Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/Kj7nUs_XLnMPu5yotSdJlT9o5VI.roa
File: Kj7nUs_XLnMPu5yotSdJlT9o5VI.roa (raw, json)
Hash identifier: sCPbcSnEuOdhOrGmQ/VGhNPQUBDxn0T8UBIerA4pTPk=
Subject key identifier: 2A:3E:E7:52:CF:D7:2E:73:0F:BB:9C:A8:B5:27:49:95:3F:68:E5:52
Certificate issuer: /CN=1fc4927ab194ae1237fde2d3bef69038893f0dc5
Certificate serial: 01D03B32
Authority key identifier: 1F:C4:92:7A:B1:94:AE:12:37:FD:E2:D3:BE:F6:90:38:89:3F:0D:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H8SSerGUrhI3_eLTvvaQOIk_DcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/Kj7nUs_XLnMPu5yotSdJlT9o5VI.roa
Signing time: Sat 01 Jan 2022 04:01:12 +0000
ROA not before: Sat 01 Jan 2022 04:01:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15472
IP address blocks: 62.100.64.0/21 maxlen: 21
185.193.188.0/22 maxlen: 22
62.100.72.0/23 maxlen: 23
62.100.85.0/24 maxlen: 24
62.100.88.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30423858 (0x1d03b32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fc4927ab194ae1237fde2d3bef69038893f0dc5
Validity
Not Before: Jan 1 04:01:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a3ee752cfd72e730fbb9ca8b52749953f68e552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:39:9a:a9:b8:27:cd:6b:1c:87:67:25:88:dc:
be:4e:c9:26:be:ec:ca:b1:b7:a0:b5:41:12:11:20:
49:a9:3f:1c:19:d8:4d:4c:e4:ef:33:1b:e0:33:8f:
64:27:88:c0:ee:93:a3:5b:ce:ff:a1:92:0f:10:0b:
92:95:9b:07:fc:53:90:91:ac:44:91:91:7d:3f:a6:
30:aa:f3:21:11:00:18:5b:5b:17:84:65:fc:38:2b:
98:e0:08:13:af:7b:b1:e7:b4:82:11:3a:8e:f7:9f:
d5:7c:2d:e5:39:b2:9f:3f:de:ed:cd:2d:bb:d9:bf:
04:57:d2:97:29:5a:1b:9a:cb:77:c2:eb:69:8e:e2:
c2:59:8f:a8:b8:02:cb:67:d8:f9:fe:43:42:89:63:
1f:5d:53:fa:ae:64:ec:91:5d:87:7c:dc:f6:ed:9e:
b3:ae:ff:95:27:57:33:5f:c5:92:8c:34:31:09:68:
06:a3:18:92:48:4a:0a:a6:c5:c6:be:ca:bb:41:d2:
cd:a7:ee:c3:a7:b4:97:30:96:25:bf:75:a6:de:14:
e5:40:1b:72:cb:42:8b:ab:10:07:85:4a:92:4b:1d:
b3:aa:8f:c7:ae:a7:e7:39:a6:9c:35:b4:ec:14:8f:
4a:2f:6d:c6:e7:f9:f1:a0:64:40:f2:0b:50:42:b1:
65:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:3E:E7:52:CF:D7:2E:73:0F:BB:9C:A8:B5:27:49:95:3F:68:E5:52
X509v3 Authority Key Identifier:
keyid:1F:C4:92:7A:B1:94:AE:12:37:FD:E2:D3:BE:F6:90:38:89:3F:0D:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H8SSerGUrhI3_eLTvvaQOIk_DcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/Kj7nUs_XLnMPu5yotSdJlT9o5VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/H8SSerGUrhI3_eLTvvaQOIk_DcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.100.64.0-62.100.73.255
62.100.85.0/24
62.100.88.0/21
185.193.188.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:dd:bc:8e:80:d3:15:d8:59:b6:1f:0b:d8:21:94:e4:c1:b3:
19:44:31:e2:eb:bc:01:78:99:2b:f0:a8:18:c5:f3:34:21:3f:
98:0c:d3:8a:46:ab:b3:5c:03:c9:1f:7a:f3:27:e4:5b:80:aa:
23:22:40:be:6b:c6:fc:f7:7f:8a:31:2d:27:84:9d:3d:51:a8:
8a:d7:93:ff:92:70:b0:77:67:24:eb:94:f2:9b:31:3a:5d:08:
7e:b7:88:d1:2e:09:a4:8e:bf:48:58:fe:af:c3:25:70:89:5a:
17:4a:03:f6:bd:a9:c6:41:c4:b7:97:8d:9c:ec:05:02:dd:27:
b5:3f:0d:6b:b1:a1:75:b0:46:05:e2:aa:a9:6e:20:26:3f:41:
be:ee:39:8f:07:e8:82:6a:9c:f6:16:2e:a2:66:1f:06:b7:2c:
f7:c2:87:61:8f:32:43:58:b0:61:7d:b9:97:b3:1c:ca:92:34:
37:66:27:4c:84:40:96:49:30:b6:45:43:04:60:70:ac:bf:29:
5e:53:c6:9c:33:99:e1:bb:97:9c:ec:02:39:17:c1:c5:e5:dc:
86:aa:2c:37:f7:ca:08:00:03:56:15:a8:67:f5:49:88:c6:a7:
1b:d0:ab:5c:46:5d:c1:69:f8:aa:9f:66:cd:c1:0d:d0:31:0f:
f9:dd:ce:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEAdA7MjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZmM0OTI3YWIxOTRhZTEyMzdmZGUyZDNiZWY2OTAzODg5M2YwZGM1MB4XDTIyMDEw
MTA0MDExMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmEzZWU3NTJjZmQ3
MmU3MzBmYmI5Y2E4YjUyNzQ5OTUzZjY4ZTU1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKo5mqm4J81rHIdnJYjcvk7JJr7syrG3oLVBEhEgSak/HBnY
TUzk7zMb4DOPZCeIwO6To1vO/6GSDxALkpWbB/xTkJGsRJGRfT+mMKrzIREAGFtb
F4Rl/DgrmOAIE697see0ghE6jvef1Xwt5Tmynz/e7c0tu9m/BFfSlylaG5rLd8Lr
aY7iwlmPqLgCy2fY+f5DQoljH11T+q5k7JFdh3zc9u2es67/lSdXM1/Fkow0MQlo
BqMYkkhKCqbFxr7Ku0HSzafuw6e0lzCWJb91pt4U5UAbcstCi6sQB4VKkksds6qP
x66n5zmmnDW07BSPSi9txuf58aBkQPILUEKxZRMCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQqPudSz9cucw+7nKi1J0mVP2jlUjAfBgNVHSMEGDAWgBQfxJJ6sZSuEjf9
4tO+9pA4iT8NxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0g4U1NlckdVcmhJM19lTFR2dmFRT0lrX0RjVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvOTQzZDVkLTU2MGMtNDMxNC1hZjgyLThiOGEwMWJkNzQxNC8x
L0tqN25Vc19YTG5NUHU1eW90U2RKbFQ5bzVWSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
OTQzZDVkLTU2MGMtNDMxNC1hZjgyLThiOGEwMWJkNzQxNC8xL0g4U1NlckdVcmhJ
M19lTFR2dmFRT0lrX0RjVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQGPmRAAwQBPmRIAwQAPmRVAwQD
PmRYAwQCucG8MA0GCSqGSIb3DQEBCwUAA4IBAQCm3byOgNMV2Fm2HwvYIZTkwbMZ
RDHi67wBeJkr8KgYxfM0IT+YDNOKRquzXAPJH3rzJ+RbgKojIkC+a8b893+KMS0n
hJ09UaiK15P/knCwd2ck65TymzE6XQh+t4jRLgmkjr9IWP6vwyVwiVoXSgP2vanG
QcS3l42c7AUC3Se1Pw1rsaF1sEYF4qqpbiAmP0G+7jmPB+iCapz2Fi6iZh8Gtyz3
wodhjzJDWLBhfbmXsxzKkjQ3ZidMhECWSTC2RUMEYHCsvyleU8acM5nhu5ec7AI5
F8HF5dyGqiw398oIAANWFahn9UmIxqcb0KtcRl3Bafiqn2bNwQ3QMQ/53c5I
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:46 2023 by rpki-client on console-fra.rpki-client.org