Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/KshscWngfnTR0trB8WwstWbXdZo.roa
File: KshscWngfnTR0trB8WwstWbXdZo.roa (raw, json)
Hash identifier: u0/495rIAOFuiEsdP0vy4d/f+MbLLC1k4U6DvSPXrBw=
Subject key identifier: 2A:C8:6C:71:69:E0:7E:74:D1:D2:DA:C1:F1:6C:2C:B5:66:D7:75:9A
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 35C7BF40
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/KshscWngfnTR0trB8WwstWbXdZo.roa
Signing time: Thu 27 Jan 2022 17:45:08 +0000
ROA not before: Thu 27 Jan 2022 17:45:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 192.109.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 902283072 (0x35c7bf40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 27 17:45:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ac86c7169e07e74d1d2dac1f16c2cb566d7759a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3e:f5:9f:b7:74:81:48:4b:d4:f6:92:3b:8f:
aa:37:dd:62:cf:72:59:b3:83:d2:26:e7:dd:7d:89:
4f:32:a4:d0:75:8c:0e:fe:7c:41:98:18:e4:a1:b0:
62:2e:d1:a0:2d:af:27:a3:27:e0:41:23:64:16:b2:
ae:f9:fc:99:8a:4d:02:d9:05:78:95:b0:02:a8:0b:
97:a2:ec:91:45:57:24:bc:f2:0b:7f:94:7e:d0:fe:
cb:98:94:46:db:b4:8e:08:39:97:fd:63:79:46:72:
0c:90:35:5d:47:66:48:21:34:80:66:a6:ce:7f:5b:
95:44:73:5a:47:33:c5:e4:74:28:ef:5d:e2:1c:7e:
08:a2:0c:9b:94:e5:e9:10:88:1f:1a:0d:ab:20:7b:
44:07:d4:72:4a:d7:26:3b:46:70:02:d3:13:8b:58:
c0:1d:c3:83:2f:6a:8c:ff:be:13:17:e3:a6:c7:c2:
5c:b8:b6:3b:ab:72:23:b5:9c:ae:9c:d7:10:b6:75:
5d:a3:d2:91:96:c3:3d:07:41:63:70:49:cb:9a:1d:
b9:db:81:82:a8:8c:14:36:4c:d9:d7:1a:a6:53:76:
d8:2d:83:89:a6:2f:52:e0:cd:ad:45:99:2f:fb:f7:
cd:0b:03:c0:cf:c1:8f:0c:e7:8d:a2:f3:75:cb:04:
b9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C8:6C:71:69:E0:7E:74:D1:D2:DA:C1:F1:6C:2C:B5:66:D7:75:9A
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/KshscWngfnTR0trB8WwstWbXdZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
99:27:3d:b9:e8:f6:62:7c:81:f5:ec:c3:17:e2:ce:92:e8:af:
cd:2f:32:03:eb:ce:a9:d4:39:e1:6a:dd:65:ec:e4:94:34:60:
0a:3d:fd:0e:d3:65:7a:1c:ce:32:4e:0f:f3:5d:97:85:ff:09:
f5:71:8a:ae:dc:43:57:8a:de:4e:8c:6b:f1:40:1a:37:40:2c:
e0:09:aa:a3:4c:01:6a:67:82:bf:cf:45:b2:63:bd:67:87:32:
57:c6:18:42:0b:b6:d0:21:02:6b:84:b8:b0:d6:c9:06:10:63:
b7:ad:4e:fb:b4:84:94:20:80:3e:46:ce:5c:9f:d4:58:e3:4b:
3e:29:73:45:5e:a0:0a:00:92:12:75:43:6a:9a:2c:dc:19:03:
5e:3c:64:7c:b9:1f:a9:cc:9e:4a:86:96:83:c3:c2:ed:13:c0:
4f:e7:82:5a:d0:11:42:d6:24:b0:fc:f7:c6:f1:aa:49:7a:ba:
1d:95:f2:f6:a6:31:dc:cd:47:cb:41:a3:55:44:52:d5:f4:36:
09:3e:77:2e:7e:25:7c:08:49:05:18:0f:a3:21:e5:f6:73:e1:
77:b3:c5:4d:7a:1c:ae:85:9d:5f:f8:ba:64:dc:1a:f1:d4:ba:
9e:b8:a5:63:6d:73:f5:af:17:05:69:63:46:7f:54:42:f6:a8:
7a:f4:e5:fe
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENce/QDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWY1YTEwZTRmZDI2NTVhZGJiYjQwZWRlMThiMjYxNWFjNTU4ZWE5MB4XDTIyMDEy
NzE3NDUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFjODZjNzE2OWUw
N2U3NGQxZDJkYWMxZjE2YzJjYjU2NmQ3NzU5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAME+9Z+3dIFIS9T2kjuPqjfdYs9yWbOD0ibn3X2JTzKk0HWM
Dv58QZgY5KGwYi7RoC2vJ6Mn4EEjZBayrvn8mYpNAtkFeJWwAqgLl6LskUVXJLzy
C3+UftD+y5iURtu0jgg5l/1jeUZyDJA1XUdmSCE0gGamzn9blURzWkczxeR0KO9d
4hx+CKIMm5Tl6RCIHxoNqyB7RAfUckrXJjtGcALTE4tYwB3Dgy9qjP++ExfjpsfC
XLi2O6tyI7WcrpzXELZ1XaPSkZbDPQdBY3BJy5oduduBgqiMFDZM2dcaplN22C2D
iaYvUuDNrUWZL/v3zQsDwM/BjwznjaLzdcsEuVkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQqyGxxaeB+dNHS2sHxbCy1Ztd1mjAfBgNVHSMEGDAWgBRB9aEOT9JlWtu7
QO3hiyYVrFWOqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FmV2hEa19TWlZyYnUwRHQ0WXNtRmF4Vmpxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvOGQzYzgyLWU0MDMtNGRhNi1iMzE1LTg3OTAyMDZmMGQ3NC8x
L0tzaHNjV25nZm5UUjB0ckI4V3dzdFdiWGRaby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
OGQzYzgyLWU0MDMtNGRhNi1iMzE1LTg3OTAyMDZmMGQ3NC8xL1FmV2hEa19TWlZy
YnUwRHQ0WXNtRmF4Vmpxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBtyDANBgkqhkiG9w0BAQsFAAOC
AQEAmSc9uej2YnyB9ezDF+LOkuivzS8yA+vOqdQ54WrdZezklDRgCj39DtNlehzO
Mk4P812Xhf8J9XGKrtxDV4reToxr8UAaN0As4Amqo0wBameCv89FsmO9Z4cyV8YY
Qgu20CECa4S4sNbJBhBjt61O+7SElCCAPkbOXJ/UWONLPilzRV6gCgCSEnVDapos
3BkDXjxkfLkfqcyeSoaWg8PC7RPAT+eCWtARQtYksPz3xvGqSXq6HZXy9qYx3M1H
y0GjVURS1fQ2CT53Ln4lfAhJBRgPoyHl9nPhd7PFTXocroWdX/i6ZNwa8dS6nril
Y21z9a8XBWljRn9UQvaoevTl/g==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net