Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/keKs8A_vfzhNumXsR7OfOGPVvoE.roa
File: keKs8A_vfzhNumXsR7OfOGPVvoE.roa (raw, json)
Hash identifier: sTJCiR7/lcEaq9MCJllWfYoaDj9sUAdil+V02z0jwGY=
Subject key identifier: 91:E2:AC:F0:0F:EF:7F:38:4D:BA:65:EC:47:B3:9F:38:63:D5:BE:81
Certificate issuer: /CN=cbf23be1115f022aa269d9cea439bb8b492307e2
Certificate serial: 1791EC4F
Authority key identifier: CB:F2:3B:E1:11:5F:02:2A:A2:69:D9:CE:A4:39:BB:8B:49:23:07:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_I74RFfAiqiadnOpDm7i0kjB-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/keKs8A_vfzhNumXsR7OfOGPVvoE.roa
Signing time: Sat 01 Jan 2022 02:59:05 +0000
ROA not before: Sat 01 Jan 2022 02:59:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 185.64.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 395439183 (0x1791ec4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbf23be1115f022aa269d9cea439bb8b492307e2
Validity
Not Before: Jan 1 02:59:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91e2acf00fef7f384dba65ec47b39f3863d5be81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:84:28:e6:56:12:61:3d:e0:ea:8d:97:e6:12:
28:0b:06:87:5e:c9:ec:c4:7d:ed:cf:35:82:14:01:
46:7a:c3:d6:ef:a1:28:e7:1d:c7:a8:81:eb:a6:3f:
68:71:68:05:0e:e4:37:fd:ab:47:d4:12:0a:88:cd:
b8:44:ee:77:5b:3c:82:23:58:4f:e6:59:3a:bf:70:
0f:55:5a:85:1f:fc:e3:d9:67:d4:59:ec:ba:45:76:
7f:b6:2d:7d:bd:8e:f3:79:c9:97:81:ce:8e:f5:b5:
11:0b:fe:db:bc:44:c3:ff:4b:3d:57:1d:0f:be:53:
a7:70:28:b0:fe:25:78:dc:0e:41:17:e6:5b:f1:6f:
6d:b7:c2:23:44:2e:70:79:6b:e8:19:cd:0c:a8:04:
c1:40:42:e7:e1:53:de:96:ad:59:01:f1:1c:55:8f:
8f:ba:05:9e:85:b2:2c:12:32:e5:99:4b:2d:ef:fd:
92:dd:a9:d7:63:a0:ce:01:1a:46:4a:76:8d:cd:cb:
eb:70:6c:28:37:1e:79:68:e4:ba:e3:99:25:0d:0f:
00:5b:87:98:f4:2c:5d:ad:af:40:47:e8:eb:c7:c8:
40:2d:8d:a9:14:47:38:b3:00:80:d9:d2:4a:ab:f0:
c6:c3:4b:36:15:5d:07:0c:48:c0:03:ad:35:a1:35:
f8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E2:AC:F0:0F:EF:7F:38:4D:BA:65:EC:47:B3:9F:38:63:D5:BE:81
X509v3 Authority Key Identifier:
keyid:CB:F2:3B:E1:11:5F:02:2A:A2:69:D9:CE:A4:39:BB:8B:49:23:07:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_I74RFfAiqiadnOpDm7i0kjB-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/keKs8A_vfzhNumXsR7OfOGPVvoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/y_I74RFfAiqiadnOpDm7i0kjB-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.252.0/22
Signature Algorithm: sha256WithRSAEncryption
72:37:ae:f7:64:27:e0:d0:09:66:be:47:44:85:15:75:3e:f2:
29:f0:4e:38:39:22:40:55:59:79:16:9b:e5:2e:e5:35:cd:a7:
1e:37:49:26:3f:9d:7f:a3:ce:08:7d:70:3c:66:a6:01:0e:33:
b5:96:ef:64:f0:e6:0a:92:d4:b8:5b:b8:bf:7b:0b:ad:31:d1:
e9:37:e6:de:b0:8c:a0:ef:07:17:2a:9e:1c:54:28:73:64:3b:
23:4e:7e:e9:61:b6:db:94:83:78:0b:85:f1:21:75:d0:a4:9e:
fd:a9:10:4d:9b:5c:a1:f1:2b:ae:1e:06:3c:e6:4c:a5:7c:08:
52:9e:23:e8:43:48:44:15:50:96:9b:73:74:d0:f0:0e:53:6f:
c2:e2:14:a5:ff:fc:db:69:a5:f8:45:2a:8c:7c:77:28:7a:9a:
92:ba:ac:2c:26:43:50:8c:0f:a8:b9:3f:51:7d:4e:a6:22:db:
71:16:0c:dc:28:9b:01:6b:43:1a:ce:8e:e2:7c:2b:23:44:7d:
7c:e6:51:71:f1:86:bc:78:ef:a6:17:1d:26:db:37:48:38:a0:
ee:71:93:59:b8:ec:59:ed:d3:84:11:27:00:9d:b8:0c:ae:fc:
4d:bb:56:4b:ee:d4:ee:a8:e8:55:a7:81:95:1a:97:cd:12:26:
f9:fa:d9:71
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF5HsTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YmYyM2JlMTExNWYwMjJhYTI2OWQ5Y2VhNDM5YmI4YjQ5MjMwN2UyMB4XDTIyMDEw
MTAyNTkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFlMmFjZjAwZmVm
N2YzODRkYmE2NWVjNDdiMzlmMzg2M2Q1YmU4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOiEKOZWEmE94OqNl+YSKAsGh17J7MR97c81ghQBRnrD1u+h
KOcdx6iB66Y/aHFoBQ7kN/2rR9QSCojNuETud1s8giNYT+ZZOr9wD1VahR/849ln
1FnsukV2f7Ytfb2O83nJl4HOjvW1EQv+27xEw/9LPVcdD75Tp3AosP4leNwOQRfm
W/FvbbfCI0QucHlr6BnNDKgEwUBC5+FT3patWQHxHFWPj7oFnoWyLBIy5ZlLLe/9
kt2p12OgzgEaRkp2jc3L63BsKDceeWjkuuOZJQ0PAFuHmPQsXa2vQEfo68fIQC2N
qRRHOLMAgNnSSqvwxsNLNhVdBwxIwAOtNaE1+P8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSR4qzwD+9/OE26ZexHs584Y9W+gTAfBgNVHSMEGDAWgBTL8jvhEV8CKqJp
2c6kObuLSSMH4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lfSTc0UkZmQWlxaWFkbk9wRG03aTBrakItSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvNTYzMTNmLWVjNGUtNGMxYy1iMzg4LWJlMzI1MmFjNDk4MC8x
L2tlS3M4QV92ZnpoTnVtWHNSN09mT0dQVnZvRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
NTYzMTNmLWVjNGUtNGMxYy1iMzg4LWJlMzI1MmFjNDk4MC8xL3lfSTc0UkZmQWlx
aWFkbk9wRG03aTBrakItSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlA/DANBgkqhkiG9w0BAQsFAAOC
AQEAcjeu92Qn4NAJZr5HRIUVdT7yKfBOODkiQFVZeRab5S7lNc2nHjdJJj+df6PO
CH1wPGamAQ4ztZbvZPDmCpLUuFu4v3sLrTHR6Tfm3rCMoO8HFyqeHFQoc2Q7I05+
6WG225SDeAuF8SF10KSe/akQTZtcofErrh4GPOZMpXwIUp4j6ENIRBVQlptzdNDw
DlNvwuIUpf/822ml+EUqjHx3KHqakrqsLCZDUIwPqLk/UX1OpiLbcRYM3CibAWtD
Gs6O4nwrI0R9fOZRcfGGvHjvphcdJts3SDig7nGTWbjsWe3ThBEnAJ24DK78TbtW
S+7U7qjoVaeBlRqXzRIm+frZcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:28 2024 by rpki-client on console-ams.rpki-client.org