Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/kbxHnVvkgQXmiVtdM2vXWGxc71Q.roa
File: kbxHnVvkgQXmiVtdM2vXWGxc71Q.roa (raw, json)
Hash identifier: XHOtq7a/JowRlYnDJ1Gm4rytdk9W9QnQX8FbAK9GMdo=
Subject key identifier: 91:BC:47:9D:5B:E4:81:05:E6:89:5B:5D:33:6B:D7:58:6C:5C:EF:54
Certificate issuer: /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial: 0181D42A938062DC6999A238DC0B15DA97B7
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/kbxHnVvkgQXmiVtdM2vXWGxc71Q.roa
Signing time: Wed 06 Jul 2022 15:39:28 +0000
ROA not before: Wed 06 Jul 2022 15:39:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 45.140.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d4:2a:93:80:62:dc:69:99:a2:38:dc:0b:15:da:97:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Validity
Not Before: Jul 6 15:39:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91bc479d5be48105e6895b5d336bd7586c5cef54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e7:2f:c2:a7:de:63:f0:89:da:77:74:e8:00:
b2:c8:c5:69:7d:5a:44:ae:b9:50:29:3b:66:a7:c1:
85:0a:43:38:cb:88:92:73:10:dc:7e:de:d2:cf:49:
15:e9:da:e0:7d:68:c1:cd:0d:3e:ab:e7:82:8e:60:
b6:b1:af:b9:d7:53:76:e5:73:7e:45:7a:64:86:ef:
70:2e:d0:49:5a:db:2c:2a:d4:68:95:87:c6:49:e1:
05:d2:53:37:0d:19:6e:9b:a3:3e:10:e1:a6:64:fc:
29:89:db:73:f9:1d:e2:76:1a:78:85:63:d0:33:14:
1b:00:b8:17:3d:10:b9:1a:41:a9:10:8f:38:33:6e:
5d:2e:a8:00:d6:9d:ca:90:1f:11:54:e8:17:c9:d3:
30:8c:34:ab:81:94:bb:15:ab:c1:a7:2d:71:3e:f4:
3b:5f:4a:0d:2e:e3:3c:fb:74:3e:a7:13:ad:61:e8:
b1:05:26:4f:c1:6b:ae:de:08:94:e5:54:ca:58:5f:
0b:f4:db:f4:8e:c7:06:74:45:e6:b2:64:3a:b7:b1:
11:04:3e:34:83:be:ca:fe:8c:5f:be:27:90:97:2d:
b9:dd:49:1c:a4:7d:9f:32:ca:f9:46:69:47:ea:10:
16:cb:f0:05:b7:de:e0:a5:55:9f:81:66:0a:0d:d8:
cd:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:BC:47:9D:5B:E4:81:05:E6:89:5B:5D:33:6B:D7:58:6C:5C:EF:54
X509v3 Authority Key Identifier:
keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/kbxHnVvkgQXmiVtdM2vXWGxc71Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.246.0/24
Signature Algorithm: sha256WithRSAEncryption
47:61:ee:04:6f:64:8b:61:de:57:ec:a9:84:d0:69:44:cf:6a:
69:ab:de:5f:a4:86:48:c6:d0:30:4a:3f:f9:9b:bf:2e:0d:e4:
e9:1a:46:d4:0e:1c:19:21:e9:a2:e8:87:8a:e6:9b:7a:8d:bd:
2a:ae:36:81:8e:c5:08:8d:cb:d0:71:72:e1:63:0c:2f:ef:ea:
cb:73:55:5b:02:b2:50:8b:e3:7f:b8:0d:a7:6a:15:63:06:ee:
d2:7d:65:f6:4c:34:55:70:f5:ca:e6:88:eb:b8:09:3e:ae:0d:
db:f6:fa:8d:78:0c:f3:9f:b9:d6:67:57:7f:6a:87:d7:ab:69:
fe:2e:cb:fa:e2:02:0d:d2:d8:a4:08:41:f8:d0:16:03:d7:af:
df:10:cf:92:d5:ad:92:34:60:d6:b3:15:36:1b:1e:0b:57:cd:
e7:8a:dd:38:01:2d:6e:a1:90:8a:eb:8e:5d:3b:e8:f1:b8:51:
e9:a7:e1:25:11:c9:7f:cb:43:56:3c:03:b2:11:b6:90:47:7a:
e8:3e:56:7f:3e:18:c0:51:09:c9:4a:2e:4c:d6:f9:9a:ad:99:
bc:36:c6:64:6a:be:1c:22:49:22:ef:ad:21:b2:c0:14:4c:0c:
e6:39:c0:50:87:34:a9:73:da:0f:2f:e7:ba:00:bb:49:e7:78:
0b:49:03:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHUKpOAYtxpmaI43AsV2pe3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGUxMjRlMGY4YWRiNGU3ZDk1NzZjZWFlMzI1ZjY2OGRk
MjI0YjEwHhcNMjIwNzA2MTUzOTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWJjNDc5ZDViZTQ4MTA1ZTY4OTViNWQzMzZiZDc1ODZjNWNlZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnecvwqfeY/CJ2nd06ACyyMVpfVpE
rrlQKTtmp8GFCkM4y4iScxDcft7Sz0kV6drgfWjBzQ0+q+eCjmC2sa+511N25XN+
RXpkhu9wLtBJWtssKtRolYfGSeEF0lM3DRlum6M+EOGmZPwpidtz+R3idhp4hWPQ
MxQbALgXPRC5GkGpEI84M25dLqgA1p3KkB8RVOgXydMwjDSrgZS7FavBpy1xPvQ7
X0oNLuM8+3Q+pxOtYeixBSZPwWuu3giU5VTKWF8L9Nv0jscGdEXmsmQ6t7ERBD40
g77K/oxfvieQly253UkcpH2fMsr5RmlH6hAWy/AFt97gpVWfgWYKDdjNdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJG8R51b5IEF5olbXTNr11hsXO9UMB8GA1UdIwQY
MBaAFNHeEk4PittOfZV2zq4yX2aN0iSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTct
NGY0YzliMzQzZTkwLzEva2J4SG5WdmtnUVhtaVZ0ZE0ydlhXR3hjNzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTctNGY0YzliMzQzZTkw
LzEvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYz2MA0G
CSqGSIb3DQEBCwUAA4IBAQBHYe4Eb2SLYd5X7KmE0GlEz2ppq95fpIZIxtAwSj/5
m78uDeTpGkbUDhwZIemi6IeK5pt6jb0qrjaBjsUIjcvQcXLhYwwv7+rLc1VbArJQ
i+N/uA2nahVjBu7SfWX2TDRVcPXK5ojruAk+rg3b9vqNeAzzn7nWZ1d/aofXq2n+
Lsv64gIN0tikCEH40BYD16/fEM+S1a2SNGDWsxU2Gx4LV83nit04AS1uoZCK645d
O+jxuFHpp+ElEcl/y0NWPAOyEbaQR3roPlZ/PhjAUQnJSi5M1vmarZm8NsZkar4c
Ikki760hssAUTAzmOcBQhzSpc9oPL+e6ALtJ53gLSQNR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:48 2023 by rpki-client on console-fra.rpki-client.org