Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/KCwWhUNCfgRv5qBB45NyoQ0gMCE.roa
File: KCwWhUNCfgRv5qBB45NyoQ0gMCE.roa (raw, json)
Hash identifier: G4Ag8UJrwaPX8jT3TLnHE5bcPbCmvKgbUKLjVaRbLzU=
Subject key identifier: 28:2C:16:85:43:42:7E:04:6F:E6:A0:41:E3:93:72:A1:0D:20:30:21
Certificate issuer: /CN=27fc21856cd8e037a7bb8c6392a6198213a8b4f6
Certificate serial: 024014
Authority key identifier: 27:FC:21:85:6C:D8:E0:37:A7:BB:8C:63:92:A6:19:82:13:A8:B4:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_whhWzY4Denu4xjkqYZghOotPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/KCwWhUNCfgRv5qBB45NyoQ0gMCE.roa
Signing time: Thu 28 Apr 2022 12:27:07 +0000
ROA not before: Thu 28 Apr 2022 12:27:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29166
IP address blocks: 193.135.31.0/24 maxlen: 24
193.5.8.0/23 maxlen: 23
194.40.212.0/22 maxlen: 22
194.40.216.0/22 maxlen: 22
194.40.220.0/22 maxlen: 22
194.40.224.0/22 maxlen: 22
194.40.228.0/22 maxlen: 22
194.40.232.0/24 maxlen: 24
194.40.234.0/23 maxlen: 23
193.5.42.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147476 (0x24014)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27fc21856cd8e037a7bb8c6392a6198213a8b4f6
Validity
Not Before: Apr 28 12:27:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=282c168543427e046fe6a041e39372a10d203021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6d:d4:80:03:2f:57:a6:f6:90:b5:ad:11:d4:
3e:b2:b9:c9:36:5e:80:7c:a4:cd:7b:1d:87:25:66:
45:0c:10:66:c9:6e:f6:ad:dc:4e:e3:19:0b:9c:f5:
70:c5:01:8b:9f:30:95:20:63:2c:01:3a:cd:81:93:
b9:5c:88:bb:fd:de:41:be:0f:83:62:cd:9f:f6:5f:
b1:5d:69:6c:bf:96:64:3f:fa:5f:73:20:21:03:22:
ed:26:de:41:e6:36:53:ec:61:72:7d:ba:cc:52:f9:
a1:31:c1:1c:67:aa:3d:f2:a2:7f:06:25:0d:2f:47:
da:44:b8:1b:10:92:aa:e2:c0:55:32:ae:d3:a0:ab:
b6:d0:00:bc:48:29:6e:a5:27:62:f4:68:57:82:47:
ec:bc:1d:fe:ba:4c:59:b1:b4:84:f8:ca:af:0b:74:
60:36:6d:b3:8f:02:76:07:de:0f:e5:31:8d:92:bd:
96:c9:16:35:e8:d4:9c:98:ff:21:9a:cf:80:68:87:
7e:34:dd:a1:bd:92:16:24:8c:e0:ee:95:0f:d7:4d:
7a:a9:e7:a1:d2:b2:d7:0d:7a:a5:02:6c:61:c0:c7:
08:70:34:63:56:a2:5a:29:2a:4b:7a:f0:ca:0f:86:
cf:74:b5:86:1d:a7:59:26:43:83:cb:f6:31:e8:75:
a1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:2C:16:85:43:42:7E:04:6F:E6:A0:41:E3:93:72:A1:0D:20:30:21
X509v3 Authority Key Identifier:
keyid:27:FC:21:85:6C:D8:E0:37:A7:BB:8C:63:92:A6:19:82:13:A8:B4:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_whhWzY4Denu4xjkqYZghOotPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/KCwWhUNCfgRv5qBB45NyoQ0gMCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/J_whhWzY4Denu4xjkqYZghOotPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.8.0/23
193.5.42.0/23
193.135.31.0/24
194.40.212.0-194.40.232.255
194.40.234.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:4a:73:29:b4:73:25:a4:de:bd:33:df:ca:0b:3a:24:ec:09:
ab:2e:df:48:03:8f:cc:26:3e:66:bb:b8:24:1b:5c:10:14:f8:
5a:f1:f4:c9:aa:f4:0a:de:4d:96:fb:7d:69:a7:41:14:66:26:
b4:72:b3:40:8b:b7:bc:54:29:e4:be:4c:f7:85:b8:ff:68:8b:
a4:aa:75:a8:b5:b4:a9:79:b7:cd:2e:70:65:19:da:50:b4:ba:
1b:45:53:d2:53:7a:59:70:6b:f6:68:41:86:99:53:0b:ab:21:
31:57:0e:dc:6b:51:d6:9b:31:e2:08:49:b0:4d:dc:8d:08:ad:
de:22:e1:98:5b:6a:a7:99:33:63:04:53:e1:a5:b2:84:bc:fc:
cc:a3:b7:a9:66:82:53:2c:17:86:30:eb:79:5d:4a:c2:92:47:
f9:57:17:ad:df:48:7c:0d:19:fe:53:05:a6:50:2a:f1:6d:2e:
31:f6:4b:9a:e5:6d:52:4e:ee:51:a1:15:b6:8f:70:cf:11:0b:
15:14:e3:83:76:b6:d2:8b:d1:10:28:00:7e:dd:af:7a:b8:bb:
c4:fc:bf:d1:a4:15:93:16:e5:a0:54:db:3f:a1:4e:c9:9e:f9:
f9:65:7a:53:0c:e4:a4:e5:e8:6d:e5:52:02:e6:03:29:0e:94:
9e:3d:63:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIDAkAUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI3
ZmMyMTg1NmNkOGUwMzdhN2JiOGM2MzkyYTYxOTgyMTNhOGI0ZjYwHhcNMjIwNDI4
MTIyNzA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyODJjMTY4NTQzNDI3
ZTA0NmZlNmEwNDFlMzkzNzJhMTBkMjAzMDIxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAr23UgAMvV6b2kLWtEdQ+srnJNl6AfKTNex2HJWZFDBBmyW72
rdxO4xkLnPVwxQGLnzCVIGMsATrNgZO5XIi7/d5Bvg+DYs2f9l+xXWlsv5ZkP/pf
cyAhAyLtJt5B5jZT7GFyfbrMUvmhMcEcZ6o98qJ/BiUNL0faRLgbEJKq4sBVMq7T
oKu20AC8SClupSdi9GhXgkfsvB3+ukxZsbSE+MqvC3RgNm2zjwJ2B94P5TGNkr2W
yRY16NScmP8hms+AaId+NN2hvZIWJIzg7pUP1016qeeh0rLXDXqlAmxhwMcIcDRj
VqJaKSpLevDKD4bPdLWGHadZJkODy/Yx6HWhSQIDAQABo4ICKTCCAiUwHQYDVR0O
BBYEFCgsFoVDQn4Eb+agQeOTcqENIDAhMB8GA1UdIwQYMBaAFCf8IYVs2OA3p7uM
Y5KmGYITqLT2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Sl93aGhXelk0RGVudTR4amtxWVpnaE9vdFBZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYi9jN2ZhNDgtMjg3Ni00MjJiLTg4MjUtZTFmMzY3ZTc5NjIwLzEv
S0N3V2hVTkNmZ1J2NXFCQjQ1TnlvUTBnTUNFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9j
N2ZhNDgtMjg3Ni00MjJiLTg4MjUtZTFmMzY3ZTc5NjIwLzEvSl93aGhXelk0RGVu
dTR4amtxWVpnaE9vdFBZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD8G
CCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBwQUIAwQBwQUqAwQAwYcfMAwDBALC
KNQDBADCKOgDBAHCKOowDQYJKoZIhvcNAQELBQADggEBAH9Kcym0cyWk3r0z38oL
OiTsCasu30gDj8wmPma7uCQbXBAU+Frx9Mmq9AreTZb7fWmnQRRmJrRys0CLt7xU
KeS+TPeFuP9oi6Sqdai1tKl5t80ucGUZ2lC0uhtFU9JTellwa/ZoQYaZUwurITFX
DtxrUdabMeIISbBN3I0Ird4i4ZhbaqeZM2MEU+GlsoS8/Myjt6lmglMsF4Yw63ld
SsKSR/lXF63fSHwNGf5TBaZQKvFtLjH2S5rlbVJO7lGhFbaPcM8RCxUU44N2ttKL
0RAoAH7dr3q4u8T8v9GkFZMW5aBU2z+hTsme+fllelMM5KTl6G3lUgLmAykOlJ49
Yxg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:10 2024 by rpki-client on console-fra.rpki-client.org