Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/kuJrF9WezNufIzo_x62pJKsUphI.roa
File: kuJrF9WezNufIzo_x62pJKsUphI.roa (raw, json)
Hash identifier: iaXhZD/6hKAcnxJjxLYwXNuyJdgZeKaPAjWvaMAaNSA=
Subject key identifier: 92:E2:6B:17:D5:9E:CC:DB:9F:23:3A:3F:C7:AD:A9:24:AB:14:A6:12
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 05C3633C
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/kuJrF9WezNufIzo_x62pJKsUphI.roa
Signing time: Sat 01 Jan 2022 11:59:16 +0000
ROA not before: Sat 01 Jan 2022 11:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209411
IP address blocks: 209.16.142.0/23 maxlen: 23
45.141.168.0/22 maxlen: 24
2a0e:ce40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96691004 (0x5c3633c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Jan 1 11:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92e26b17d59eccdb9f233a3fc7ada924ab14a612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:fc:6d:87:e5:b0:b3:f7:36:6f:7b:80:7c:44:
ca:ae:8b:1b:17:c8:38:a2:25:cc:cc:8c:69:ef:aa:
41:28:e9:ea:39:85:c8:74:5b:eb:b6:26:c8:c8:13:
b0:ef:ea:ec:29:22:e0:1e:e1:76:47:85:b4:cd:8f:
4a:73:f4:c2:bd:8a:9a:9e:33:87:90:86:51:41:07:
4e:8d:b2:a6:a4:1d:8b:dc:31:69:82:3e:d5:cf:57:
01:bc:0c:9b:7b:b4:3a:03:f3:4f:a0:d1:9f:ee:85:
ab:26:72:dd:bc:a5:ad:9f:ba:63:8a:e6:9e:a2:6f:
ad:9a:13:2f:63:70:e2:c3:2e:ee:df:25:cb:95:1b:
e6:ef:78:e0:61:2b:fb:c7:54:a1:17:22:eb:3b:36:
36:f0:8c:98:21:34:20:fc:df:c7:79:80:85:80:87:
62:a1:8f:1b:8d:e5:c6:e9:6d:33:60:ee:63:25:5a:
30:ee:9c:74:ca:12:8d:22:66:13:93:d8:8e:86:b2:
75:90:f5:ac:bd:45:2a:a7:1d:b3:23:08:00:ac:1c:
a7:ec:fe:c9:1a:3b:eb:b9:49:ec:dd:78:e8:4c:1d:
65:0b:f1:99:a5:97:fa:cc:ca:bc:f2:f4:ab:61:57:
8a:9c:38:77:7c:aa:69:8c:2b:02:ee:eb:03:7a:76:
8e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E2:6B:17:D5:9E:CC:DB:9F:23:3A:3F:C7:AD:A9:24:AB:14:A6:12
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/kuJrF9WezNufIzo_x62pJKsUphI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.168.0/22
209.16.142.0/23
IPv6:
2a0e:ce40::/29
Signature Algorithm: sha256WithRSAEncryption
91:0f:83:97:03:e9:57:df:bf:8b:98:f7:be:a7:fa:4f:bc:17:
9f:9d:e9:45:4e:5d:09:2f:f7:bb:f3:3d:41:de:db:09:f6:56:
38:2f:c6:29:7b:ce:bd:41:9b:3a:d2:08:2b:ec:43:98:c1:55:
ca:02:57:87:e7:61:9c:9d:5d:6b:1e:1e:9a:e8:45:91:7c:b7:
31:8d:54:3e:bf:10:dd:5a:0b:9d:d7:3d:75:fa:18:06:e2:f3:
39:f8:94:7d:1a:8c:7e:57:61:7d:34:39:5a:29:02:ea:86:8d:
f2:11:be:9c:96:a6:a5:45:d9:57:30:2e:04:02:2e:11:bb:96:
dd:81:09:a3:a5:c4:e1:97:06:5e:68:26:45:72:8c:2f:b1:79:
8c:59:25:62:dc:f4:81:8b:f1:6e:5e:5b:c4:1e:f7:0f:25:c5:
ed:3f:eb:ef:8f:e6:41:07:3c:f8:63:2b:f6:6e:e9:7a:c7:6f:
d6:36:78:85:94:1f:e1:7c:0f:fb:70:1b:ef:b5:4e:95:c6:9e:
ab:34:d1:32:35:ec:cf:61:83:dd:a5:4f:5a:2a:f5:16:bd:46:
c2:09:4a:b7:51:84:b5:1f:51:6d:d2:e9:97:2a:53:ae:1a:19:
e0:7a:63:d9:9d:fd:d6:37:b9:ac:f6:f8:b6:e8:ed:4b:b9:25:
ec:9b:58:5b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBcNjPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODEwMTc3MjI0ODk5NmI4N2Q5MDg0MGMyZDI3ZDYyNTQ5NDU4MTczMB4XDTIyMDEw
MTExNTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTJlMjZiMTdkNTll
Y2NkYjlmMjMzYTNmYzdhZGE5MjRhYjE0YTYxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANL8bYflsLP3Nm97gHxEyq6LGxfIOKIlzMyMae+qQSjp6jmF
yHRb67YmyMgTsO/q7Cki4B7hdkeFtM2PSnP0wr2Kmp4zh5CGUUEHTo2ypqQdi9wx
aYI+1c9XAbwMm3u0OgPzT6DRn+6FqyZy3bylrZ+6Y4rmnqJvrZoTL2Nw4sMu7t8l
y5Ub5u944GEr+8dUoRci6zs2NvCMmCE0IPzfx3mAhYCHYqGPG43lxultM2DuYyVa
MO6cdMoSjSJmE5PYjoaydZD1rL1FKqcdsyMIAKwcp+z+yRo767lJ7N146EwdZQvx
maWX+szKvPL0q2FXipw4d3yqaYwrAu7rA3p2ji8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSS4msX1Z7M258jOj/HrakkqxSmEjAfBgNVHSMEGDAWgBQYEBdyJImWuH2Q
hAwtJ9YlSUWBczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dCQVhjaVNKbHJoOWtJUU1MU2ZXSlVsRmdYTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8x
L2t1SnJGOVdlek51Zkl6b194NjJwSktzVXBoSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MjBhNWE1LTBiYTItNDA1Mi1iZWI0LTNjYzg1YWQzYzE5MC8xL0dCQVhjaVNKbHJo
OWtJUU1MU2ZXSlVsRmdYTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAi2NqAMEAdEQjjANBAIAAjAHAwUD
Kg7OQDANBgkqhkiG9w0BAQsFAAOCAQEAkQ+DlwPpV9+/i5j3vqf6T7wXn53pRU5d
CS/3u/M9Qd7bCfZWOC/GKXvOvUGbOtIIK+xDmMFVygJXh+dhnJ1dax4emuhFkXy3
MY1UPr8Q3VoLndc9dfoYBuLzOfiUfRqMfldhfTQ5WikC6oaN8hG+nJampUXZVzAu
BAIuEbuW3YEJo6XE4ZcGXmgmRXKML7F5jFklYtz0gYvxbl5bxB73DyXF7T/r74/m
QQc8+GMr9m7pesdv1jZ4hZQf4XwP+3Ab77VOlcaeqzTRMjXsz2GD3aVPWir1Fr1G
wglKt1GEtR9RbdLplypTrhoZ4Hpj2Z391je5rPb4tujtS7kl7JtYWw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:16 2023 by rpki-client on console-ams.rpki-client.org