Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/KGTQqlG4bENZAh2C3fuCpo9XSUk.roa
File: KGTQqlG4bENZAh2C3fuCpo9XSUk.roa (raw, json)
Hash identifier: s59RIx45ZZXkE32fkjmyvQ3S/Y/TRSOBrTGiZriOdzs=
Subject key identifier: 28:64:D0:AA:51:B8:6C:43:59:02:1D:82:DD:FB:82:A6:8F:57:49:49
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 0181F92C32FCB51446CE5AAA4980EA72AFB5
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/KGTQqlG4bENZAh2C3fuCpo9XSUk.roa
Signing time: Wed 13 Jul 2022 20:07:12 +0000
ROA not before: Wed 13 Jul 2022 20:07:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 109.238.198.0/24 maxlen: 24
109.238.199.0/24 maxlen: 24
109.238.196.0/22 maxlen: 22
109.238.197.0/24 maxlen: 24
109.238.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f9:2c:32:fc:b5:14:46:ce:5a:aa:49:80:ea:72:af:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jul 13 20:07:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2864d0aa51b86c4359021d82ddfb82a68f574949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:70:9c:22:5d:33:63:b2:d0:0d:f3:d5:6a:5d:
29:08:e8:70:e9:e5:72:55:f5:8d:5d:fd:b4:df:c3:
22:de:f1:d7:bf:2a:90:de:01:fc:36:b8:a1:ae:6d:
d3:10:32:0a:bd:b8:1a:c3:e5:de:4b:5e:c8:11:25:
d8:4a:7d:80:39:77:4c:8b:c9:e3:72:8a:a5:73:d4:
bf:47:ce:50:0c:e8:2e:78:52:33:e6:ae:18:3f:9b:
75:8f:5b:81:4f:a8:b3:07:24:01:a6:0e:99:c9:0f:
4f:c5:e0:97:b3:a5:72:43:62:d3:ea:45:1c:50:27:
cf:18:94:13:0d:29:1f:d3:ee:f6:b0:78:d0:03:db:
af:4e:92:61:b8:13:f5:1b:2d:82:b4:df:4b:db:43:
ac:7c:b0:cb:b0:3b:a9:f2:6d:c4:5f:eb:51:f7:91:
22:70:04:1c:b5:6b:ef:1e:43:0b:ea:38:ba:bf:68:
80:dd:5b:97:ef:26:f3:ce:db:09:60:c4:37:f8:5e:
d2:69:de:8d:8e:53:a0:b8:fd:4f:7d:9e:e7:f4:11:
5d:98:e4:cf:f4:ef:a6:22:d4:53:89:12:2a:86:55:
3f:04:07:c4:ee:be:a4:75:34:61:6e:bb:53:b0:21:
b6:fc:7e:91:77:e8:3a:d4:e3:c3:88:af:f8:6d:16:
d7:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:64:D0:AA:51:B8:6C:43:59:02:1D:82:DD:FB:82:A6:8F:57:49:49
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/KGTQqlG4bENZAh2C3fuCpo9XSUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.238.196.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:9f:0b:87:a3:74:31:9d:f1:36:7f:ce:f8:54:d5:ec:de:df:
90:d1:35:f6:59:07:e1:61:da:73:a7:92:f7:ae:57:00:b0:b2:
ca:59:91:b6:7c:32:a0:74:04:28:29:a8:6d:23:1a:dd:f6:41:
2f:90:cb:48:05:28:43:bb:18:f7:4f:29:ee:2b:f6:fe:14:b6:
d5:68:23:bd:73:df:e4:a6:78:c1:f7:8a:69:90:77:d2:26:b2:
a9:b6:26:7c:c6:c2:f1:37:7b:82:30:25:18:71:78:a0:e3:3c:
11:da:05:4f:6b:7f:52:d8:03:2a:42:46:1a:e9:96:cc:0c:23:
8e:61:8b:6e:c0:4f:80:59:cb:65:45:9f:4b:19:5b:22:ac:0b:
12:b6:1c:e1:a6:6f:74:60:2b:ff:28:dd:d3:fd:23:fe:1c:21:
5e:5e:b0:2a:80:57:98:e3:fc:3c:f2:5c:16:68:6b:92:37:a3:
8a:a6:de:04:22:9f:c8:37:30:f9:27:8f:bc:42:24:90:d8:03:
89:d6:d7:88:95:49:aa:27:0a:e2:8a:53:c9:fe:f3:3c:f7:89:
fb:d6:0e:73:7d:f1:14:2f:a0:f7:ee:21:80:8b:ba:3f:97:46:
af:ff:44:4b:c3:6c:8c:a6:4f:c9:c6:a0:79:ed:e4:f1:af:c2:
28:08:86:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH5LDL8tRRGzlqqSYDqcq+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjIwNzEzMjAwNzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODY0ZDBhYTUxYjg2YzQzNTkwMjFkODJkZGZiODJhNjhmNTc0OTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nCcIl0zY7LQDfPVal0pCOhw6eVy
VfWNXf2038Mi3vHXvyqQ3gH8Nrihrm3TEDIKvbgaw+XeS17IESXYSn2AOXdMi8nj
coqlc9S/R85QDOgueFIz5q4YP5t1j1uBT6izByQBpg6ZyQ9PxeCXs6VyQ2LT6kUc
UCfPGJQTDSkf0+72sHjQA9uvTpJhuBP1Gy2CtN9L20OsfLDLsDup8m3EX+tR95Ei
cAQctWvvHkML6ji6v2iA3VuX7ybzztsJYMQ3+F7Sad6NjlOguP1PfZ7n9BFdmOTP
9O+mItRTiRIqhlU/BAfE7r6kdTRhbrtTsCG2/H6Rd+g61OPDiK/4bRbXSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChk0KpRuGxDWQIdgt37gqaPV0lJMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvS0dUUXFsRzRiRU5aQWgyQzNmdUNwbzlYU1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbe7EMA0G
CSqGSIb3DQEBCwUAA4IBAQChnwuHo3QxnfE2f874VNXs3t+Q0TX2WQfhYdpzp5L3
rlcAsLLKWZG2fDKgdAQoKahtIxrd9kEvkMtIBShDuxj3TynuK/b+FLbVaCO9c9/k
pnjB94ppkHfSJrKptiZ8xsLxN3uCMCUYcXig4zwR2gVPa39S2AMqQkYa6ZbMDCOO
YYtuwE+AWctlRZ9LGVsirAsSthzhpm90YCv/KN3T/SP+HCFeXrAqgFeY4/w88lwW
aGuSN6OKpt4EIp/INzD5J4+8QiSQ2AOJ1teIlUmqJwriilPJ/vM894n71g5zffEU
L6D37iGAi7o/l0av/0RLw2yMpk/JxqB57eTxr8IoCIZm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:38 2023 by rpki-client on console-fra.rpki-client.org