Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/fd220b-5f70-49c2-9cc7-908419d39401/1/KJFfEKeharHyTFRO0Wygv1CXr3I.roa
File: KJFfEKeharHyTFRO0Wygv1CXr3I.roa (raw, json)
Hash identifier: 4D2H+D71eWTSIrsxp7G21LBbnxs4Z0tCanFgrKi31BE=
Subject key identifier: 28:91:5F:10:A7:A1:6A:B1:F2:4C:54:4E:D1:6C:A0:BF:50:97:AF:72
Certificate issuer: /CN=bf6c1df662374d4aecd0c8b3f84312df42125599
Certificate serial: 052A5FE7
Authority key identifier: BF:6C:1D:F6:62:37:4D:4A:EC:D0:C8:B3:F8:43:12:DF:42:12:55:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v2wd9mI3TUrs0Miz-EMS30ISVZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/fd220b-5f70-49c2-9cc7-908419d39401/1/KJFfEKeharHyTFRO0Wygv1CXr3I.roa
Signing time: Sat 01 Jan 2022 14:01:26 +0000
ROA not before: Sat 01 Jan 2022 14:01:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 194.33.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86663143 (0x52a5fe7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf6c1df662374d4aecd0c8b3f84312df42125599
Validity
Not Before: Jan 1 14:01:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28915f10a7a16ab1f24c544ed16ca0bf5097af72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:05:a8:31:a6:44:96:12:1f:6b:ec:a8:d9:39:
5e:1f:ab:3c:6a:c8:9a:af:16:dc:a6:02:79:80:84:
65:28:d5:ba:6c:26:7e:83:3a:fc:f0:1a:9a:4b:fd:
eb:6b:0f:58:4a:57:c8:15:a0:d4:8e:7c:fe:ba:aa:
11:d2:dc:05:7b:d2:ce:70:77:f5:f7:04:6c:ef:ff:
1c:90:e8:1a:19:ff:c9:34:35:77:85:30:fc:f9:a8:
42:dc:b1:4b:42:77:41:ff:d2:02:57:d2:a0:22:e8:
3b:a6:14:b0:77:1d:84:0c:4b:2e:de:6b:0b:2f:94:
f2:89:45:e7:32:97:6a:22:18:c2:9a:86:68:5b:dc:
ea:b6:6d:c8:11:87:e2:d3:68:9d:3d:3e:18:3b:f2:
9c:f6:2e:9e:c9:1e:df:0b:14:1c:a8:16:5f:8b:64:
5a:a3:ac:36:e9:2a:5a:06:e5:5b:ee:0c:fc:11:98:
2b:f1:7d:62:63:2c:cc:d1:8a:c6:99:6b:78:81:4a:
74:1f:c1:96:b2:6f:39:6b:d0:35:26:6b:97:20:07:
98:63:59:47:9f:45:d0:fd:a2:eb:7e:9d:97:7c:cc:
bc:1c:a9:4d:8f:38:8a:b9:58:55:ad:45:51:b1:1a:
0c:a4:00:d3:f9:43:cf:9d:71:e4:12:b4:78:27:f5:
af:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:91:5F:10:A7:A1:6A:B1:F2:4C:54:4E:D1:6C:A0:BF:50:97:AF:72
X509v3 Authority Key Identifier:
keyid:BF:6C:1D:F6:62:37:4D:4A:EC:D0:C8:B3:F8:43:12:DF:42:12:55:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v2wd9mI3TUrs0Miz-EMS30ISVZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fd220b-5f70-49c2-9cc7-908419d39401/1/KJFfEKeharHyTFRO0Wygv1CXr3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fd220b-5f70-49c2-9cc7-908419d39401/1/v2wd9mI3TUrs0Miz-EMS30ISVZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.184.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:30:f7:e3:1f:7e:eb:f0:7e:05:30:61:24:21:64:d6:82:5f:
65:18:38:0d:3e:bb:4b:4e:d8:d2:12:50:76:f5:61:66:2a:1a:
56:40:28:0a:56:d9:0a:28:8a:58:2f:db:0f:b6:2d:64:87:13:
c8:16:28:00:e6:e4:4f:62:41:1e:36:4d:df:4b:47:42:02:f7:
cb:79:09:3e:56:d9:d0:97:2d:02:89:2a:0b:a8:4d:28:ab:e1:
8d:da:2d:38:90:95:b9:0b:3b:49:df:51:28:f2:60:34:ad:bf:
3f:35:5f:2b:f5:f6:63:4d:6e:93:86:88:76:c4:3f:52:36:75:
db:37:4b:a8:f5:f8:a9:e6:1d:43:a8:e1:0e:b2:b5:a3:cf:44:
cb:36:e1:ea:19:01:bd:bd:b8:5f:87:73:05:db:8a:67:05:8d:
85:19:94:38:5a:66:80:17:73:5e:0c:6d:e2:0b:14:48:71:00:
8a:62:ea:f1:99:21:3b:12:32:4c:4c:17:73:08:41:d3:4b:82:
b2:31:8e:8f:31:f3:b7:0d:73:a4:08:98:5b:27:b3:84:d0:07:
e4:ad:ce:76:c3:9c:47:5b:9d:25:8e:df:3a:a4:70:f1:0a:81:
f7:5a:b9:86:e4:00:f6:55:fe:c9:a4:b5:a5:e1:81:46:54:a7:
8f:b6:dd:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBSpf5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZjZjMWRmNjYyMzc0ZDRhZWNkMGM4YjNmODQzMTJkZjQyMTI1NTk5MB4XDTIyMDEw
MTE0MDEyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjg5MTVmMTBhN2Ex
NmFiMWYyNGM1NDRlZDE2Y2EwYmY1MDk3YWY3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0FqDGmRJYSH2vsqNk5Xh+rPGrImq8W3KYCeYCEZSjVumwm
foM6/PAamkv962sPWEpXyBWg1I58/rqqEdLcBXvSznB39fcEbO//HJDoGhn/yTQ1
d4Uw/PmoQtyxS0J3Qf/SAlfSoCLoO6YUsHcdhAxLLt5rCy+U8olF5zKXaiIYwpqG
aFvc6rZtyBGH4tNonT0+GDvynPYunske3wsUHKgWX4tkWqOsNukqWgblW+4M/BGY
K/F9YmMszNGKxplreIFKdB/BlrJvOWvQNSZrlyAHmGNZR59F0P2i636dl3zMvByp
TY84irlYVa1FUbEaDKQA0/lDz51x5BK0eCf1r+kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQokV8Qp6FqsfJMVE7RbKC/UJevcjAfBgNVHSMEGDAWgBS/bB32YjdNSuzQ
yLP4QxLfQhJVmTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Yyd2Q5bUkzVFVyczBNaXotRU1TMzBJU1Zaay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvZmQyMjBiLTVmNzAtNDljMi05Y2M3LTkwODQxOWQzOTQwMS8x
L0tKRmZFS2VoYXJIeVRGUk8wV3lndjFDWHIzSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
ZmQyMjBiLTVmNzAtNDljMi05Y2M3LTkwODQxOWQzOTQwMS8xL3Yyd2Q5bUkzVFVy
czBNaXotRU1TMzBJU1Zaay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIhuDANBgkqhkiG9w0BAQsFAAOC
AQEAsDD34x9+6/B+BTBhJCFk1oJfZRg4DT67S07Y0hJQdvVhZioaVkAoClbZCiiK
WC/bD7YtZIcTyBYoAObkT2JBHjZN30tHQgL3y3kJPlbZ0JctAokqC6hNKKvhjdot
OJCVuQs7Sd9RKPJgNK2/PzVfK/X2Y01uk4aIdsQ/UjZ12zdLqPX4qeYdQ6jhDrK1
o89Eyzbh6hkBvb24X4dzBduKZwWNhRmUOFpmgBdzXgxt4gsUSHEAimLq8ZkhOxIy
TEwXcwhB00uCsjGOjzHztw1zpAiYWyezhNAH5K3OdsOcR1udJY7fOqRw8QqB91q5
huQA9lX+yaS1peGBRlSnj7bdAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:03 2024 by rpki-client on console-ams.rpki-client.org