Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/ktHmvVAWh0RKDJ2q3xoP_CfSwfs.roa
File: ktHmvVAWh0RKDJ2q3xoP_CfSwfs.roa (raw, json)
Hash identifier: U6EMXYJB6pClpvo6zHcd0ByRnsrpWUn/Ht1r1ubJktk=
Subject key identifier: 92:D1:E6:BD:50:16:87:44:4A:0C:9D:AA:DF:1A:0F:FC:27:D2:C1:FB
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 0184379C730ADEA1760EE1FE2D0A1EABE36E
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/ktHmvVAWh0RKDJ2q3xoP_CfSwfs.roa
Signing time: Wed 02 Nov 2022 09:11:50 +0000
ROA not before: Wed 02 Nov 2022 09:11:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59847
IP address blocks: 94.250.21.0/24 maxlen: 24
94.250.20.0/24 maxlen: 24
94.250.23.0/24 maxlen: 24
94.250.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:9c:73:0a:de:a1:76:0e:e1:fe:2d:0a:1e:ab:e3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Nov 2 09:11:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92d1e6bd501687444a0c9daadf1a0ffc27d2c1fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:89:08:28:76:c2:a0:93:57:2c:ac:73:18:0e:
2c:35:35:ef:6d:dc:b3:dd:cd:2e:a5:61:ea:2c:a2:
6b:9a:ea:66:cb:7d:02:3e:95:79:c8:34:12:f9:df:
4b:50:a0:d9:c0:e0:ea:89:62:84:19:ca:33:cb:13:
07:5b:1d:a5:e2:5e:53:1b:c3:c6:ca:f4:9b:c3:a5:
b4:8a:46:3f:89:ce:b6:72:c7:69:0e:f8:ca:41:ef:
c5:9f:68:e0:bb:59:78:3d:63:49:73:24:f0:2d:3b:
73:f3:e5:e0:b4:dd:15:55:ff:32:d6:c3:4c:a6:b2:
05:1c:c0:54:31:bb:72:66:bf:38:2b:bd:4d:b2:30:
53:e2:29:0f:13:ab:3e:da:4e:ae:1a:25:f0:80:ba:
da:a6:02:bc:e5:59:20:a7:23:69:37:c0:cc:ab:dd:
75:ed:37:93:a8:c0:13:f3:9d:af:f9:13:44:34:0e:
ce:23:7d:4f:a8:ce:8f:42:2c:94:60:37:5a:ac:99:
b0:57:57:80:4a:87:9f:95:6a:d0:d0:a3:79:b0:96:
a6:4e:e9:dc:4a:90:43:27:e2:ed:80:95:4d:1c:59:
a0:99:ea:6d:c6:de:28:04:c3:cc:8e:b8:49:05:f2:
72:c7:b9:82:7e:dc:3e:1c:47:97:0b:36:1d:fe:34:
1f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:D1:E6:BD:50:16:87:44:4A:0C:9D:AA:DF:1A:0F:FC:27:D2:C1:FB
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/ktHmvVAWh0RKDJ2q3xoP_CfSwfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.20.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:98:5e:5e:78:33:18:b8:25:e1:a0:d3:4f:df:6a:d8:b9:96:
3f:f0:c2:a4:f4:e4:ac:88:bb:48:7b:f5:20:c9:ad:a1:48:10:
4d:5c:21:f1:7f:0a:d3:c6:20:89:36:a9:17:af:8f:e8:be:b3:
80:61:66:89:e1:a8:3d:eb:69:eb:81:09:89:0f:e7:d4:86:d9:
79:0b:ce:b4:2c:b0:6c:9f:e0:26:b1:91:9c:c3:aa:2d:f5:7b:
1f:a6:33:b7:e0:57:11:77:94:8f:35:13:18:de:26:34:e0:8b:
eb:52:de:41:86:80:2b:c4:ed:94:42:42:57:d3:1d:f7:8f:69:
04:27:3c:ad:44:2a:5e:ac:f9:db:22:ae:7e:c3:90:b5:5d:03:
c4:25:91:93:8e:ff:8a:e6:2f:db:3f:03:7b:d2:aa:c4:70:96:
00:6e:41:d9:da:ee:24:18:e1:bb:4c:4e:1c:72:b5:2a:57:9c:
a4:5e:92:0c:24:6f:2e:f0:7f:39:8c:4c:1d:0a:10:7c:86:f9:
22:b8:6c:ca:13:30:07:8b:29:cf:9a:84:bb:26:97:ff:2b:9b:
84:f1:9c:df:cb:d6:db:9d:8d:ad:ff:74:be:96:6a:88:c1:e7:
33:08:ce:d8:e5:5c:72:4b:39:d5:e9:35:f5:42:f8:5d:4b:81:
c8:a1:3e:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ3nHMK3qF2DuH+LQoeq+NuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjIxMTAyMDkxMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmQxZTZiZDUwMTY4NzQ0NGEwYzlkYWFkZjFhMGZmYzI3ZDJjMWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlokIKHbCoJNXLKxzGA4sNTXvbdyz
3c0upWHqLKJrmupmy30CPpV5yDQS+d9LUKDZwODqiWKEGcozyxMHWx2l4l5TG8PG
yvSbw6W0ikY/ic62csdpDvjKQe/Fn2jgu1l4PWNJcyTwLTtz8+XgtN0VVf8y1sNM
prIFHMBUMbtyZr84K71NsjBT4ikPE6s+2k6uGiXwgLrapgK85VkgpyNpN8DMq911
7TeTqMAT852v+RNENA7OI31PqM6PQiyUYDdarJmwV1eASoeflWrQ0KN5sJamTunc
SpBDJ+LtgJVNHFmgmeptxt4oBMPMjrhJBfJyx7mCftw+HEeXCzYd/jQf+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJLR5r1QFodESgydqt8aD/wn0sH7MB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEva3RIbXZWQVdoMFJLREoycTN4b1BfQ2ZTd2ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXvoUMA0G
CSqGSIb3DQEBCwUAA4IBAQAOmF5eeDMYuCXhoNNP32rYuZY/8MKk9OSsiLtIe/Ug
ya2hSBBNXCHxfwrTxiCJNqkXr4/ovrOAYWaJ4ag962nrgQmJD+fUhtl5C860LLBs
n+AmsZGcw6ot9XsfpjO34FcRd5SPNRMY3iY04IvrUt5BhoArxO2UQkJX0x33j2kE
JzytRCperPnbIq5+w5C1XQPEJZGTjv+K5i/bPwN70qrEcJYAbkHZ2u4kGOG7TE4c
crUqV5ykXpIMJG8u8H85jEwdChB8hvkiuGzKEzAHiynPmoS7Jpf/K5uE8Zzfy9bb
nY2t/3S+lmqIweczCM7Y5VxySznV6TX1QvhdS4HIoT4H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:58 2024 by rpki-client on console-fra.rpki-client.org