Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/KC9E3V44EobAfosfShAcyZkOHsY.roa
File: KC9E3V44EobAfosfShAcyZkOHsY.roa (raw, json)
Hash identifier: +xowSbEkYColfVclWtLZ1vGW7BX8l90ovpiJetSkrHc=
Subject key identifier: 28:2F:44:DD:5E:38:12:86:C0:7E:8B:1F:4A:10:1C:C9:99:0E:1E:C6
Certificate issuer: /CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Certificate serial: 01850B402DDFC45397E89598BCCFD95540FD
Authority key identifier: D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/KC9E3V44EobAfosfShAcyZkOHsY.roa
Signing time: Tue 13 Dec 2022 11:30:33 +0000
ROA not before: Tue 13 Dec 2022 11:30:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24768
IP address blocks: 176.111.108.0/24 maxlen: 24
176.111.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:40:2d:df:c4:53:97:e8:95:98:bc:cf:d9:55:40:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Validity
Not Before: Dec 13 11:30:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=282f44dd5e381286c07e8b1f4a101cc9990e1ec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:37:6e:e5:f1:ba:22:9f:ee:ee:69:3c:b7:94:
a1:ba:b1:56:59:a5:e2:90:32:22:0e:e9:3a:5d:93:
6e:b4:51:c5:6e:53:8a:43:4b:b3:ef:19:d5:c0:6a:
a2:f1:a5:3e:01:35:6a:88:33:a4:87:ab:02:2f:9a:
94:67:cd:c4:ef:3e:66:32:7c:9b:6c:15:fe:cf:20:
3e:06:46:68:0a:9d:ce:b3:1a:65:58:68:99:8f:7e:
64:70:ee:bc:cd:98:d2:95:83:52:b1:00:ff:bd:9a:
b2:b1:ea:aa:6e:da:0d:45:0f:06:d7:5d:a3:17:1d:
f6:be:e2:d9:17:11:87:39:65:0e:d7:6d:ce:ef:35:
1f:f6:f9:67:61:ca:f3:eb:28:d6:db:d9:7f:fe:22:
74:44:7d:e8:ae:3b:99:a1:66:bb:b7:18:63:f7:26:
07:7b:25:01:27:a3:b5:d8:eb:be:73:c2:8e:34:00:
fe:61:de:43:1c:3f:19:44:a3:53:4f:16:b7:ec:5a:
85:5b:72:d4:54:15:3f:1a:bf:6e:69:c5:c2:f5:08:
ac:5e:92:1c:7e:b3:34:49:ff:53:46:d0:53:42:24:
35:3a:87:78:16:b9:87:84:71:92:49:60:e2:c6:74:
37:cb:4d:c9:dd:60:55:21:7e:a5:78:dd:b7:83:58:
5c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:2F:44:DD:5E:38:12:86:C0:7E:8B:1F:4A:10:1C:C9:99:0E:1E:C6
X509v3 Authority Key Identifier:
keyid:D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/KC9E3V44EobAfosfShAcyZkOHsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/01kqrEiVItXbGP1jkeA1qXeOo7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.111.108.0/22
Signature Algorithm: sha256WithRSAEncryption
76:40:7a:29:ec:19:68:db:9e:7a:50:d0:bf:65:66:45:90:5b:
0e:30:f1:1a:56:21:e7:6a:07:8d:26:37:57:d2:51:60:47:6c:
22:dd:f7:7c:d1:62:e6:af:f0:7e:96:01:0c:ac:de:9d:e8:b0:
db:71:71:13:55:fe:c2:c8:09:24:1a:d8:ce:b3:ee:13:f1:51:
53:f9:6a:ba:b7:66:f9:4b:56:79:a9:75:ab:b9:cd:e4:b2:d3:
d0:55:da:df:33:9f:c5:d3:a7:25:5e:21:8e:74:1b:80:bb:66:
bb:9b:e4:c0:44:51:b5:18:92:b0:1f:5a:2a:92:7a:ff:53:bb:
43:79:51:4a:b0:f9:f6:1f:6e:ad:e2:79:9c:62:0e:05:22:f8:
4e:41:cf:5b:19:54:65:87:11:7b:57:7d:32:30:de:9c:2d:1a:
ee:cc:e3:d7:87:b5:c6:a1:e3:34:a0:80:a5:af:c3:d2:32:2d:
26:e9:78:0b:38:77:37:04:a0:b0:71:51:b4:36:ee:0c:72:44:
7e:b2:5e:43:7f:b2:e6:48:41:1a:1c:ff:86:68:7c:7d:40:e6:
ee:3c:a4:cf:46:df:32:6c:71:af:9b:9b:13:46:be:2a:31:53:
e3:7b:1b:c9:1c:42:48:37:f9:1a:e1:ec:72:17:86:48:5c:37:
3c:71:49:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYULQC3fxFOX6JWYvM/ZVUD9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTkyYWFjNDg5NTIyZDVkYjE4ZmQ2MzkxZTAzNWE5Nzc4
ZWEzYjEwHhcNMjIxMjEzMTEzMDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODJmNDRkZDVlMzgxMjg2YzA3ZThiMWY0YTEwMWNjOTk5MGUxZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDdu5fG6Ip/u7mk8t5ShurFWWaXi
kDIiDuk6XZNutFHFblOKQ0uz7xnVwGqi8aU+ATVqiDOkh6sCL5qUZ83E7z5mMnyb
bBX+zyA+BkZoCp3OsxplWGiZj35kcO68zZjSlYNSsQD/vZqyseqqbtoNRQ8G112j
Fx32vuLZFxGHOWUO123O7zUf9vlnYcrz6yjW29l//iJ0RH3orjuZoWa7txhj9yYH
eyUBJ6O12Ou+c8KONAD+Yd5DHD8ZRKNTTxa37FqFW3LUVBU/Gr9uacXC9QisXpIc
frM0Sf9TRtBTQiQ1Ood4FrmHhHGSSWDixnQ3y03J3WBVIX6leN23g1hcTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgvRN1eOBKGwH6LH0oQHMmZDh7GMB8GA1UdIwQY
MBaAFNNZKqxIlSLV2xj9Y5HgNal3jqOxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFrcXJFaVZJdFhiR1AxamtlQTFxWGVPbzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YjEzZmUtZjYyZi00ZTkzLTgyMWUt
ZTMzYWUxMDZiNTRkLzEvS0M5RTNWNDRFb2JBZm9zZlNoQWN5WmtPSHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YjEzZmUtZjYyZi00ZTkzLTgyMWUtZTMzYWUxMDZiNTRk
LzEvMDFrcXJFaVZJdFhiR1AxamtlQTFxWGVPbzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsG9sMA0G
CSqGSIb3DQEBCwUAA4IBAQB2QHop7Blo2556UNC/ZWZFkFsOMPEaViHnageNJjdX
0lFgR2wi3fd80WLmr/B+lgEMrN6d6LDbcXETVf7CyAkkGtjOs+4T8VFT+Wq6t2b5
S1Z5qXWruc3kstPQVdrfM5/F06clXiGOdBuAu2a7m+TARFG1GJKwH1oqknr/U7tD
eVFKsPn2H26t4nmcYg4FIvhOQc9bGVRlhxF7V30yMN6cLRruzOPXh7XGoeM0oICl
r8PSMi0m6XgLOHc3BKCwcVG0Nu4MckR+sl5Df7LmSEEaHP+GaHx9QObuPKTPRt8y
bHGvm5sTRr4qMVPjexvJHEJIN/ka4exyF4ZIXDc8cUmv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:14 2024 by rpki-client on console-ams.rpki-client.org