Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/kidy9CF_2MIDCT15UOF27-ocmgo.roa
File: kidy9CF_2MIDCT15UOF27-ocmgo.roa (raw, json)
Hash identifier: qiRInRsvcy4EqY8V7NO6Gwi+WFSbtfJpagbzKKegtn0=
Subject key identifier: 92:27:72:F4:21:7F:D8:C2:03:09:3D:79:50:E1:76:EF:EA:1C:9A:0A
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 138BDA44
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/kidy9CF_2MIDCT15UOF27-ocmgo.roa
Signing time: Sat 01 Jan 2022 05:56:20 +0000
ROA not before: Sat 01 Jan 2022 05:56:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202965
IP address blocks: 45.67.117.0/24 maxlen: 24
91.242.72.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 327932484 (0x138bda44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 05:56:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=922772f4217fd8c203093d7950e176efea1c9a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e2:f7:04:e3:ae:a4:07:89:a1:f0:5f:e2:4d:
25:51:60:8a:e0:ea:11:f6:b7:9f:f5:ba:3e:44:b7:
d8:b9:c9:40:22:e6:8d:79:77:ae:c6:99:21:73:9c:
c0:bc:0d:29:54:fb:be:64:13:89:56:80:b3:ec:38:
45:26:92:4b:46:c9:7b:a7:bc:ba:1a:f3:d1:f9:73:
14:8e:f7:ab:78:05:d8:73:0b:a7:c8:79:06:9c:4e:
1b:2c:68:4d:fe:f9:09:60:20:43:22:57:55:5c:ad:
37:c9:9b:bf:df:93:9a:3c:3a:3a:e0:d7:bf:06:af:
11:8e:cf:4d:68:42:68:a9:4c:fc:4a:e7:0a:c1:69:
5b:19:42:42:97:fd:71:9d:0c:1d:16:0f:e4:48:28:
19:d8:52:e5:94:7b:90:5d:30:ac:c7:c0:26:6c:22:
c0:1b:7d:e5:d1:64:36:61:0c:14:c5:e6:0d:73:8e:
af:90:93:8b:bb:70:e6:66:83:9f:80:c9:3f:b9:56:
95:ff:b1:65:07:78:99:74:79:e5:4a:94:1a:38:1f:
39:4a:c5:6c:35:4c:34:e9:67:bd:cb:18:67:fe:4e:
53:0f:1b:23:31:5e:f4:b3:5b:02:13:39:aa:7d:33:
1b:1b:8f:37:c9:9f:36:16:76:d7:31:85:da:b8:ef:
e6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:27:72:F4:21:7F:D8:C2:03:09:3D:79:50:E1:76:EF:EA:1C:9A:0A
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/kidy9CF_2MIDCT15UOF27-ocmgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.117.0/24
91.242.72.0/23
Signature Algorithm: sha256WithRSAEncryption
19:39:7e:5a:38:8d:fb:9b:28:9a:b8:8c:ff:dc:0e:55:cb:be:
99:24:6e:0d:dd:a5:df:10:5c:36:54:39:90:06:d5:33:a3:7d:
b8:d1:0e:14:0e:28:d3:0c:5d:35:66:d3:9d:18:07:b2:73:35:
31:cf:ba:94:c9:65:7b:af:9f:fd:c3:93:dd:87:fa:31:86:ab:
8e:75:06:00:45:a4:c2:3f:da:59:0a:30:29:25:0e:a3:30:ed:
95:49:a5:e8:b7:ac:20:c4:d0:19:83:55:16:e1:55:46:f7:d2:
42:c8:6a:19:97:de:bd:24:bf:87:1b:48:37:b2:67:c3:98:5c:
9e:48:17:06:ae:45:2a:0c:73:ca:a1:bb:21:b6:b8:d9:9a:f5:
26:40:68:07:4d:97:36:6f:98:00:63:cd:fa:92:74:73:2b:bc:
ba:3f:ac:a8:57:77:1d:f0:0a:d6:83:61:52:40:0d:0c:37:af:
c8:94:67:3f:f2:3c:d8:cd:f8:01:41:9e:fc:58:b5:c6:67:36:
0c:08:15:e2:ae:9b:8a:bc:76:ff:07:3b:c7:3c:b9:7a:40:7c:
97:86:76:9d:1a:e8:a3:2d:c3:31:c0:61:90:36:ad:17:e7:95:
0c:eb:92:89:72:37:aa:2e:d5:1f:1d:d6:cd:b6:66:da:4f:b9:
e0:52:cf:42
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEE4vaRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
MTA1NTYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIyNzcyZjQyMTdm
ZDhjMjAzMDkzZDc5NTBlMTc2ZWZlYTFjOWEwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLi9wTjrqQHiaHwX+JNJVFgiuDqEfa3n/W6PkS32LnJQCLm
jXl3rsaZIXOcwLwNKVT7vmQTiVaAs+w4RSaSS0bJe6e8uhrz0flzFI73q3gF2HML
p8h5BpxOGyxoTf75CWAgQyJXVVytN8mbv9+Tmjw6OuDXvwavEY7PTWhCaKlM/Ern
CsFpWxlCQpf9cZ0MHRYP5EgoGdhS5ZR7kF0wrMfAJmwiwBt95dFkNmEMFMXmDXOO
r5CTi7tw5maDn4DJP7lWlf+xZQd4mXR55UqUGjgfOUrFbDVMNOlnvcsYZ/5OUw8b
IzFe9LNbAhM5qn0zGxuPN8mfNhZ21zGF2rjv5iMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSSJ3L0IX/YwgMJPXlQ4Xbv6hyaCjAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L2tpZHk5Q0ZfMk1JRENUMTVVT0YyNy1vY21nby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC1DdQMEAVvySDANBgkqhkiG9w0B
AQsFAAOCAQEAGTl+WjiN+5somriM/9wOVcu+mSRuDd2l3xBcNlQ5kAbVM6N9uNEO
FA4o0wxdNWbTnRgHsnM1Mc+6lMlle6+f/cOT3Yf6MYarjnUGAEWkwj/aWQowKSUO
ozDtlUml6LesIMTQGYNVFuFVRvfSQshqGZfevSS/hxtIN7Jnw5hcnkgXBq5FKgxz
yqG7Iba42Zr1JkBoB02XNm+YAGPN+pJ0cyu8uj+sqFd3HfAK1oNhUkANDDevyJRn
P/I82M34AUGe/Fi1xmc2DAgV4q6birx2/wc7xzy5ekB8l4Z2nRrooy3DMcBhkDat
F+eVDOuSiXI3qi7VHx3WzbZm2k+54FLPQg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org