Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/96937c-89c6-41dd-a7ad-d7f672e90a2e/1/KL4seTJGdfP_sRxVliedwglk2_s.roa
File: KL4seTJGdfP_sRxVliedwglk2_s.roa (raw, json)
Hash identifier: Yw3/M2h3e2ki0IDDgoSweoCO7MhyvQcVHdTREQ46+dM=
Subject key identifier: 28:BE:2C:79:32:46:75:F3:FF:B1:1C:55:96:27:9D:C2:09:64:DB:FB
Certificate issuer: /CN=e2a1bfcd9a43a0938ac213482731e5ea584890c0
Certificate serial: 24FC8D
Authority key identifier: E2:A1:BF:CD:9A:43:A0:93:8A:C2:13:48:27:31:E5:EA:58:48:90:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4qG_zZpDoJOKwhNIJzHl6lhIkMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/96937c-89c6-41dd-a7ad-d7f672e90a2e/1/KL4seTJGdfP_sRxVliedwglk2_s.roa
Signing time: Sat 01 Jan 2022 02:57:41 +0000
ROA not before: Sat 01 Jan 2022 02:57:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213373
IP address blocks: 146.19.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2423949 (0x24fc8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2a1bfcd9a43a0938ac213482731e5ea584890c0
Validity
Not Before: Jan 1 02:57:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28be2c79324675f3ffb11c5596279dc20964dbfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cc:9c:ea:8b:ad:41:3c:af:2c:43:9c:50:6c:
a6:8c:9e:72:71:05:3b:6f:f0:ea:61:14:3c:1c:d2:
ee:a8:65:19:41:2a:1b:57:d7:68:f7:c3:81:a3:af:
65:a6:26:e5:df:6f:65:bb:b0:8e:8a:25:ec:85:ae:
f7:64:bc:72:15:0b:3b:88:67:ce:eb:be:7a:05:9e:
f0:8f:12:b1:b8:4c:8e:28:33:de:7c:6a:91:f2:59:
e9:8b:10:b8:50:78:3e:ad:f9:ce:11:24:7a:37:15:
fa:bd:90:de:e8:02:8b:f5:94:fd:8a:45:7a:0f:fe:
6a:60:8b:d3:f3:0f:74:61:1d:69:35:15:f4:d0:5f:
d6:80:81:c8:b5:3c:c0:cc:cf:4a:5d:3d:be:91:ea:
25:d3:b4:29:9b:51:c2:a8:31:0e:23:ba:23:23:75:
ee:b1:a7:1f:23:47:dc:ae:9b:3e:65:70:cc:2d:19:
27:29:0c:09:0a:0a:45:91:07:d3:44:ae:76:f0:8e:
74:e4:6a:c7:a0:16:f6:bd:29:02:c8:5b:ae:dd:8a:
ad:9c:a7:66:11:1e:71:37:7d:dd:af:67:95:de:8a:
b9:db:c3:8f:ab:06:09:9b:bf:e1:c0:05:07:bb:f4:
1b:da:0e:ed:83:c9:43:15:4c:df:66:04:11:e9:a9:
d6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:BE:2C:79:32:46:75:F3:FF:B1:1C:55:96:27:9D:C2:09:64:DB:FB
X509v3 Authority Key Identifier:
keyid:E2:A1:BF:CD:9A:43:A0:93:8A:C2:13:48:27:31:E5:EA:58:48:90:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4qG_zZpDoJOKwhNIJzHl6lhIkMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/96937c-89c6-41dd-a7ad-d7f672e90a2e/1/KL4seTJGdfP_sRxVliedwglk2_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/96937c-89c6-41dd-a7ad-d7f672e90a2e/1/4qG_zZpDoJOKwhNIJzHl6lhIkMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.253.0/24
Signature Algorithm: sha256WithRSAEncryption
37:86:9d:27:e3:30:31:3d:e2:b5:31:5d:50:39:0d:7e:df:d7:
e8:99:64:91:9c:12:86:0d:c8:c9:56:6d:d7:46:ec:60:ed:d6:
7d:df:ec:a1:9a:9a:2e:c0:46:a2:e1:f9:31:b0:df:6e:cf:80:
e7:7f:27:a0:e4:22:e3:2c:ab:41:5d:7e:26:32:dd:8e:94:94:
cd:16:cc:4b:85:4b:a8:2c:d8:e8:cd:0d:40:b4:3d:2b:57:d9:
b8:51:04:33:0c:cf:07:44:dc:ca:2e:bd:61:41:04:fb:50:7e:
51:7f:0d:a8:07:73:0d:ce:f6:95:ee:49:5c:b6:a0:dc:a7:77:
20:43:dd:99:24:7b:54:95:ca:9c:fa:8d:83:15:a6:69:b9:99:
bc:24:ba:f7:b0:54:2c:1b:a3:52:05:6e:40:f2:c3:b9:1f:e6:
66:cb:50:84:89:51:cb:a0:a4:30:39:d3:c6:e2:76:80:14:be:
4c:fd:b3:8d:0e:0a:9b:58:e9:0d:44:2a:56:3e:5f:c2:ff:41:
1b:98:37:17:91:ba:5b:6b:25:67:5e:24:f6:69:2a:37:85:40:
12:18:6c:9b:c7:b1:c8:ec:5a:5f:6c:3f:20:26:28:b5:7c:fa:
d6:f0:bb:63:44:c1:16:ef:1c:b0:fe:c8:7a:e4:85:72:5a:17:
80:f0:e4:36
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDJPyNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGUy
YTFiZmNkOWE0M2EwOTM4YWMyMTM0ODI3MzFlNWVhNTg0ODkwYzAwHhcNMjIwMTAx
MDI1NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOGJlMmM3OTMyNDY3
NWYzZmZiMTFjNTU5NjI3OWRjMjA5NjRkYmZiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxcyc6outQTyvLEOcUGymjJ5ycQU7b/DqYRQ8HNLuqGUZQSob
V9do98OBo69lpibl329lu7COiiXsha73ZLxyFQs7iGfO6756BZ7wjxKxuEyOKDPe
fGqR8lnpixC4UHg+rfnOESR6NxX6vZDe6AKL9ZT9ikV6D/5qYIvT8w90YR1pNRX0
0F/WgIHItTzAzM9KXT2+keol07Qpm1HCqDEOI7ojI3XusacfI0fcrps+ZXDMLRkn
KQwJCgpFkQfTRK528I505GrHoBb2vSkCyFuu3YqtnKdmER5xN33dr2eV3oq528OP
qwYJm7/hwAUHu/Qb2g7tg8lDFUzfZgQR6anW/wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFCi+LHkyRnXz/7EcVZYnncIJZNv7MB8GA1UdIwQYMBaAFOKhv82aQ6CTisIT
SCcx5epYSJDAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NHFHX3pacERvSk9Ld2hOSUp6SGw2bGhJa01BLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83Ny85NjkzN2MtODljNi00MWRkLWE3YWQtZDdmNjcyZTkwYTJlLzEv
S0w0c2VUSkdkZlBfc1J4VmxpZWR3Z2xrMl9zLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85
NjkzN2MtODljNi00MWRkLWE3YWQtZDdmNjcyZTkwYTJlLzEvNHFHX3pacERvSk9L
d2hOSUp6SGw2bGhJa01BLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhP9MA0GCSqGSIb3DQEBCwUAA4IB
AQA3hp0n4zAxPeK1MV1QOQ1+39fomWSRnBKGDcjJVm3XRuxg7dZ93+yhmpouwEai
4fkxsN9uz4Dnfyeg5CLjLKtBXX4mMt2OlJTNFsxLhUuoLNjozQ1AtD0rV9m4UQQz
DM8HRNzKLr1hQQT7UH5Rfw2oB3MNzvaV7klctqDcp3cgQ92ZJHtUlcqc+o2DFaZp
uZm8JLr3sFQsG6NSBW5A8sO5H+Zmy1CEiVHLoKQwOdPG4naAFL5M/bONDgqbWOkN
RCpWPl/C/0EbmDcXkbpbayVnXiT2aSo3hUASGGybx7HI7FpfbD8gJii1fPrW8Ltj
RMEW7xyw/sh65IVyWheA8OQ2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:44 2023 by rpki-client on console-ams.rpki-client.org