Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/aae9a1-d05d-47ca-91de-d6d55c169e16/1/khfmXZ9tTSVgVbDOOqCVDScV3TE.roa
File: khfmXZ9tTSVgVbDOOqCVDScV3TE.roa (raw, json)
Hash identifier: YOr1heFNeIMfk28CqkVEf3lWZ76NLmWzOx+wD4oTJHE=
Subject key identifier: 92:17:E6:5D:9F:6D:4D:25:60:55:B0:CE:3A:A0:95:0D:27:15:DD:31
Certificate issuer: /CN=06c92df2c9faa2915fc5feb5a4270183419faef2
Certificate serial: 04222261
Authority key identifier: 06:C9:2D:F2:C9:FA:A2:91:5F:C5:FE:B5:A4:27:01:83:41:9F:AE:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bskt8sn6opFfxf61pCcBg0GfrvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/aae9a1-d05d-47ca-91de-d6d55c169e16/1/khfmXZ9tTSVgVbDOOqCVDScV3TE.roa
Signing time: Sat 01 Jan 2022 13:04:23 +0000
ROA not before: Sat 01 Jan 2022 13:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207241
IP address blocks: 193.200.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69345889 (0x4222261)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06c92df2c9faa2915fc5feb5a4270183419faef2
Validity
Not Before: Jan 1 13:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9217e65d9f6d4d256055b0ce3aa0950d2715dd31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d6:3f:b7:5c:1d:5e:99:d0:a9:16:1f:76:0c:
2a:b2:cf:0b:23:33:79:fa:a1:0a:72:4e:bd:36:cb:
59:44:77:f4:fa:09:1b:53:49:89:a2:36:29:42:35:
6c:c2:61:0e:cf:7b:fb:b0:e9:70:57:e3:18:ff:1b:
44:8a:a3:44:52:05:ac:2e:39:fd:74:31:99:7b:55:
ab:10:60:e9:46:aa:30:53:62:12:84:36:25:7f:65:
9b:65:36:ec:db:01:ad:2e:61:3e:5e:f4:60:19:c2:
1b:0f:90:34:9c:91:5e:b4:49:a0:ca:c4:cd:34:14:
09:b5:13:c7:0d:15:19:39:05:09:a6:08:c6:8e:ab:
54:e2:f5:0f:a7:1c:10:e1:75:8b:58:2f:bf:ac:13:
22:28:90:0e:65:37:1f:09:06:4e:05:5a:92:92:52:
6b:30:19:73:29:ed:9a:ae:81:24:4a:31:c5:49:6b:
3b:30:ea:fd:33:79:84:5c:87:60:4b:9f:0d:db:5f:
50:d2:e3:8e:e1:4a:fd:be:64:06:2f:be:1f:8c:8e:
79:c8:e0:89:fb:c5:aa:e2:c5:40:f5:a2:89:84:45:
3c:8c:24:0d:1a:c6:38:5e:d0:4d:87:73:25:0e:e2:
18:a7:93:ae:5e:dd:89:bf:37:6c:cf:31:60:75:23:
42:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:17:E6:5D:9F:6D:4D:25:60:55:B0:CE:3A:A0:95:0D:27:15:DD:31
X509v3 Authority Key Identifier:
keyid:06:C9:2D:F2:C9:FA:A2:91:5F:C5:FE:B5:A4:27:01:83:41:9F:AE:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bskt8sn6opFfxf61pCcBg0GfrvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/aae9a1-d05d-47ca-91de-d6d55c169e16/1/khfmXZ9tTSVgVbDOOqCVDScV3TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/aae9a1-d05d-47ca-91de-d6d55c169e16/1/Bskt8sn6opFfxf61pCcBg0GfrvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.181.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:a6:73:4e:79:ac:4e:da:43:65:aa:2e:d9:33:f9:44:49:0f:
cd:00:1d:98:df:e8:fa:93:45:29:d9:1b:fb:aa:a9:9d:cc:e4:
aa:5f:bf:0f:26:5b:1b:79:56:ce:18:7b:b7:e3:16:18:d5:ab:
1a:67:8e:5a:10:af:a6:2a:16:18:c0:4e:3d:7f:c5:f1:c7:56:
b9:d5:21:1a:be:e3:67:88:29:14:a3:9a:fd:7b:fa:29:5a:d4:
6e:60:d1:a7:43:e3:63:81:70:80:73:97:a8:99:dd:bb:14:f4:
58:d6:f8:ee:2a:fd:25:57:a1:6f:4c:4c:b0:57:c0:ba:49:bd:
86:76:cd:0c:0b:ff:8b:2a:a0:35:0d:16:f1:61:3e:29:92:7d:
73:b9:a4:5b:05:22:18:d6:f1:4a:28:16:8b:69:24:b3:1a:82:
9a:bf:75:b6:22:05:7d:5a:07:b9:e5:7b:99:cf:5a:16:12:46:
9f:96:a6:53:fd:7d:ef:a8:c6:42:92:33:ee:85:9b:f2:14:ba:
9b:d5:fd:6d:64:ad:47:10:03:94:ad:41:11:2e:b1:fb:49:0d:
ff:03:8d:6e:bf:54:d1:87:cd:07:a4:bc:ac:85:81:3b:28:1c:
40:db:4f:f6:0a:62:5b:10:93:ec:6f:46:ff:2c:32:ab:59:ee:
48:43:7a:07
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBCIiYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NmM5MmRmMmM5ZmFhMjkxNWZjNWZlYjVhNDI3MDE4MzQxOWZhZWYyMB4XDTIyMDEw
MTEzMDQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIxN2U2NWQ5ZjZk
NGQyNTYwNTViMGNlM2FhMDk1MGQyNzE1ZGQzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJnWP7dcHV6Z0KkWH3YMKrLPCyMzefqhCnJOvTbLWUR39PoJ
G1NJiaI2KUI1bMJhDs97+7DpcFfjGP8bRIqjRFIFrC45/XQxmXtVqxBg6UaqMFNi
EoQ2JX9lm2U27NsBrS5hPl70YBnCGw+QNJyRXrRJoMrEzTQUCbUTxw0VGTkFCaYI
xo6rVOL1D6ccEOF1i1gvv6wTIiiQDmU3HwkGTgVakpJSazAZcyntmq6BJEoxxUlr
OzDq/TN5hFyHYEufDdtfUNLjjuFK/b5kBi++H4yOecjgifvFquLFQPWiiYRFPIwk
DRrGOF7QTYdzJQ7iGKeTrl7dib83bM8xYHUjQlsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSSF+Zdn21NJWBVsM46oJUNJxXdMTAfBgNVHSMEGDAWgBQGyS3yyfqikV/F
/rWkJwGDQZ+u8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Jza3Q4c242b3BGZnhmNjFwQ2NCZzBHZnJ2SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvYWFlOWExLWQwNWQtNDdjYS05MWRlLWQ2ZDU1YzE2OWUxNi8x
L2toZm1YWjl0VFNWZ1ZiRE9PcUNWRFNjVjNURS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
YWFlOWExLWQwNWQtNDdjYS05MWRlLWQ2ZDU1YzE2OWUxNi8xL0Jza3Q4c242b3BG
ZnhmNjFwQ2NCZzBHZnJ2SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHItTANBgkqhkiG9w0BAQsFAAOC
AQEATaZzTnmsTtpDZaou2TP5REkPzQAdmN/o+pNFKdkb+6qpnczkql+/DyZbG3lW
zhh7t+MWGNWrGmeOWhCvpioWGMBOPX/F8cdWudUhGr7jZ4gpFKOa/Xv6KVrUbmDR
p0PjY4FwgHOXqJnduxT0WNb47ir9JVehb0xMsFfAukm9hnbNDAv/iyqgNQ0W8WE+
KZJ9c7mkWwUiGNbxSigWi2kksxqCmr91tiIFfVoHueV7mc9aFhJGn5amU/1976jG
QpIz7oWb8hS6m9X9bWStRxADlK1BES6x+0kN/wONbr9U0YfNB6S8rIWBOygcQNtP
9gpiWxCT7G9G/ywyq1nuSEN6Bw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:05 2023 by rpki-client on console-fra.rpki-client.org