Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4d9ca3-aa73-4998-ae63-832db9ebebaf/1/kokTBIT3L_5hnmvjmX3RJh4hg2o.roa
File: kokTBIT3L_5hnmvjmX3RJh4hg2o.roa (raw, json)
Hash identifier: vniIdWl46D6D30cruCTyWsnVedQ568c7Jvter896PGM=
Subject key identifier: 92:89:13:04:84:F7:2F:FE:61:9E:6B:E3:99:7D:D1:26:1E:21:83:6A
Certificate issuer: /CN=1cc451fbdfaa12efc352a59b007b0a8823b8e65d
Certificate serial: 381A34A2
Authority key identifier: 1C:C4:51:FB:DF:AA:12:EF:C3:52:A5:9B:00:7B:0A:88:23:B8:E6:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HMRR-9-qEu_DUqWbAHsKiCO45l0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4d9ca3-aa73-4998-ae63-832db9ebebaf/1/kokTBIT3L_5hnmvjmX3RJh4hg2o.roa
Signing time: Sat 01 Jan 2022 14:05:41 +0000
ROA not before: Sat 01 Jan 2022 14:05:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49638
IP address blocks: 91.213.30.0/24 maxlen: 24
2001:67c:137c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941241506 (0x381a34a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cc451fbdfaa12efc352a59b007b0a8823b8e65d
Validity
Not Before: Jan 1 14:05:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9289130484f72ffe619e6be3997dd1261e21836a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:80:c9:7e:d8:49:96:2f:9f:be:5c:fb:92:cb:
3b:56:d4:d5:eb:31:d3:83:b4:2a:73:d1:37:14:19:
9d:5d:a3:cd:7d:3e:f5:75:23:d6:a9:0c:c4:1e:62:
5f:c7:37:ea:fb:0b:af:3a:ab:f1:6d:f8:bb:e7:d3:
2c:f4:18:ef:1d:44:f6:30:42:bf:f3:76:bb:26:24:
59:f7:96:ff:70:84:64:88:67:a6:fc:c9:6b:27:f0:
0d:07:e4:22:d8:73:3e:9e:7d:cb:6a:5b:a2:56:4d:
ba:c3:26:bc:92:bc:4f:eb:75:50:7d:fa:95:65:b7:
f1:a3:c2:ce:ad:2d:46:8f:6b:11:e0:35:32:cc:e8:
c6:a4:f7:87:eb:49:30:7f:a1:08:87:71:ab:86:ed:
41:d3:29:af:bf:10:3f:2c:0b:42:0c:e6:88:c3:ed:
81:25:12:63:4a:41:ef:ab:fb:ea:2c:d4:03:c7:3e:
06:3d:86:e4:cb:fb:c5:e5:c1:40:7d:04:c8:a6:20:
0f:f9:4f:63:aa:bf:e6:55:a7:97:78:aa:1a:c4:b8:
0f:8d:82:6c:f2:6b:a0:89:f4:ee:50:c1:db:4c:80:
74:c4:0e:7a:69:cb:8f:5e:eb:d0:48:37:28:a4:be:
86:02:46:65:98:f6:2d:93:15:45:d7:53:c9:46:91:
36:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:89:13:04:84:F7:2F:FE:61:9E:6B:E3:99:7D:D1:26:1E:21:83:6A
X509v3 Authority Key Identifier:
keyid:1C:C4:51:FB:DF:AA:12:EF:C3:52:A5:9B:00:7B:0A:88:23:B8:E6:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HMRR-9-qEu_DUqWbAHsKiCO45l0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4d9ca3-aa73-4998-ae63-832db9ebebaf/1/kokTBIT3L_5hnmvjmX3RJh4hg2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4d9ca3-aa73-4998-ae63-832db9ebebaf/1/HMRR-9-qEu_DUqWbAHsKiCO45l0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.30.0/24
IPv6:
2001:67c:137c::/48
Signature Algorithm: sha256WithRSAEncryption
12:60:79:65:18:05:ba:0d:ca:ba:1f:de:c5:3b:bc:06:b9:f9:
fb:a2:fe:9b:6d:9c:f3:3e:34:00:55:5e:4d:83:f7:d8:c9:b1:
5a:7e:6c:8b:fa:87:8d:22:03:48:e0:3b:1a:8c:6e:d2:dd:00:
14:fb:9c:fc:67:2c:b2:95:b0:3f:84:c1:31:9f:76:25:dc:42:
ca:6f:02:9b:90:05:73:08:9c:b3:9f:72:9e:aa:23:9a:db:64:
5a:00:a4:26:50:77:2f:78:ea:75:31:c5:2a:f7:4e:15:a6:0c:
4b:6b:81:c3:5c:dd:89:cf:06:ea:91:3c:4d:79:6b:d1:8b:c8:
d5:2b:7e:60:32:5b:9c:de:a1:82:1c:42:8b:3e:a4:40:64:e7:
f6:49:b9:64:97:40:00:bc:f0:92:78:46:1e:be:fa:e7:b0:ce:
2b:0b:22:4f:fe:5e:bf:48:a0:8e:01:80:d8:65:19:82:81:f6:
0b:5c:d8:e8:5b:bb:55:9b:15:c2:43:cb:b6:df:08:2a:5a:e9:
cf:85:e0:bd:9a:27:6b:ef:ce:05:02:42:4d:29:74:b7:eb:6e:
82:3d:15:26:9c:36:06:9a:27:d0:ff:82:36:5f:29:2e:05:6d:
52:b3:80:82:c2:8c:72:2b:88:de:40:d7:02:83:d6:cf:79:f7:
29:73:83:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEOBo0ojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Y2M0NTFmYmRmYWExMmVmYzM1MmE1OWIwMDdiMGE4ODIzYjhlNjVkMB4XDTIyMDEw
MTE0MDU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTI4OTEzMDQ4NGY3
MmZmZTYxOWU2YmUzOTk3ZGQxMjYxZTIxODM2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKiAyX7YSZYvn75c+5LLO1bU1esx04O0KnPRNxQZnV2jzX0+
9XUj1qkMxB5iX8c36vsLrzqr8W34u+fTLPQY7x1E9jBCv/N2uyYkWfeW/3CEZIhn
pvzJayfwDQfkIthzPp59y2pbolZNusMmvJK8T+t1UH36lWW38aPCzq0tRo9rEeA1
MszoxqT3h+tJMH+hCIdxq4btQdMpr78QPywLQgzmiMPtgSUSY0pB76v76izUA8c+
Bj2G5Mv7xeXBQH0EyKYgD/lPY6q/5lWnl3iqGsS4D42CbPJroIn07lDB20yAdMQO
emnLj17r0Eg3KKS+hgJGZZj2LZMVRddTyUaRNhUCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSSiRMEhPcv/mGea+OZfdEmHiGDajAfBgNVHSMEGDAWgBQcxFH736oS78NS
pZsAewqII7jmXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hNUlItOS1xRXVfRFVxV2JBSHNLaUNPNDVsMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNGQ5Y2EzLWFhNzMtNDk5OC1hZTYzLTgzMmRiOWViZWJhZi8x
L2tva1RCSVQzTF81aG5tdmptWDNSSmg0aGcyby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NGQ5Y2EzLWFhNzMtNDk5OC1hZTYzLTgzMmRiOWViZWJhZi8xL0hNUlItOS1xRXVf
RFVxV2JBSHNLaUNPNDVsMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFvVHjAPBAIAAjAJAwcAIAEGfBN8
MA0GCSqGSIb3DQEBCwUAA4IBAQASYHllGAW6Dcq6H97FO7wGufn7ov6bbZzzPjQA
VV5Ng/fYybFafmyL+oeNIgNI4DsajG7S3QAU+5z8ZyyylbA/hMExn3Yl3ELKbwKb
kAVzCJyzn3KeqiOa22RaAKQmUHcveOp1McUq904VpgxLa4HDXN2JzwbqkTxNeWvR
i8jVK35gMluc3qGCHEKLPqRAZOf2Sblkl0AAvPCSeEYevvrnsM4rCyJP/l6/SKCO
AYDYZRmCgfYLXNjoW7tVmxXCQ8u23wgqWunPheC9midr784FAkJNKXS3626CPRUm
nDYGmifQ/4I2XykuBW1Ss4CCwoxyK4jeQNcCg9bPefcpc4Nj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:54 2023 by rpki-client on console-fra.rpki-client.org