Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/khjcN_jr83ZjyP-y_PX6As6Yc6k.roa
File: khjcN_jr83ZjyP-y_PX6As6Yc6k.roa (raw, json)
Hash identifier: 3WEkcDC+t1NVhAQe8PV2QDt9v75RsnJIqgNH0DlT/gI=
Subject key identifier: 92:18:DC:37:F8:EB:F3:76:63:C8:FF:B2:FC:F5:FA:02:CE:98:73:A9
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 08A416CA
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/khjcN_jr83ZjyP-y_PX6As6Yc6k.roa
Signing time: Sat 01 Jan 2022 02:51:52 +0000
ROA not before: Sat 01 Jan 2022 02:51:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208323
IP address blocks: 109.70.100.0/24 maxlen: 24
2a03:e600:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144971466 (0x8a416ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Jan 1 02:51:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9218dc37f8ebf37663c8ffb2fcf5fa02ce9873a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1e:f4:d3:ac:20:d5:81:33:37:82:5b:0b:61:
7b:90:8c:25:d2:fe:3a:8d:7d:f2:0b:59:16:67:9a:
74:95:fe:95:fa:f8:01:dd:81:d8:b9:ee:e2:cf:0b:
a7:09:08:ff:ae:24:5c:bd:2a:e0:58:55:7c:5e:c1:
65:b1:14:9e:e5:dc:4c:1c:1e:80:82:99:6b:26:1f:
59:a0:bf:70:2a:90:f7:c1:a7:c1:05:58:e0:cc:58:
37:c2:17:84:b5:78:57:7f:fa:b6:05:5c:92:d2:50:
4c:b7:05:6b:03:4a:db:3b:b4:d5:f3:f5:31:01:c9:
30:44:73:54:c4:35:bc:0d:a5:a7:35:2a:8f:00:ce:
96:c9:7b:8e:03:59:eb:0a:16:ee:d6:ab:d8:74:16:
97:d7:e4:b4:b9:4c:18:b4:e0:ed:b0:29:ce:9b:8a:
80:0e:21:c4:4d:3d:6c:7c:0a:59:a9:d5:d4:08:43:
6b:9e:1f:11:da:d1:2d:1c:84:2b:bd:9d:34:87:78:
73:3d:b0:ce:d6:a5:4b:4a:7f:dc:a5:a3:ba:bd:4e:
25:84:39:9f:06:12:d7:fb:4a:fd:08:48:d2:7d:7e:
98:63:96:1f:4e:e6:0b:b9:9f:13:70:3a:85:ad:69:
d7:9a:6a:eb:e3:db:cf:c7:48:a3:e8:f4:4c:17:11:
46:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:18:DC:37:F8:EB:F3:76:63:C8:FF:B2:FC:F5:FA:02:CE:98:73:A9
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/khjcN_jr83ZjyP-y_PX6As6Yc6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.100.0/24
IPv6:
2a03:e600:100::/48
Signature Algorithm: sha256WithRSAEncryption
b0:83:ec:8c:ca:c8:11:a7:9a:8a:47:d5:34:2f:a8:97:c4:db:
0c:65:f8:c7:f4:9f:dd:e6:6e:cc:dd:70:63:0b:c3:ef:29:b1:
14:f1:14:8d:15:8c:af:86:32:d0:cb:05:c3:eb:74:8d:33:8e:
53:27:3a:d1:cf:de:1b:69:1c:bb:3d:b8:8a:8f:6c:7c:41:56:
91:ad:f9:63:03:1a:8f:9f:5e:e1:ff:6c:e5:1b:c1:91:7f:12:
a0:52:c8:97:9d:95:ee:51:37:07:9b:06:19:46:39:7c:92:b0:
c7:c4:9d:16:f2:88:e0:d6:95:0e:72:cb:cc:31:9f:e2:eb:ad:
8a:bb:90:a6:ea:7a:d8:c8:25:43:d6:52:ae:ce:f3:f6:99:4b:
1a:fd:40:f3:f5:8c:79:1c:68:4b:9d:10:6c:3c:bb:f8:3a:69:
b2:9d:eb:fd:5f:db:75:9b:a3:80:06:75:08:b0:46:ae:aa:93:
d3:aa:29:e4:18:6f:2d:4e:ce:4e:02:12:79:9e:7d:eb:1b:aa:
ca:10:8a:96:6c:e6:da:d4:09:9e:33:d6:d7:d7:e5:98:67:b8:
4b:19:44:3f:f5:2f:37:1f:f0:52:4f:fe:54:e6:3d:85:f5:9b:
5a:df:38:ba:89:39:8c:ed:ef:37:7e:de:a0:fd:e8:52:8c:c0:
2c:1c:c5:6a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECKQWyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjczZDg0OWI3ZDUwNDczNzZkNTdlNmY3OTZmMDAxOGI3MGI0NTA2MB4XDTIyMDEw
MTAyNTE1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIxOGRjMzdmOGVi
ZjM3NjYzYzhmZmIyZmNmNWZhMDJjZTk4NzNhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJoe9NOsINWBMzeCWwthe5CMJdL+Oo198gtZFmeadJX+lfr4
Ad2B2Lnu4s8LpwkI/64kXL0q4FhVfF7BZbEUnuXcTBwegIKZayYfWaC/cCqQ98Gn
wQVY4MxYN8IXhLV4V3/6tgVcktJQTLcFawNK2zu01fP1MQHJMERzVMQ1vA2lpzUq
jwDOlsl7jgNZ6woW7tar2HQWl9fktLlMGLTg7bApzpuKgA4hxE09bHwKWanV1AhD
a54fEdrRLRyEK72dNId4cz2wztalS0p/3KWjur1OJYQ5nwYS1/tK/QhI0n1+mGOW
H07mC7mfE3A6ha1p15pq6+Pbz8dIo+j0TBcRRgsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSSGNw3+OvzdmPI/7L89foCzphzqTAfBgNVHSMEGDAWgBTWc9hJt9UEc3bV
fm95bwAYtwtFBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFuUFlTYmZWQkhOMjFYNXZlVzhBR0xjTFJRWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvMmVjZTYyLTFkOGMtNDUwYy05MWU4LThlZWI3NTdjZjU0NS8x
L2toamNOX2pyODNaanlQLXlfUFg2QXM2WWM2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
MmVjZTYyLTFkOGMtNDUwYy05MWU4LThlZWI3NTdjZjU0NS8xLzFuUFlTYmZWQkhO
MjFYNXZlVzhBR0xjTFJRWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAG1GZDAPBAIAAjAJAwcAKgPmAAEA
MA0GCSqGSIb3DQEBCwUAA4IBAQCwg+yMysgRp5qKR9U0L6iXxNsMZfjH9J/d5m7M
3XBjC8PvKbEU8RSNFYyvhjLQywXD63SNM45TJzrRz94baRy7PbiKj2x8QVaRrflj
AxqPn17h/2zlG8GRfxKgUsiXnZXuUTcHmwYZRjl8krDHxJ0W8ojg1pUOcsvMMZ/i
662Ku5Cm6nrYyCVD1lKuzvP2mUsa/UDz9Yx5HGhLnRBsPLv4Ommynev9X9t1m6OA
BnUIsEauqpPTqinkGG8tTs5OAhJ5nn3rG6rKEIqWbOba1AmeM9bX1+WYZ7hLGUQ/
9S83H/BST/5U5j2F9Zta3zi6iTmM7e83ft6g/ehSjMAsHMVq
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:49 2023 by rpki-client on console-fra.rpki-client.org