Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/4222b2-c79c-4d5e-99d7-cdb281a2b3a8/1/KXTQ9gN9kI_kVi7Z9ZDYZiNQrc0.roa
File: KXTQ9gN9kI_kVi7Z9ZDYZiNQrc0.roa (raw, json)
Hash identifier: RJVRfTCAGdoPu7tX/n8IUMVE0TRNulKdgiMr2nXxFkg=
Subject key identifier: 29:74:D0:F6:03:7D:90:8F:E4:56:2E:D9:F5:90:D8:66:23:50:AD:CD
Certificate issuer: /CN=60333cd6f1b59c0b682e1da389237eda3e9da918
Certificate serial: 02208A
Authority key identifier: 60:33:3C:D6:F1:B5:9C:0B:68:2E:1D:A3:89:23:7E:DA:3E:9D:A9:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YDM81vG1nAtoLh2jiSN-2j6dqRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/4222b2-c79c-4d5e-99d7-cdb281a2b3a8/1/KXTQ9gN9kI_kVi7Z9ZDYZiNQrc0.roa
Signing time: Thu 28 Apr 2022 09:15:39 +0000
ROA not before: Thu 28 Apr 2022 09:15:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199871
IP address blocks: 195.149.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139402 (0x2208a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60333cd6f1b59c0b682e1da389237eda3e9da918
Validity
Not Before: Apr 28 09:15:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2974d0f6037d908fe4562ed9f590d8662350adcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:60:a4:d1:fd:4b:99:f7:8f:25:ad:c7:f5:cd:
1e:51:4d:7f:cc:a3:9c:51:0a:4b:bb:8a:8b:3f:03:
6d:9f:3e:70:d5:44:1a:da:9d:94:7b:0c:c2:b5:e8:
13:c8:e6:2a:4c:c2:3f:ae:e4:3c:56:f1:a9:2a:64:
55:c7:a3:16:83:06:a0:cd:bf:bc:5b:ea:dc:a0:1a:
13:69:2d:19:91:a9:ca:4b:5c:d0:f7:b5:c1:f2:33:
13:29:ca:25:8a:d3:6c:59:78:6a:85:81:d6:80:93:
98:2d:45:13:7d:2b:40:51:92:1a:9f:39:47:ff:ee:
7a:d4:7e:b0:06:50:5c:24:93:9b:b2:14:44:59:48:
7f:b9:7d:33:e7:7f:19:a2:e1:20:0b:29:c7:8d:97:
a8:e2:87:a1:61:53:f0:42:ae:42:e6:70:37:2b:5e:
6d:93:26:80:8b:d3:ef:d7:ce:0e:dc:58:84:59:af:
74:02:b3:05:f0:d6:21:c4:98:75:79:8f:39:5b:8c:
53:7f:5d:2d:50:a0:22:d1:b7:15:69:9f:64:3a:83:
b4:98:81:d7:0b:0e:17:d1:30:e8:20:ba:19:bd:64:
09:80:29:9b:bc:74:66:32:ad:05:51:af:f8:59:87:
64:80:45:a4:5b:5f:11:29:e7:57:d8:af:06:7b:01:
f9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:74:D0:F6:03:7D:90:8F:E4:56:2E:D9:F5:90:D8:66:23:50:AD:CD
X509v3 Authority Key Identifier:
keyid:60:33:3C:D6:F1:B5:9C:0B:68:2E:1D:A3:89:23:7E:DA:3E:9D:A9:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDM81vG1nAtoLh2jiSN-2j6dqRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4222b2-c79c-4d5e-99d7-cdb281a2b3a8/1/KXTQ9gN9kI_kVi7Z9ZDYZiNQrc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4222b2-c79c-4d5e-99d7-cdb281a2b3a8/1/YDM81vG1nAtoLh2jiSN-2j6dqRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.149.71.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:d3:f7:91:b3:72:e6:0f:28:c7:2e:05:ec:cb:e3:de:b7:cd:
ee:60:42:74:30:4a:c1:b4:78:25:47:c9:db:04:44:57:78:74:
1e:2d:c8:d0:2e:12:51:dc:aa:83:57:09:ba:2d:9d:b8:8d:ad:
47:f7:3e:91:32:92:08:f9:6a:c2:d1:10:30:c3:f4:ff:8e:45:
40:b0:31:24:94:ab:b8:5b:c0:9d:77:05:23:44:52:40:ae:ae:
1e:9f:a1:72:ee:ff:1b:dd:de:6c:d2:fe:ce:28:42:a1:55:a6:
36:48:93:94:36:53:20:a2:24:a2:02:09:f3:b9:42:1a:e7:d5:
42:0c:f9:98:2d:70:3d:9e:40:2b:57:a8:ff:1c:10:80:2d:ff:
ad:37:14:7d:4f:c1:08:bc:76:66:66:5f:5e:be:b2:e4:38:55:
bc:29:33:02:0f:9f:2b:a3:4b:37:a9:0a:55:92:ba:44:18:56:
34:17:74:dc:c3:05:61:22:2f:c6:3c:a7:ca:3b:db:5b:95:eb:
d1:0e:3d:90:18:bb:70:a3:e0:19:cc:2c:ed:dc:63:08:ff:50:
95:3a:ed:67:6d:25:d1:7e:da:ce:82:98:82:60:19:61:26:9f:
10:51:27:2c:7c:7f:f3:5d:ba:3e:15:2f:4b:23:7e:97:a0:9d:
14:ec:60:a6
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAiCKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYw
MzMzY2Q2ZjFiNTljMGI2ODJlMWRhMzg5MjM3ZWRhM2U5ZGE5MTgwHhcNMjIwNDI4
MDkxNTM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOTc0ZDBmNjAzN2Q5
MDhmZTQ1NjJlZDlmNTkwZDg2NjIzNTBhZGNkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuGCk0f1LmfePJa3H9c0eUU1/zKOcUQpLu4qLPwNtnz5w1UQa
2p2UewzCtegTyOYqTMI/ruQ8VvGpKmRVx6MWgwagzb+8W+rcoBoTaS0ZkanKS1zQ
97XB8jMTKcolitNsWXhqhYHWgJOYLUUTfStAUZIanzlH/+561H6wBlBcJJObshRE
WUh/uX0z538ZouEgCynHjZeo4oehYVPwQq5C5nA3K15tkyaAi9Pv184O3FiEWa90
ArMF8NYhxJh1eY85W4xTf10tUKAi0bcVaZ9kOoO0mIHXCw4X0TDoILoZvWQJgCmb
vHRmMq0FUa/4WYdkgEWkW18RKedX2K8GewH5WwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFCl00PYDfZCP5FYu2fWQ2GYjUK3NMB8GA1UdIwQYMBaAFGAzPNbxtZwLaC4d
o4kjfto+nakYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WURNODF2RzFuQXRvTGgyamlTTi0yajZkcVJnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yZC80MjIyYjItYzc5Yy00ZDVlLTk5ZDctY2RiMjgxYTJiM2E4LzEv
S1hUUTlnTjlrSV9rVmk3WjlaRFlaaU5RcmMwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80
MjIyYjItYzc5Yy00ZDVlLTk5ZDctY2RiMjgxYTJiM2E4LzEvWURNODF2RzFuQXRv
TGgyamlTTi0yajZkcVJnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5VHMA0GCSqGSIb3DQEBCwUAA4IB
AQCM0/eRs3LmDyjHLgXsy+Pet83uYEJ0MErBtHglR8nbBERXeHQeLcjQLhJR3KqD
Vwm6LZ24ja1H9z6RMpII+WrC0RAww/T/jkVAsDEklKu4W8CddwUjRFJArq4en6Fy
7v8b3d5s0v7OKEKhVaY2SJOUNlMgoiSiAgnzuUIa59VCDPmYLXA9nkArV6j/HBCA
Lf+tNxR9T8EIvHZmZl9evrLkOFW8KTMCD58ro0s3qQpVkrpEGFY0F3TcwwVhIi/G
PKfKO9tblevRDj2QGLtwo+AZzCzt3GMI/1CVOu1nbSXRftrOgpiCYBlhJp8QUScs
fH/zXbo+FS9LI36XoJ0U7GCm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-fra.rpki-client.org