Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/KJ2nREp_iVEdXQEjuo0FurQ0T8M.roa
File: KJ2nREp_iVEdXQEjuo0FurQ0T8M.roa (raw, json)
Hash identifier: dUN1do6FVlgVIyBRSPmpvJPrI8mDSGfCy3D0UBE4/oY=
Subject key identifier: 28:9D:A7:44:4A:7F:89:51:1D:5D:01:23:BA:8D:05:BA:B4:34:4F:C3
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0183E77FBC2615F99A7536EBE5C96424B74F
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/KJ2nREp_iVEdXQEjuo0FurQ0T8M.roa
Signing time: Mon 17 Oct 2022 19:50:51 +0000
ROA not before: Mon 17 Oct 2022 19:50:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209372
IP address blocks: 149.126.192.0/19 maxlen: 24
46.232.0.0/17 maxlen: 24
46.3.0.0/16 maxlen: 24
80.243.128.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e7:7f:bc:26:15:f9:9a:75:36:eb:e5:c9:64:24:b7:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Oct 17 19:50:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=289da7444a7f89511d5d0123ba8d05bab4344fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:84:7b:f8:c1:0a:16:3a:52:16:1f:36:e0:09:
f8:f4:68:2e:b1:2e:f2:c3:21:4c:94:66:4b:c2:ca:
2d:7d:28:02:03:c5:24:f3:d5:c1:00:8e:f0:e3:35:
6d:54:13:df:76:7c:0c:3c:2a:6b:d1:d7:fc:fb:06:
9f:7d:93:83:29:3f:bf:65:04:b5:65:aa:28:e6:69:
05:c9:a3:a2:73:bf:c0:6d:37:fe:d9:3a:3d:ae:1a:
cd:d2:28:db:5e:39:de:54:2d:69:40:67:36:11:88:
49:36:08:1b:57:10:07:a7:00:ac:ba:0a:dc:84:9e:
04:fd:1f:62:b8:4a:57:65:6d:88:dc:7a:1a:c2:fc:
8d:71:96:b9:6a:c4:df:9b:46:b8:67:5a:7a:f3:ba:
60:43:80:fd:3c:83:6d:32:6f:3a:13:4f:01:da:57:
09:a3:8d:e5:24:7a:29:b6:43:19:f8:ff:d6:cc:f6:
9d:f7:30:4c:12:a9:99:7e:f2:9f:d7:ee:9c:cd:bd:
53:aa:9a:1c:f9:b6:f5:b7:c2:b9:87:3d:2d:51:79:
fa:d6:a0:49:eb:cc:1f:8a:92:9a:cf:63:e5:87:c9:
df:4a:85:47:61:58:08:e7:a6:39:1b:7a:23:b1:58:
5d:b6:4b:c3:02:05:7b:3a:f9:1c:46:23:e7:61:85:
3a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9D:A7:44:4A:7F:89:51:1D:5D:01:23:BA:8D:05:BA:B4:34:4F:C3
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/KJ2nREp_iVEdXQEjuo0FurQ0T8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.0.0/16
46.232.0.0/17
80.243.128.0/20
149.126.192.0/19
Signature Algorithm: sha256WithRSAEncryption
25:55:fb:fe:96:e3:a0:b9:26:ff:d9:53:b2:7d:66:e0:c4:bf:
4b:a2:68:12:79:a2:18:4c:ef:73:cf:92:53:70:65:df:9a:dc:
b2:a2:aa:7a:8a:17:17:64:43:c5:89:f7:32:ae:4c:1b:e2:00:
c6:0a:59:ab:89:dd:0b:c2:f1:ab:4a:3d:9e:db:d8:57:bd:8e:
a2:07:40:6f:bd:97:86:e1:2f:83:8a:9b:b8:11:5b:ef:c7:0b:
65:49:59:fd:00:bf:63:0f:52:1d:18:5f:c7:87:99:ce:b8:e8:
03:7f:69:9a:ff:63:62:70:75:a5:6d:5a:bf:bc:88:d0:17:06:
a6:4a:8e:d1:b1:61:ff:ae:05:4d:f8:5b:42:6b:57:be:5b:5e:
8c:3f:fb:9b:f1:29:da:b2:b9:95:5b:50:32:fd:e2:ac:08:d4:
b9:26:04:82:49:ce:35:33:e5:9b:26:14:ce:a2:e9:49:32:a1:
21:57:29:da:48:5a:09:ce:30:c8:e9:3c:d6:86:db:9a:b7:1a:
ad:eb:e8:d0:59:f3:e4:bc:95:8c:71:10:af:27:61:5f:d9:71:
17:cf:29:a6:1a:f9:b9:60:84:98:8c:d4:df:b2:6d:f3:93:ac:
20:a7:a0:99:19:64:cd:f2:b7:3b:ed:a0:7b:4e:32:bb:8f:59:
cb:a7:a4:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYPnf7wmFfmadTbr5clkJLdPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjIxMDE3MTk1MDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODlkYTc0NDRhN2Y4OTUxMWQ1ZDAxMjNiYThkMDViYWI0MzQ0ZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIR7+MEKFjpSFh824An49GgusS7y
wyFMlGZLwsotfSgCA8Uk89XBAI7w4zVtVBPfdnwMPCpr0df8+waffZODKT+/ZQS1
Zaoo5mkFyaOic7/AbTf+2To9rhrN0ijbXjneVC1pQGc2EYhJNggbVxAHpwCsugrc
hJ4E/R9iuEpXZW2I3HoawvyNcZa5asTfm0a4Z1p687pgQ4D9PINtMm86E08B2lcJ
o43lJHoptkMZ+P/WzPad9zBMEqmZfvKf1+6czb1Tqpoc+bb1t8K5hz0tUXn61qBJ
68wfipKaz2Plh8nfSoVHYVgI56Y5G3ojsVhdtkvDAgV7OvkcRiPnYYU6sQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCidp0RKf4lRHV0BI7qNBbq0NE/DMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvS0oyblJFcF9pVkVkWFFFanVvMEZ1clEwVDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwMALgMDBAcu
6AADBARQ84ADBAWVfsAwDQYJKoZIhvcNAQELBQADggEBACVV+/6W46C5Jv/ZU7J9
ZuDEv0uiaBJ5ohhM73PPklNwZd+a3LKiqnqKFxdkQ8WJ9zKuTBviAMYKWauJ3QvC
8atKPZ7b2Fe9jqIHQG+9l4bhL4OKm7gRW+/HC2VJWf0Av2MPUh0YX8eHmc646AN/
aZr/Y2JwdaVtWr+8iNAXBqZKjtGxYf+uBU34W0JrV75bXow/+5vxKdqyuZVbUDL9
4qwI1LkmBIJJzjUz5ZsmFM6i6UkyoSFXKdpIWgnOMMjpPNaG25q3Gq3r6NBZ8+S8
lYxxEK8nYV/ZcRfPKaYa+blghJiM1N+ybfOTrCCnoJkZZM3ytzvtoHtOMruPWcun
pCQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:29 2023 by rpki-client on console-ams.rpki-client.org