Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/7c21c2-8a28-4243-b65d-a05725f9d780/1/2KJDDmwe-_ySyPXzGMTE0vkjAZM.roa
File: 2KJDDmwe-_ySyPXzGMTE0vkjAZM.roa (raw, json)
Hash identifier: LZp6PJzVHud/dRyZYc/nDcP+CJFXFBpwT4KwHyOAlZ4=
Subject key identifier: D8:A2:43:0E:6C:1E:FB:FC:92:C8:F5:F3:18:C4:C4:D2:F9:23:01:93
Certificate issuer: /CN=d0799179e6398b8abf99c2d451d1f7ce5fca8672
Certificate serial: 0744195A
Authority key identifier: D0:79:91:79:E6:39:8B:8A:BF:99:C2:D4:51:D1:F7:CE:5F:CA:86:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0HmReeY5i4q_mcLUUdH3zl_KhnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/7c21c2-8a28-4243-b65d-a05725f9d780/1/2KJDDmwe-_ySyPXzGMTE0vkjAZM.roa
Signing time: Sat 01 Jan 2022 05:53:56 +0000
ROA not before: Sat 01 Jan 2022 05:53:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 194.49.17.0/24 maxlen: 24
194.49.16.0/24 maxlen: 24
194.49.4.0/24 maxlen: 24
194.49.5.0/24 maxlen: 24
2a0f:544::/30 maxlen: 30
2a0f:540::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121903450 (0x744195a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0799179e6398b8abf99c2d451d1f7ce5fca8672
Validity
Not Before: Jan 1 05:53:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8a2430e6c1efbfc92c8f5f318c4c4d2f9230193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:53:81:37:3e:af:d6:16:bc:87:8b:63:4a:ed:
b1:6b:27:df:64:12:9a:75:e5:60:58:b0:c9:ff:ba:
b3:66:80:d6:75:02:3b:f0:49:8a:bd:e6:f4:7b:26:
27:f4:0b:7b:31:7c:07:48:c2:a6:85:88:64:7d:50:
01:94:c3:a0:fc:39:b7:6e:21:60:52:dd:a3:b4:a1:
2b:71:5c:77:c4:cc:1f:08:eb:97:cb:d2:c6:15:1b:
28:ee:0b:0f:33:3c:d4:49:e8:23:66:8d:19:b5:07:
c5:8e:12:6c:39:fe:9b:ad:cb:83:a7:f7:a0:9c:bb:
7c:ad:51:7d:30:d1:c2:d2:de:bf:50:d5:29:90:1b:
45:36:9b:90:2b:e5:a2:66:0d:60:8f:13:0a:8c:be:
97:05:8a:70:56:d5:41:6d:52:52:d7:94:4a:24:b3:
52:62:c3:08:ff:a6:3b:6b:b9:b0:a1:26:98:8a:48:
b1:12:45:48:b9:d4:51:f2:d4:a2:4d:a7:0f:72:04:
1c:13:90:b5:1c:4a:04:47:df:a7:a6:b8:91:e8:f7:
da:90:f1:a1:73:fe:50:fa:ae:5a:a1:d7:ec:39:ac:
a1:1e:80:73:f3:78:f4:26:8f:c6:92:ce:90:c6:98:
7f:4d:38:1a:15:71:34:4f:15:86:ae:b8:75:f4:18:
14:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A2:43:0E:6C:1E:FB:FC:92:C8:F5:F3:18:C4:C4:D2:F9:23:01:93
X509v3 Authority Key Identifier:
keyid:D0:79:91:79:E6:39:8B:8A:BF:99:C2:D4:51:D1:F7:CE:5F:CA:86:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0HmReeY5i4q_mcLUUdH3zl_KhnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7c21c2-8a28-4243-b65d-a05725f9d780/1/2KJDDmwe-_ySyPXzGMTE0vkjAZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7c21c2-8a28-4243-b65d-a05725f9d780/1/0HmReeY5i4q_mcLUUdH3zl_KhnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.4.0/23
194.49.16.0/23
IPv6:
2a0f:540::/29
Signature Algorithm: sha256WithRSAEncryption
7c:db:36:5e:28:e3:e5:c3:68:0d:70:81:3e:24:4e:e7:f9:f1:
74:b9:8f:6b:28:3d:d6:a7:ea:39:0e:98:32:0e:6c:bb:75:a0:
aa:06:84:48:d4:63:f2:4a:f8:3e:c4:93:de:b9:5b:13:b9:27:
c8:93:c2:ad:e1:0d:fd:94:63:b7:46:a0:bd:d3:f9:b3:32:0b:
f9:3d:67:b3:18:35:94:dd:fc:f1:4d:5a:e2:5f:38:25:2b:39:
43:2e:f8:08:a7:8b:6c:91:40:3b:f7:cc:a5:04:58:50:b1:32:
f9:a6:1f:49:18:39:52:33:29:02:eb:5d:20:ca:2d:3c:1b:3e:
9b:39:21:41:e2:1b:6c:65:99:78:20:25:ec:a1:c7:ca:1c:e8:
50:58:b0:ff:40:13:10:af:69:72:9b:f0:c7:a3:48:42:5d:59:
74:62:ca:84:72:d9:06:3b:1f:3b:6e:b1:d5:b4:9b:79:aa:ae:
55:74:32:bb:96:d3:c4:cf:f2:b3:16:5f:ac:1c:87:cf:00:a9:
ba:4f:5f:d9:85:2d:89:e2:dc:f2:10:67:da:49:10:5c:42:90:
76:55:db:cd:b0:b4:8d:6f:53:e5:e4:4a:f2:28:5e:52:ed:17:
de:ea:b3:85:58:e4:fd:e5:51:85:20:d3:26:f5:23:cd:b2:8c:
5f:c3:7a:5e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEB0QZWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDc5OTE3OWU2Mzk4YjhhYmY5OWMyZDQ1MWQxZjdjZTVmY2E4NjcyMB4XDTIyMDEw
MTA1NTM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhhMjQzMGU2YzFl
ZmJmYzkyYzhmNWYzMThjNGM0ZDJmOTIzMDE5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1TgTc+r9YWvIeLY0rtsWsn32QSmnXlYFiwyf+6s2aA1nUC
O/BJir3m9HsmJ/QLezF8B0jCpoWIZH1QAZTDoPw5t24hYFLdo7ShK3Fcd8TMHwjr
l8vSxhUbKO4LDzM81EnoI2aNGbUHxY4SbDn+m63Lg6f3oJy7fK1RfTDRwtLev1DV
KZAbRTabkCvlomYNYI8TCoy+lwWKcFbVQW1SUteUSiSzUmLDCP+mO2u5sKEmmIpI
sRJFSLnUUfLUok2nD3IEHBOQtRxKBEffp6a4kej32pDxoXP+UPquWqHX7DmsoR6A
c/N49CaPxpLOkMaYf004GhVxNE8Vhq64dfQYFOUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTYokMObB77/JLI9fMYxMTS+SMBkzAfBgNVHSMEGDAWgBTQeZF55jmLir+Z
wtRR0ffOX8qGcjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBIbVJlZVk1aTRxX21jTFVVZEgzemxfS2huSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvN2MyMWMyLThhMjgtNDI0My1iNjVkLWEwNTcyNWY5ZDc4MC8x
LzJLSkREbXdlLV95U3lQWHpHTVRFMHZrakFaTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
N2MyMWMyLThhMjgtNDI0My1iNjVkLWEwNTcyNWY5ZDc4MC8xLzBIbVJlZVk1aTRx
X21jTFVVZEgzemxfS2huSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAcIxBAMEAcIxEDANBAIAAjAHAwUD
Kg8FQDANBgkqhkiG9w0BAQsFAAOCAQEAfNs2Xijj5cNoDXCBPiRO5/nxdLmPayg9
1qfqOQ6YMg5su3WgqgaESNRj8kr4PsST3rlbE7knyJPCreEN/ZRjt0agvdP5szIL
+T1nsxg1lN388U1a4l84JSs5Qy74CKeLbJFAO/fMpQRYULEy+aYfSRg5UjMpAutd
IMotPBs+mzkhQeIbbGWZeCAl7KHHyhzoUFiw/0ATEK9pcpvwx6NIQl1ZdGLKhHLZ
BjsfO26x1bSbeaquVXQyu5bTxM/ysxZfrByHzwCpuk9f2YUtieLc8hBn2kkQXEKQ
dlXbzbC0jW9T5eRK8iheUu0X3uqzhVjk/eVRhSDTJvUjzbKMX8N6Xg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:52 2024 by rpki-client on console-fra.rpki-client.org