Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KB4iUMhQ8KNwjROV6pCpYUGLM98.roa
File: KB4iUMhQ8KNwjROV6pCpYUGLM98.roa (raw, json)
Hash identifier: UB3TFbjvNcE6AyLbEQfYNp2R0qTKfhpZKttLcmrcI1U=
Subject key identifier: 28:1E:22:50:C8:50:F0:A3:70:8D:13:95:EA:90:A9:61:41:8B:33:DF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0184855D249BE49CC9C9E314E254140C895C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KB4iUMhQ8KNwjROV6pCpYUGLM98.roa
Signing time: Thu 17 Nov 2022 11:33:04 +0000
ROA not before: Thu 17 Nov 2022 11:33:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:5d:24:9b:e4:9c:c9:c9:e3:14:e2:54:14:0c:89:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 17 11:33:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=281e2250c850f0a3708d1395ea90a961418b33df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a7:b5:c4:d9:ea:3e:eb:3c:ca:f7:9a:d2:c3:
61:7f:ec:c1:de:30:7d:4a:d6:77:55:11:44:dd:7c:
87:7b:7f:d6:ab:83:fe:cc:5d:94:ea:5e:1f:e3:29:
78:19:5c:1c:31:e2:db:51:67:53:45:cb:2d:28:41:
99:d1:b3:a2:a7:25:1b:28:2b:04:6a:df:c1:d6:96:
d4:1e:ad:78:d4:a7:b8:e1:8e:2a:1d:66:4a:e3:b9:
07:a3:8c:bd:d4:69:10:11:d1:b4:f1:d1:40:30:0c:
92:2f:79:5a:98:d3:9c:9e:16:06:5f:a0:f5:6c:88:
85:39:7c:85:2c:79:9e:d9:2b:86:d7:22:ea:dd:9a:
15:e3:de:9d:58:7b:f6:84:8c:92:fc:c3:a9:9e:7a:
99:d5:60:ac:66:71:e8:06:eb:61:ed:70:fd:43:ba:
45:11:c9:d3:2f:72:44:2f:e3:45:4f:5b:bb:65:4e:
d7:eb:59:42:6b:f4:1d:0d:41:d3:57:fc:09:bf:36:
32:88:9d:a2:fb:77:bb:76:b6:b0:9f:ee:20:0d:28:
e0:9f:c4:3d:8f:dc:7b:fd:ac:c1:70:54:28:2b:65:
e9:5d:01:61:e7:97:03:f7:b3:e8:77:2f:de:58:26:
a0:0f:d9:a0:0d:45:f5:32:4f:20:3a:a0:06:9e:6e:
2b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:1E:22:50:C8:50:F0:A3:70:8D:13:95:EA:90:A9:61:41:8B:33:DF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KB4iUMhQ8KNwjROV6pCpYUGLM98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.48.0/24
84.21.173.0/24
84.54.49.0/24
85.31.45.0/24
85.31.47.0/24
87.120.87.0/24
94.154.172.0/24
178.215.225.0/24
178.215.227.0/24
178.215.239.0/24
185.216.69.0-185.216.70.255
193.25.217.0/24
193.35.19.0/24
194.55.224.0/23
194.55.227.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:4a:2e:1f:bd:79:14:f0:95:a4:3d:c8:16:f9:e9:31:9b:62:
5b:9e:49:7f:84:ab:27:7f:78:44:1f:ae:04:4f:de:52:4a:00:
ed:a9:75:2a:5e:7a:f7:89:3a:4c:ee:fd:29:fc:d7:8e:c2:ba:
3c:3c:27:cb:4d:a7:77:ae:17:c0:45:88:38:af:03:ed:b6:f1:
98:fb:cc:c4:57:65:55:a2:08:40:25:a2:3c:72:a0:c5:7f:1c:
62:74:2a:4f:95:3c:60:88:f8:d8:7c:a9:47:7e:d3:0c:82:f0:
f3:49:71:3b:28:b5:2c:4e:9e:70:2d:b0:92:2d:a3:46:af:fa:
34:e9:6d:44:5b:64:dc:1d:16:de:e2:c0:67:d7:68:b9:c2:12:
ee:96:3b:af:24:e0:7f:fa:7f:fb:78:8a:ce:1f:8b:a5:a6:14:
e6:f1:0c:2f:b3:f5:75:ac:42:de:6f:00:13:33:d0:d1:f8:ab:
b1:13:4d:b6:76:d3:51:f2:33:b9:ef:ab:50:52:71:6f:a4:65:
f1:1a:5a:68:a9:f3:3f:50:03:74:32:ce:0b:77:c5:88:f2:50:
49:ce:f3:bb:fb:35:fa:ce:c0:d2:25:78:9c:56:a5:a0:00:82:
b7:03:da:09:bb:7e:43:93:34:57:17:a6:e0:32:29:d3:90:0b:
67:ae:dd:9a
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYSFXSSb5JzJyeMU4lQUDIlcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTE3MTEzMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODFlMjI1MGM4NTBmMGEzNzA4ZDEzOTVlYTkwYTk2MTQxOGIzM2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKe1xNnqPus8yvea0sNhf+zB3jB9
StZ3VRFE3XyHe3/Wq4P+zF2U6l4f4yl4GVwcMeLbUWdTRcstKEGZ0bOipyUbKCsE
at/B1pbUHq141Ke44Y4qHWZK47kHo4y91GkQEdG08dFAMAySL3lamNOcnhYGX6D1
bIiFOXyFLHme2SuG1yLq3ZoV496dWHv2hIyS/MOpnnqZ1WCsZnHoButh7XD9Q7pF
EcnTL3JEL+NFT1u7ZU7X61lCa/QdDUHTV/wJvzYyiJ2i+3e7drawn+4gDSjgn8Q9
j9x7/azBcFQoK2XpXQFh55cD97Pody/eWCagD9mgDUX1Mk8gOqAGnm4rXwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFCgeIlDIUPCjcI0TleqQqWFBizPfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS0I0aVVNaFE4S053alJPVjZwQ3BZVUdMTTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAUEwwAwQA
VBWtAwQAVDYxAwQAVR8tAwQAVR8vAwQAV3hXAwQAXpqsAwQAstfhAwQAstfjAwQA
stfvMAwDBAC52EUDBAC52EYDBADBGdkDBADBIxMDBAHCN+ADBADCN+MwDQYJKoZI
hvcNAQELBQADggEBAC1KLh+9eRTwlaQ9yBb56TGbYlueSX+Eqyd/eEQfrgRP3lJK
AO2pdSpeeveJOkzu/Sn8147Cujw8J8tNp3euF8BFiDivA+228Zj7zMRXZVWiCEAl
ojxyoMV/HGJ0Kk+VPGCI+Nh8qUd+0wyC8PNJcTsotSxOnnAtsJIto0av+jTpbURb
ZNwdFt7iwGfXaLnCEu6WO68k4H/6f/t4is4fi6WmFObxDC+z9XWsQt5vABMz0NH4
q7ETTbZ201HyM7nvq1BScW+kZfEaWmip8z9QA3Qyzgt3xYjyUEnO87v7NfrOwNIl
eJxWpaAAgrcD2gm7fkOTNFcXpuAyKdOQC2eu3Zo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-ams.rpki-client.org