Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/kJKfU5p7jZev3fikDeZWTECUEwE.roa
File: kJKfU5p7jZev3fikDeZWTECUEwE.roa (raw, json)
Hash identifier: mRUJmwES72nrg+Zh/rq9jFLmFrvoTRE5zHH4cpsDcME=
Subject key identifier: 90:92:9F:53:9A:7B:8D:97:AF:DD:F8:A4:0D:E6:56:4C:40:94:13:01
Certificate issuer: /CN=1ec0434a5c3cf2374ca360331926ae7d24ac345b
Certificate serial: 04A792F5
Authority key identifier: 1E:C0:43:4A:5C:3C:F2:37:4C:A3:60:33:19:26:AE:7D:24:AC:34:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HsBDSlw88jdMo2AzGSaufSSsNFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/kJKfU5p7jZev3fikDeZWTECUEwE.roa
Signing time: Sat 01 Jan 2022 10:01:10 +0000
ROA not before: Sat 01 Jan 2022 10:01:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.201.20.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78090997 (0x4a792f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ec0434a5c3cf2374ca360331926ae7d24ac345b
Validity
Not Before: Jan 1 10:01:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90929f539a7b8d97afddf8a40de6564c40941301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c7:08:44:17:f9:3a:d1:06:17:af:93:01:95:
c5:fa:f7:27:4a:5e:04:90:a8:da:28:5a:a4:4c:56:
bc:30:3c:56:5e:ff:c6:e2:6e:94:df:40:36:f8:52:
42:68:45:f0:ab:ca:73:53:7e:79:2b:d0:7b:30:cc:
0b:d7:97:86:ad:15:4f:d8:c2:83:aa:0e:6e:cc:af:
d7:1b:4c:97:39:89:71:0b:3a:3b:c7:1c:81:0d:5e:
1b:e4:73:fb:ac:0c:18:e1:70:11:d9:9d:81:df:d6:
3a:11:44:84:42:70:20:71:2d:52:84:1e:dc:9c:bd:
00:a3:b3:30:d8:e4:78:a9:52:3b:8b:76:12:70:5b:
b1:98:e4:64:b1:21:94:16:2b:bd:33:71:1e:67:4e:
f1:50:3b:30:c3:ad:a5:2b:1e:bf:af:61:24:5e:6b:
bb:46:5c:88:cb:47:bc:23:6f:ad:70:5c:06:6d:04:
64:77:63:80:5a:a3:e6:c2:bb:4b:bd:25:b3:cb:98:
f4:88:e0:f3:cc:33:da:0e:8b:fa:ed:b2:cf:f9:f7:
77:19:e6:39:29:68:58:3b:a7:b0:32:5f:b4:be:61:
21:9b:f3:88:7b:eb:43:11:00:a0:37:e8:57:95:10:
08:43:93:db:cc:91:08:35:db:b5:f9:5d:fd:9f:2c:
d9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:92:9F:53:9A:7B:8D:97:AF:DD:F8:A4:0D:E6:56:4C:40:94:13:01
X509v3 Authority Key Identifier:
keyid:1E:C0:43:4A:5C:3C:F2:37:4C:A3:60:33:19:26:AE:7D:24:AC:34:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HsBDSlw88jdMo2AzGSaufSSsNFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/kJKfU5p7jZev3fikDeZWTECUEwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5404-5ea4-4776-8cec-aedbbf468028/1/HsBDSlw88jdMo2AzGSaufSSsNFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.20.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:84:db:70:f4:f2:6f:c4:2b:49:42:b8:ad:bb:da:95:e7:ea:
ad:14:3c:04:5c:e3:1c:f7:75:05:b9:4a:54:03:9a:99:65:de:
fd:f3:68:31:96:63:79:d8:69:ae:a7:74:14:b2:71:57:15:00:
88:b1:02:cd:26:9c:0f:92:ae:6b:30:c4:ee:fb:5b:5c:cc:b2:
91:56:f4:84:fa:72:fb:2a:1f:27:fb:4c:72:c7:3a:3b:49:c0:
92:9e:90:17:92:c5:c7:f1:60:d1:b8:31:e9:65:2a:74:78:b8:
d7:cd:d1:46:c4:79:03:f0:1d:fb:98:b2:bf:f6:02:ba:a3:ed:
06:bf:8f:4a:c2:e3:dc:c2:dd:11:c7:86:05:a9:61:03:3f:0f:
59:01:b8:d2:48:75:db:f9:bc:45:c5:24:e5:2b:da:0e:62:06:
29:e1:5e:bb:70:d6:e2:a3:7c:e8:8c:3f:75:1c:41:58:a8:01:
30:39:e0:d0:ab:35:b8:b6:df:6d:d3:27:96:05:37:a3:68:f6:
38:49:c6:6d:04:f0:c0:2a:a3:fe:7c:4e:a3:6b:f9:7f:5d:45:
9b:44:1a:ad:30:a4:43:1e:d3:2b:a8:53:0b:74:8c:1a:54:5e:
27:4a:c8:a8:99:10:5b:e7:aa:55:07:37:9a:5c:14:71:c8:b4:
98:d7:37:fc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBKeS9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZWMwNDM0YTVjM2NmMjM3NGNhMzYwMzMxOTI2YWU3ZDI0YWMzNDViMB4XDTIyMDEw
MTEwMDExMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTA5MjlmNTM5YTdi
OGQ5N2FmZGRmOGE0MGRlNjU2NGM0MDk0MTMwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPHCEQX+TrRBhevkwGVxfr3J0peBJCo2ihapExWvDA8Vl7/
xuJulN9ANvhSQmhF8KvKc1N+eSvQezDMC9eXhq0VT9jCg6oObsyv1xtMlzmJcQs6
O8ccgQ1eG+Rz+6wMGOFwEdmdgd/WOhFEhEJwIHEtUoQe3Jy9AKOzMNjkeKlSO4t2
EnBbsZjkZLEhlBYrvTNxHmdO8VA7MMOtpSsev69hJF5ru0ZciMtHvCNvrXBcBm0E
ZHdjgFqj5sK7S70ls8uY9Ijg88wz2g6L+u2yz/n3dxnmOSloWDunsDJftL5hIZvz
iHvrQxEAoDfoV5UQCEOT28yRCDXbtfld/Z8s2TsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSQkp9TmnuNl6/d+KQN5lZMQJQTATAfBgNVHSMEGDAWgBQewENKXDzyN0yj
YDMZJq59JKw0WzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hzQkRTbHc4OGpkTW8yQXpHU2F1ZlNTc05Gcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvOWM1NDA0LTVlYTQtNDc3Ni04Y2VjLWFlZGJiZjQ2ODAyOC8x
L2tKS2ZVNXA3alpldjNmaWtEZVpXVEVDVUV3RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
OWM1NDA0LTVlYTQtNDc3Ni04Y2VjLWFlZGJiZjQ2ODAyOC8xL0hzQkRTbHc4OGpk
TW8yQXpHU2F1ZlNTc05Gcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnJFDANBgkqhkiG9w0BAQsFAAOC
AQEAO4TbcPTyb8QrSUK4rbvalefqrRQ8BFzjHPd1BblKVAOamWXe/fNoMZZjedhp
rqd0FLJxVxUAiLECzSacD5KuazDE7vtbXMyykVb0hPpy+yofJ/tMcsc6O0nAkp6Q
F5LFx/Fg0bgx6WUqdHi4183RRsR5A/Ad+5iyv/YCuqPtBr+PSsLj3MLdEceGBalh
Az8PWQG40kh12/m8RcUk5SvaDmIGKeFeu3DW4qN86Iw/dRxBWKgBMDng0Ks1uLbf
bdMnlgU3o2j2OEnGbQTwwCqj/nxOo2v5f11Fm0QarTCkQx7TK6hTC3SMGlReJ0rI
qJkQW+eqVQc3mlwUcci0mNc3/A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:47 2023 by rpki-client on console-ams.rpki-client.org