Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/KjuSbtoJtA1rcF2HxARvEEUNJkk.roa
File: KjuSbtoJtA1rcF2HxARvEEUNJkk.roa (raw, json)
Hash identifier: NuNwejfvKGw2G3NMfETUvoReHU8luVHIniB7YzRAnZ8=
Subject key identifier: 2A:3B:92:6E:DA:09:B4:0D:6B:70:5D:87:C4:04:6F:10:45:0D:26:49
Certificate issuer: /CN=8901f673c6b0ff8835ea02faedba5b49cf14224e
Certificate serial: FA95
Authority key identifier: 89:01:F6:73:C6:B0:FF:88:35:EA:02:FA:ED:BA:5B:49:CF:14:22:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQH2c8aw_4g16gL67bpbSc8UIk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/KjuSbtoJtA1rcF2HxARvEEUNJkk.roa
Signing time: Sat 21 May 2022 12:50:43 +0000
ROA not before: Sat 21 May 2022 12:50:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205094
IP address blocks: 213.142.154.0/23 maxlen: 23
2a12:f140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64149 (0xfa95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8901f673c6b0ff8835ea02faedba5b49cf14224e
Validity
Not Before: May 21 12:50:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a3b926eda09b40d6b705d87c4046f10450d2649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:c0:64:ce:eb:25:a5:8c:04:b7:b5:b3:08:f8:
d7:1e:1d:41:25:f7:a5:2b:60:b2:48:e2:5c:db:19:
c0:ab:e0:dd:77:c0:f7:67:52:4f:1a:3b:49:13:7b:
b8:eb:c3:97:1a:a4:63:0f:e5:c1:d2:ee:99:0a:63:
d0:ec:23:02:1e:29:e1:00:92:d6:fe:09:dd:d2:e1:
1f:ee:d3:3d:68:27:84:d7:3f:a1:d6:cc:ff:ed:7b:
8a:16:5d:b2:89:e3:d2:61:e8:b4:2d:01:14:f5:f8:
80:06:e0:59:ca:f3:d7:72:8f:f5:24:f5:b6:ed:57:
92:24:fa:ee:43:27:a0:83:56:6e:f4:3d:25:d6:12:
af:8b:18:69:ce:fc:73:43:85:ea:34:97:e3:0b:37:
1b:37:b5:bb:cb:e6:25:84:a5:b5:81:08:b2:2f:b1:
91:73:35:85:2d:bc:41:34:ca:17:c6:0b:0f:9f:4e:
e6:5c:a0:d4:55:0c:24:71:c4:a9:f8:d6:e3:b3:12:
8e:51:a0:bb:d9:c8:5c:e0:5e:75:1a:20:68:82:c1:
ee:ce:57:e7:23:9b:1c:00:b9:78:ff:8f:a9:91:7b:
23:dd:5f:88:7d:e5:5c:c9:61:74:18:3e:06:28:f8:
be:7a:bd:93:6a:0d:a3:d5:7f:9d:ad:70:d2:ac:1f:
70:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:3B:92:6E:DA:09:B4:0D:6B:70:5D:87:C4:04:6F:10:45:0D:26:49
X509v3 Authority Key Identifier:
keyid:89:01:F6:73:C6:B0:FF:88:35:EA:02:FA:ED:BA:5B:49:CF:14:22:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQH2c8aw_4g16gL67bpbSc8UIk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/KjuSbtoJtA1rcF2HxARvEEUNJkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/iQH2c8aw_4g16gL67bpbSc8UIk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.142.154.0/23
IPv6:
2a12:f140::/29
Signature Algorithm: sha256WithRSAEncryption
14:9e:95:6a:7d:0f:83:e0:88:f7:3d:d7:28:19:9b:d4:d5:c9:
d3:77:d2:31:6f:2a:d1:6d:32:e2:12:89:f6:30:83:cb:31:69:
43:e9:bb:df:36:d5:25:cf:27:7a:75:ff:2e:b6:2f:b4:a3:8a:
f7:f7:a5:19:ff:43:88:47:fd:b9:54:80:6e:cc:ad:00:a6:77:
06:7b:45:a6:b9:aa:f3:7c:bf:10:e8:fe:3c:bb:7b:89:6c:6d:
ff:b0:df:85:50:84:a9:0b:4c:23:c6:58:da:9d:9f:69:36:89:
e3:79:ec:bd:22:9b:74:14:d6:07:19:0c:14:99:e4:e4:99:dd:
9c:40:bf:f5:1d:28:bc:ff:a6:5a:00:4d:5b:3d:dd:d4:3c:30:
57:37:34:e6:1a:59:90:0e:26:4f:69:7a:1b:48:5f:40:89:ed:
11:5f:f0:32:17:56:f8:4d:0b:87:ea:38:a0:aa:6c:33:b6:5f:
93:6e:24:f1:b4:e4:ce:27:1e:5e:83:d9:3c:63:f4:3a:97:94:
64:9f:14:eb:c0:a2:22:e0:9b:43:1a:08:31:29:3a:16:65:98:
2f:b6:86:91:b1:60:bc:8b:ab:63:c7:9d:64:72:2f:b2:ac:94:
a9:b6:99:f6:37:bb:5a:5c:10:10:01:43:77:9b:31:16:62:ed:
b0:7f:34:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDAPqVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg5
MDFmNjczYzZiMGZmODgzNWVhMDJmYWVkYmE1YjQ5Y2YxNDIyNGUwHhcNMjIwNTIx
MTI1MDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyYTNiOTI2ZWRhMDli
NDBkNmI3MDVkODdjNDA0NmYxMDQ1MGQyNjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA7cBkzuslpYwEt7WzCPjXHh1BJfelK2CySOJc2xnAq+Ddd8D3
Z1JPGjtJE3u468OXGqRjD+XB0u6ZCmPQ7CMCHinhAJLW/gnd0uEf7tM9aCeE1z+h
1sz/7XuKFl2yiePSYei0LQEU9fiABuBZyvPXco/1JPW27VeSJPruQyegg1Zu9D0l
1hKvixhpzvxzQ4XqNJfjCzcbN7W7y+YlhKW1gQiyL7GRczWFLbxBNMoXxgsPn07m
XKDUVQwkccSp+NbjsxKOUaC72chc4F51GiBogsHuzlfnI5scALl4/4+pkXsj3V+I
feVcyWF0GD4GKPi+er2Tag2j1X+drXDSrB9whwIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFCo7km7aCbQNa3Bdh8QEbxBFDSZJMB8GA1UdIwQYMBaAFIkB9nPGsP+INeoC
+u26W0nPFCJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
aVFIMmM4YXdfNGcxNmdMNjdicGJTYzhVSWs0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mNi9jMmJhMTAtMjBlZC00ZThjLWI3NmMtNTNjNGQ1NzYyZDFhLzEv
S2p1U2J0b0p0QTFyY0YySHhBUnZFRVVOSmtrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9j
MmJhMTAtMjBlZC00ZThjLWI3NmMtNTNjNGQ1NzYyZDFhLzEvaVFIMmM4YXdfNGcx
NmdMNjdicGJTYzhVSWs0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB1Y6aMA0EAgACMAcDBQMqEvFAMA0G
CSqGSIb3DQEBCwUAA4IBAQAUnpVqfQ+D4Ij3PdcoGZvU1cnTd9IxbyrRbTLiEon2
MIPLMWlD6bvfNtUlzyd6df8uti+0o4r396UZ/0OIR/25VIBuzK0ApncGe0Wmuarz
fL8Q6P48u3uJbG3/sN+FUISpC0wjxljanZ9pNonjeey9Ipt0FNYHGQwUmeTkmd2c
QL/1HSi8/6ZaAE1bPd3UPDBXNzTmGlmQDiZPaXobSF9Aie0RX/AyF1b4TQuH6jig
qmwztl+TbiTxtOTOJx5eg9k8Y/Q6l5RknxTrwKIi4JtDGggxKToWZZgvtoaRsWC8
i6tjx51kci+yrJSptpn2N7taXBAQAUN3mzEWYu2wfzTF
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:35 2023 by rpki-client on console-fra.rpki-client.org