Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/656ca9-bbbc-49b7-aacc-24aa4cee6b2c/1/KTGt3drs-zjNQWPh1gVwgvsC6B0.roa
File: KTGt3drs-zjNQWPh1gVwgvsC6B0.roa (raw, json)
Hash identifier: nxTm3gprUD27UaN+bzLa0a9B/Lv690JvKPfFipJDA3o=
Subject key identifier: 29:31:AD:DD:DA:EC:FB:38:CD:41:63:E1:D6:05:70:82:FB:02:E8:1D
Certificate issuer: /CN=0aac388b37d44768fce0eaec97de433faf72b9dc
Certificate serial: 0181FCA488F324921AE55C673A0024FF71ED
Authority key identifier: 0A:AC:38:8B:37:D4:47:68:FC:E0:EA:EC:97:DE:43:3F:AF:72:B9:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cqw4izfUR2j84Orsl95DP69yudw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/656ca9-bbbc-49b7-aacc-24aa4cee6b2c/1/KTGt3drs-zjNQWPh1gVwgvsC6B0.roa
Signing time: Thu 14 Jul 2022 12:17:30 +0000
ROA not before: Thu 14 Jul 2022 12:17:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209828
IP address blocks: 194.69.162.0/24 maxlen: 24
2a0c:ae80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:fc:a4:88:f3:24:92:1a:e5:5c:67:3a:00:24:ff:71:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0aac388b37d44768fce0eaec97de433faf72b9dc
Validity
Not Before: Jul 14 12:17:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2931addddaecfb38cd4163e1d6057082fb02e81d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:be:5d:f8:3e:57:13:0c:c3:5c:ab:56:05:44:
e7:70:2c:8e:23:8b:f6:35:40:f4:4a:c0:77:21:5d:
d5:02:3f:24:e2:f8:18:87:af:11:03:b3:6e:bc:2d:
38:48:a8:c8:b6:3e:17:fe:74:e6:4c:b8:ab:9f:46:
f2:cd:cc:c3:21:03:a5:cb:f0:0a:aa:b1:d8:ce:6b:
86:b4:ef:be:20:5d:05:fe:5e:f6:29:32:d5:46:5a:
ec:bf:da:69:bf:38:f7:6a:bf:d8:20:7b:d5:95:9a:
2c:8d:a9:be:74:9b:c5:53:93:7d:ad:c3:09:3c:b6:
3f:10:bd:9f:bc:71:1f:df:8f:6c:a2:be:61:c4:db:
c1:6c:cb:26:ad:08:bb:62:63:bc:c8:fc:aa:01:f3:
2c:f9:b0:61:54:aa:45:86:1d:69:2e:44:a1:c9:00:
71:b3:1c:13:ea:46:21:17:32:11:51:4d:c1:a7:c9:
17:08:4a:b2:a9:03:2e:a3:71:6b:88:de:af:25:57:
42:76:1b:6c:48:97:c6:98:31:b3:ce:05:ca:66:ca:
ee:6c:fb:a6:63:00:7d:33:1b:96:75:70:36:37:42:
84:2e:ba:d2:f1:3a:e1:a4:29:0a:a3:0b:d8:6a:26:
5b:24:40:0f:c6:13:9d:db:f1:1b:82:8e:e2:5a:7b:
1f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:31:AD:DD:DA:EC:FB:38:CD:41:63:E1:D6:05:70:82:FB:02:E8:1D
X509v3 Authority Key Identifier:
keyid:0A:AC:38:8B:37:D4:47:68:FC:E0:EA:EC:97:DE:43:3F:AF:72:B9:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cqw4izfUR2j84Orsl95DP69yudw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/656ca9-bbbc-49b7-aacc-24aa4cee6b2c/1/KTGt3drs-zjNQWPh1gVwgvsC6B0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/656ca9-bbbc-49b7-aacc-24aa4cee6b2c/1/Cqw4izfUR2j84Orsl95DP69yudw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.69.162.0/24
IPv6:
2a0c:ae80::/29
Signature Algorithm: sha256WithRSAEncryption
06:09:f9:55:78:af:cb:15:a4:19:57:6d:a5:aa:e4:3d:21:81:
24:53:59:ae:a7:d6:d8:72:8e:4d:90:61:b5:c3:33:33:f5:7d:
25:46:13:19:ec:f5:b5:16:45:a7:85:2f:27:cc:99:08:96:50:
a4:ac:3b:33:80:47:c1:24:93:5d:72:a4:3c:78:51:3b:b2:1c:
d8:90:f0:2a:2f:a2:bd:dc:af:e2:5f:7f:b1:e2:d3:a7:5c:e0:
91:5b:3e:a3:2a:e9:04:f1:e2:8e:89:12:68:ba:4d:93:dc:da:
65:4b:86:0c:86:36:9e:78:5a:08:66:db:6e:a9:93:c2:ed:f9:
dc:93:28:dc:e0:9b:0a:46:6e:4b:a0:c4:c8:73:8b:c9:f9:f2:
e0:03:0f:15:03:2c:2f:f4:6f:33:bc:1f:d8:a6:36:cd:71:78:
56:c4:df:49:ae:63:10:5f:87:7c:34:39:14:49:61:90:7f:4b:
f6:4c:e0:b1:90:56:14:ff:5a:84:2d:1b:73:18:fe:2d:36:af:
77:77:5d:97:c5:cc:96:ed:ee:15:ad:66:db:6f:2c:0d:f1:6f:
e2:c7:e9:b3:64:d0:80:87:9f:f9:2d:5d:47:23:91:0f:d5:0f:
8c:4d:9a:6a:8e:14:72:73:80:f7:51:90:72:4d:05:ef:5d:52:
db:0c:72:0b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYH8pIjzJJIa5VxnOgAk/3HtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYWMzODhiMzdkNDQ3NjhmY2UwZWFlYzk3ZGU0MzNmYWY3
MmI5ZGMwHhcNMjIwNzE0MTIxNzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTMxYWRkZGRhZWNmYjM4Y2Q0MTYzZTFkNjA1NzA4MmZiMDJlODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjL5d+D5XEwzDXKtWBUTncCyOI4v2
NUD0SsB3IV3VAj8k4vgYh68RA7NuvC04SKjItj4X/nTmTLirn0byzczDIQOly/AK
qrHYzmuGtO++IF0F/l72KTLVRlrsv9ppvzj3ar/YIHvVlZosjam+dJvFU5N9rcMJ
PLY/EL2fvHEf349sor5hxNvBbMsmrQi7YmO8yPyqAfMs+bBhVKpFhh1pLkShyQBx
sxwT6kYhFzIRUU3Bp8kXCEqyqQMuo3FriN6vJVdCdhtsSJfGmDGzzgXKZsrubPum
YwB9MxuWdXA2N0KELrrS8TrhpCkKowvYaiZbJEAPxhOd2/Ebgo7iWnsf9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCkxrd3a7Ps4zUFj4dYFcIL7AugdMB8GA1UdIwQY
MBaAFAqsOIs31Edo/ODq7JfeQz+vcrncMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3F3NGl6ZlVSMmo4NE9yc2w5NURQNjl5dWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82NTZjYTktYmJiYy00OWI3LWFhY2Mt
MjRhYTRjZWU2YjJjLzEvS1RHdDNkcnMtempOUVdQaDFnVndndnNDNkIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82NTZjYTktYmJiYy00OWI3LWFhY2MtMjRhYTRjZWU2YjJj
LzEvQ3F3NGl6ZlVSMmo4NE9yc2w5NURQNjl5dWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwkWiMA0E
AgACMAcDBQMqDK6AMA0GCSqGSIb3DQEBCwUAA4IBAQAGCflVeK/LFaQZV22lquQ9
IYEkU1mup9bYco5NkGG1wzMz9X0lRhMZ7PW1FkWnhS8nzJkIllCkrDszgEfBJJNd
cqQ8eFE7shzYkPAqL6K93K/iX3+x4tOnXOCRWz6jKukE8eKOiRJouk2T3NplS4YM
hjaeeFoIZttuqZPC7fnckyjc4JsKRm5LoMTIc4vJ+fLgAw8VAywv9G8zvB/YpjbN
cXhWxN9JrmMQX4d8NDkUSWGQf0v2TOCxkFYU/1qELRtzGP4tNq93d12XxcyW7e4V
rWbbbywN8W/ix+mzZNCAh5/5LV1HI5EP1Q+MTZpqjhRyc4D3UZByTQXvXVLbDHIL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:04 2023 by rpki-client on console-ams.rpki-client.org