Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/kTs-MoKfHQuk91idId5EqbzGsz8.roa
File: kTs-MoKfHQuk91idId5EqbzGsz8.roa (raw, json)
Hash identifier: L/SGxQQAb70Aaq9MF0J0YyCYtWIZ1t6SnSx2bbp62C8=
Subject key identifier: 91:3B:3E:32:82:9F:1D:0B:A4:F7:58:9D:21:DE:44:A9:BC:C6:B3:3F
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 42AC4BB6
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/kTs-MoKfHQuk91idId5EqbzGsz8.roa
Signing time: Tue 26 Apr 2022 12:34:03 +0000
ROA not before: Tue 26 Apr 2022 12:34:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12442
IP address blocks: 85.204.233.0/24 maxlen: 24
188.240.240.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1118587830 (0x42ac4bb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Apr 26 12:34:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=913b3e32829f1d0ba4f7589d21de44a9bcc6b33f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:92:a3:2a:b9:29:82:3d:5e:79:e1:c8:a8:33:
16:4e:f3:3c:92:79:e4:75:7b:d6:52:40:10:a2:45:
4d:ac:54:02:11:87:58:f7:f1:e2:a4:6b:c3:19:f3:
cd:ec:9c:94:78:83:b0:89:ad:d5:1c:88:73:dc:58:
f7:52:4a:3b:0a:5d:cf:39:7d:db:8e:25:e9:c1:4a:
11:cb:2a:00:72:64:41:43:7d:9c:11:97:52:23:33:
e7:84:da:b0:6c:e9:18:08:51:c5:bf:43:b7:08:dd:
c4:30:05:71:c1:47:53:37:9a:08:cd:7e:e2:55:93:
6e:b8:56:38:9c:27:7d:bd:dc:04:59:b1:e9:9c:fa:
e4:e6:3f:d0:53:89:75:51:5a:88:c2:64:e6:61:96:
da:d2:7c:b1:34:d6:e4:df:06:df:7f:18:fa:ad:e5:
32:3e:71:ef:5b:1c:13:5e:a9:ad:85:19:e3:96:85:
4a:37:60:4f:f8:d6:3d:fe:4d:2f:00:ca:28:1c:fa:
7f:9f:3a:e1:ea:3a:35:df:38:e6:86:c1:20:1a:77:
ae:20:3a:01:24:7b:80:b9:78:90:bf:f8:54:4b:76:
17:07:40:b2:6b:62:f5:b0:96:07:23:7c:b2:44:30:
02:05:3b:f8:f9:a3:c2:3e:2f:79:11:e1:a3:27:d6:
8c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3B:3E:32:82:9F:1D:0B:A4:F7:58:9D:21:DE:44:A9:BC:C6:B3:3F
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/kTs-MoKfHQuk91idId5EqbzGsz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.233.0/24
188.240.240.0/21
Signature Algorithm: sha256WithRSAEncryption
86:91:ae:2d:07:f1:ca:21:97:09:74:7b:85:d5:4a:34:d6:a5:
0e:0b:ef:62:1c:29:df:2f:e1:84:80:6d:8e:14:17:e5:df:ba:
e3:c9:79:67:b2:bf:46:55:d3:01:91:dd:be:a3:99:9f:88:ed:
80:3b:24:11:09:74:17:ac:2c:53:72:db:af:0a:60:9b:7a:4f:
14:fa:84:9a:b1:8e:00:9f:01:d8:58:d9:51:f4:7a:3f:b6:10:
b6:c4:af:8e:cc:6e:2d:77:06:53:12:ba:36:cc:4a:19:78:cd:
3e:d5:5f:ed:cf:cd:c8:d8:80:4a:cb:8f:6e:a3:00:85:7b:56:
1e:e2:02:f5:60:09:5a:ff:e4:7f:1e:05:a9:14:e9:27:5a:1c:
5d:ff:97:9c:13:23:96:21:4a:63:dc:c7:b4:0d:0b:91:65:8f:
72:56:0d:e7:29:f6:46:40:32:e8:ac:48:42:71:30:5b:81:54:
a5:27:06:5e:11:f8:59:75:bb:f7:03:8d:63:c2:9f:87:4c:ee:
0a:b2:63:ce:2a:d2:9e:d2:ba:80:a0:7c:d7:8c:34:4e:fc:a8:
03:52:4e:cc:21:b2:2e:09:c0:4b:ff:b0:93:4e:8d:05:29:c5:
97:1b:bb:09:c0:c5:10:0f:31:5e:2e:89:fb:7d:d3:06:49:ce:
c8:d0:89:b5
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEQqxLtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDQy
NjEyMzQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTEzYjNlMzI4Mjlm
MWQwYmE0Zjc1ODlkMjFkZTQ0YTliY2M2YjMzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+Soyq5KYI9XnnhyKgzFk7zPJJ55HV71lJAEKJFTaxUAhGH
WPfx4qRrwxnzzeyclHiDsImt1RyIc9xY91JKOwpdzzl9244l6cFKEcsqAHJkQUN9
nBGXUiMz54TasGzpGAhRxb9DtwjdxDAFccFHUzeaCM1+4lWTbrhWOJwnfb3cBFmx
6Zz65OY/0FOJdVFaiMJk5mGW2tJ8sTTW5N8G338Y+q3lMj5x71scE16prYUZ45aF
SjdgT/jWPf5NLwDKKBz6f5864eo6Nd845obBIBp3riA6ASR7gLl4kL/4VEt2FwdA
smti9bCWByN8skQwAgU7+Pmjwj4veRHhoyfWjEMCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSROz4ygp8dC6T3WJ0h3kSpvMazPzAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9rVHMtTW9LZkhRdWs5MWlkSWQ1RXFiekdzejgucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVczpAwQDvPDwMA0GCSqGSIb3
DQEBCwUAA4IBAQCGka4tB/HKIZcJdHuF1Uo01qUOC+9iHCnfL+GEgG2OFBfl37rj
yXlnsr9GVdMBkd2+o5mfiO2AOyQRCXQXrCxTctuvCmCbek8U+oSasY4AnwHYWNlR
9Ho/thC2xK+OzG4tdwZTEro2zEoZeM0+1V/tz83I2IBKy49uowCFe1Ye4gL1YAla
/+R/HgWpFOknWhxd/5ecEyOWIUpj3Me0DQuRZY9yVg3nKfZGQDLorEhCcTBbgVSl
JwZeEfhZdbv3A41jwp+HTO4KsmPOKtKe0rqAoHzXjDRO/KgDUk7MIbIuCcBL/7CT
To0FKcWXG7sJwMUQDzFeLon7fdMGSc7I0Im1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org