Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/KkHkW4dcB3njYxPyBhOTQPqfsLE.roa
File: KkHkW4dcB3njYxPyBhOTQPqfsLE.roa (raw, json)
Hash identifier: lAtk8H5Fj5pzzQ7oTq0k5WZzm798PcXZe/N7aml0frc=
Subject key identifier: 2A:41:E4:5B:87:5C:07:79:E3:63:13:F2:06:13:93:40:FA:9F:B0:B1
Certificate issuer: /CN=d22f3bd0bae603ab790602a96bbbc42b5322e88f
Certificate serial: 02C706
Authority key identifier: D2:2F:3B:D0:BA:E6:03:AB:79:06:02:A9:6B:BB:C4:2B:53:22:E8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0i870LrmA6t5BgKpa7vEK1Mi6I8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/KkHkW4dcB3njYxPyBhOTQPqfsLE.roa
Signing time: Tue 31 May 2022 18:14:13 +0000
ROA not before: Tue 31 May 2022 18:14:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 396982
IP address blocks: 194.38.4.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 182022 (0x2c706)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d22f3bd0bae603ab790602a96bbbc42b5322e88f
Validity
Not Before: May 31 18:14:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a41e45b875c0779e36313f206139340fa9fb0b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:93:17:b7:b5:8a:66:d1:cf:1b:f1:d4:42:69:
fc:da:fc:ca:56:ad:0a:30:43:42:31:35:6e:fd:36:
3f:5f:ca:72:e3:81:c7:83:65:c8:5f:d1:7e:6b:e8:
74:e6:e9:8f:6e:83:80:4d:7d:d7:d2:f2:12:76:a3:
22:69:0d:d0:a8:ce:f2:e2:b7:f6:d3:86:8f:e0:ec:
0d:cc:75:99:f0:7c:1e:7a:b2:cc:72:7d:9f:a2:d2:
0b:d4:8a:54:2c:a0:ee:43:1d:9c:5d:ac:bf:8f:71:
0b:13:83:1b:a0:e5:97:c5:2d:d6:ee:4c:48:db:ea:
7c:0e:9b:37:f4:66:46:7e:5d:d0:bf:12:77:09:e9:
55:48:fd:45:e3:0f:8d:98:9c:af:08:dc:f2:47:51:
49:e4:57:04:53:d5:c3:58:d0:c6:ee:d4:37:23:92:
dc:2b:f2:09:97:00:2e:a7:8e:ae:e9:49:64:d2:75:
2c:13:50:f8:5a:41:ae:d3:46:84:e8:b6:f4:c5:43:
50:e6:74:3c:93:f5:31:12:f5:80:06:ad:b2:39:47:
16:da:2a:ac:3a:f9:9c:3e:cc:1a:9f:be:5b:ff:6f:
f3:28:d2:8b:01:70:61:ac:ae:de:eb:03:e7:22:23:
74:1a:d1:66:ef:bd:42:ba:51:bb:27:11:54:73:21:
c2:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:41:E4:5B:87:5C:07:79:E3:63:13:F2:06:13:93:40:FA:9F:B0:B1
X509v3 Authority Key Identifier:
keyid:D2:2F:3B:D0:BA:E6:03:AB:79:06:02:A9:6B:BB:C4:2B:53:22:E8:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0i870LrmA6t5BgKpa7vEK1Mi6I8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/KkHkW4dcB3njYxPyBhOTQPqfsLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/0i870LrmA6t5BgKpa7vEK1Mi6I8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.38.4.0/22
Signature Algorithm: sha256WithRSAEncryption
27:9b:8e:33:01:b1:7a:ac:2d:31:f1:85:22:de:9f:bc:be:9b:
8f:33:0f:4e:4a:7d:f3:e0:0a:b6:cf:76:65:b1:a7:da:86:f7:
18:08:7b:96:13:ee:97:aa:fe:ed:c1:df:fa:fb:9d:7a:d0:42:
44:1a:5c:b7:0b:29:f4:db:bd:d1:2a:f8:92:9e:8d:35:b9:60:
a6:fb:97:8d:ca:ae:db:43:d6:f5:96:34:1b:f9:45:94:28:80:
a8:fa:2d:53:3c:da:75:fb:f0:3c:0b:bb:3e:4f:b1:45:78:5c:
a9:06:aa:f0:95:b1:7c:d0:af:82:13:4e:4d:e7:ce:8c:be:9d:
b5:6c:8c:74:04:5a:cd:17:7f:3f:6c:34:a6:c5:b8:64:6d:63:
bd:aa:b6:a6:7b:18:4d:ac:36:fa:08:91:32:50:b8:41:d1:50:
26:73:9e:6c:c2:c9:a4:40:15:b7:2b:e6:4d:55:69:32:37:eb:
48:39:58:30:a5:7c:fd:2d:e4:53:30:85:be:42:b3:58:77:c4:
f7:30:52:71:a7:cb:2c:ee:eb:5b:8f:e9:23:22:58:43:b1:5e:
c7:11:32:7d:7c:f7:d2:cf:cc:b8:b3:e1:dd:07:66:7d:ca:6c:
83:63:3b:aa:9f:73:53:f0:26:dd:52:5d:8b:27:9d:6f:4a:24:
72:c7:b4:2b
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAscGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQy
MmYzYmQwYmFlNjAzYWI3OTA2MDJhOTZiYmJjNDJiNTMyMmU4OGYwHhcNMjIwNTMx
MTgxNDEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyYTQxZTQ1Yjg3NWMw
Nzc5ZTM2MzEzZjIwNjEzOTM0MGZhOWZiMGIxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm5MXt7WKZtHPG/HUQmn82vzKVq0KMENCMTVu/TY/X8py44HH
g2XIX9F+a+h05umPboOATX3X0vISdqMiaQ3QqM7y4rf204aP4OwNzHWZ8HweerLM
cn2fotIL1IpULKDuQx2cXay/j3ELE4MboOWXxS3W7kxI2+p8Dps39GZGfl3QvxJ3
CelVSP1F4w+NmJyvCNzyR1FJ5FcEU9XDWNDG7tQ3I5LcK/IJlwAup46u6Ulk0nUs
E1D4WkGu00aE6Lb0xUNQ5nQ8k/UxEvWABq2yOUcW2iqsOvmcPswan75b/2/zKNKL
AXBhrK7e6wPnIiN0GtFm771CulG7JxFUcyHCDQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFCpB5FuHXAd542MT8gYTk0D6n7CxMB8GA1UdIwQYMBaAFNIvO9C65gOreQYC
qWu7xCtTIuiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MGk4NzBMcm1BNnQ1QmdLcGE3dkVLMU1pNkk4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mNS82ZTUxY2ItNTE3Zi00Y2IxLWEzYTAtZDcyMWJkMmU5ZDUzLzEv
S2tIa1c0ZGNCM25qWXhQeUJoT1RRUHFmc0xFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82
ZTUxY2ItNTE3Zi00Y2IxLWEzYTAtZDcyMWJkMmU5ZDUzLzEvMGk4NzBMcm1BNnQ1
QmdLcGE3dkVLMU1pNkk4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiYEMA0GCSqGSIb3DQEBCwUAA4IB
AQAnm44zAbF6rC0x8YUi3p+8vpuPMw9OSn3z4Aq2z3ZlsafahvcYCHuWE+6Xqv7t
wd/6+5160EJEGly3Cyn0273RKviSno01uWCm+5eNyq7bQ9b1ljQb+UWUKICo+i1T
PNp1+/A8C7s+T7FFeFypBqrwlbF80K+CE05N586Mvp21bIx0BFrNF38/bDSmxbhk
bWO9qramexhNrDb6CJEyULhB0VAmc55swsmkQBW3K+ZNVWkyN+tIOVgwpXz9LeRT
MIW+QrNYd8T3MFJxp8ss7utbj+kjIlhDsV7HETJ9fPfSz8y4s+HdB2Z9ymyDYzuq
n3NT8CbdUl2LJ51vSiRyx7Qr
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:23 2023 by rpki-client on console-ams.rpki-client.org