Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/KHhBLaYYS2xYWTtYt1vqUTlDGqw.roa
File: KHhBLaYYS2xYWTtYt1vqUTlDGqw.roa (raw, json)
Hash identifier: 7nnKbTX8qsDJOWhAujVlq5rOahktsyorLGNMZ5BZ2Lk=
Subject key identifier: 28:78:41:2D:A6:18:4B:6C:58:59:3B:58:B7:5B:EA:51:39:43:1A:AC
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 42D0FF1C
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/KHhBLaYYS2xYWTtYt1vqUTlDGqw.roa
Signing time: Mon 02 May 2022 13:38:51 +0000
ROA not before: Mon 02 May 2022 13:38:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57646
IP address blocks: 86.107.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1120993052 (0x42d0ff1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: May 2 13:38:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2878412da6184b6c58593b58b75bea5139431aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fb:b8:1f:4c:13:bd:e1:39:3e:0b:c7:99:48:
56:28:7d:ab:da:f8:62:ef:e6:21:d1:93:22:31:d9:
a2:45:ea:f1:cb:e9:a5:95:f5:33:dd:c0:23:67:36:
9c:df:b9:43:86:b4:df:9d:1d:b7:09:74:89:62:0e:
4c:18:ae:1c:fe:47:96:c1:64:94:44:84:56:90:1f:
36:d6:81:e6:be:53:cd:47:43:54:9c:c6:3d:55:ec:
b6:39:4c:63:d6:5a:a4:4d:04:f8:17:3a:74:c7:1d:
19:9b:3c:4d:fc:ea:a8:2c:55:e1:ab:85:1f:88:5c:
1c:cb:2b:3c:0a:4a:58:43:73:80:92:58:1a:0f:95:
b0:a8:75:aa:5a:b1:63:05:1b:fa:e5:c4:23:cb:f9:
24:11:7f:60:91:1d:80:e2:5c:9c:aa:6a:bb:68:3b:
47:26:9f:ad:7e:bf:fa:6b:7b:05:46:8a:69:4e:ae:
eb:63:04:e8:e4:88:6c:8e:b0:39:b0:01:3e:05:a2:
b1:da:1e:5d:8a:1f:6f:b6:32:a5:97:8d:85:d2:c8:
e5:96:52:08:9b:f9:d7:bc:0d:04:67:29:ea:5a:92:
10:ba:35:09:1f:85:80:d9:5a:8b:b4:17:5e:7d:15:
4a:01:97:94:15:46:b7:5a:df:f8:39:78:af:d0:0e:
ec:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:78:41:2D:A6:18:4B:6C:58:59:3B:58:B7:5B:EA:51:39:43:1A:AC
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/KHhBLaYYS2xYWTtYt1vqUTlDGqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.185.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:90:68:df:f4:bb:cf:9e:46:07:19:18:3e:f3:07:0e:8e:43:
0e:4c:38:31:16:f3:7f:b0:31:46:ae:be:a4:f9:01:2b:d2:9a:
42:cc:fc:7c:92:3f:16:7e:0f:02:ea:2e:e3:53:ac:61:e2:cf:
4d:76:5e:92:50:23:72:08:99:8a:17:c9:69:9a:5c:c1:5d:df:
9c:01:9f:3b:5b:58:77:45:0f:92:e3:c5:6d:8c:f5:0c:c1:0e:
b5:90:2f:c4:98:6f:72:89:2a:06:d6:7f:29:03:75:2b:5f:c4:
27:68:e9:2d:79:91:e2:64:31:fa:1e:54:ee:7b:88:9e:e4:43:
2a:02:fa:4e:ac:b9:27:c1:a0:98:4e:e1:ed:5d:1e:21:a7:c7:
71:c1:86:29:fc:e9:b4:a4:f8:92:7a:a3:d9:1c:c0:3e:ab:83:
d0:f8:97:88:a5:10:20:be:cc:fd:45:73:f5:c5:e9:23:b7:32:
a2:ea:71:93:6b:7e:05:15:76:7e:fe:7a:29:7e:32:24:8c:ab:
41:b8:f2:fe:e3:c8:81:fe:f3:ef:71:ee:6e:4f:b6:a7:52:62:
9a:3e:60:8e:a1:9b:3e:b0:92:22:a5:01:3c:67:44:ff:57:d4:
f5:48:fe:20:a4:98:98:93:12:9e:dd:1a:cd:22:31:ea:50:14:
70:1d:28:6b
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEQtD/HDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDUw
MjEzMzg1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjg3ODQxMmRhNjE4
NGI2YzU4NTkzYjU4Yjc1YmVhNTEzOTQzMWFhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALf7uB9ME73hOT4Lx5lIVih9q9r4Yu/mIdGTIjHZokXq8cvp
pZX1M93AI2c2nN+5Q4a0350dtwl0iWIOTBiuHP5HlsFklESEVpAfNtaB5r5TzUdD
VJzGPVXstjlMY9ZapE0E+Bc6dMcdGZs8TfzqqCxV4auFH4hcHMsrPApKWENzgJJY
Gg+VsKh1qlqxYwUb+uXEI8v5JBF/YJEdgOJcnKpqu2g7RyafrX6/+mt7BUaKaU6u
62ME6OSIbI6wObABPgWisdoeXYofb7YypZeNhdLI5ZZSCJv517wNBGcp6lqSELo1
CR+FgNlai7QXXn0VSgGXlBVGt1rf+Dl4r9AO7CsCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQoeEEtphhLbFhZO1i3W+pROUMarDAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9LSGhCTGFZWVMyeFlXVHRZdDF2cVVUbERHcXcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmu5MA0GCSqGSIb3DQEBCwUA
A4IBAQCxkGjf9LvPnkYHGRg+8wcOjkMOTDgxFvN/sDFGrr6k+QEr0ppCzPx8kj8W
fg8C6i7jU6xh4s9Ndl6SUCNyCJmKF8lpmlzBXd+cAZ87W1h3RQ+S48VtjPUMwQ61
kC/EmG9yiSoG1n8pA3UrX8QnaOkteZHiZDH6HlTue4ie5EMqAvpOrLknwaCYTuHt
XR4hp8dxwYYp/Om0pPiSeqPZHMA+q4PQ+JeIpRAgvsz9RXP1xekjtzKi6nGTa34F
FXZ+/nopfjIkjKtBuPL+48iB/vPvce5uT7anUmKaPmCOoZs+sJIipQE8Z0T/V9T1
SP4gpJiYkxKe3RrNIjHqUBRwHShr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org