Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/KK6IiXbBht8xSqG341vwGL5B9bk.roa
File: KK6IiXbBht8xSqG341vwGL5B9bk.roa (raw, json)
Hash identifier: sc6W5y6Vvb0ytjp1ofZ49yBMrTSKXMeD3z1b8k9pFGk=
Subject key identifier: 28:AE:88:89:76:C1:86:DF:31:4A:A1:B7:E3:5B:F0:18:BE:41:F5:B9
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 08A06140
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/KK6IiXbBht8xSqG341vwGL5B9bk.roa
Signing time: Sat 01 Jan 2022 02:51:50 +0000
ROA not before: Sat 01 Jan 2022 02:51:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62239
IP address blocks: 91.216.247.0/24 maxlen: 24
213.255.198.0/24 maxlen: 24
2a04:9300::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144728384 (0x8a06140)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Jan 1 02:51:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28ae888976c186df314aa1b7e35bf018be41f5b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:08:b6:59:92:ce:88:35:46:20:b1:45:cd:a4:
fb:07:05:75:09:22:2a:78:b1:57:29:03:0a:9c:08:
e5:c0:dc:cf:c4:40:37:f3:d8:1e:da:5f:eb:e5:2d:
dc:e3:8c:5e:c5:71:81:94:5d:45:b8:45:1b:aa:52:
bb:1d:24:cf:7d:47:c9:65:7b:8a:7b:fa:dd:12:a5:
5f:d0:5d:4d:68:14:81:47:42:45:96:ac:6b:8a:fe:
42:b6:ae:6b:8f:8b:6f:e0:9e:67:76:3a:cd:8d:f6:
be:5a:93:43:57:ce:2e:76:a2:70:03:11:95:29:2d:
14:13:b1:a1:0f:08:e0:43:c2:8a:5d:91:42:5c:b1:
5d:7c:3b:99:39:79:74:94:1e:e1:76:d1:08:6b:30:
1d:95:6d:62:0c:ee:17:57:16:ec:50:45:57:74:e7:
8f:f3:a2:79:3c:a8:b3:89:7f:86:b5:06:9d:3e:a1:
61:19:23:76:71:7e:98:6c:6a:27:ad:f7:d7:c9:06:
07:a6:21:1a:c3:9e:f8:62:14:40:02:d9:d2:84:1e:
13:fa:dd:6e:de:86:93:d0:02:ae:c1:33:91:57:87:
e1:7f:50:82:87:06:30:cd:0a:e8:51:8f:58:84:2c:
97:84:77:ec:0b:f0:16:a0:1a:9a:a2:38:ed:ff:dd:
36:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:AE:88:89:76:C1:86:DF:31:4A:A1:B7:E3:5B:F0:18:BE:41:F5:B9
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/KK6IiXbBht8xSqG341vwGL5B9bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.247.0/24
213.255.198.0/24
IPv6:
2a04:9300::/32
Signature Algorithm: sha256WithRSAEncryption
23:5c:a2:35:d8:b0:5d:95:09:84:6e:a4:9a:ea:0e:7d:4d:45:
76:f3:31:50:e0:35:61:22:2e:f3:10:bf:b8:b0:7a:2e:c4:79:
9b:0b:62:e6:af:ee:cb:b2:ed:80:1c:21:33:1f:92:05:60:4d:
6c:71:e9:f4:ff:37:56:24:10:d0:61:08:e1:de:63:a1:fd:c3:
de:ec:b0:45:a6:99:b6:0b:6c:00:76:f0:e7:47:52:2e:0d:4c:
2f:14:09:4e:c0:fb:f7:30:74:74:a8:8b:23:6b:7a:92:c5:50:
6c:31:c3:41:5c:65:3d:38:7c:54:ee:3d:77:23:46:c1:3b:7d:
ce:3a:16:c6:7b:ad:de:02:ba:7b:d9:95:10:ca:f7:9e:fb:23:
e6:03:8d:0a:92:9c:d7:e0:35:79:b1:e7:63:03:5e:e3:c5:65:
65:ec:41:57:cb:d9:97:b8:57:9f:86:01:40:2f:c9:20:e2:85:
26:61:d0:9e:c3:89:2f:f7:59:7e:f3:5d:3d:18:97:05:b8:a5:
08:52:0e:ab:0b:d8:89:d2:af:49:a7:0a:bb:ae:58:ea:3b:1c:
c1:ad:53:0f:0e:99:90:53:7d:66:8e:15:11:34:08:c9:21:8a:
8c:67:97:41:0f:c8:5c:b5:d5:a9:9a:16:bc:32:01:e5:29:27:
d1:f0:1d:01
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECKBhQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjczZDg0OWI3ZDUwNDczNzZkNTdlNmY3OTZmMDAxOGI3MGI0NTA2MB4XDTIyMDEw
MTAyNTE1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhhZTg4ODk3NmMx
ODZkZjMxNGFhMWI3ZTM1YmYwMThiZTQxZjViOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4ItlmSzog1RiCxRc2k+wcFdQkiKnixVykDCpwI5cDcz8RA
N/PYHtpf6+Ut3OOMXsVxgZRdRbhFG6pSux0kz31HyWV7inv63RKlX9BdTWgUgUdC
RZasa4r+Qraua4+Lb+CeZ3Y6zY32vlqTQ1fOLnaicAMRlSktFBOxoQ8I4EPCil2R
QlyxXXw7mTl5dJQe4XbRCGswHZVtYgzuF1cW7FBFV3Tnj/OieTyos4l/hrUGnT6h
YRkjdnF+mGxqJ63318kGB6YhGsOe+GIUQALZ0oQeE/rdbt6Gk9ACrsEzkVeH4X9Q
gocGMM0K6FGPWIQsl4R37AvwFqAamqI47f/dNgsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQoroiJdsGG3zFKobfjW/AYvkH1uTAfBgNVHSMEGDAWgBTWc9hJt9UEc3bV
fm95bwAYtwtFBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFuUFlTYmZWQkhOMjFYNXZlVzhBR0xjTFJRWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvMmVjZTYyLTFkOGMtNDUwYy05MWU4LThlZWI3NTdjZjU0NS8x
L0tLNklpWGJCaHQ4eFNxRzM0MXZ3R0w1Qjliay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
MmVjZTYyLTFkOGMtNDUwYy05MWU4LThlZWI3NTdjZjU0NS8xLzFuUFlTYmZWQkhO
MjFYNXZlVzhBR0xjTFJRWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAFvY9wMEANX/xjANBAIAAjAHAwUA
KgSTADANBgkqhkiG9w0BAQsFAAOCAQEAI1yiNdiwXZUJhG6kmuoOfU1FdvMxUOA1
YSIu8xC/uLB6LsR5mwti5q/uy7LtgBwhMx+SBWBNbHHp9P83ViQQ0GEI4d5jof3D
3uywRaaZtgtsAHbw50dSLg1MLxQJTsD79zB0dKiLI2t6ksVQbDHDQVxlPTh8VO49
dyNGwTt9zjoWxnut3gK6e9mVEMr3nvsj5gONCpKc1+A1ebHnYwNe48VlZexBV8vZ
l7hXn4YBQC/JIOKFJmHQnsOJL/dZfvNdPRiXBbilCFIOqwvYidKvSacKu65Y6jsc
wa1TDw6ZkFN9Zo4VETQIySGKjGeXQQ/IXLXVqZoWvDIB5Skn0fAdAQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:49 2023 by rpki-client on console-fra.rpki-client.org