Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/kkNJvkWt28zz20OX5kbRw71H3Og.roa
File: kkNJvkWt28zz20OX5kbRw71H3Og.roa (raw, json)
Hash identifier: j7meDuB/voaXi36sjA6P2rSURJT16eev+IYbsT6Ms9Q=
Subject key identifier: 92:43:49:BE:45:AD:DB:CC:F3:DB:43:97:E6:46:D1:C3:BD:47:DC:E8
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0185578E015439A510B05612409E1489BAB8
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/kkNJvkWt28zz20OX5kbRw71H3Og.roa
Signing time: Wed 28 Dec 2022 07:06:42 +0000
ROA not before: Wed 28 Dec 2022 07:06:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 54994
IP address blocks: 163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:57:8e:01:54:39:a5:10:b0:56:12:40:9e:14:89:ba:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Dec 28 07:06:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=924349be45addbccf3db4397e646d1c3bd47dce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a1:9c:f7:8e:7a:e7:85:ad:30:af:e2:de:a1:
a8:c6:d1:f1:b0:0f:c6:56:8e:2a:b3:59:19:b5:eb:
84:38:4e:d1:99:25:54:ff:f3:5e:e2:91:0e:77:65:
c5:19:60:99:f9:4d:85:16:4f:00:15:25:e3:5e:51:
0b:b3:a0:8a:6f:8e:1c:ba:4e:45:1f:62:22:5d:da:
0e:69:8e:87:7b:c0:22:c3:3a:00:02:db:67:f4:c2:
d1:e3:e1:dd:69:f9:8d:8c:af:9f:a7:9d:d6:43:01:
5f:a2:57:bb:5a:17:46:94:94:b6:83:69:62:9a:55:
fa:3c:c5:cd:e3:03:99:15:d8:90:e3:08:f0:04:b8:
1e:5e:cb:da:b2:56:65:9f:7c:45:51:ac:9c:db:ac:
ac:fd:a9:1b:12:d9:63:55:83:a8:4a:cf:5d:43:ee:
75:7c:b6:8a:a3:5d:b0:25:c9:3c:ef:f9:ae:e1:22:
d2:27:ca:63:90:ba:33:1f:95:b6:ee:20:25:44:13:
a3:d2:58:31:b4:83:03:04:23:9f:7b:20:0c:32:38:
e1:c3:43:cf:a5:19:d8:56:51:1a:a1:23:42:87:37:
e6:85:ce:17:56:c9:15:23:bf:2b:82:45:17:88:99:
d0:1a:1b:ce:0f:aa:a1:cb:d3:9a:31:67:c5:f1:90:
fb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:43:49:BE:45:AD:DB:CC:F3:DB:43:97:E6:46:D1:C3:BD:47:DC:E8
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/kkNJvkWt28zz20OX5kbRw71H3Og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.135.0/24
148.253.34.0/24
148.253.231.0-148.253.235.255
148.253.237.0/24
163.171.64.0/24
163.171.67.0/24
163.171.70.0/24
163.171.166.0/24
163.171.177.0/24
163.171.182.0/24
163.171.188.0/24
163.171.222.0/24
163.171.231.0/24
163.171.252.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:ca:97:41:25:8c:65:87:73:01:54:78:e6:eb:b3:d5:ed:6e:
31:c6:52:06:04:c7:19:f0:7b:26:1b:3c:77:91:bf:00:5b:e1:
10:bf:fe:57:f3:e4:66:4b:db:44:f0:c5:99:77:ee:8a:5b:2f:
66:65:f1:2c:00:b2:9c:b5:af:e2:9a:e4:8c:33:7e:ed:35:6a:
e9:80:7a:2f:8f:63:68:1c:ca:66:6e:e5:f8:fd:1d:d6:91:0b:
5c:cc:88:6b:2e:20:ae:86:59:2f:8d:3c:ed:a7:31:17:c0:9f:
ef:85:9a:d2:58:48:d7:5d:65:f8:3d:78:aa:8a:04:03:04:82:
27:c4:dd:0c:ec:4f:92:d6:35:d3:ea:3b:ca:93:d8:66:4f:a1:
30:47:bb:b2:5c:55:72:67:87:fa:56:f1:d2:9d:c1:94:df:7c:
4c:b5:74:5a:fb:6c:d5:25:2e:09:ce:53:de:8f:91:9f:80:f2:
d7:93:ef:fe:c0:1d:50:5a:aa:b6:0a:ac:e6:c8:ad:d3:01:b2:
71:c1:b3:39:bd:60:0c:2c:76:fa:32:3a:02:9d:88:99:5f:51:
85:d5:7e:d0:e6:8a:ca:f5:77:bd:3e:1d:c3:53:1f:4d:11:2c:
9f:a7:11:d6:50:89:9b:dd:a7:20:0a:ae:8a:3d:c1:35:f9:11:
e8:9f:e4:d5
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYVXjgFUOaUQsFYSQJ4Uibq4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjIxMjI4MDcwNjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjQzNDliZTQ1YWRkYmNjZjNkYjQzOTdlNjQ2ZDFjM2JkNDdkY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6Gc945654WtMK/i3qGoxtHxsA/G
Vo4qs1kZteuEOE7RmSVU//Ne4pEOd2XFGWCZ+U2FFk8AFSXjXlELs6CKb44cuk5F
H2IiXdoOaY6He8AiwzoAAttn9MLR4+HdafmNjK+fp53WQwFfole7WhdGlJS2g2li
mlX6PMXN4wOZFdiQ4wjwBLgeXsvaslZln3xFUayc26ys/akbEtljVYOoSs9dQ+51
fLaKo12wJck87/mu4SLSJ8pjkLozH5W27iAlRBOj0lgxtIMDBCOfeyAMMjjhw0PP
pRnYVlEaoSNChzfmhc4XVskVI78rgkUXiJnQGhvOD6qhy9OaMWfF8ZD7IQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFJJDSb5FrdvM89tDl+ZG0cO9R9zoMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEva2tOSnZrV3QyOHp6MjBPWDVrYlJ3NzFIM09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAXbyHAwQA
lP0iMAwDBACU/ecDBAKU/egDBACU/e0DBACjq0ADBACjq0MDBACjq0YDBACjq6YD
BACjq7EDBACjq7YDBACjq7wDBACjq94DBACjq+cDBACjq/wwDQYJKoZIhvcNAQEL
BQADggEBAJzKl0EljGWHcwFUeObrs9XtbjHGUgYExxnweyYbPHeRvwBb4RC//lfz
5GZL20TwxZl37opbL2Zl8SwAspy1r+Ka5Iwzfu01aumAei+PY2gcymZu5fj9HdaR
C1zMiGsuIK6GWS+NPO2nMRfAn++FmtJYSNddZfg9eKqKBAMEgifE3QzsT5LWNdPq
O8qT2GZPoTBHu7JcVXJnh/pW8dKdwZTffEy1dFr7bNUlLgnOU96PkZ+A8teT7/7A
HVBaqrYKrObIrdMBsnHBszm9YAwsdvoyOgKdiJlfUYXVftDmisr1d70+HcNTH00R
LJ+nEdZQiZvdpyAKroo9wTX5Eeif5NU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org