Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/47dff0-2b11-44bc-b721-96c81fb651a0/1/KSeBpXRCG9dCLTYiOCBKChRFMWY.roa
File: KSeBpXRCG9dCLTYiOCBKChRFMWY.roa (raw, json)
Hash identifier: OI/hf7INsA67TYtU3qubkebQuAyQu3FCwqpK3hDw6xQ=
Subject key identifier: 29:27:81:A5:74:42:1B:D7:42:2D:36:22:38:20:4A:0A:14:45:31:66
Certificate issuer: /CN=0d04913d043dbb117cf6b9323c8ab247cb52e251
Certificate serial: 186CA298
Authority key identifier: 0D:04:91:3D:04:3D:BB:11:7C:F6:B9:32:3C:8A:B2:47:CB:52:E2:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQSRPQQ9uxF89rkyPIqyR8tS4lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/47dff0-2b11-44bc-b721-96c81fb651a0/1/KSeBpXRCG9dCLTYiOCBKChRFMWY.roa
Signing time: Sat 01 Jan 2022 00:54:10 +0000
ROA not before: Sat 01 Jan 2022 00:54:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12757
IP address blocks: 176.124.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 409772696 (0x186ca298)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d04913d043dbb117cf6b9323c8ab247cb52e251
Validity
Not Before: Jan 1 00:54:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=292781a574421bd7422d362238204a0a14453166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:01:99:4a:4e:2a:f5:bd:63:f3:bd:39:41:8f:
50:9e:e0:ff:db:de:68:80:9d:79:0c:fa:e5:dc:29:
40:4e:ae:08:3a:04:85:3a:a0:f7:9d:c3:86:09:0e:
b2:ba:da:a8:ae:f2:e2:5d:32:cd:f7:76:ee:0e:47:
f1:34:4a:a0:03:d0:4a:ea:ce:3b:bd:7a:9f:ea:8b:
96:07:f1:e8:32:ac:76:d3:af:47:6b:22:87:70:7d:
e8:85:31:e2:a6:3b:9a:c0:14:0f:0a:2b:b2:2c:8f:
61:ed:64:f0:28:94:d7:fb:c7:ac:93:8a:e8:c1:ca:
eb:00:38:6a:93:71:7b:06:f7:c3:af:6a:48:e5:ad:
c3:f9:07:72:af:85:df:13:c7:31:d9:62:72:c1:8c:
42:a9:97:cc:01:73:75:4f:cd:8a:3b:c5:4d:66:a1:
d2:18:5c:ad:31:29:89:2d:58:ed:c2:f3:b4:d2:2b:
0b:58:44:3e:6f:e5:34:28:18:96:a5:09:77:c9:c3:
e0:17:e1:64:24:b6:62:e7:31:2e:38:b0:37:21:f1:
06:07:4e:b8:84:c8:10:df:10:f3:fc:c7:04:df:db:
98:ae:d6:17:1d:0e:65:8a:2c:6d:2e:78:8b:c0:cf:
22:48:74:ae:2f:e9:e6:fc:2f:60:6f:44:b9:a4:ad:
b4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:27:81:A5:74:42:1B:D7:42:2D:36:22:38:20:4A:0A:14:45:31:66
X509v3 Authority Key Identifier:
keyid:0D:04:91:3D:04:3D:BB:11:7C:F6:B9:32:3C:8A:B2:47:CB:52:E2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQSRPQQ9uxF89rkyPIqyR8tS4lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/47dff0-2b11-44bc-b721-96c81fb651a0/1/KSeBpXRCG9dCLTYiOCBKChRFMWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/47dff0-2b11-44bc-b721-96c81fb651a0/1/DQSRPQQ9uxF89rkyPIqyR8tS4lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.247.0/24
Signature Algorithm: sha256WithRSAEncryption
41:d3:60:bb:44:b2:df:ef:99:fa:c7:6d:b9:10:c2:62:e6:98:
59:fe:0d:b3:b7:ef:4a:c4:4c:d2:1c:57:bc:9f:31:ac:10:05:
1a:43:49:f9:37:c5:9d:d6:89:8c:cc:1e:8c:55:42:91:bd:09:
aa:f4:ba:db:f7:55:1c:b8:d4:28:c2:d5:51:de:06:0f:1c:1c:
b1:15:df:f1:44:bb:5a:a8:ed:4c:39:89:da:c7:bb:13:b5:e3:
4c:a2:19:5f:57:e6:04:c2:47:f1:5e:1c:2c:a9:17:ec:c4:7d:
29:2f:03:62:e5:50:88:ea:44:ee:0b:c8:cc:d4:8e:91:75:01:
de:45:44:61:a7:da:b5:a7:f4:65:91:2f:2f:bd:80:3b:64:5d:
46:c1:11:d8:f7:8d:48:12:8a:d2:d9:d4:a7:58:d4:16:61:8c:
cd:9a:e1:a9:81:bb:34:1c:78:6c:37:bd:2a:01:93:54:84:d3:
26:b7:61:6b:43:67:5e:db:21:d4:13:a6:b1:f1:27:bf:b7:fd:
d2:63:e2:05:0d:f8:c2:6e:d3:98:80:87:1f:aa:aa:54:1a:c0:
f0:27:73:3c:71:e4:33:0c:ab:a9:23:95:24:28:20:b1:59:45:
e7:ea:85:4d:8c:8e:c2:00:4b:d4:7e:72:73:28:47:cf:fd:ff:
17:19:31:d9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGGyimDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDA0OTEzZDA0M2RiYjExN2NmNmI5MzIzYzhhYjI0N2NiNTJlMjUxMB4XDTIyMDEw
MTAwNTQxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkyNzgxYTU3NDQy
MWJkNzQyMmQzNjIyMzgyMDRhMGExNDQ1MzE2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO0BmUpOKvW9Y/O9OUGPUJ7g/9veaICdeQz65dwpQE6uCDoE
hTqg953DhgkOsrraqK7y4l0yzfd27g5H8TRKoAPQSurOO716n+qLlgfx6DKsdtOv
R2sih3B96IUx4qY7msAUDworsiyPYe1k8CiU1/vHrJOK6MHK6wA4apNxewb3w69q
SOWtw/kHcq+F3xPHMdlicsGMQqmXzAFzdU/NijvFTWah0hhcrTEpiS1Y7cLztNIr
C1hEPm/lNCgYlqUJd8nD4BfhZCS2YucxLjiwNyHxBgdOuITIEN8Q8/zHBN/bmK7W
Fx0OZYosbS54i8DPIkh0ri/p5vwvYG9EuaSttL0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQpJ4GldEIb10ItNiI4IEoKFEUxZjAfBgNVHSMEGDAWgBQNBJE9BD27EXz2
uTI8irJHy1LiUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RRU1JQUVE5dXhGODlya3lQSXF5Ujh0UzRsRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNDdkZmYwLTJiMTEtNDRiYy1iNzIxLTk2YzgxZmI2NTFhMC8x
L0tTZUJwWFJDRzlkQ0xUWWlPQ0JLQ2hSRk1XWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NDdkZmYwLTJiMTEtNDRiYy1iNzIxLTk2YzgxZmI2NTFhMC8xL0RRU1JQUVE5dXhG
ODlya3lQSXF5Ujh0UzRsRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB89zANBgkqhkiG9w0BAQsFAAOC
AQEAQdNgu0Sy3++Z+sdtuRDCYuaYWf4Ns7fvSsRM0hxXvJ8xrBAFGkNJ+TfFndaJ
jMwejFVCkb0JqvS62/dVHLjUKMLVUd4GDxwcsRXf8US7WqjtTDmJ2se7E7XjTKIZ
X1fmBMJH8V4cLKkX7MR9KS8DYuVQiOpE7gvIzNSOkXUB3kVEYafataf0ZZEvL72A
O2RdRsER2PeNSBKK0tnUp1jUFmGMzZrhqYG7NBx4bDe9KgGTVITTJrdha0NnXtsh
1BOmsfEnv7f90mPiBQ34wm7TmICHH6qqVBrA8CdzPHHkMwyrqSOVJCggsVlF5+qF
TYyOwgBL1H5ycyhHz/3/Fxkx2Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:10 2023 by rpki-client on console-fra.rpki-client.org