Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/kDJLcpfkPmP9CLOpiKFKcY0xvbs.roa
File: kDJLcpfkPmP9CLOpiKFKcY0xvbs.roa (raw, json)
Hash identifier: JMTRkoTrHmMgeplBcQd5XXocrR81TDlzJ0+MZleRyJE=
Subject key identifier: 90:32:4B:72:97:E4:3E:63:FD:08:B3:A9:88:A1:4A:71:8D:31:BD:BB
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 02FC657F
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/kDJLcpfkPmP9CLOpiKFKcY0xvbs.roa
Signing time: Sat 25 Jun 2022 09:45:44 +0000
ROA not before: Sat 25 Jun 2022 09:45:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56381
IP address blocks: 141.98.136.0/24 maxlen: 24
2a09:11c0:1000::/36 maxlen: 36
2a09:11c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50095487 (0x2fc657f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Jun 25 09:45:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90324b7297e43e63fd08b3a988a14a718d31bdbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5d:1d:99:a3:7a:48:d8:1b:e1:e2:9d:43:17:
3b:26:6e:99:37:9d:03:65:b9:9a:5d:8d:8f:e2:77:
5f:7a:96:d5:0c:0d:97:7b:f9:15:92:30:7e:b4:04:
34:e3:52:89:44:d6:79:d2:ef:93:27:74:9f:5d:23:
ea:f2:21:8b:43:2a:9e:41:e7:a1:7c:9e:59:2b:9a:
69:b4:8f:0d:64:a6:55:e7:77:5d:ab:0a:1c:98:4a:
e8:e1:36:aa:94:83:48:47:0e:77:74:f8:ed:48:49:
50:dd:d6:ca:4e:87:e1:59:1c:8f:e7:32:39:82:a7:
6a:f4:31:9d:6a:38:53:71:f2:65:5a:06:97:d7:19:
d4:0e:5d:33:3f:8f:75:37:e9:af:78:6d:e1:70:ae:
4f:a4:27:b8:ad:bb:3c:14:44:af:e8:13:48:fb:8d:
bc:ef:94:56:c7:30:b1:05:63:72:8a:2b:9b:cf:6f:
9d:70:6c:2b:ba:4f:6f:0c:ae:39:19:6d:e4:63:07:
3e:13:80:b0:e2:89:f8:ba:05:e3:d8:49:52:ae:a4:
34:91:7d:f7:b8:ff:d6:be:2b:62:ff:f4:07:29:ec:
b3:13:74:7d:7f:57:59:ea:af:c4:3b:4b:b8:d4:31:
3d:35:b1:60:31:a0:50:9c:78:9b:c2:11:06:7c:7b:
b4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:32:4B:72:97:E4:3E:63:FD:08:B3:A9:88:A1:4A:71:8D:31:BD:BB
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/kDJLcpfkPmP9CLOpiKFKcY0xvbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.136.0/24
IPv6:
2a09:11c0::/48
2a09:11c0:1000::/36
Signature Algorithm: sha256WithRSAEncryption
5d:53:c2:ad:7c:92:7f:a0:37:6e:7f:5a:dc:06:12:98:f6:89:
de:fc:8e:39:34:8f:2f:c5:4d:e5:11:b2:c5:dc:f4:36:b8:dc:
29:81:68:c6:65:09:83:b8:d5:25:95:fb:96:8b:26:75:99:6e:
e9:27:23:63:aa:cb:e9:6d:b6:5e:7d:08:9e:96:19:25:ab:0b:
93:0d:ee:f9:37:77:10:ac:0f:94:a1:ff:cd:81:c7:a7:98:59:
64:9b:5a:72:6b:fd:82:b5:64:4f:c4:b1:d8:7c:e9:9b:22:78:
09:1e:c2:64:16:be:da:60:39:ae:27:0f:e3:e7:ed:c3:e3:fc:
da:ec:cd:de:55:93:79:2a:85:a4:1c:58:76:7f:ee:e7:66:e4:
c4:97:5a:1f:ce:fe:42:50:f7:19:88:69:74:4d:73:c7:7f:f1:
02:52:71:89:7c:3f:b5:d7:e3:bb:26:79:da:c5:1b:9f:35:7e:
c4:93:1d:30:c6:96:c1:e0:be:09:8b:bc:42:86:4c:e5:75:d3:
78:68:0b:fa:06:74:18:bf:9d:6e:ec:e8:0c:89:d5:75:da:c7:
7e:3c:a5:e3:a9:b4:6a:95:1b:2e:fc:a2:98:86:f8:c2:7b:4d:
26:47:da:9d:d0:f5:57:8a:df:72:cf:92:6e:66:ed:97:4e:28:
cd:eb:67:4c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIEAvxlfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDRlYjIwNGYzNTgwMDQ3ODgyMjRlMmZiMThlNGQ1ZTc0YmViZjhkMB4XDTIyMDYy
NTA5NDU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTAzMjRiNzI5N2U0
M2U2M2ZkMDhiM2E5ODhhMTRhNzE4ZDMxYmRiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALldHZmjekjYG+HinUMXOyZumTedA2W5ml2Nj+J3X3qW1QwN
l3v5FZIwfrQENONSiUTWedLvkyd0n10j6vIhi0MqnkHnoXyeWSuaabSPDWSmVed3
XasKHJhK6OE2qpSDSEcOd3T47UhJUN3Wyk6H4Vkcj+cyOYKnavQxnWo4U3HyZVoG
l9cZ1A5dMz+PdTfpr3ht4XCuT6QnuK27PBREr+gTSPuNvO+UVscwsQVjcoorm89v
nXBsK7pPbwyuORlt5GMHPhOAsOKJ+LoF49hJUq6kNJF997j/1r4rYv/0BynssxN0
fX9XWeqvxDtLuNQxPTWxYDGgUJx4m8IRBnx7tCMCAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBSQMktyl+Q+Y/0Is6mIoUpxjTG9uzAfBgNVHSMEGDAWgBTwTrIE81gAR4gi
Ti+xjk1edL6/jTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhFNnlCUE5ZQUVlSUlrNHZzWTVOWG5TLXY0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOWFiNDJhLWRmOTItNGU0Mi05ZTMzLTVjNTg5MmFmYTQ4Ny8x
L2tESkxjcGZrUG1QOUNMT3BpS0ZLY1kweHZicy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OWFiNDJhLWRmOTItNGU0Mi05ZTMzLTVjNTg5MmFmYTQ4Ny8xLzhFNnlCUE5ZQUVl
SUlrNHZzWTVOWG5TLXY0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA4
BggrBgEFBQcBBwEB/wQpMCcwDAQCAAEwBgMEAI1iiDAXBAIAAjARAwcAKgkRwAAA
AwYEKgkRwBAwDQYJKoZIhvcNAQELBQADggEBAF1Twq18kn+gN25/WtwGEpj2id78
jjk0jy/FTeURssXc9Da43CmBaMZlCYO41SWV+5aLJnWZbuknI2Oqy+lttl59CJ6W
GSWrC5MN7vk3dxCsD5Sh/82Bx6eYWWSbWnJr/YK1ZE/Esdh86ZsieAkewmQWvtpg
Oa4nD+Pn7cPj/Nrszd5Vk3kqhaQcWHZ/7udm5MSXWh/O/kJQ9xmIaXRNc8d/8QJS
cYl8P7XX47smedrFG581fsSTHTDGlsHgvgmLvEKGTOV103hoC/oGdBi/nW7s6AyJ
1XXax348peOptGqVGy78opiG+MJ7TSZH2p3Q9VeK33LPkm5m7ZdOKM3rZ0w=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:38 2023 by rpki-client on console-fra.rpki-client.org