Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/KMB9-FRnXR4yIxSiqd9e2bjsiXM.roa
File: KMB9-FRnXR4yIxSiqd9e2bjsiXM.roa (raw, json)
Hash identifier: 76BOTj5Bqk5Xl/dWxWqYlnHuJJTYjs++ASRpWBGu3/w=
Subject key identifier: 28:C0:7D:F8:54:67:5D:1E:32:23:14:A2:A9:DF:5E:D9:B8:EC:89:73
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01821DF603F69A600A247C8E9FFEB64B7159
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/KMB9-FRnXR4yIxSiqd9e2bjsiXM.roa
Signing time: Wed 20 Jul 2022 23:33:58 +0000
ROA not before: Wed 20 Jul 2022 23:33:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49181
IP address blocks: 188.130.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1d:f6:03:f6:9a:60:0a:24:7c:8e:9f:fe:b6:4b:71:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jul 20 23:33:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28c07df854675d1e322314a2a9df5ed9b8ec8973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6f:7e:f0:c2:10:37:d5:d6:76:e3:9f:33:c8:
d2:90:5d:1e:93:f9:3b:b5:0b:4d:da:33:44:13:c1:
05:c1:e2:3d:89:82:74:ac:c8:66:7e:0f:99:88:26:
a9:1d:a0:e2:71:4e:2b:8c:b6:25:80:16:ae:e6:e7:
69:fd:9c:91:24:d3:51:d4:53:e0:15:3b:3c:f2:00:
d0:05:81:dd:3e:a6:86:b1:36:f3:43:46:6f:66:3f:
65:1a:3b:7f:e3:19:85:38:fa:38:5f:3f:db:f2:33:
e1:9d:51:bc:0c:d4:45:c4:77:2c:52:8e:b0:22:14:
01:a9:c5:ba:eb:c8:9b:b2:fa:3b:97:2a:89:2f:9f:
d4:05:54:8a:36:d8:ea:ee:63:15:7e:97:a4:a0:cb:
fb:7d:a1:ed:65:e0:e7:19:b1:a7:cc:ad:f9:8a:1e:
ec:17:e2:b8:14:ba:94:c8:93:8a:57:89:4a:32:e7:
b8:f3:1d:95:1e:3f:7e:bf:8b:cf:ae:8c:d0:30:ee:
a5:ff:01:c3:00:22:81:51:82:e3:18:f0:a3:f8:ca:
ba:5d:a3:bf:a5:5a:50:6d:df:3c:e2:2b:7b:29:b6:
77:1c:b0:30:50:40:90:01:96:ee:dd:59:89:2e:eb:
af:73:be:be:a1:9e:c7:da:23:39:cd:b4:14:6e:67:
1a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C0:7D:F8:54:67:5D:1E:32:23:14:A2:A9:DF:5E:D9:B8:EC:89:73
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/KMB9-FRnXR4yIxSiqd9e2bjsiXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.254.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:4f:46:73:89:f6:c9:bd:ba:ca:bb:3f:f3:d0:dd:fc:c5:f8:
20:4c:5b:d2:1c:87:c7:c1:cd:6a:6c:8a:70:bc:49:eb:d6:31:
a6:fd:3d:70:5d:a9:3c:ba:08:7f:f1:07:50:90:70:43:fd:52:
1f:e2:60:44:c3:a0:35:dd:10:13:c6:01:b8:b8:bb:e1:34:7c:
90:10:e4:63:fd:5f:cd:c2:57:56:e9:61:99:6c:aa:05:df:9d:
88:d8:3f:57:1f:cd:65:8a:4d:26:81:bf:65:cf:27:21:0b:26:
ed:78:7e:d6:27:02:0e:22:bb:46:11:54:cc:54:31:b6:f3:8b:
10:cd:6c:6c:a1:17:ff:01:e3:5c:26:8c:6e:fd:37:81:6e:e8:
dc:a2:fa:4b:86:38:68:b3:3f:1c:e7:01:fc:62:2c:e1:87:63:
66:0f:89:29:09:81:89:03:44:b0:fc:c3:c1:e7:35:3c:37:e8:
5f:4d:53:89:19:4c:88:33:90:32:46:35:29:a3:6f:0d:30:6f:
d2:0f:ff:97:22:2a:eb:cd:6a:70:0d:03:85:fd:2f:cc:43:5f:
29:52:e8:5c:21:41:4b:c1:37:05:11:bb:92:59:8c:40:f0:f4:
7f:7f:7d:7b:aa:9d:36:29:7c:3b:d6:58:07:97:b1:ca:11:b6:
9f:d4:32:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYId9gP2mmAKJHyOn/62S3FZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjIwNzIwMjMzMzU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGMwN2RmODU0Njc1ZDFlMzIyMzE0YTJhOWRmNWVkOWI4ZWM4OTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm9+8MIQN9XWduOfM8jSkF0ek/k7
tQtN2jNEE8EFweI9iYJ0rMhmfg+ZiCapHaDicU4rjLYlgBau5udp/ZyRJNNR1FPg
FTs88gDQBYHdPqaGsTbzQ0ZvZj9lGjt/4xmFOPo4Xz/b8jPhnVG8DNRFxHcsUo6w
IhQBqcW668ibsvo7lyqJL5/UBVSKNtjq7mMVfpekoMv7faHtZeDnGbGnzK35ih7s
F+K4FLqUyJOKV4lKMue48x2VHj9+v4vProzQMO6l/wHDACKBUYLjGPCj+Mq6XaO/
pVpQbd884it7KbZ3HLAwUECQAZbu3VmJLuuvc76+oZ7H2iM5zbQUbmcaBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjAffhUZ10eMiMUoqnfXtm47IlzMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvS01COS1GUm5YUjR5SXhTaXFkOWUyYmpzaVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvIL+MA0G
CSqGSIb3DQEBCwUAA4IBAQCrT0ZzifbJvbrKuz/z0N38xfggTFvSHIfHwc1qbIpw
vEnr1jGm/T1wXak8ugh/8QdQkHBD/VIf4mBEw6A13RATxgG4uLvhNHyQEORj/V/N
wldW6WGZbKoF352I2D9XH81lik0mgb9lzychCybteH7WJwIOIrtGEVTMVDG284sQ
zWxsoRf/AeNcJoxu/TeBbujcovpLhjhosz8c5wH8Yizhh2NmD4kpCYGJA0Sw/MPB
5zU8N+hfTVOJGUyIM5AyRjUpo28NMG/SD/+XIirrzWpwDQOF/S/MQ18pUuhcIUFL
wTcFEbuSWYxA8PR/f317qp02KXw71lgHl7HKEbaf1DL5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org