Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/kuBvoCHoz9aDVruogakL8EcA2r8.roa
File: kuBvoCHoz9aDVruogakL8EcA2r8.roa (raw, json)
Hash identifier: wcntwCsdGRo/CYxlkPEKkEwxxltz4xzmBbS56d5X/XQ=
Subject key identifier: 92:E0:6F:A0:21:E8:CF:D6:83:56:BB:A8:81:A9:0B:F0:47:00:DA:BF
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01853B4C00A767C2D6782E69520BE3D6A4D3
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/kuBvoCHoz9aDVruogakL8EcA2r8.roa
Signing time: Thu 22 Dec 2022 19:25:14 +0000
ROA not before: Thu 22 Dec 2022 19:25:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6079
IP address blocks: 121.127.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3b:4c:00:a7:67:c2:d6:78:2e:69:52:0b:e3:d6:a4:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Dec 22 19:25:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92e06fa021e8cfd68356bba881a90bf04700dabf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:70:6d:c3:0f:8a:fd:d1:5f:3c:d9:95:2b:e7:
e3:4f:57:88:d6:bd:be:1e:f1:67:ce:c9:b0:30:7a:
13:5e:64:d5:b1:f4:4b:46:54:a5:9d:18:56:73:48:
32:f9:23:c7:36:b7:34:23:b7:de:17:fe:90:23:fc:
82:17:46:88:af:99:ee:01:69:f1:d1:9c:3a:83:e8:
43:e7:c7:89:c4:07:2c:5c:3e:f8:90:95:77:2e:07:
1c:02:6b:bd:cf:d8:ff:6e:fb:59:1d:6c:b6:e4:48:
ea:52:23:3c:e3:3b:24:76:37:1c:9d:0a:0d:a3:e7:
f0:0d:45:db:d7:bf:54:cd:b5:e5:e5:ff:a1:f8:41:
86:b1:28:2c:e5:23:41:17:d4:6a:8c:15:42:30:4e:
e3:f8:54:1c:7a:db:0c:35:eb:b8:fd:d2:21:e0:2e:
b7:be:52:26:5b:7b:da:c8:56:7b:00:f7:fa:3e:b0:
29:a7:95:bc:ff:b5:44:e5:07:27:36:cc:e2:27:13:
66:32:50:0a:76:2d:ff:78:df:48:10:50:c9:4f:91:
d2:cc:c5:e6:af:81:f4:00:2e:18:0d:74:77:9f:06:
05:76:63:10:f3:7b:2d:e2:fc:40:a7:da:36:e4:ce:
19:b2:53:74:49:dd:c0:f4:fa:0e:cd:94:2d:bb:e8:
97:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E0:6F:A0:21:E8:CF:D6:83:56:BB:A8:81:A9:0B:F0:47:00:DA:BF
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/kuBvoCHoz9aDVruogakL8EcA2r8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.127.48.0/21
Signature Algorithm: sha256WithRSAEncryption
18:2f:e9:fb:3e:e3:e0:96:e0:82:c9:6b:26:38:2e:45:40:88:
5f:1f:99:76:e4:e0:e1:1b:0b:86:47:b0:7b:43:e4:84:dc:7a:
10:77:06:3c:7b:9a:e1:70:ba:e8:cd:81:e0:8a:50:22:5e:70:
13:07:35:f8:7e:20:35:f9:50:ba:aa:f4:7d:c6:3d:58:64:54:
23:1a:8a:56:4a:1e:f0:1c:b4:b6:64:16:a2:81:fe:2c:34:9c:
4b:c3:0b:df:8c:63:b7:74:2d:f6:80:42:97:f9:d9:9d:97:aa:
c9:1b:82:66:35:d7:61:df:ea:66:a5:e6:8c:80:f9:58:a3:21:
e7:2a:a0:d8:02:03:53:6d:e6:03:5c:1f:e8:c7:6a:be:9a:88:
70:42:b3:10:58:3d:8d:28:8c:c4:5d:32:5a:ab:e9:bb:c6:14:
aa:9b:35:50:b7:79:e1:a5:8c:7a:58:03:ac:51:6a:14:4c:58:
55:14:d4:ee:34:04:b6:c0:dd:3f:90:5c:c2:ec:45:00:b9:df:
9f:92:58:70:95:15:33:6c:0b:70:aa:08:7a:19:45:61:81:75:
60:bf:11:b3:05:eb:3a:b1:bd:83:e3:8e:d2:8f:d1:23:f4:01:
75:8c:85:f5:28:b5:d4:41:db:e9:42:3b:ab:89:87:ac:42:37:
54:fb:cb:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU7TACnZ8LWeC5pUgvj1qTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjIxMjIyMTkyNTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmUwNmZhMDIxZThjZmQ2ODM1NmJiYTg4MWE5MGJmMDQ3MDBkYWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXBtww+K/dFfPNmVK+fjT1eI1r2+
HvFnzsmwMHoTXmTVsfRLRlSlnRhWc0gy+SPHNrc0I7feF/6QI/yCF0aIr5nuAWnx
0Zw6g+hD58eJxAcsXD74kJV3LgccAmu9z9j/bvtZHWy25EjqUiM84zskdjccnQoN
o+fwDUXb179UzbXl5f+h+EGGsSgs5SNBF9RqjBVCME7j+FQcetsMNeu4/dIh4C63
vlImW3vayFZ7APf6PrApp5W8/7VE5QcnNsziJxNmMlAKdi3/eN9IEFDJT5HSzMXm
r4H0AC4YDXR3nwYFdmMQ83st4vxAp9o25M4ZslN0Sd3A9PoOzZQtu+iXWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJLgb6Ah6M/Wg1a7qIGpC/BHANq/MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEva3VCdm9DSG96OWFEVnJ1b2dha0w4RWNBMnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDeX8wMA0G
CSqGSIb3DQEBCwUAA4IBAQAYL+n7PuPgluCCyWsmOC5FQIhfH5l25ODhGwuGR7B7
Q+SE3HoQdwY8e5rhcLrozYHgilAiXnATBzX4fiA1+VC6qvR9xj1YZFQjGopWSh7w
HLS2ZBaigf4sNJxLwwvfjGO3dC32gEKX+dmdl6rJG4JmNddh3+pmpeaMgPlYoyHn
KqDYAgNTbeYDXB/ox2q+mohwQrMQWD2NKIzEXTJaq+m7xhSqmzVQt3nhpYx6WAOs
UWoUTFhVFNTuNAS2wN0/kFzC7EUAud+fklhwlRUzbAtwqgh6GUVhgXVgvxGzBes6
sb2D447Sj9Ej9AF1jIX1KLXUQdvpQjuriYesQjdU+8v0
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:48 2023 by rpki-client on console-fra.rpki-client.org