTBkMzM5MmE5ZWI5My8x
L0tEUzlpU3VGRDZYYlR2SFBoRTlJVWZmYjhCZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
OGY1ZWYwLTlhMjUtNDk0Ni1hYTcxLTBkMzM5MmE5ZWI5My8xL0VaYjRmVjNzX0w4
RVJRdGZ6MlcxczBYeUpHUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAoscZDANBgkqhkiG9w0BAQsFAAOC
AQEAQe2V/1aoXYiIJmPWEJulMhSMgDm4Zcrv/jnIwxk6HAe9U+71kaxHspoPFA3W
pUHpKRNaXW9JfvwXx7vH/p/PNOZUk+Rl2ycmpsEIoyC6wMxk7O0nenLLYNxJhUWa
vULcwY+pOA6qKQON73rR0GELx6Oll5Ex5GNa5uN/ZSOQeZYVIhX785obMUXROAYh
taKrpzX39u6lNdB7D7e7+nzVQ3U0AyxYy2udBtp5e/wyc+wVH97Kl/sAPrlxeBCl
eQTJx6ghwBSCJow5CMLVWUP000eflzvXGIQwWpB19QMUU3hH8gqv/IDxCsfnyC9p
9kTR+tsCUCaMkQ2re7MSufLKQw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:16 2023 by rpki-client on console-ams.rpki-client.org