Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/kBz1YPARwf36crsU17tv1Uqs1cc.roa
File: kBz1YPARwf36crsU17tv1Uqs1cc.roa (raw, json)
Hash identifier: FPsjKXPAyu3+h/2KHhTABDG7GxbPlmnMxuJ2A6MsZkw=
Subject key identifier: 90:1C:F5:60:F0:11:C1:FD:FA:72:BB:14:D7:BB:6F:D5:4A:AC:D5:C7
Certificate issuer: /CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
Certificate serial: 01842EE72176FED83EFF5F3179BB16CF7C17
Authority key identifier: 2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/kBz1YPARwf36crsU17tv1Uqs1cc.roa
Signing time: Mon 31 Oct 2022 16:36:50 +0000
ROA not before: Mon 31 Oct 2022 16:36:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61357
IP address blocks: 141.93.11.0/24 maxlen: 24
141.93.10.0/24 maxlen: 24
141.93.10.0/23 maxlen: 23
2a0d:f0c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2e:e7:21:76:fe:d8:3e:ff:5f:31:79:bb:16:cf:7c:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
Validity
Not Before: Oct 31 16:36:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=901cf560f011c1fdfa72bb14d7bb6fd54aacd5c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cf:c2:5f:3b:c1:d2:ef:07:be:1c:69:33:f3:
d6:de:37:52:a0:50:0a:df:95:d5:6d:e8:a0:53:46:
0d:58:e0:c6:3e:dd:e6:ba:0d:98:cc:97:e5:ee:63:
9a:46:e5:63:4d:d1:b4:81:b0:42:c6:6f:ca:2b:d4:
bb:c9:90:9f:c6:47:e2:90:d6:64:21:b3:f6:6e:cf:
a8:08:d7:78:dd:b0:c2:4b:69:be:41:8b:62:49:d5:
12:93:6e:3b:66:f7:6d:34:8f:75:3a:0c:a4:92:99:
75:4b:3f:d7:b5:e1:99:5d:1c:9a:0f:48:51:bf:15:
ff:cd:a4:dd:d3:4d:4b:76:e0:bc:22:e4:1c:3f:2e:
79:4b:b3:3c:dd:e2:87:f5:ce:8a:69:33:7f:79:ad:
cd:a4:cf:ea:53:2e:96:a2:92:0e:04:ac:bc:86:a4:
d1:49:04:2d:92:0c:b6:1c:d5:8d:2e:93:9f:74:8b:
a2:55:98:d3:f2:3e:cf:6e:46:8d:6c:78:50:5e:19:
2b:31:e9:44:a5:5b:a6:46:a5:da:31:61:ff:6a:70:
f1:a4:02:8f:0a:5c:ef:0b:55:04:50:d9:5e:00:ed:
97:e1:be:29:92:7b:5b:c1:33:1a:25:47:c2:20:0b:
e8:b2:8a:82:26:d4:7a:03:a7:6c:bf:4b:5e:82:11:
b6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:1C:F5:60:F0:11:C1:FD:FA:72:BB:14:D7:BB:6F:D5:4A:AC:D5:C7
X509v3 Authority Key Identifier:
keyid:2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/kBz1YPARwf36crsU17tv1Uqs1cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/LxF62jy5UVptim3MFfKwsafZvh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.93.10.0/23
IPv6:
2a0d:f0c0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:57:a5:5b:e0:5e:de:08:d8:53:22:c0:74:6d:69:43:07:64:
99:3b:3f:0d:f4:33:99:7d:f4:6f:a8:8d:ef:a8:e6:33:d5:f3:
d3:05:a4:d3:2f:6d:a3:ea:54:35:c5:1d:1c:7a:1b:f4:6e:6f:
67:11:04:c8:93:3f:c5:e5:f5:19:8f:85:13:21:53:ff:d3:88:
fb:56:a0:8f:69:b3:fc:40:45:b1:15:cc:c2:7c:aa:03:9a:72:
59:c5:09:e6:69:b8:7d:5b:d4:3e:7c:bc:9b:b0:f7:84:73:fb:
c8:c3:df:81:2d:9b:cd:22:6d:e6:aa:f1:6b:cb:a0:d0:4f:a7:
c7:8b:43:bd:ae:2a:7c:13:88:60:a0:35:a7:f7:27:99:f7:fc:
8a:8c:35:d6:0a:e5:3a:93:23:fe:bb:c6:c8:2c:e2:45:42:3b:
86:73:e0:2c:6d:7a:a6:63:0b:e1:0d:c7:39:f5:d0:9a:66:6f:
34:4a:ad:b9:75:d9:50:05:d3:6e:8e:c0:3e:5f:66:81:ad:db:
19:b4:c6:9b:c7:fe:64:e6:88:d7:86:b2:0a:2f:98:5a:cc:f8:
b6:8f:4e:d1:e0:16:78:17:8b:88:1b:2a:d5:b5:4c:e3:43:47:
f7:a5:64:d9:f6:ea:cc:e5:5e:79:6d:e7:39:13:61:d2:e6:d8:
a6:cb:f5:08
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYQu5yF2/tg+/18xebsWz3wXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMTE3YWRhM2NiOTUxNWE2ZDhhNmRjYzE1ZjJiMGIxYTdk
OWJlMWQwHhcNMjIxMDMxMTYzNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDFjZjU2MGYwMTFjMWZkZmE3MmJiMTRkN2JiNmZkNTRhYWNkNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqM/CXzvB0u8HvhxpM/PW3jdSoFAK
35XVbeigU0YNWODGPt3mug2YzJfl7mOaRuVjTdG0gbBCxm/KK9S7yZCfxkfikNZk
IbP2bs+oCNd43bDCS2m+QYtiSdUSk247ZvdtNI91Ogykkpl1Sz/XteGZXRyaD0hR
vxX/zaTd001LduC8IuQcPy55S7M83eKH9c6KaTN/ea3NpM/qUy6WopIOBKy8hqTR
SQQtkgy2HNWNLpOfdIuiVZjT8j7PbkaNbHhQXhkrMelEpVumRqXaMWH/anDxpAKP
ClzvC1UEUNleAO2X4b4pkntbwTMaJUfCIAvosoqCJtR6A6dsv0teghG23QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJAc9WDwEcH9+nK7FNe7b9VKrNXHMB8GA1UdIwQY
MBaAFC8Reto8uVFabYptzBXysLGn2b4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHhGNjJqeTVVVnB0aW0zTUZmS3dzYWZadmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9lZmY0NGQtMjRmZC00Mzg0LTk1MDct
N2EwMzRkMTcwYjg1LzEva0J6MVlQQVJ3ZjM2Y3JzVTE3dHYxVXFzMWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9lZmY0NGQtMjRmZC00Mzg0LTk1MDctN2EwMzRkMTcwYjg1
LzEvTHhGNjJqeTVVVnB0aW0zTUZmS3dzYWZadmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBjV0KMA0E
AgACMAcDBQAqDfDAMA0GCSqGSIb3DQEBCwUAA4IBAQBOV6Vb4F7eCNhTIsB0bWlD
B2SZOz8N9DOZffRvqI3vqOYz1fPTBaTTL22j6lQ1xR0cehv0bm9nEQTIkz/F5fUZ
j4UTIVP/04j7VqCPabP8QEWxFczCfKoDmnJZxQnmabh9W9Q+fLybsPeEc/vIw9+B
LZvNIm3mqvFry6DQT6fHi0O9rip8E4hgoDWn9yeZ9/yKjDXWCuU6kyP+u8bILOJF
QjuGc+AsbXqmYwvhDcc59dCaZm80Sq25ddlQBdNujsA+X2aBrdsZtMabx/5k5ojX
hrIKL5hazPi2j07R4BZ4F4uIGyrVtUzjQ0f3pWTZ9urM5V55bec5E2HS5timy/UI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:05 2024 by rpki-client on console-fra.rpki-client.org