Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/ks4VRc3cIi3aZmjoYVjozGgJhO4.roa
File: ks4VRc3cIi3aZmjoYVjozGgJhO4.roa (raw, json)
Hash identifier: gcnUT3XFxT3nL36Hn/HSJiLmAEF/FKakEBKrdNRD6Pc=
Subject key identifier: 92:CE:15:45:CD:DC:22:2D:DA:66:68:E8:61:58:E8:CC:68:09:84:EE
Certificate issuer: /CN=40cfd3a49bc71e74a0d0bf7e346ca89b29597a12
Certificate serial: 08B6403D
Authority key identifier: 40:CF:D3:A4:9B:C7:1E:74:A0:D0:BF:7E:34:6C:A8:9B:29:59:7A:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QM_TpJvHHnSg0L9-NGyomylZehI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/ks4VRc3cIi3aZmjoYVjozGgJhO4.roa
Signing time: Sat 01 Jan 2022 10:57:33 +0000
ROA not before: Sat 01 Jan 2022 10:57:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29119
IP address blocks: 185.223.96.0/22 maxlen: 22
195.128.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146161725 (0x8b6403d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40cfd3a49bc71e74a0d0bf7e346ca89b29597a12
Validity
Not Before: Jan 1 10:57:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92ce1545cddc222dda6668e86158e8cc680984ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ea:17:1b:f8:8f:80:88:c5:d0:95:da:8d:de:
4a:7d:7a:60:e2:8b:94:9c:80:98:6b:46:88:74:0c:
01:2f:1a:e9:40:f9:a1:64:8a:07:2e:a9:93:fd:7f:
9f:92:be:f0:5b:4f:4d:b4:92:13:7b:56:87:3d:ff:
63:7d:a7:c9:b0:c6:c4:e8:80:7e:87:b6:98:e6:01:
5e:d1:4e:fe:0b:ac:52:af:3c:18:89:d7:5a:43:e1:
96:20:a1:dc:c8:c6:2c:bc:f9:33:c5:77:12:a9:34:
f9:c8:d5:cf:f3:30:3c:eb:55:af:09:93:09:7e:e9:
44:3f:8b:72:eb:74:a4:28:ea:46:06:ac:9e:cf:a9:
22:f6:80:17:8b:ed:51:cd:73:ee:ba:bf:33:28:15:
cd:c7:42:bf:df:d5:d8:4b:5e:9c:a0:04:db:fb:df:
3d:82:6e:41:8b:19:8d:35:ad:0c:c9:4b:6c:37:06:
92:6e:4d:14:34:bc:44:54:cd:5a:0b:49:64:cf:42:
0f:82:d4:84:9d:58:5a:d9:de:a0:80:77:0f:5f:76:
2b:18:4a:c8:81:87:43:4e:68:f6:c5:ad:eb:5d:13:
bc:2f:d7:e1:c1:9c:c7:8c:ef:4d:5e:19:73:2d:98:
e9:62:49:92:52:ec:d3:e8:c4:2b:89:dd:11:e0:ce:
dd:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:CE:15:45:CD:DC:22:2D:DA:66:68:E8:61:58:E8:CC:68:09:84:EE
X509v3 Authority Key Identifier:
keyid:40:CF:D3:A4:9B:C7:1E:74:A0:D0:BF:7E:34:6C:A8:9B:29:59:7A:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QM_TpJvHHnSg0L9-NGyomylZehI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/ks4VRc3cIi3aZmjoYVjozGgJhO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/QM_TpJvHHnSg0L9-NGyomylZehI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.96.0/22
195.128.12.0/22
Signature Algorithm: sha256WithRSAEncryption
ca:a2:07:d8:f4:69:aa:8c:e6:bb:c2:67:9b:6e:48:66:87:c6:
ad:28:95:b6:21:ee:44:78:71:a9:ea:66:5e:0a:e8:af:46:fd:
05:a3:e2:cc:22:81:65:09:1c:8a:f5:91:82:79:f8:ba:c1:29:
2f:d2:65:cc:d3:60:c6:08:7a:e7:fd:8d:38:01:7e:c2:47:40:
13:86:15:3e:ed:40:47:09:db:26:5e:4c:c2:a5:81:df:4f:ad:
95:8a:95:dc:56:01:bf:a9:29:e0:2a:b6:74:d5:47:21:41:92:
a1:01:aa:01:b5:a6:28:26:56:ff:06:76:39:76:cd:5f:23:fd:
66:a5:5e:23:8b:d5:1b:d5:95:ca:08:8f:22:e9:ec:16:12:0f:
fb:ea:69:f9:ab:0b:13:6f:33:ad:95:23:9d:99:67:60:4c:82:
cc:c1:4e:2d:7f:f6:05:14:0f:05:94:bd:2f:ea:f1:db:a6:61:
8d:0f:86:1c:35:d1:8d:b4:7c:f6:a2:21:31:74:9e:73:f7:9b:
37:c2:1a:f5:6b:8f:c5:87:8e:32:09:86:17:72:c2:0f:56:d8:
47:94:06:f7:ff:93:ec:0a:be:3b:cb:dc:8c:d9:92:44:20:4e:
d8:61:a4:5b:1a:4b:cd:6e:c6:fe:8c:10:7b:b8:2c:10:8b:e7:
7b:f8:84:00
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECLZAPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MGNmZDNhNDliYzcxZTc0YTBkMGJmN2UzNDZjYTg5YjI5NTk3YTEyMB4XDTIyMDEw
MTEwNTczM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTJjZTE1NDVjZGRj
MjIyZGRhNjY2OGU4NjE1OGU4Y2M2ODA5ODRlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJLqFxv4j4CIxdCV2o3eSn16YOKLlJyAmGtGiHQMAS8a6UD5
oWSKBy6pk/1/n5K+8FtPTbSSE3tWhz3/Y32nybDGxOiAfoe2mOYBXtFO/gusUq88
GInXWkPhliCh3MjGLLz5M8V3Eqk0+cjVz/MwPOtVrwmTCX7pRD+Lcut0pCjqRgas
ns+pIvaAF4vtUc1z7rq/MygVzcdCv9/V2EtenKAE2/vfPYJuQYsZjTWtDMlLbDcG
km5NFDS8RFTNWgtJZM9CD4LUhJ1YWtneoIB3D192KxhKyIGHQ05o9sWt610TvC/X
4cGcx4zvTV4Zcy2Y6WJJklLs0+jEK4ndEeDO3SkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSSzhVFzdwiLdpmaOhhWOjMaAmE7jAfBgNVHSMEGDAWgBRAz9Okm8cedKDQ
v340bKibKVl6EjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FNX1RwSnZISG5TZzBMOS1OR3lvbXlsWmVoSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTEvMGI5ZjA3LWYxNjYtNDY3NS1iMTg1LTYwYjZlYmJiN2U2Zi8x
L2tzNFZSYzNjSWkzYVptam9ZVmpvekdnSmhPNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEv
MGI5ZjA3LWYxNjYtNDY3NS1iMTg1LTYwYjZlYmJiN2U2Zi8xL1FNX1RwSnZISG5T
ZzBMOS1OR3lvbXlsWmVoSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArnfYAMEAsOADDANBgkqhkiG9w0B
AQsFAAOCAQEAyqIH2PRpqozmu8Jnm25IZofGrSiVtiHuRHhxqepmXgror0b9BaPi
zCKBZQkcivWRgnn4usEpL9JlzNNgxgh65/2NOAF+wkdAE4YVPu1ARwnbJl5MwqWB
30+tlYqV3FYBv6kp4Cq2dNVHIUGSoQGqAbWmKCZW/wZ2OXbNXyP9ZqVeI4vVG9WV
ygiPIunsFhIP++pp+asLE28zrZUjnZlnYEyCzMFOLX/2BRQPBZS9L+rx26ZhjQ+G
HDXRjbR89qIhMXSec/ebN8Ia9WuPxYeOMgmGF3LCD1bYR5QG9/+T7Aq+O8vcjNmS
RCBO2GGkWxpLzW7G/owQe7gsEIvne/iEAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:46 2024 by rpki-client on console-ams.rpki-client.org