Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/KabSCft3cEi3uKI8-moSqZSkj34.roa
File: KabSCft3cEi3uKI8-moSqZSkj34.roa (raw, json)
Hash identifier: RtyVZL4nCGPBkzySy6WslNE5Q6GVnjIBwB4nxD4dlbE=
Subject key identifier: 29:A6:D2:09:FB:77:70:48:B7:B8:A2:3C:FA:6A:12:A9:94:A4:8F:7E
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 42A09A93
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/KabSCft3cEi3uKI8-moSqZSkj34.roa
Signing time: Sat 01 Jan 2022 06:05:01 +0000
ROA not before: Sat 01 Jan 2022 06:05:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33934
IP address blocks: 85.174.84.0/24 maxlen: 24
85.174.80.0/22 maxlen: 22
85.172.168.0/22 maxlen: 22
85.172.170.0/24 maxlen: 24
85.174.100.0/24 maxlen: 24
85.173.84.0/23 maxlen: 23
85.173.80.0/22 maxlen: 22
85.173.64.0/19 maxlen: 19
85.173.192.0/19 maxlen: 19
83.239.128.0/18 maxlen: 18
83.239.128.0/22 maxlen: 22
83.239.132.0/24 maxlen: 24
85.173.208.0/23 maxlen: 23
83.239.138.0/23 maxlen: 23
83.239.144.0/24 maxlen: 24
83.239.142.0/23 maxlen: 23
178.35.128.0/18 maxlen: 18
85.172.112.0/20 maxlen: 20
85.172.120.0/23 maxlen: 23
85.172.122.0/24 maxlen: 24
85.172.126.0/23 maxlen: 23
85.174.63.0/24 maxlen: 24
85.174.69.0/24 maxlen: 24
85.174.70.0/23 maxlen: 23
83.239.152.0/22 maxlen: 22
83.239.151.0/24 maxlen: 24
83.239.158.0/24 maxlen: 24
83.239.156.0/23 maxlen: 23
83.239.161.0/24 maxlen: 24
83.239.164.0/24 maxlen: 24
83.239.162.0/23 maxlen: 23
83.239.168.0/23 maxlen: 23
83.239.167.0/24 maxlen: 24
83.239.172.0/22 maxlen: 22
83.239.176.0/24 maxlen: 24
83.239.179.0/24 maxlen: 24
85.174.0.0/17 maxlen: 17
83.239.184.0/22 maxlen: 22
83.239.180.0/22 maxlen: 22
83.239.188.0/23 maxlen: 23
83.239.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1117821587 (0x42a09a93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 1 06:05:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29a6d209fb777048b7b8a23cfa6a12a994a48f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:04:8d:49:2c:91:10:a5:7a:34:63:ba:ee:32:
6f:72:cf:50:28:09:53:6d:76:3a:8c:14:ca:0e:9b:
25:3b:fc:8f:52:02:ec:11:e3:85:3e:68:6b:92:32:
56:6e:23:5f:71:f1:5d:af:50:ab:f9:34:10:b4:1d:
aa:54:85:dc:c5:be:5f:f1:08:aa:27:3b:5f:f3:de:
d4:d4:49:2a:3e:bd:91:5c:b7:2f:4c:5c:32:84:70:
c4:b4:d0:7f:d4:6b:cb:ee:f5:0f:e6:69:e4:cc:94:
77:f1:6b:ce:db:30:10:b7:92:40:e5:aa:9a:ff:da:
03:e3:f4:ae:aa:8e:3e:fc:52:c2:4c:1f:ab:97:f5:
ba:2e:e8:f7:00:e1:0e:3e:e8:b5:c1:32:85:5e:20:
83:94:0d:16:d0:62:7f:c8:7e:24:ab:9e:dd:5e:20:
28:df:44:a1:12:9e:60:da:ac:39:68:db:32:b5:66:
08:10:a5:0e:97:0c:ec:e8:f8:c4:45:39:4e:85:7d:
c8:48:19:dd:db:ce:ea:55:89:a7:0c:d4:2a:ca:3b:
f2:e0:dc:8e:63:0b:bf:f8:b4:14:e6:1f:86:79:b1:
e1:09:b9:2f:23:ab:7d:87:b4:6d:73:f0:4f:74:f0:
a2:99:df:5d:eb:2c:19:03:64:8a:74:fa:ad:cf:5f:
ca:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A6:D2:09:FB:77:70:48:B7:B8:A2:3C:FA:6A:12:A9:94:A4:8F:7E
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/KabSCft3cEi3uKI8-moSqZSkj34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.239.128.0/18
85.172.112.0/20
85.172.168.0/22
85.173.64.0/19
85.173.192.0/19
85.174.0.0/17
178.35.128.0/18
Signature Algorithm: sha256WithRSAEncryption
0a:ed:a2:52:b1:7c:87:a0:58:7a:26:98:c6:18:5f:8a:2c:1b:
17:4c:5f:19:3d:56:74:98:32:f3:c8:6d:1e:ff:d2:2c:a2:bc:
7a:ea:6f:38:c2:3c:13:0d:69:39:66:ea:1f:de:d7:ab:24:3b:
81:68:a8:d1:6d:21:23:7d:5a:be:54:b3:88:0e:60:96:dc:33:
3c:1d:7b:c6:43:ab:b1:d3:7b:c8:52:f9:3b:8d:fc:aa:41:f0:
83:58:a9:83:a4:81:45:3b:9e:9a:36:64:f6:5b:6b:81:17:ff:
8d:0e:c3:d3:d0:61:a9:f2:dd:a5:2b:77:0c:57:9b:55:9d:dd:
61:22:b9:71:d6:a0:09:11:69:81:0d:51:25:e1:f6:8b:4b:0a:
e2:b0:26:da:71:0e:60:9d:df:68:09:76:7c:9f:ee:99:c8:0d:
a1:c3:36:ee:0e:69:ec:6a:98:69:82:fc:b9:1f:81:f4:b8:dd:
13:13:f8:96:c7:7f:b0:e5:70:c8:a1:6f:a8:18:a3:1f:de:92:
a5:c0:a2:80:31:71:82:40:ab:47:c0:fa:47:dc:30:53:d7:2e:
28:d6:96:4d:51:ea:42:da:01:c8:90:e2:1a:d1:12:49:2a:5b:
d6:27:d8:63:ab:39:f7:87:2c:49:55:0e:a0:4a:bc:91:2c:3b:
4f:61:41:2a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEQqCakzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZWU1MzFiOWFjMjk5MGQ2OWE4YTVjMzAyM2U3MmU2ZDg0MWU2YzA5MB4XDTIyMDEw
MTA2MDUwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjlhNmQyMDlmYjc3
NzA0OGI3YjhhMjNjZmE2YTEyYTk5NGE0OGY3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEEjUkskRClejRjuu4yb3LPUCgJU212OowUyg6bJTv8j1IC
7BHjhT5oa5IyVm4jX3HxXa9Qq/k0ELQdqlSF3MW+X/EIqic7X/Pe1NRJKj69kVy3
L0xcMoRwxLTQf9Rry+71D+Zp5MyUd/FrztswELeSQOWqmv/aA+P0rqqOPvxSwkwf
q5f1ui7o9wDhDj7otcEyhV4gg5QNFtBif8h+JKue3V4gKN9EoRKeYNqsOWjbMrVm
CBClDpcM7Oj4xEU5ToV9yEgZ3dvO6lWJpwzUKso78uDcjmMLv/i0FOYfhnmx4Qm5
LyOrfYe0bXPwT3TwopnfXessGQNkinT6rc9fyq0CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBQpptIJ+3dwSLe4ojz6ahKplKSPfjAfBgNVHSMEGDAWgBRe5TG5rCmQ1pqK
XDAj5y5thB5sCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1h1VXh1YXdwa05hYWlsd3dJLWN1YllRZWJBay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvOWExZDQ0LTg2MDktNGU1ZS1iYTk0LTVhODZjMjc1N2MxZS8x
L0thYlNDZnQzY0VpM3VLSTgtbW9TcVpTa2ozNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
OWExZDQ0LTg2MDktNGU1ZS1iYTk0LTVhODZjMjc1N2MxZS8xL1h1VXh1YXdwa05h
YWlsd3dJLWN1YllRZWJBay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEBlPvgAMEBFWscAMEAlWsqAMEBVWt
QAMEBVWtwAMEB1WuAAMEBrIjgDANBgkqhkiG9w0BAQsFAAOCAQEACu2iUrF8h6BY
eiaYxhhfiiwbF0xfGT1WdJgy88htHv/SLKK8eupvOMI8Ew1pOWbqH97XqyQ7gWio
0W0hI31avlSziA5gltwzPB17xkOrsdN7yFL5O438qkHwg1ipg6SBRTuemjZk9ltr
gRf/jQ7D09BhqfLdpSt3DFebVZ3dYSK5cdagCRFpgQ1RJeH2i0sK4rAm2nEOYJ3f
aAl2fJ/umcgNocM27g5p7GqYaYL8uR+B9LjdExP4lsd/sOVwyKFvqBijH96SpcCi
gDFxgkCrR8D6R9wwU9cuKNaWTVHqQtoByJDiGtESSSpb1ifYY6s594csSVUOoEq8
kSw7T2FBKg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:55 2024 by rpki-client on console-fra.rpki-client.org