Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/bccf75-c9dd-4cdd-9c12-b66164c7c9c0/1/KZxLrTpZOloPNG49bhu0qeKGuhs.roa
File: KZxLrTpZOloPNG49bhu0qeKGuhs.roa (raw, json)
Hash identifier: DpVgHthkLXdikB4ffHx66ORdOfOVQonV3c8eg+Zvtlg=
Subject key identifier: 29:9C:4B:AD:3A:59:3A:5A:0F:34:6E:3D:6E:1B:B4:A9:E2:86:BA:1B
Certificate issuer: /CN=0e0685868328ed6b59fdb800855b758d7e825612
Certificate serial: 62B4EA
Authority key identifier: 0E:06:85:86:83:28:ED:6B:59:FD:B8:00:85:5B:75:8D:7E:82:56:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DgaFhoMo7WtZ_bgAhVt1jX6CVhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/bccf75-c9dd-4cdd-9c12-b66164c7c9c0/1/KZxLrTpZOloPNG49bhu0qeKGuhs.roa
Signing time: Sat 01 Jan 2022 02:55:43 +0000
ROA not before: Sat 01 Jan 2022 02:55:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204035
IP address blocks: 146.19.118.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6468842 (0x62b4ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e0685868328ed6b59fdb800855b758d7e825612
Validity
Not Before: Jan 1 02:55:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=299c4bad3a593a5a0f346e3d6e1bb4a9e286ba1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2a:fb:7f:39:9a:59:19:0b:53:21:24:e7:29:
15:d4:28:7d:0f:4d:6a:80:ad:b3:b4:11:2b:07:d4:
eb:ed:da:27:25:2a:6e:3c:e6:5c:3f:bf:75:d7:07:
b4:8e:23:da:67:e8:9d:3e:3d:c6:2c:96:38:c5:a3:
41:91:0e:66:e2:e5:50:d4:42:1e:cc:59:38:da:a9:
6f:77:c5:f9:ae:ed:1f:3b:a3:bc:6a:61:91:19:93:
44:40:a6:58:32:da:d1:a7:58:19:88:0d:00:bc:16:
e0:12:6b:20:39:bc:f8:eb:8d:f0:3f:a7:24:11:46:
62:63:12:7e:5f:46:92:48:b8:44:93:e1:aa:e1:9c:
47:83:f7:f5:14:6a:69:09:65:6b:c3:85:ad:6e:c8:
54:aa:04:c8:7d:09:22:47:a9:61:47:55:56:c9:7c:
73:45:95:e0:c6:a0:81:d9:75:1f:5c:aa:0d:c8:bd:
00:da:06:6c:c1:9e:0c:49:d2:05:62:ba:62:da:07:
6e:62:af:b0:9c:9c:b7:7f:bb:7d:bc:e1:51:d7:e8:
5c:07:74:03:02:c6:42:12:ff:9d:1a:98:93:fd:de:
25:d9:85:df:0a:e5:35:cc:92:89:bc:7b:6a:33:a6:
c4:74:9c:61:fc:e8:83:f0:40:65:c8:1d:0e:54:d3:
bb:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9C:4B:AD:3A:59:3A:5A:0F:34:6E:3D:6E:1B:B4:A9:E2:86:BA:1B
X509v3 Authority Key Identifier:
keyid:0E:06:85:86:83:28:ED:6B:59:FD:B8:00:85:5B:75:8D:7E:82:56:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DgaFhoMo7WtZ_bgAhVt1jX6CVhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/bccf75-c9dd-4cdd-9c12-b66164c7c9c0/1/KZxLrTpZOloPNG49bhu0qeKGuhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/bccf75-c9dd-4cdd-9c12-b66164c7c9c0/1/DgaFhoMo7WtZ_bgAhVt1jX6CVhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.118.0/24
Signature Algorithm: sha256WithRSAEncryption
90:ce:49:11:21:e4:de:1f:b0:f7:3e:b5:02:b8:39:4e:15:81:
03:1f:99:ea:e6:04:38:e4:f0:63:f9:31:35:a2:47:71:44:12:
7a:b5:e0:89:2c:76:3a:3d:64:22:8c:a6:98:10:fd:1b:fa:b5:
b6:fb:a4:36:21:32:7d:98:a2:ad:26:00:ab:64:8e:0d:fb:16:
9a:45:21:47:bc:7b:a8:31:aa:8c:07:e1:01:e4:e4:44:09:f1:
4f:9e:83:04:60:b6:89:1f:d3:5a:f8:b5:18:3d:60:5e:31:1a:
ee:5e:f2:ad:3e:fb:53:15:a7:d7:f2:bb:b9:cf:62:11:85:d8:
1a:85:9d:18:31:db:2f:f3:e2:31:18:3e:4a:6e:a9:dd:55:b9:
32:fa:bc:2e:4d:75:b8:e3:bb:83:12:0e:8c:db:7a:92:11:73:
b7:b4:11:28:aa:e5:b9:ab:d6:20:8c:ce:cf:a9:b2:6a:46:07:
0a:77:bc:e7:8f:fd:1a:b3:8d:48:b0:ef:db:5f:7d:de:60:0c:
ef:dd:f4:8d:4b:32:62:1a:ff:c7:2b:84:85:04:fd:5c:8b:65:
ff:76:8e:ae:3b:9e:70:cb:1f:cb:68:37:25:93:61:e4:f5:c8:
81:2d:97:24:e5:e3:dc:a4:d3:60:ab:34:5d:2b:77:bd:7e:23:
2e:69:b6:d8
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDYrTqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBl
MDY4NTg2ODMyOGVkNmI1OWZkYjgwMDg1NWI3NThkN2U4MjU2MTIwHhcNMjIwMTAx
MDI1NTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOTljNGJhZDNhNTkz
YTVhMGYzNDZlM2Q2ZTFiYjRhOWUyODZiYTFiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvir7fzmaWRkLUyEk5ykV1Ch9D01qgK2ztBErB9Tr7donJSpu
POZcP7911we0jiPaZ+idPj3GLJY4xaNBkQ5m4uVQ1EIezFk42qlvd8X5ru0fO6O8
amGRGZNEQKZYMtrRp1gZiA0AvBbgEmsgObz4643wP6ckEUZiYxJ+X0aSSLhEk+Gq
4ZxHg/f1FGppCWVrw4WtbshUqgTIfQkiR6lhR1VWyXxzRZXgxqCB2XUfXKoNyL0A
2gZswZ4MSdIFYrpi2gduYq+wnJy3f7t9vOFR1+hcB3QDAsZCEv+dGpiT/d4l2YXf
CuU1zJKJvHtqM6bEdJxh/OiD8EBlyB0OVNO7nQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFCmcS606WTpaDzRuPW4btKnihrobMB8GA1UdIwQYMBaAFA4GhYaDKO1rWf24
AIVbdY1+glYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RGdhRmhvTW83V3RaX2JnQWhWdDFqWDZDVmhJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Yy9iY2NmNzUtYzlkZC00Y2RkLTljMTItYjY2MTY0YzdjOWMwLzEv
S1p4THJUcFpPbG9QTkc0OWJodTBxZUtHdWhzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9i
Y2NmNzUtYzlkZC00Y2RkLTljMTItYjY2MTY0YzdjOWMwLzEvRGdhRmhvTW83V3Ra
X2JnQWhWdDFqWDZDVmhJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhN2MA0GCSqGSIb3DQEBCwUAA4IB
AQCQzkkRIeTeH7D3PrUCuDlOFYEDH5nq5gQ45PBj+TE1okdxRBJ6teCJLHY6PWQi
jKaYEP0b+rW2+6Q2ITJ9mKKtJgCrZI4N+xaaRSFHvHuoMaqMB+EB5ORECfFPnoME
YLaJH9Na+LUYPWBeMRruXvKtPvtTFafX8ru5z2IRhdgahZ0YMdsv8+IxGD5Kbqnd
Vbky+rwuTXW447uDEg6M23qSEXO3tBEoquW5q9YgjM7PqbJqRgcKd7znj/0as41I
sO/bX33eYAzv3fSNSzJiGv/HK4SFBP1ci2X/do6uO55wyx/LaDclk2Hk9ciBLZck
5ePcpNNgqzRdK3e9fiMuabbY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:54 2023 by rpki-client on console-fra.rpki-client.org