Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/2e28f5-8268-41e9-8bc7-146641f208bc/1/KDicmvQBs19x6xPFbPCTBBnCZWY.roa
File: KDicmvQBs19x6xPFbPCTBBnCZWY.roa (raw, json)
Hash identifier: Kivf0UshGWWH+dhA47XKb6E2uaJwn3N0Bv7MkNcVAFA=
Subject key identifier: 28:38:9C:9A:F4:01:B3:5F:71:EB:13:C5:6C:F0:93:04:19:C2:65:66
Certificate issuer: /CN=a4b668d23467f2c8f67426c9e68be49c4247ee79
Certificate serial: 7F6D
Authority key identifier: A4:B6:68:D2:34:67:F2:C8:F6:74:26:C9:E6:8B:E4:9C:42:47:EE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLZo0jRn8sj2dCbJ5ovknEJH7nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/2e28f5-8268-41e9-8bc7-146641f208bc/1/KDicmvQBs19x6xPFbPCTBBnCZWY.roa
Signing time: Mon 28 Feb 2022 15:11:37 +0000
ROA not before: Mon 28 Feb 2022 15:11:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201814
IP address blocks: 178.211.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32621 (0x7f6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b668d23467f2c8f67426c9e68be49c4247ee79
Validity
Not Before: Feb 28 15:11:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28389c9af401b35f71eb13c56cf0930419c26566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:5a:2c:d6:72:a0:b2:81:23:33:93:48:f4:e9:
48:98:77:89:4b:00:77:31:75:14:47:37:d4:c1:47:
b7:28:c6:62:4b:00:8a:a1:a4:37:db:1d:4c:05:55:
40:70:3d:32:4d:21:75:6c:d3:14:62:61:d0:3e:b4:
14:0a:ad:50:fa:1b:82:15:37:78:34:ed:61:2d:43:
0a:7e:2a:7f:e6:a1:56:8a:75:97:b5:e2:22:35:75:
07:58:de:d4:87:16:f1:8c:05:05:62:94:93:1c:52:
d1:6e:8a:b5:4a:6b:df:0f:a5:dd:88:98:c2:4d:75:
df:8c:57:b3:1f:ea:f4:c6:ab:fd:99:db:05:35:71:
09:bf:0f:a6:6f:c2:68:5f:43:42:70:96:e9:26:aa:
b1:6c:57:89:f7:96:84:7f:e7:65:78:98:74:22:86:
ec:40:79:fe:0f:6a:9b:e8:bf:b9:00:0f:8a:b9:34:
9a:d7:c8:ca:d6:cc:57:06:ea:3f:b1:e7:e9:e4:c7:
06:c9:2f:d8:f8:ab:fe:3b:70:d8:dc:74:44:38:37:
89:af:fe:b4:d4:6e:cf:74:3e:b6:1d:8a:04:db:77:
6b:91:10:d3:14:56:9b:b2:a1:e2:ef:0b:19:04:69:
5e:44:4e:2e:9a:77:b7:f4:d1:c6:21:87:b3:ac:b9:
04:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:38:9C:9A:F4:01:B3:5F:71:EB:13:C5:6C:F0:93:04:19:C2:65:66
X509v3 Authority Key Identifier:
keyid:A4:B6:68:D2:34:67:F2:C8:F6:74:26:C9:E6:8B:E4:9C:42:47:EE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLZo0jRn8sj2dCbJ5ovknEJH7nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/2e28f5-8268-41e9-8bc7-146641f208bc/1/KDicmvQBs19x6xPFbPCTBBnCZWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/2e28f5-8268-41e9-8bc7-146641f208bc/1/pLZo0jRn8sj2dCbJ5ovknEJH7nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.211.139.0/24
Signature Algorithm: sha256WithRSAEncryption
67:3b:c1:cb:3b:ee:27:5c:f4:5a:81:fc:ae:c7:4a:ed:1c:f3:
32:4b:bc:5f:17:95:2a:d7:d6:1a:48:1a:84:92:77:90:f9:0a:
99:93:fe:0b:60:53:17:4a:b7:77:6b:7d:1b:d8:08:41:30:ab:
2f:fb:d0:a7:bc:20:6a:ce:43:7f:5f:44:d7:86:12:68:24:97:
b2:8b:77:85:c7:2f:dd:ff:72:59:e9:0e:e2:46:73:e7:f2:9c:
30:70:e8:02:4b:f9:c1:e6:7d:1d:3c:aa:89:3b:ff:a3:c2:38:
c1:2e:6f:4f:2e:a0:0a:c1:95:d7:05:75:8a:43:c3:d3:e1:93:
1d:d7:ef:ef:0b:44:1d:6f:61:4d:9a:38:c1:c0:f2:f7:4e:e4:
4c:72:35:f4:a6:96:c1:8a:ed:cd:3c:56:a6:dc:ae:76:92:87:
18:ef:e1:10:69:f6:86:a0:8c:41:0e:96:a7:88:cc:b6:72:a9:
99:fe:49:13:88:48:5c:98:3e:07:1d:18:22:8d:0b:b9:ae:d8:
de:40:ca:c4:34:23:20:47:c6:8e:af:e6:79:76:55:8e:a4:9d:
e2:fa:06:fd:35:6f:54:14:f5:9d:81:87:4f:16:90:1d:79:0c:
6d:a5:23:76:f4:ab:e6:30:c4:36:07:d1:20:9e:fc:a3:98:6e:
a5:f4:ec:30
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICf20wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoYTRi
NjY4ZDIzNDY3ZjJjOGY2NzQyNmM5ZTY4YmU0OWM0MjQ3ZWU3OTAeFw0yMjAyMjgx
NTExMzdaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDI4Mzg5YzlhZjQwMWIz
NWY3MWViMTNjNTZjZjA5MzA0MTljMjY1NjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeWizWcqCygSMzk0j06UiYd4lLAHcxdRRHN9TBR7coxmJLAIqh
pDfbHUwFVUBwPTJNIXVs0xRiYdA+tBQKrVD6G4IVN3g07WEtQwp+Kn/moVaKdZe1
4iI1dQdY3tSHFvGMBQVilJMcUtFuirVKa98Ppd2ImMJNdd+MV7Mf6vTGq/2Z2wU1
cQm/D6ZvwmhfQ0JwlukmqrFsV4n3loR/52V4mHQihuxAef4Papvov7kAD4q5NJrX
yMrWzFcG6j+x5+nkxwbJL9j4q/47cNjcdEQ4N4mv/rTUbs90PrYdigTbd2uRENMU
VpuyoeLvCxkEaV5ETi6ad7f00cYhh7OsuQTLAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUKDicmvQBs19x6xPFbPCTBBnCZWYwHwYDVR0jBBgwFoAUpLZo0jRn8sj2dCbJ
5ovknEJH7nkwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9w
TFpvMGpSbjhzajJkQ2JKNW92a25FSkg3bmsuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzkxLzJlMjhmNS04MjY4LTQxZTktOGJjNy0xNDY2NDFmMjA4YmMvMS9L
RGljbXZRQnMxOXg2eFBGYlBDVEJCbkNaV1kucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkxLzJl
MjhmNS04MjY4LTQxZTktOGJjNy0xNDY2NDFmMjA4YmMvMS9wTFpvMGpSbjhzajJk
Q2JKNW92a25FSkg3bmsuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACy04swDQYJKoZIhvcNAQELBQADggEB
AGc7wcs77idc9FqB/K7HSu0c8zJLvF8XlSrX1hpIGoSSd5D5CpmT/gtgUxdKt3dr
fRvYCEEwqy/70Ke8IGrOQ39fRNeGEmgkl7KLd4XHL93/clnpDuJGc+fynDBw6AJL
+cHmfR08qok7/6PCOMEub08uoArBldcFdYpDw9Phkx3X7+8LRB1vYU2aOMHA8vdO
5ExyNfSmlsGK7c08VqbcrnaShxjv4RBp9oagjEEOlqeIzLZyqZn+SROISFyYPgcd
GCKNC7mu2N5AysQ0IyBHxo6v5nl2VY6kneL6Bv01b1QU9Z2Bh08WkB15DG2lI3b0
q+YwxDYH0SCe/KOYbqX07DA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:16 2023 by rpki-client on console-ams.rpki-client.org