Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/Knk4hf-zLReA6uGZkul3CH1HSFo.roa
File: Knk4hf-zLReA6uGZkul3CH1HSFo.roa (raw, json)
Hash identifier: qi37g8+LtuWd9IX4ftZOuC5BepvMDjmbfztZIRdW4OU=
Subject key identifier: 2A:79:38:85:FF:B3:2D:17:80:EA:E1:99:92:E9:77:08:7D:47:48:5A
Certificate issuer: /CN=37af48131ecd9dca3def2b2de788f15060627755
Certificate serial: 0182D91B22B646381CF87CCFAE8C7AAEAA0D
Authority key identifier: 37:AF:48:13:1E:CD:9D:CA:3D:EF:2B:2D:E7:88:F1:50:60:62:77:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N69IEx7Nnco97yst54jxUGBid1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/Knk4hf-zLReA6uGZkul3CH1HSFo.roa
Signing time: Fri 26 Aug 2022 07:43:30 +0000
ROA not before: Fri 26 Aug 2022 07:43:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6830
IP address blocks: 109.255.128.0/17 maxlen: 17
188.141.0.0/17 maxlen: 17
188.141.0.0/18 maxlen: 18
185.54.226.0/23 maxlen: 23
185.54.224.0/22 maxlen: 22
185.54.224.0/23 maxlen: 23
79.97.0.0/17 maxlen: 17
79.97.0.0/16 maxlen: 16
188.141.64.0/18 maxlen: 18
79.97.128.0/17 maxlen: 17
37.228.224.0/19 maxlen: 19
89.101.0.0/16 maxlen: 16
46.255.152.0/21 maxlen: 21
37.228.192.0/19 maxlen: 19
37.228.192.0/18 maxlen: 18
46.7.0.0/17 maxlen: 17
46.7.0.0/16 maxlen: 16
176.61.0.0/17 maxlen: 17
176.61.0.0/18 maxlen: 18
176.61.64.0/18 maxlen: 18
89.100.0.0/16 maxlen: 16
5.179.48.0/20 maxlen: 20
109.255.0.0/17 maxlen: 17
89.100.0.0/15 maxlen: 15
109.255.0.0/16 maxlen: 16
5.179.64.0/21 maxlen: 21
5.179.64.0/22 maxlen: 22
5.179.68.0/22 maxlen: 22
46.7.128.0/17 maxlen: 17
78.24.16.0/21 maxlen: 21
5.179.32.0/20 maxlen: 20
5.179.32.0/19 maxlen: 19
2a02:8080::/30 maxlen: 30
2a02:8080::/29 maxlen: 29
2a02:8084::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d9:1b:22:b6:46:38:1c:f8:7c:cf:ae:8c:7a:ae:aa:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37af48131ecd9dca3def2b2de788f15060627755
Validity
Not Before: Aug 26 07:43:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a793885ffb32d1780eae19992e977087d47485a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:95:97:9b:f4:b3:91:72:d0:49:93:aa:c2:05:
14:4d:33:79:1c:3e:c4:a2:3d:22:f4:f3:4b:40:b0:
12:95:74:c9:9e:a6:7b:90:06:c4:4a:29:48:c0:8d:
3d:4b:f2:35:03:ee:f2:3c:91:a7:6e:f6:fc:73:34:
af:08:22:11:e8:9a:fc:5d:41:ba:2c:62:7d:59:db:
70:8e:65:38:67:62:c6:78:c7:de:fe:be:23:a0:26:
25:14:47:04:42:8a:21:2a:bc:86:04:e1:e5:c9:b9:
26:7e:d4:2e:be:cd:fc:ca:d0:62:a8:b9:61:48:ff:
1f:6c:73:7c:c4:77:77:da:3f:91:35:b3:3f:be:39:
13:5e:ae:64:98:3f:e6:e5:4d:3d:ba:6d:04:e6:0c:
ef:9a:16:b3:99:f6:f4:79:fa:eb:c7:36:4c:02:3f:
51:79:62:67:83:23:39:70:e9:3e:e4:7d:11:f8:5e:
db:f2:ad:28:80:72:07:32:57:88:9b:1b:2d:0d:2b:
30:d7:61:1a:41:21:83:7e:d4:0d:50:55:01:81:98:
fb:a0:f0:a6:97:93:d4:3f:68:66:3e:2b:74:6d:1b:
d4:5f:ac:64:19:63:65:18:fc:ed:b0:e7:ae:c4:a4:
ca:52:bb:4e:6a:ba:7d:4a:5f:a0:ef:03:a6:7c:a7:
a7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:79:38:85:FF:B3:2D:17:80:EA:E1:99:92:E9:77:08:7D:47:48:5A
X509v3 Authority Key Identifier:
keyid:37:AF:48:13:1E:CD:9D:CA:3D:EF:2B:2D:E7:88:F1:50:60:62:77:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N69IEx7Nnco97yst54jxUGBid1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/Knk4hf-zLReA6uGZkul3CH1HSFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/N69IEx7Nnco97yst54jxUGBid1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.32.0-5.179.71.255
37.228.192.0/18
46.7.0.0/16
46.255.152.0/21
78.24.16.0/21
79.97.0.0/16
89.100.0.0/15
109.255.0.0/16
176.61.0.0/17
185.54.224.0/22
188.141.0.0/17
IPv6:
2a02:8080::/29
Signature Algorithm: sha256WithRSAEncryption
26:30:32:49:ce:a9:8b:b2:04:ba:4c:37:24:16:08:0a:9e:33:
a8:8f:8b:b7:2d:7c:84:7c:e3:2d:75:67:00:07:ad:3e:79:16:
ba:5b:52:a4:de:84:5a:94:53:3b:e6:a4:09:e1:f9:0b:f4:d9:
a0:a7:38:03:e3:ea:29:c3:8c:88:d5:8c:15:1a:85:d0:ae:c8:
ee:79:62:8b:fd:ae:20:a8:59:e5:69:81:78:5d:7a:b3:50:68:
91:3e:e8:8b:aa:54:b3:f8:e3:4f:59:23:c9:92:ff:f6:dd:e4:
fc:ce:fc:d1:88:ca:67:00:c9:c9:91:e3:36:3d:51:bf:bd:15:
e4:6a:18:59:d1:0f:b7:8b:8e:63:ab:6a:99:86:46:6b:1b:d9:
f4:29:3d:df:20:79:29:c7:8c:7f:d6:6b:7d:6c:5e:98:fd:39:
c4:4f:43:03:46:43:fc:3d:6b:e9:67:ab:cf:08:92:db:61:bf:
b1:c4:31:d8:86:54:e5:d7:19:61:74:60:a8:1b:6f:82:ab:f6:
e2:00:41:12:da:c9:c5:4d:0f:72:5f:fc:21:b3:2d:3a:14:7d:
cb:55:52:8b:62:6b:f9:f8:35:a6:fb:47:3e:e5:b3:f0:fc:28:
a8:fb:4c:d6:5a:46:7a:23:97:0b:60:cb:80:67:7e:2d:3f:a3:
29:e4:8e:7b
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYLZGyK2Rjgc+HzProx6rqoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3YWY0ODEzMWVjZDlkY2EzZGVmMmIyZGU3ODhmMTUwNjA2
Mjc3NTUwHhcNMjIwODI2MDc0MzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTc5Mzg4NWZmYjMyZDE3ODBlYWUxOTk5MmU5NzcwODdkNDc0ODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5WXm/SzkXLQSZOqwgUUTTN5HD7E
oj0i9PNLQLASlXTJnqZ7kAbESilIwI09S/I1A+7yPJGnbvb8czSvCCIR6Jr8XUG6
LGJ9WdtwjmU4Z2LGeMfe/r4joCYlFEcEQoohKryGBOHlybkmftQuvs38ytBiqLlh
SP8fbHN8xHd32j+RNbM/vjkTXq5kmD/m5U09um0E5gzvmhazmfb0efrrxzZMAj9R
eWJngyM5cOk+5H0R+F7b8q0ogHIHMleImxstDSsw12EaQSGDftQNUFUBgZj7oPCm
l5PUP2hmPit0bRvUX6xkGWNlGPztsOeuxKTKUrtOarp9Sl+g7wOmfKenBQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFCp5OIX/sy0XgOrhmZLpdwh9R0haMB8GA1UdIwQY
MBaAFDevSBMezZ3KPe8rLeeI8VBgYndVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjY5SUV4N05uY285N3lzdDU0anhVR0JpZDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zNWZhZWQtYzJkNy00Y2I5LTk3ZjUt
ZGY2ZjIwZGNiOTRiLzEvS25rNGhmLXpMUmVBNnVHWmt1bDNDSDFIU0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zNWZhZWQtYzJkNy00Y2I5LTk3ZjUtZGY2ZjIwZGNiOTRi
LzEvTjY5SUV4N05uY285N3lzdDU0anhVR0JpZDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGMAwDBAUFsyAD
BAMFs0ADBAYl5MADAwAuBwMEAy7/mAMEA04YEAMDAE9hAwMBWWQDAwBt/wMEB7A9
AAMEArk24AMEB7yNADANBAIAAjAHAwUDKgKAgDANBgkqhkiG9w0BAQsFAAOCAQEA
JjAySc6pi7IEukw3JBYICp4zqI+Lty18hHzjLXVnAAetPnkWultSpN6EWpRTO+ak
CeH5C/TZoKc4A+PqKcOMiNWMFRqF0K7I7nlii/2uIKhZ5WmBeF16s1BokT7oi6pU
s/jjT1kjyZL/9t3k/M780YjKZwDJyZHjNj1Rv70V5GoYWdEPt4uOY6tqmYZGaxvZ
9Ck93yB5KceMf9ZrfWxemP05xE9DA0ZD/D1r6WerzwiS22G/scQx2IZU5dcZYXRg
qBtvgqv24gBBEtrJxU0Pcl/8IbMtOhR9y1VSi2Jr+fg1pvtHPuWz8PwoqPtM1lpG
eiOXC2DLgGd+LT+jKeSOew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:23 2024 by rpki-client on console-ams.rpki-client.org