Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/dwLkFTirqxbcuUM9SI--KkAkQ3s.roa
File: dwLkFTirqxbcuUM9SI--KkAkQ3s.roa (raw, json)
Hash identifier: NQRzBelp9nX3ELnXuslg97rSwUGhGwl7PAPEkKYPIQc=
Subject key identifier: 77:02:E4:15:38:AB:AB:16:DC:B9:43:3D:48:8F:BE:2A:40:24:43:7B
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 13203510
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/dwLkFTirqxbcuUM9SI--KkAkQ3s.roa
Signing time: Sat 01 Jan 2022 04:02:51 +0000
ROA not before: Sat 01 Jan 2022 04:02:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 212.87.192.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 320877840 (0x13203510)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 1 04:02:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7702e41538abab16dcb9433d488fbe2a4024437b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:48:31:49:5a:a8:bd:eb:53:d9:b1:84:1e:64:
8b:c4:3f:5a:3f:2a:1a:a6:18:a1:95:79:67:c1:31:
48:a6:a9:de:53:72:3c:9f:2b:48:90:b1:fa:4b:38:
13:68:07:cf:93:b8:14:64:aa:85:75:a8:d3:12:b2:
6d:68:50:b9:8e:28:08:4a:c3:30:f9:47:5e:4b:1c:
8b:65:ac:65:34:1d:85:c9:46:55:f9:f8:e1:12:95:
f9:f9:c8:33:0c:5d:ee:dc:55:8f:0e:d2:33:d6:3f:
2c:74:b0:df:e4:25:2e:2d:06:85:a7:40:23:ae:68:
13:d0:bb:04:06:0d:8c:3a:89:94:e7:21:19:7d:89:
89:5a:06:68:86:25:7e:1f:12:7d:5f:97:9f:6f:46:
23:a3:fe:cb:ff:39:7d:70:60:91:c2:34:e3:07:94:
74:67:f4:7d:c5:84:96:30:31:a6:38:20:10:a7:af:
02:87:17:58:0f:4a:e7:d2:2a:8b:72:9d:82:db:9f:
47:31:5d:ec:e1:05:25:21:b8:5f:ac:33:90:26:7d:
1b:ae:d0:2a:96:17:a9:8b:73:8c:b8:34:af:2b:34:
db:a7:90:57:43:78:35:db:59:48:09:5a:cf:11:9a:
dd:7a:e9:37:2d:7f:85:51:b0:8c:50:d0:d9:1f:81:
22:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:02:E4:15:38:AB:AB:16:DC:B9:43:3D:48:8F:BE:2A:40:24:43:7B
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/dwLkFTirqxbcuUM9SI--KkAkQ3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:ff:6b:7f:7c:3c:fb:0d:e2:b3:c0:a8:2d:a4:44:a5:55:56:
81:6c:51:3a:4e:b8:6b:04:19:df:dd:4c:b8:cd:41:ef:5f:1b:
85:2a:86:16:7a:95:a6:3a:0c:46:a9:96:63:3e:ab:04:4c:de:
1e:fc:a6:df:83:d6:98:cd:56:06:4f:c7:fc:05:5d:cd:4b:05:
82:ec:ef:07:b6:92:ed:a4:df:a7:59:b0:02:8e:08:c3:62:b3:
fa:f5:d3:a7:b2:63:d8:6e:1d:17:34:be:bf:d6:1a:69:7a:89:
dc:20:a4:a6:36:94:7a:c5:a9:8d:59:aa:ca:6d:8f:6c:2f:59:
5a:5f:86:53:0f:04:ab:89:bc:41:ca:4d:55:bf:1f:f3:f7:2b:
04:83:63:8c:51:47:44:f4:40:bc:47:12:61:63:f2:30:53:00:
a5:53:f0:5b:dc:ba:d6:49:d9:0f:ae:18:eb:6b:b8:27:b8:05:
66:ce:59:e3:a0:bd:cc:fb:d5:80:bc:ac:a6:5f:a5:8d:8b:8b:
0b:8c:1f:58:b5:59:d9:d6:45:ac:fd:1d:ef:1a:76:35:30:fc:
ff:cb:b0:68:c3:41:28:3e:10:23:ac:37:35:41:26:6f:85:5f:
b4:c0:14:60:4a:c7:d0:f9:66:64:07:74:3d:ad:35:67:67:be:
36:1e:ca:41
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEyA1EDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDEw
MTA0MDI1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzcwMmU0MTUzOGFi
YWIxNmRjYjk0MzNkNDg4ZmJlMmE0MDI0NDM3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOpIMUlaqL3rU9mxhB5ki8Q/Wj8qGqYYoZV5Z8ExSKap3lNy
PJ8rSJCx+ks4E2gHz5O4FGSqhXWo0xKybWhQuY4oCErDMPlHXksci2WsZTQdhclG
Vfn44RKV+fnIMwxd7txVjw7SM9Y/LHSw3+QlLi0GhadAI65oE9C7BAYNjDqJlOch
GX2JiVoGaIYlfh8SfV+Xn29GI6P+y/85fXBgkcI04weUdGf0fcWEljAxpjggEKev
AocXWA9K59Iqi3KdgtufRzFd7OEFJSG4X6wzkCZ9G67QKpYXqYtzjLg0rys026eQ
V0N4NdtZSAlazxGa3XrpNy1/hVGwjFDQ2R+BIgECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR3AuQVOKurFty5Qz1Ij74qQCRDezAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L2R3TGtGVGlycXhiY3VVTTlTSS0tS2tBa1Ezcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtRXwDANBgkqhkiG9w0BAQsFAAOC
AQEATf9rf3w8+w3is8CoLaREpVVWgWxROk64awQZ391MuM1B718bhSqGFnqVpjoM
RqmWYz6rBEzeHvym34PWmM1WBk/H/AVdzUsFguzvB7aS7aTfp1mwAo4Iw2Kz+vXT
p7Jj2G4dFzS+v9YaaXqJ3CCkpjaUesWpjVmqym2PbC9ZWl+GUw8Eq4m8QcpNVb8f
8/crBINjjFFHRPRAvEcSYWPyMFMApVPwW9y61knZD64Y62u4J7gFZs5Z46C9zPvV
gLyspl+ljYuLC4wfWLVZ2dZFrP0d7xp2NTD8/8uwaMNBKD4QI6w3NUEmb4VftMAU
YErH0PlmZAd0Pa01Z2e+Nh7KQQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org