Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/kuVYbPfnMvFw0bSl2FPvHiIIwQo.roa
File: kuVYbPfnMvFw0bSl2FPvHiIIwQo.roa (raw, json)
Hash identifier: IUUoxkS9/aibpbzJw8U3XfwiSYD+eSAuPEpeuP3t+Ls=
Subject key identifier: 92:E5:58:6C:F7:E7:32:F1:70:D1:B4:A5:D8:53:EF:1E:22:08:C1:0A
Certificate issuer: /CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Certificate serial: 11F6E4BB
Authority key identifier: F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/kuVYbPfnMvFw0bSl2FPvHiIIwQo.roa
Signing time: Mon 28 Feb 2022 11:03:57 +0000
ROA not before: Mon 28 Feb 2022 11:03:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201178
IP address blocks: 213.128.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 301393083 (0x11f6e4bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Validity
Not Before: Feb 28 11:03:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92e5586cf7e732f170d1b4a5d853ef1e2208c10a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ac:60:18:43:21:2f:98:45:38:f6:f0:9e:94:
0b:06:c1:a7:3d:89:d4:5a:9f:ce:ef:55:d1:b3:c0:
63:bf:7e:4e:06:1a:7c:e7:4b:a7:17:c0:90:d6:e8:
12:15:b5:9e:23:df:3c:25:c6:71:97:72:97:ab:67:
0a:f7:bd:39:39:f7:95:5c:25:61:48:b8:99:09:56:
7b:32:f9:01:82:cb:ae:cc:53:5b:30:14:bd:4b:77:
11:48:27:07:c2:df:ae:9b:ca:06:de:45:7b:fd:f6:
8e:47:a9:12:75:12:cc:36:8b:92:66:e5:d1:5a:d5:
98:76:59:96:3d:24:2c:be:68:4f:70:f8:c2:1c:db:
8f:45:87:d7:31:cb:59:78:7b:c5:67:8a:18:52:a4:
60:c1:bf:f8:10:93:86:87:69:db:bc:1a:05:0c:bd:
9c:72:d4:d2:2d:31:22:bc:d2:2e:73:cd:73:de:83:
1a:da:d7:44:16:4a:08:f5:58:c2:90:55:00:e9:18:
78:24:20:c1:40:21:34:d2:35:38:6c:ae:2d:3c:d8:
ac:be:13:b5:27:21:b0:ae:b7:a6:d0:22:3b:6d:6a:
8d:6e:3d:de:7b:0e:42:3b:a0:50:15:bb:c0:fc:c7:
29:35:a3:5c:ef:0b:b3:57:17:6d:62:a1:a8:e0:74:
37:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E5:58:6C:F7:E7:32:F1:70:D1:B4:A5:D8:53:EF:1E:22:08:C1:0A
X509v3 Authority Key Identifier:
keyid:F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/kuVYbPfnMvFw0bSl2FPvHiIIwQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.128.70.0/24
Signature Algorithm: sha256WithRSAEncryption
86:67:86:b0:e0:0c:72:4d:9c:cc:f6:80:3d:18:36:f4:63:d5:
de:ca:e2:63:62:40:08:43:3c:da:57:c5:a6:e6:1a:b9:ab:3a:
6f:e8:bb:51:6b:d5:e4:b0:0b:d5:56:e6:31:36:b8:8f:14:7e:
58:ef:fc:05:a2:2f:33:d5:4d:53:bb:f4:63:bb:0b:cd:f9:50:
f3:49:30:7b:a7:d7:03:c3:c8:42:df:a0:a7:4a:ca:3f:54:f3:
b0:93:6e:70:5c:ac:37:b1:63:ad:16:ee:e1:d4:96:ae:3e:f7:
d8:82:2e:79:5f:fe:8b:b1:77:9a:e6:87:89:48:26:42:3f:c5:
f4:33:b1:84:03:89:86:b6:65:74:f6:19:e9:b8:b6:aa:ce:d0:
12:79:ca:85:90:49:84:3d:80:ae:41:8a:52:8f:cf:b0:79:c3:
28:1c:75:ba:bc:f6:d7:e4:24:e7:d9:0d:99:61:5f:ba:01:64:
11:44:f4:87:8d:27:c6:71:83:dc:ce:72:a1:4b:ce:16:df:bd:
ac:6f:0e:fa:0f:60:21:f7:eb:09:c1:4f:a8:dd:36:8f:be:f4:
c4:a5:4d:bf:f3:0f:5e:dc:ab:2c:27:e0:5c:6c:e6:2a:75:cc:
ce:93:5d:2d:9f:83:5d:72:b0:b9:7e:b9:19:2a:69:cf:9e:f4:
7c:af:54:17
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEfbkuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTcxYmJmMWQzZDNjMGVmZTM2ZGUxMTAzOTJiZTBjN2FjNDQ3YTg0MB4XDTIyMDIy
ODExMDM1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTJlNTU4NmNmN2U3
MzJmMTcwZDFiNGE1ZDg1M2VmMWUyMjA4YzEwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOesYBhDIS+YRTj28J6UCwbBpz2J1Fqfzu9V0bPAY79+TgYa
fOdLpxfAkNboEhW1niPfPCXGcZdyl6tnCve9OTn3lVwlYUi4mQlWezL5AYLLrsxT
WzAUvUt3EUgnB8LfrpvKBt5Fe/32jkepEnUSzDaLkmbl0VrVmHZZlj0kLL5oT3D4
whzbj0WH1zHLWXh7xWeKGFKkYMG/+BCThodp27waBQy9nHLU0i0xIrzSLnPNc96D
GtrXRBZKCPVYwpBVAOkYeCQgwUAhNNI1OGyuLTzYrL4TtSchsK63ptAiO21qjW49
3nsOQjugUBW7wPzHKTWjXO8Ls1cXbWKhqOB0N8ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSS5Vhs9+cy8XDRtKXYU+8eIgjBCjAfBgNVHSMEGDAWgBT1cbvx09PA7+Nt
4RA5K+DHrER6hDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlYRzc4ZFBUd09famJlRVFPU3ZneDZ4RWVvUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvNjgzMDNmLWU4YjAtNGZlMC05NmI2LWE5NjU3ZWIxZjhkNy8x
L2t1VlliUGZuTXZGdzBiU2wyRlB2SGlJSXdRby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
NjgzMDNmLWU4YjAtNGZlMC05NmI2LWE5NjU3ZWIxZjhkNy8xLzlYRzc4ZFBUd09f
amJlRVFPU3ZneDZ4RWVvUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWARjANBgkqhkiG9w0BAQsFAAOC
AQEAhmeGsOAMck2czPaAPRg29GPV3sriY2JACEM82lfFpuYauas6b+i7UWvV5LAL
1VbmMTa4jxR+WO/8BaIvM9VNU7v0Y7sLzflQ80kwe6fXA8PIQt+gp0rKP1TzsJNu
cFysN7FjrRbu4dSWrj732IIueV/+i7F3muaHiUgmQj/F9DOxhAOJhrZldPYZ6bi2
qs7QEnnKhZBJhD2ArkGKUo/PsHnDKBx1urz21+Qk59kNmWFfugFkEUT0h40nxnGD
3M5yoUvOFt+9rG8O+g9gIffrCcFPqN02j770xKVNv/MPXtyrLCfgXGzmKnXMzpNd
LZ+DXXKwuX65GSppz570fK9UFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org