Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/KHLbqXUbWMPz_1K2JuGSyhARiQM.roa
File: KHLbqXUbWMPz_1K2JuGSyhARiQM.roa (raw, json)
Hash identifier: l3sJOzagNa3f4WSI5mRYCWG0WaV6rmvka+nmjj9rAHE=
Subject key identifier: 28:72:DB:A9:75:1B:58:C3:F3:FF:52:B6:26:E1:92:CA:10:11:89:03
Certificate issuer: /CN=ba838f1ca8bdcd81c04b6b678e79be614e51b111
Certificate serial: 44C938
Authority key identifier: BA:83:8F:1C:A8:BD:CD:81:C0:4B:6B:67:8E:79:BE:61:4E:51:B1:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uoOPHKi9zYHAS2tnjnm-YU5RsRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/KHLbqXUbWMPz_1K2JuGSyhARiQM.roa
Signing time: Tue 26 Apr 2022 14:59:59 +0000
ROA not before: Tue 26 Apr 2022 14:59:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3303
IP address blocks: 91.230.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4507960 (0x44c938)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba838f1ca8bdcd81c04b6b678e79be614e51b111
Validity
Not Before: Apr 26 14:59:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2872dba9751b58c3f3ff52b626e192ca10118903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e6:14:0f:fe:f7:69:65:3d:16:df:3f:cf:12:
2e:c7:41:d6:b7:58:e5:75:b0:dd:23:fb:91:dc:1e:
54:fb:a3:b4:8b:e6:d7:90:5b:8d:b9:f5:9c:c6:90:
dd:c7:e8:76:bb:57:2d:e6:56:f4:aa:ab:ce:85:dd:
17:c1:bb:53:0b:3b:d3:3c:6d:2d:1c:46:d7:26:be:
f6:5a:9f:62:e1:54:02:6b:08:24:b4:10:87:09:46:
97:d5:64:5a:55:60:74:3f:34:5b:94:e7:51:ea:6d:
0c:21:1c:a0:75:8c:66:be:99:25:3c:c1:93:dc:1e:
e0:73:a8:55:09:a0:19:a6:c8:f8:26:e0:90:47:fd:
43:4b:0e:03:e1:bf:5a:59:43:02:69:94:49:64:a4:
a6:fb:18:9b:a3:79:79:4e:8e:e6:86:11:fb:e7:0f:
8b:09:f4:d7:c3:7b:a5:b0:90:36:64:7c:19:a3:88:
ea:c6:d7:7e:55:c7:4e:92:b5:12:d0:6c:79:29:24:
0e:3c:7f:79:a4:6d:d4:da:51:19:46:20:f0:c6:c3:
9f:8f:c0:7b:bc:58:7a:98:0e:ff:2a:8f:2a:cb:1d:
a0:1b:69:9c:29:14:d8:7e:4a:3f:78:d0:14:1d:0d:
0f:6a:bb:df:df:7b:0c:33:d9:36:b5:33:70:87:ed:
c9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:72:DB:A9:75:1B:58:C3:F3:FF:52:B6:26:E1:92:CA:10:11:89:03
X509v3 Authority Key Identifier:
keyid:BA:83:8F:1C:A8:BD:CD:81:C0:4B:6B:67:8E:79:BE:61:4E:51:B1:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uoOPHKi9zYHAS2tnjnm-YU5RsRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/KHLbqXUbWMPz_1K2JuGSyhARiQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/uoOPHKi9zYHAS2tnjnm-YU5RsRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.249.0/24
Signature Algorithm: sha256WithRSAEncryption
05:4a:d8:08:43:a6:fd:d7:c7:6e:6b:a2:2f:b8:98:ce:d7:96:
6b:46:7d:e3:58:51:93:ce:48:b9:90:01:ac:04:e3:32:9b:bf:
19:2f:20:a2:43:92:58:88:11:3c:cc:9c:0b:b5:88:31:e0:7a:
0d:c3:77:42:e3:68:21:90:9a:de:e7:90:53:ef:8e:db:73:72:
9f:1e:09:df:71:3c:6f:99:b7:87:6f:35:32:fe:1b:70:e9:31:
e0:4a:78:69:3b:a7:b4:4d:bc:b1:b0:03:c7:db:48:dd:08:54:
00:93:61:8c:88:fa:14:07:0e:23:6b:fe:7a:42:58:58:85:fd:
87:43:4e:92:5f:44:0e:6c:46:44:7d:90:fe:2d:bb:30:d2:60:
8a:36:54:7c:7c:28:6d:5d:07:0d:d8:dd:56:18:5b:81:83:63:
37:f6:e4:d5:2a:69:f3:2e:7e:07:c3:ff:01:90:45:61:17:bc:
ab:76:be:14:51:e5:86:a7:80:ef:a4:ea:df:e2:1c:66:79:b8:
7f:c5:4b:0e:8e:bc:b0:fa:34:ac:98:3e:3c:5b:7a:f7:10:36:
bb:d6:ae:0b:ff:5a:66:3c:ae:41:16:62:04:85:69:eb:97:cb:
44:03:95:95:2a:16:5c:07:94:9a:48:0b:5a:57:18:64:5d:f2:
f2:70:6d:84
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDRMk4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJh
ODM4ZjFjYThiZGNkODFjMDRiNmI2NzhlNzliZTYxNGU1MWIxMTEwHhcNMjIwNDI2
MTQ1OTU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyODcyZGJhOTc1MWI1
OGMzZjNmZjUyYjYyNmUxOTJjYTEwMTE4OTAzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5OYUD/73aWU9Ft8/zxIux0HWt1jldbDdI/uR3B5U+6O0i+bX
kFuNufWcxpDdx+h2u1ct5lb0qqvOhd0XwbtTCzvTPG0tHEbXJr72Wp9i4VQCawgk
tBCHCUaX1WRaVWB0PzRblOdR6m0MIRygdYxmvpklPMGT3B7gc6hVCaAZpsj4JuCQ
R/1DSw4D4b9aWUMCaZRJZKSm+xibo3l5To7mhhH75w+LCfTXw3ulsJA2ZHwZo4jq
xtd+VcdOkrUS0Gx5KSQOPH95pG3U2lEZRiDwxsOfj8B7vFh6mA7/Ko8qyx2gG2mc
KRTYfko/eNAUHQ0Parvf33sMM9k2tTNwh+3J+wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFChy26l1G1jD8/9StibhksoQEYkDMB8GA1UdIwQYMBaAFLqDjxyovc2BwEtr
Z455vmFOUbERMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dW9PUEhLaTl6WUhBUzJ0bmpubS1ZVTVSc1JFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zOC9kYjRlODgtZTU4ZC00MzQ1LTgwYzctMDkzZWI5YTlhYThiLzEv
S0hMYnFYVWJXTVB6XzFLMkp1R1N5aEFSaVFNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9k
YjRlODgtZTU4ZC00MzQ1LTgwYzctMDkzZWI5YTlhYThiLzEvdW9PUEhLaTl6WUhB
UzJ0bmpubS1ZVTVSc1JFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+b5MA0GCSqGSIb3DQEBCwUAA4IB
AQAFStgIQ6b918dua6IvuJjO15ZrRn3jWFGTzki5kAGsBOMym78ZLyCiQ5JYiBE8
zJwLtYgx4HoNw3dC42ghkJre55BT747bc3KfHgnfcTxvmbeHbzUy/htw6THgSnhp
O6e0TbyxsAPH20jdCFQAk2GMiPoUBw4ja/56QlhYhf2HQ06SX0QObEZEfZD+Lbsw
0mCKNlR8fChtXQcN2N1WGFuBg2M39uTVKmnzLn4Hw/8BkEVhF7yrdr4UUeWGp4Dv
pOrf4hxmebh/xUsOjryw+jSsmD48W3r3EDa71q4L/1pmPK5BFmIEhWnrl8tEA5WV
KhZcB5SaSAtaVxhkXfLycG2E
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:25 2023 by rpki-client on console-ams.rpki-client.org