Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/KgvMTOenxqSI0lmqd_rrTHq7uL0.roa
File: KgvMTOenxqSI0lmqd_rrTHq7uL0.roa (raw, json)
Hash identifier: VTdlqnySRvqvgHH5W2m9yPdHg8DaGvCh1vOiznP8shc=
Subject key identifier: 2A:0B:CC:4C:E7:A7:C6:A4:88:D2:59:AA:77:FA:EB:4C:7A:BB:B8:BD
Certificate issuer: /CN=0c477abf0a27ede886fbc42413d7a89c226b11fa
Certificate serial: 049F8F12
Authority key identifier: 0C:47:7A:BF:0A:27:ED:E8:86:FB:C4:24:13:D7:A8:9C:22:6B:11:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEd6vwon7eiG-8QkE9eonCJrEfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/KgvMTOenxqSI0lmqd_rrTHq7uL0.roa
Signing time: Wed 13 Apr 2022 10:10:06 +0000
ROA not before: Wed 13 Apr 2022 10:10:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213078
IP address blocks: 45.87.208.0/22 maxlen: 22
2a06:bc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77565714 (0x49f8f12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c477abf0a27ede886fbc42413d7a89c226b11fa
Validity
Not Before: Apr 13 10:10:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a0bcc4ce7a7c6a488d259aa77faeb4c7abbb8bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f1:41:f1:6f:84:e8:41:5a:f7:65:6e:aa:0c:
18:34:40:eb:b8:74:06:19:8f:d6:d9:9e:05:cd:43:
9c:c0:8d:34:f8:2f:68:31:30:37:f5:c0:92:99:ea:
09:af:f4:67:ab:e2:fe:9e:14:cf:96:fa:da:ef:49:
8e:83:b7:35:6c:be:72:72:45:b5:b1:4a:13:88:08:
a4:d8:a3:ce:4d:30:2d:ed:39:72:ce:45:bf:22:37:
a1:8d:ec:bf:97:ba:48:d7:bd:e5:38:38:11:11:54:
a2:d6:c0:e8:98:ee:4b:6d:e0:97:ac:65:03:90:6b:
ef:0d:cd:44:2d:11:1e:74:f7:79:8a:2b:6c:31:6a:
67:2d:bd:03:7e:b4:22:f6:18:da:bf:c0:66:85:1f:
1a:de:16:91:20:93:a5:9c:28:ef:2f:22:68:d8:b6:
c8:d3:6f:a1:00:5d:53:f5:32:1f:ea:ec:66:ff:80:
91:ad:ca:a3:0a:ed:fe:44:ce:4f:b0:75:58:9d:97:
b1:89:39:2c:33:48:7a:a4:ed:57:18:fd:45:ee:ad:
82:3f:b3:38:bd:bd:76:cb:1d:54:d2:42:14:af:8a:
e8:c8:c8:64:1b:e3:e8:af:59:ad:10:fa:51:ef:ff:
57:e1:e3:50:50:63:a4:94:a4:2d:75:03:ed:09:7a:
2a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0B:CC:4C:E7:A7:C6:A4:88:D2:59:AA:77:FA:EB:4C:7A:BB:B8:BD
X509v3 Authority Key Identifier:
keyid:0C:47:7A:BF:0A:27:ED:E8:86:FB:C4:24:13:D7:A8:9C:22:6B:11:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEd6vwon7eiG-8QkE9eonCJrEfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/KgvMTOenxqSI0lmqd_rrTHq7uL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/DEd6vwon7eiG-8QkE9eonCJrEfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.208.0/22
IPv6:
2a06:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
8c:a9:ba:2b:3e:a3:b2:43:31:ce:93:f1:42:c2:34:63:81:11:
4c:4f:8a:94:7e:d7:31:bc:ed:57:32:cc:18:f9:d5:04:94:c8:
23:0f:d0:1f:e2:53:3e:fd:b3:43:9c:1e:02:29:39:0c:e2:4e:
62:b3:e0:65:2b:32:c1:b5:c9:ee:66:78:a5:61:e7:c4:07:b0:
28:8c:4a:20:bf:09:a4:6b:be:7b:2b:43:4e:d2:7b:52:6a:98:
37:35:d9:0f:9a:59:2d:da:b4:c0:25:10:b9:c6:33:33:e4:f4:
26:8e:84:0b:e0:b6:96:c0:a4:63:ab:de:bd:bd:12:56:c8:b5:
99:8a:de:95:1c:2b:7a:27:a2:b5:ad:7d:a3:88:1f:33:2e:2d:
34:0e:74:24:e5:12:63:05:d6:45:69:f6:89:3e:5e:ac:9b:0f:
78:a7:8e:44:08:71:f3:e4:a4:3b:7e:7c:49:1a:c9:e2:be:2e:
fe:d0:67:1b:62:e9:38:9e:e1:d6:9a:6b:cc:84:8a:1d:aa:3a:
5f:6a:6d:15:d6:47:3d:ad:07:6e:0f:88:19:9a:b3:38:74:d5:
2f:98:83:3a:07:b1:1d:01:ef:d3:15:6f:3f:c3:6d:b2:91:d6:
9d:03:9f:11:b2:c8:88:ce:5b:76:29:4b:50:6d:ed:3e:21:71:
fe:f4:43:77
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBJ+PEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzQ3N2FiZjBhMjdlZGU4ODZmYmM0MjQxM2Q3YTg5YzIyNmIxMWZhMB4XDTIyMDQx
MzEwMTAwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmEwYmNjNGNlN2E3
YzZhNDg4ZDI1OWFhNzdmYWViNGM3YWJiYjhiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTxQfFvhOhBWvdlbqoMGDRA67h0BhmP1tmeBc1DnMCNNPgv
aDEwN/XAkpnqCa/0Z6vi/p4Uz5b62u9JjoO3NWy+cnJFtbFKE4gIpNijzk0wLe05
cs5FvyI3oY3sv5e6SNe95Tg4ERFUotbA6JjuS23gl6xlA5Br7w3NRC0RHnT3eYor
bDFqZy29A360IvYY2r/AZoUfGt4WkSCTpZwo7y8iaNi2yNNvoQBdU/UyH+rsZv+A
ka3Kowrt/kTOT7B1WJ2XsYk5LDNIeqTtVxj9Re6tgj+zOL29dssdVNJCFK+K6MjI
ZBvj6K9ZrRD6Ue//V+HjUFBjpJSkLXUD7Ql6KhMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQqC8xM56fGpIjSWap3+utMeru4vTAfBgNVHSMEGDAWgBQMR3q/Cift6Ib7
xCQT16icImsR+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RFZDZ2d29uN2VpRy04UWtFOWVvbkNKckVmby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvNTU2ZDNkLTA0MjItNDYxMi1hMjE3LTE4ZjRmNjZhNTBhMC8x
L0tndk1UT2VueHFTSTBsbXFkX3JyVEhxN3VMMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
NTU2ZDNkLTA0MjItNDYxMi1hMjE3LTE4ZjRmNjZhNTBhMC8xL0RFZDZ2d29uN2Vp
Ry04UWtFOWVvbkNKckVmby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi1X0DANBAIAAjAHAwUDKgYLwDAN
BgkqhkiG9w0BAQsFAAOCAQEAjKm6Kz6jskMxzpPxQsI0Y4ERTE+KlH7XMbztVzLM
GPnVBJTIIw/QH+JTPv2zQ5weAik5DOJOYrPgZSsywbXJ7mZ4pWHnxAewKIxKIL8J
pGu+eytDTtJ7UmqYNzXZD5pZLdq0wCUQucYzM+T0Jo6EC+C2lsCkY6vevb0SVsi1
mYrelRwreieita19o4gfMy4tNA50JOUSYwXWRWn2iT5erJsPeKeORAhx8+SkO358
SRrJ4r4u/tBnG2LpOJ7h1pprzISKHao6X2ptFdZHPa0Hbg+IGZqzOHTVL5iDOgex
HQHv0xVvP8NtspHWnQOfEbLIiM5bdilLUG3tPiFx/vRDdw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:40 2023 by rpki-client on console-fra.rpki-client.org