Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/KbqILiVkjZcgOlGTBvV6b_EdHH8.roa
File: KbqILiVkjZcgOlGTBvV6b_EdHH8.roa (raw, json)
Hash identifier: hWauKN4wn1jjA5EGI4R4rQpT4nOeUJmgltPCZOpbuhk=
Subject key identifier: 29:BA:88:2E:25:64:8D:97:20:3A:51:93:06:F5:7A:6F:F1:1D:1C:7F
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 07AF78BB
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/KbqILiVkjZcgOlGTBvV6b_EdHH8.roa
Signing time: Sat 01 Jan 2022 16:06:04 +0000
ROA not before: Sat 01 Jan 2022 16:06:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211223
IP address blocks: 171.22.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128940219 (0x7af78bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 16:06:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29ba882e25648d97203a519306f57a6ff11d1c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:33:72:4f:6c:26:38:f7:ea:74:9d:f6:80:cf:
de:0f:c3:d9:c8:ef:88:68:c1:04:56:32:6b:91:bc:
47:2f:5e:32:cc:0d:c7:17:40:41:f6:f9:fa:e2:c3:
ba:ae:e2:04:4b:c4:73:bd:4d:e1:27:83:3d:80:1e:
c2:64:c9:7d:f5:87:76:b9:c4:10:91:86:bd:8c:a1:
f7:9d:d1:98:27:a0:ab:d7:50:09:61:8e:d3:32:4e:
af:7d:48:6d:6b:83:a9:2b:55:a6:35:01:bf:51:3c:
75:33:ea:7f:58:a9:2d:27:6f:e3:29:83:4b:a3:ab:
0f:4b:93:4a:aa:92:f6:4a:fe:d5:07:d7:50:cd:4b:
86:75:ae:3f:01:0b:83:4a:c3:56:30:cc:b3:29:50:
d6:b9:f3:82:97:12:99:7b:a7:ff:20:51:12:a5:15:
ff:8f:df:78:b7:20:7e:96:b4:7f:65:59:75:b3:8e:
8e:ed:80:cd:b4:ac:72:a7:7a:87:3a:ce:51:4e:51:
d3:ac:6a:14:14:9f:42:de:1e:83:21:be:77:31:98:
60:91:87:eb:eb:18:73:f9:a6:07:23:d9:d9:76:12:
e4:11:b6:6c:a8:cc:48:71:d4:58:ce:40:db:31:c4:
7c:65:35:90:93:54:75:37:78:60:af:2f:84:94:9f:
76:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:BA:88:2E:25:64:8D:97:20:3A:51:93:06:F5:7A:6F:F1:1D:1C:7F
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/KbqILiVkjZcgOlGTBvV6b_EdHH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.139.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:44:31:02:0a:65:1a:0a:c1:24:a1:b0:75:2d:f0:bf:98:96:
61:53:4e:67:a1:1f:9e:ce:78:b4:d9:c8:38:6e:17:a0:ef:d0:
2e:8c:ef:5a:f4:f5:8a:2e:bd:a0:65:6e:83:07:65:06:6f:49:
91:e8:37:99:8b:3c:68:a4:26:c3:23:3f:fe:fc:e4:c5:e0:1c:
af:ce:ca:af:ba:34:b8:28:3d:da:ed:46:60:aa:21:97:d9:52:
78:fe:49:74:55:2d:c5:e0:67:3c:07:3e:29:67:66:25:ea:4a:
66:31:85:4b:3c:bf:11:32:f3:27:f2:dd:60:35:60:04:5f:02:
1e:c4:c5:a5:52:e0:44:35:44:4f:09:7a:cd:4c:a3:ab:73:f7:
ef:50:57:cf:54:78:99:56:52:50:7e:fb:c2:a8:6e:9e:bf:f1:
b6:24:20:45:70:5a:e0:21:a9:1a:f4:40:93:0d:94:11:92:1e:
bc:b2:0e:86:5a:7f:85:55:1d:eb:34:1a:5f:28:9d:38:68:a2:
ba:68:b5:b7:f8:3e:64:46:3e:79:c7:12:65:85:d6:db:62:10:
cb:7b:e0:aa:24:fb:3d:0d:02:f0:27:fb:ec:5b:32:a9:2f:f7:
75:97:e5:0b:26:87:16:64:06:0d:31:3c:07:b2:a8:68:a3:e1:
9c:a2:8c:73
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB694uzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MmZkYjY3NjU0ZGY2MTg0ZTdkNjBjNDE1MGVhOTUzM2MyY2Y5NzA0MB4XDTIyMDEw
MTE2MDYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjliYTg4MmUyNTY0
OGQ5NzIwM2E1MTkzMDZmNTdhNmZmMTFkMWM3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALszck9sJjj36nSd9oDP3g/D2cjviGjBBFYya5G8Ry9eMswN
xxdAQfb5+uLDuq7iBEvEc71N4SeDPYAewmTJffWHdrnEEJGGvYyh953RmCegq9dQ
CWGO0zJOr31IbWuDqStVpjUBv1E8dTPqf1ipLSdv4ymDS6OrD0uTSqqS9kr+1QfX
UM1LhnWuPwELg0rDVjDMsylQ1rnzgpcSmXun/yBREqUV/4/feLcgfpa0f2VZdbOO
ju2AzbSscqd6hzrOUU5R06xqFBSfQt4egyG+dzGYYJGH6+sYc/mmByPZ2XYS5BG2
bKjMSHHUWM5A2zHEfGU1kJNUdTd4YK8vhJSfdnkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQpuoguJWSNlyA6UZMG9Xpv8R0cfzAfBgNVHSMEGDAWgBRi/bZ2VN9hhOfW
DEFQ6pUzws+XBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1l2MjJkbFRmWVlUbjFneEJVT3FWTThMUGx3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNzA0MDcxLThkYzAtNGVkNi05NDU3LWU4NjEyMWM1OTRkZi8x
L0ticUlMaVZralpjZ09sR1RCdlY2Yl9FZEhIOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NzA0MDcxLThkYzAtNGVkNi05NDU3LWU4NjEyMWM1OTRkZi8xL1l2MjJkbFRmWVlU
bjFneEJVT3FWTThMUGx3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKsWizANBgkqhkiG9w0BAQsFAAOC
AQEAyUQxAgplGgrBJKGwdS3wv5iWYVNOZ6Efns54tNnIOG4XoO/QLozvWvT1ii69
oGVugwdlBm9Jkeg3mYs8aKQmwyM//vzkxeAcr87Kr7o0uCg92u1GYKohl9lSeP5J
dFUtxeBnPAc+KWdmJepKZjGFSzy/ETLzJ/LdYDVgBF8CHsTFpVLgRDVETwl6zUyj
q3P371BXz1R4mVZSUH77wqhunr/xtiQgRXBa4CGpGvRAkw2UEZIevLIOhlp/hVUd
6zQaXyidOGiiumi1t/g+ZEY+eccSZYXW22IQy3vgqiT7PQ0C8Cf77FsyqS/3dZfl
CyaHFmQGDTE8B7KoaKPhnKKMcw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:22 2023 by rpki-client on console-ams.rpki-client.org