Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KWRms9tIi_iu9zEaR8oCPuv-CxM.roa
File: KWRms9tIi_iu9zEaR8oCPuv-CxM.roa (raw, json)
Hash identifier: h3Vn3DCE6JE4Aq7dCj05K1Q9zJoG71CYjoIUDD7McBs=
Subject key identifier: 29:64:66:B3:DB:48:8B:F8:AE:F7:31:1A:47:CA:02:3E:EB:FE:0B:13
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 0F9A3F82
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KWRms9tIi_iu9zEaR8oCPuv-CxM.roa
Signing time: Tue 01 Mar 2022 09:37:27 +0000
ROA not before: Tue 01 Mar 2022 09:37:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34177
IP address blocks: 5.133.68.0/22 maxlen: 22
83.142.144.0/21 maxlen: 21
212.106.96.0/19 maxlen: 19
91.90.96.0/21 maxlen: 21
82.210.0.0/19 maxlen: 19
195.15.128.0/18 maxlen: 18
185.5.108.0/22 maxlen: 22
78.31.40.0/21 maxlen: 21
83.118.192.0/19 maxlen: 19
178.16.160.0/20 maxlen: 20
159.180.224.0/19 maxlen: 19
82.210.32.0/19 maxlen: 19
94.228.176.0/20 maxlen: 20
2001:ab8::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 261767042 (0xf9a3f82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Mar 1 09:37:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=296466b3db488bf8aef7311a47ca023eebfe0b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e3:71:00:14:af:93:2e:1f:24:4c:10:f1:82:
72:5a:e2:2a:a1:d6:91:34:28:7d:ac:cb:a0:a4:46:
80:bb:ad:5d:a8:2b:6a:60:a0:c4:8d:5e:1c:26:d1:
50:78:ea:10:2e:ff:46:f6:df:6f:6d:c8:01:dc:85:
af:77:be:54:b3:24:0c:9b:25:29:00:c5:03:1e:a3:
ad:7b:63:e6:7b:d2:e3:0b:09:16:53:68:4b:8e:f3:
2e:5b:2d:0b:ff:5c:73:54:c4:5c:91:a7:fc:56:5f:
ef:7a:16:63:90:d3:78:46:c9:91:2a:c9:6c:93:97:
42:0e:c8:d1:bc:99:40:78:4d:f8:96:ac:e8:0a:00:
cd:a0:ab:f3:02:dc:e5:23:a7:3d:ff:a8:25:85:6a:
3f:8e:5c:e6:78:89:56:c4:33:5f:42:ff:40:4f:4f:
0b:0f:f6:a6:10:41:57:56:67:68:62:00:68:13:c2:
27:4c:0a:c9:80:e5:d4:29:88:80:20:e8:76:81:fd:
c6:68:52:f7:05:1f:bf:fc:89:e7:c1:17:69:46:73:
2d:91:75:52:a1:d3:68:6e:86:c4:21:6a:4b:3a:98:
73:59:37:40:dd:52:bf:9e:81:82:bf:e8:a5:0d:7a:
82:00:a4:b5:01:db:9e:23:4c:43:1e:71:b6:0d:1a:
79:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:64:66:B3:DB:48:8B:F8:AE:F7:31:1A:47:CA:02:3E:EB:FE:0B:13
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KWRms9tIi_iu9zEaR8oCPuv-CxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0/22
78.31.40.0/21
82.210.0.0/18
83.118.192.0/19
83.142.144.0/21
91.90.96.0/21
94.228.176.0/20
159.180.224.0/19
178.16.160.0/20
185.5.108.0/22
195.15.128.0/18
212.106.96.0/19
IPv6:
2001:ab8::/29
Signature Algorithm: sha256WithRSAEncryption
42:3e:f0:1c:ba:fe:61:6d:65:9d:8f:de:3f:79:3e:01:16:df:
88:65:f4:de:ec:3c:5b:ec:12:6a:a1:66:d1:11:9a:92:72:75:
f7:3c:23:9f:86:0a:b1:60:af:98:53:b9:c5:75:bb:ba:18:ed:
c2:52:07:fe:9e:4b:a9:73:13:0f:a1:50:06:8d:d9:ac:83:7f:
d8:83:14:c2:93:10:0e:b6:dd:73:ee:52:23:82:ee:9d:c2:5d:
8a:b2:5c:bc:37:80:1a:5f:ac:24:e0:be:de:34:16:6a:21:88:
d8:82:dd:ea:f1:63:1c:34:20:bd:1c:fb:78:be:9f:0a:9c:ce:
a1:26:23:4b:1f:22:d3:56:55:bf:8a:aa:c6:f5:5b:f6:55:ba:
a6:90:70:98:05:88:fc:37:7f:5b:d7:ab:10:ed:24:7f:9e:57:
48:dd:e1:30:64:2a:c8:5d:ab:55:6b:a8:c7:e0:d5:be:25:26:
e5:c4:4f:f1:d4:e5:ef:e7:30:d4:e0:46:bd:f1:00:13:52:cb:
79:60:e9:9c:1e:e3:44:84:8d:c1:83:0e:61:b2:dd:70:ee:ae:
61:c6:e2:c4:7b:a9:59:e2:03:3c:a5:2b:ee:70:18:b2:cf:d3:
e6:06:a0:d1:19:b4:ca:f7:4e:9c:ff:a1:40:63:8d:1e:44:a1:
01:8b:7f:66
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIED5o/gjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTdjNTA4ZDIzYjM4MzE1YmJmNDViNzI2ZDIyMDUwYTQ2MTI3YjhjMB4XDTIyMDMw
MTA5MzcyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk2NDY2YjNkYjQ4
OGJmOGFlZjczMTFhNDdjYTAyM2VlYmZlMGIxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTjcQAUr5MuHyRMEPGCclriKqHWkTQofazLoKRGgLutXagr
amCgxI1eHCbRUHjqEC7/Rvbfb23IAdyFr3e+VLMkDJslKQDFAx6jrXtj5nvS4wsJ
FlNoS47zLlstC/9cc1TEXJGn/FZf73oWY5DTeEbJkSrJbJOXQg7I0byZQHhN+Jas
6AoAzaCr8wLc5SOnPf+oJYVqP45c5niJVsQzX0L/QE9PCw/2phBBV1ZnaGIAaBPC
J0wKyYDl1CmIgCDodoH9xmhS9wUfv/yJ58EXaUZzLZF1UqHTaG6GxCFqSzqYc1k3
QN1Sv56Bgr/opQ16ggCktQHbniNMQx5xtg0aeR0CAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBQpZGaz20iL+K73MRpHygI+6/4LEzAfBgNVHSMEGDAWgBQpfFCNI7ODFbv0
W3JtIgUKRhJ7jDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tYeFFqU096Z3hXNzlGdHliU0lGQ2tZU2U0dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvOGFiZWVkLWY1M2ItNDc3Ni1hOGUyLTM2ZTlhNzliZDk1MC8x
L0tXUm1zOXRJaV9pdTl6RWFSOG9DUHV2LUN4TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
OGFiZWVkLWY1M2ItNDc3Ni1hOGUyLTM2ZTlhNzliZDk1MC8xL0tYeFFqU096Z3hX
NzlGdHliU0lGQ2tZU2U0dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAgWFRAMEA04fKAMEBlLSAAMEBVN2
wAMEA1OOkAMEA1taYAMEBF7ksAMEBZ+04AMEBLIQoAMEArkFbAMEBsMPgAMEBdRq
YDANBAIAAjAHAwUDIAEKuDANBgkqhkiG9w0BAQsFAAOCAQEAQj7wHLr+YW1lnY/e
P3k+ARbfiGX03uw8W+wSaqFm0RGaknJ19zwjn4YKsWCvmFO5xXW7uhjtwlIH/p5L
qXMTD6FQBo3ZrIN/2IMUwpMQDrbdc+5SI4LuncJdirJcvDeAGl+sJOC+3jQWaiGI
2ILd6vFjHDQgvRz7eL6fCpzOoSYjSx8i01ZVv4qqxvVb9lW6ppBwmAWI/Dd/W9er
EO0kf55XSN3hMGQqyF2rVWuox+DVviUm5cRP8dTl7+cw1OBGvfEAE1LLeWDpnB7j
RISNwYMOYbLdcO6uYcbixHupWeIDPKUr7nAYss/T5gag0Rm0yvdOnP+hQGONHkSh
AYt/Zg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:51 2023 by rpki-client on console-fra.rpki-client.org