Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/kjNgfb1AIzmHPmG0teKaJkI6p50.roa
File: kjNgfb1AIzmHPmG0teKaJkI6p50.roa (raw, json)
Hash identifier: ZAC/dxcGTHJ5fgzRthab+Sf5lZeocEdh3bOC1mUSnBE=
Subject key identifier: 92:33:60:7D:BD:40:23:39:87:3E:61:B4:B5:E2:9A:26:42:3A:A7:9D
Certificate issuer: /CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Certificate serial: 29039690
Authority key identifier: 2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/kjNgfb1AIzmHPmG0teKaJkI6p50.roa
Signing time: Sat 01 Jan 2022 05:00:47 +0000
ROA not before: Sat 01 Jan 2022 05:00:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 272533
IP address blocks: 185.14.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 688101008 (0x29039690)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Validity
Not Before: Jan 1 05:00:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9233607dbd402339873e61b4b5e29a26423aa79d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cd:cf:cf:3a:33:02:db:e8:ba:1e:19:4f:85:
0b:c4:44:fb:41:49:1f:fd:47:87:9a:d8:b8:77:4e:
39:e2:a7:c1:1c:95:8c:fb:82:c7:59:c4:7f:e7:a2:
f1:06:e9:17:6b:d6:6b:c8:7c:51:1e:a6:fd:5d:1f:
4a:3a:de:4b:aa:b7:d4:38:78:c9:01:d1:59:28:79:
4b:20:4b:83:65:ea:3d:7e:c1:46:70:d1:75:c0:a3:
8e:ca:9f:31:66:31:9e:9c:08:20:1b:12:af:f6:25:
6a:e4:7e:fe:f7:e1:3f:58:53:6d:fc:71:71:fd:6e:
be:e7:71:1b:b1:d9:07:63:02:21:61:61:e8:9d:0e:
23:45:e3:0b:1f:d2:31:25:75:a3:4f:44:94:08:55:
da:2c:07:69:14:3e:aa:74:71:3d:3f:71:cd:24:fd:
84:0c:26:06:48:52:51:75:e9:ea:05:f6:77:06:60:
d2:e5:08:e0:30:00:b3:49:db:17:04:8c:f6:6c:56:
11:ee:69:44:c6:9b:07:28:4c:71:f0:68:8e:ea:6d:
79:4e:9d:f0:9d:06:a5:a5:62:f5:56:cb:01:53:53:
f8:42:04:bd:cf:3d:ef:b5:61:4e:09:b8:d7:20:7c:
5b:4e:59:a5:d2:32:6a:7e:94:23:ac:09:46:c6:c0:
e8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:33:60:7D:BD:40:23:39:87:3E:61:B4:B5:E2:9A:26:42:3A:A7:9D
X509v3 Authority Key Identifier:
keyid:2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/kjNgfb1AIzmHPmG0teKaJkI6p50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/LcgdJMRd2qNF-QZN4p-8p7EppSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.238.0/24
Signature Algorithm: sha256WithRSAEncryption
93:0b:37:84:a0:ab:dd:03:26:c8:15:6a:74:20:65:59:c1:45:
fc:eb:38:60:7d:07:04:e3:53:07:01:aa:9e:c2:a6:e1:a9:ad:
2d:77:f8:ec:ad:c9:5c:a5:5d:be:c6:a3:91:45:da:0c:0c:c2:
83:f1:5c:8f:df:63:e2:7a:d4:f9:fc:48:b2:af:f9:0f:94:68:
fe:9a:82:3f:47:02:5e:41:c4:a9:d5:43:90:d5:5c:15:04:53:
26:4f:1d:a5:d0:6f:a8:aa:d0:d3:b5:a9:cb:c5:03:f1:7f:fe:
f0:a6:6d:e3:cc:26:a0:19:7d:32:cd:71:73:ea:01:4b:f4:cb:
3b:60:40:8e:fe:af:3c:de:5c:8c:3f:ce:5c:cb:43:9e:b0:03:
f1:42:08:a9:7c:07:14:10:f1:aa:35:a2:32:83:4d:27:c5:48:
fd:02:ec:dd:25:b3:4c:f2:d2:b9:9e:11:a0:b4:ba:f7:80:03:
fa:7c:c0:0d:64:b8:f2:89:a4:f1:68:4e:3d:1c:d5:ec:11:8d:
6c:f9:62:45:87:cd:69:20:24:78:09:09:d8:59:0d:01:d3:4b:
19:11:75:ab:22:b6:f4:59:32:76:c4:67:e7:03:90:7a:fd:8e:
60:cd:1e:7e:4b:e0:63:54:8e:7b:32:d7:d0:d9:40:ed:83:e0:
d5:e4:04:ac
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKQOWkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZGM4MWQyNGM0NWRkYWEzNDVmOTA2NGRlMjlmYmNhN2IxMjlhNTJjMB4XDTIyMDEw
MTA1MDA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIzMzYwN2RiZDQw
MjMzOTg3M2U2MWI0YjVlMjlhMjY0MjNhYTc5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7Nz886MwLb6LoeGU+FC8RE+0FJH/1Hh5rYuHdOOeKnwRyV
jPuCx1nEf+ei8QbpF2vWa8h8UR6m/V0fSjreS6q31Dh4yQHRWSh5SyBLg2XqPX7B
RnDRdcCjjsqfMWYxnpwIIBsSr/YlauR+/vfhP1hTbfxxcf1uvudxG7HZB2MCIWFh
6J0OI0XjCx/SMSV1o09ElAhV2iwHaRQ+qnRxPT9xzST9hAwmBkhSUXXp6gX2dwZg
0uUI4DAAs0nbFwSM9mxWEe5pRMabByhMcfBojupteU6d8J0GpaVi9VbLAVNT+EIE
vc8977VhTgm41yB8W05ZpdIyan6UI6wJRsbA6D0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSSM2B9vUAjOYc+YbS14pomQjqnnTAfBgNVHSMEGDAWgBQtyB0kxF3ao0X5
Bk3in7ynsSmlLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xjZ2RKTVJkMnFORi1RWk40cC04cDdFcHBTdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvYmYzZGI1LWEzM2YtNDMxMS1hY2Q5LTJmY2MwYjc0OWIzMi8x
L2tqTmdmYjFBSXptSFBtRzB0ZUthSmtJNnA1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
YmYzZGI1LWEzM2YtNDMxMS1hY2Q5LTJmY2MwYjc0OWIzMi8xL0xjZ2RKTVJkMnFO
Ri1RWk40cC04cDdFcHBTdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkO7jANBgkqhkiG9w0BAQsFAAOC
AQEAkws3hKCr3QMmyBVqdCBlWcFF/Os4YH0HBONTBwGqnsKm4amtLXf47K3JXKVd
vsajkUXaDAzCg/Fcj99j4nrU+fxIsq/5D5Ro/pqCP0cCXkHEqdVDkNVcFQRTJk8d
pdBvqKrQ07Wpy8UD8X/+8KZt48wmoBl9Ms1xc+oBS/TLO2BAjv6vPN5cjD/OXMtD
nrAD8UIIqXwHFBDxqjWiMoNNJ8VI/QLs3SWzTPLSuZ4RoLS694AD+nzADWS48omk
8WhOPRzV7BGNbPliRYfNaSAkeAkJ2FkNAdNLGRF1qyK29FkydsRn5wOQev2OYM0e
fkvgY1SOezLX0NlA7YPg1eQErA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:05 2024 by rpki-client on console-ams.rpki-client.org