Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/b7392f-8c88-4c38-915e-0cf77c1e8584/1/Kkur0uW9OqnjqHEvRPfcbMzb350.roa
File: Kkur0uW9OqnjqHEvRPfcbMzb350.roa (raw, json)
Hash identifier: RW54GvmTBQCRmLU3INBv4+bdnr/7aT4vZK97j51MWAs=
Subject key identifier: 2A:4B:AB:D2:E5:BD:3A:A9:E3:A8:71:2F:44:F7:DC:6C:CC:DB:DF:9D
Certificate issuer: /CN=9ce4dd86bcfd8b8f506a408051605ec74db6cea0
Certificate serial: 0112867C
Authority key identifier: 9C:E4:DD:86:BC:FD:8B:8F:50:6A:40:80:51:60:5E:C7:4D:B6:CE:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nOTdhrz9i49QakCAUWBex022zqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/b7392f-8c88-4c38-915e-0cf77c1e8584/1/Kkur0uW9OqnjqHEvRPfcbMzb350.roa
Signing time: Mon 07 Mar 2022 17:38:57 +0000
ROA not before: Mon 07 Mar 2022 17:38:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 212.52.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17991292 (0x112867c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ce4dd86bcfd8b8f506a408051605ec74db6cea0
Validity
Not Before: Mar 7 17:38:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a4babd2e5bd3aa9e3a8712f44f7dc6cccdbdf9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:56:3a:50:14:01:20:af:bb:74:25:ec:bc:1b:
02:fc:76:c2:75:da:f1:82:40:62:93:cd:d0:ec:e3:
79:90:b0:fb:a0:93:1f:05:ce:00:b9:b0:77:80:6e:
07:2c:55:79:8f:a3:d1:39:21:7a:fa:56:8c:c4:d5:
ec:35:6e:94:8e:57:64:32:28:d3:9d:fb:31:94:e0:
ca:e4:a5:bb:8e:db:1b:60:71:ea:cb:54:4c:b9:05:
57:92:5b:36:34:01:c6:40:f1:fa:ae:dd:45:db:73:
d1:98:0e:85:6a:17:49:2b:66:48:ce:47:60:2c:f7:
df:60:cc:3d:a6:1f:e1:55:98:71:2e:5e:30:64:e3:
17:5e:7f:e3:4a:9c:9d:da:82:c7:07:30:c0:b5:4e:
13:86:3c:62:b4:4a:9f:81:f9:b3:fc:aa:8a:f3:0c:
9e:d7:aa:81:18:27:32:88:38:a5:ea:cd:10:1d:60:
b2:ba:15:ad:d3:16:ba:75:54:a8:8d:33:ff:a6:35:
0a:73:6d:33:49:df:94:33:8f:a4:e7:1a:a1:ee:d1:
cc:c9:2e:ec:7e:a7:56:3e:a9:7f:c1:66:bc:83:3a:
e3:5a:71:cb:a0:e5:4c:b7:90:11:b3:ba:5c:71:3c:
0c:71:33:32:c1:08:80:b5:a2:cd:f2:4a:40:e0:34:
50:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:4B:AB:D2:E5:BD:3A:A9:E3:A8:71:2F:44:F7:DC:6C:CC:DB:DF:9D
X509v3 Authority Key Identifier:
keyid:9C:E4:DD:86:BC:FD:8B:8F:50:6A:40:80:51:60:5E:C7:4D:B6:CE:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nOTdhrz9i49QakCAUWBex022zqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/b7392f-8c88-4c38-915e-0cf77c1e8584/1/Kkur0uW9OqnjqHEvRPfcbMzb350.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/b7392f-8c88-4c38-915e-0cf77c1e8584/1/nOTdhrz9i49QakCAUWBex022zqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.52.29.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:fa:53:cf:68:59:c0:c5:8c:db:a4:a6:54:3a:11:23:17:b4:
ee:d7:20:e6:d1:61:d3:da:a0:7b:4f:ec:99:86:46:98:b0:d8:
52:50:ab:44:25:02:38:75:aa:e6:8e:ba:af:c8:f2:64:dc:00:
9e:ac:7d:f4:d3:82:db:97:c4:2a:5b:04:08:36:1e:07:2d:ee:
27:54:b3:54:1d:a8:93:dd:75:40:b5:19:05:2b:9d:5d:1c:21:
30:6e:c0:cc:e9:f8:3e:e1:98:59:0e:bb:5a:c3:65:ca:e0:1f:
f6:12:c8:e6:37:3c:d2:8d:c2:c7:b6:cf:c6:60:3b:37:69:14:
bc:7e:d7:08:d8:3c:4b:a0:a8:f4:0e:68:5a:5d:f1:4c:df:e5:
1a:a4:f6:6a:6b:8e:0b:35:1e:57:b1:8f:c1:c8:fd:c4:8c:14:
40:00:1c:fd:18:8d:e0:98:5c:6e:c5:91:c4:18:cb:4b:5d:89:
48:cd:fb:ba:2f:4e:7c:0f:ab:1c:f5:7a:93:3c:10:61:31:83:
5c:8f:f4:db:e5:e4:87:41:78:31:48:b0:c3:73:01:52:cf:4d:
41:bc:25:57:42:7d:1f:21:44:a3:3e:ca:48:ae:d6:12:a6:81:
38:73:ab:af:10:3d:eb:d0:f5:6e:f9:30:48:6f:71:8e:e7:83:
ff:3b:96:f3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEARKGfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Y2U0ZGQ4NmJjZmQ4YjhmNTA2YTQwODA1MTYwNWVjNzRkYjZjZWEwMB4XDTIyMDMw
NzE3Mzg1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE0YmFiZDJlNWJk
M2FhOWUzYTg3MTJmNDRmN2RjNmNjY2RiZGY5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVWOlAUASCvu3Ql7LwbAvx2wnXa8YJAYpPN0OzjeZCw+6CT
HwXOALmwd4BuByxVeY+j0TkhevpWjMTV7DVulI5XZDIo0537MZTgyuSlu47bG2Bx
6stUTLkFV5JbNjQBxkDx+q7dRdtz0ZgOhWoXSStmSM5HYCz332DMPaYf4VWYcS5e
MGTjF15/40qcndqCxwcwwLVOE4Y8YrRKn4H5s/yqivMMnteqgRgnMog4perNEB1g
sroVrdMWunVUqI0z/6Y1CnNtM0nflDOPpOcaoe7RzMku7H6nVj6pf8FmvIM641px
y6DlTLeQEbO6XHE8DHEzMsEIgLWizfJKQOA0UDMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQqS6vS5b06qeOocS9E99xszNvfnTAfBgNVHSMEGDAWgBSc5N2GvP2Lj1Bq
QIBRYF7HTbbOoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25PVGRocno5aTQ5UWFrQ0FVV0JleDAyMnpxQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvYjczOTJmLThjODgtNGMzOC05MTVlLTBjZjc3YzFlODU4NC8x
L0trdXIwdVc5T3FuanFIRXZSUGZjYk16YjM1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
YjczOTJmLThjODgtNGMzOC05MTVlLTBjZjc3YzFlODU4NC8xL25PVGRocno5aTQ5
UWFrQ0FVV0JleDAyMnpxQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQ0HTANBgkqhkiG9w0BAQsFAAOC
AQEAbPpTz2hZwMWM26SmVDoRIxe07tcg5tFh09qge0/smYZGmLDYUlCrRCUCOHWq
5o66r8jyZNwAnqx99NOC25fEKlsECDYeBy3uJ1SzVB2ok911QLUZBSudXRwhMG7A
zOn4PuGYWQ67WsNlyuAf9hLI5jc80o3Cx7bPxmA7N2kUvH7XCNg8S6Co9A5oWl3x
TN/lGqT2amuOCzUeV7GPwcj9xIwUQAAc/RiN4JhcbsWRxBjLS12JSM37ui9OfA+r
HPV6kzwQYTGDXI/02+Xkh0F4MUiww3MBUs9NQbwlV0J9HyFEoz7KSK7WEqaBOHOr
rxA969D1bvkwSG9xjueD/zuW8w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:15 2023 by rpki-client on console-fra.rpki-client.org