Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/kdg6MzPAMMd-qz1HxE1jnaKw6Jw.roa
File: kdg6MzPAMMd-qz1HxE1jnaKw6Jw.roa (raw, json)
Hash identifier: MbzaJF9jav9mPhUpVgrw410lxb9u4zeHHmq6lcIgsXY=
Subject key identifier: 91:D8:3A:33:33:C0:30:C7:7E:AB:3D:47:C4:4D:63:9D:A2:B0:E8:9C
Certificate issuer: /CN=85802fc1d0f3e3a4462562d2f06f2b3deff8f4e7
Certificate serial: 01825959A3F8B9E3782F1ED86BD02CED8AEE
Authority key identifier: 85:80:2F:C1:D0:F3:E3:A4:46:25:62:D2:F0:6F:2B:3D:EF:F8:F4:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hYAvwdDz46RGJWLS8G8rPe_49Oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/kdg6MzPAMMd-qz1HxE1jnaKw6Jw.roa
Signing time: Mon 01 Aug 2022 12:20:23 +0000
ROA not before: Mon 01 Aug 2022 12:20:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57789
IP address blocks: 185.23.7.0/24 maxlen: 24
31.135.192.0/20 maxlen: 20
2a0e:64c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:59:59:a3:f8:b9:e3:78:2f:1e:d8:6b:d0:2c:ed:8a:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85802fc1d0f3e3a4462562d2f06f2b3deff8f4e7
Validity
Not Before: Aug 1 12:20:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91d83a3333c030c77eab3d47c44d639da2b0e89c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fb:ca:8c:fd:34:77:c8:f2:60:c0:85:a0:dc:
7c:99:0d:b7:65:82:10:23:bc:56:b1:d0:f3:38:95:
d0:7e:2b:68:97:77:45:21:f1:20:87:52:b5:ea:65:
48:ce:a9:74:f9:5c:43:45:48:44:c9:e6:81:69:88:
6e:9b:98:ca:fb:20:e6:8f:2f:ee:07:72:8a:3d:52:
97:99:79:9a:e3:57:99:d9:e2:17:fd:82:26:36:42:
b5:90:d9:fc:e2:3e:a6:cd:39:36:05:db:40:04:0f:
a6:4b:47:13:0d:ac:2b:9c:43:c5:a5:ac:5e:f0:21:
43:45:ab:49:78:a3:5b:a6:b4:c8:45:87:ab:79:56:
1d:e7:70:de:f7:3a:cc:b5:fa:fd:3f:1a:83:65:4c:
f8:d9:fa:7d:22:5d:5e:93:ac:8e:22:95:5f:cf:3a:
4b:12:f7:3a:d1:a6:66:3f:aa:3c:ab:0c:53:86:34:
c9:95:ca:a9:d3:31:32:5a:5b:bb:11:43:92:66:a2:
60:d4:b7:9f:ad:5e:e4:dc:c9:be:11:ff:cf:71:b3:
62:a6:4f:e6:7f:1d:5a:d2:ee:64:b6:31:4b:38:a7:
45:61:24:31:bf:43:af:90:3c:2b:ff:fe:2b:fc:c8:
be:a3:71:ac:68:22:b6:87:7b:33:06:7f:ff:56:e2:
c4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D8:3A:33:33:C0:30:C7:7E:AB:3D:47:C4:4D:63:9D:A2:B0:E8:9C
X509v3 Authority Key Identifier:
keyid:85:80:2F:C1:D0:F3:E3:A4:46:25:62:D2:F0:6F:2B:3D:EF:F8:F4:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hYAvwdDz46RGJWLS8G8rPe_49Oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/kdg6MzPAMMd-qz1HxE1jnaKw6Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/hYAvwdDz46RGJWLS8G8rPe_49Oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.192.0/20
185.23.7.0/24
IPv6:
2a0e:64c0::/29
Signature Algorithm: sha256WithRSAEncryption
75:03:53:9d:73:d5:b1:10:a8:cd:11:6d:fd:e9:a9:89:34:3f:
5b:45:27:fb:f1:a2:f9:2c:77:f7:ff:fa:3b:bd:9f:22:40:cb:
17:e3:48:52:26:ae:ad:c3:fe:59:e6:61:ba:9d:d8:f6:8f:d5:
a7:f0:a2:1e:8f:5f:74:b2:64:65:e2:89:2d:6a:a6:aa:18:08:
ce:97:78:4f:ae:a1:83:dd:44:b7:5e:03:99:5c:37:a1:dd:60:
1e:65:96:35:7e:93:28:27:d6:37:65:99:0a:ae:d4:6a:56:e8:
b8:de:64:c0:3f:07:fd:cc:84:80:06:f4:d1:a8:5d:da:5c:45:
09:e6:f2:5d:86:72:e4:08:e1:03:21:a7:78:ff:ce:55:5c:65:
e0:ef:dd:23:39:3d:49:89:dc:75:0e:e0:42:b2:af:f5:1d:ee:
2d:de:fe:98:e3:e9:54:25:49:fe:ce:34:01:ef:36:d3:5c:ab:
25:12:4a:5b:d0:a3:ad:cc:48:00:64:9f:66:74:30:bf:06:6f:
1c:4f:0b:e6:4a:c0:26:d9:cd:3c:bc:f7:6b:79:62:50:0a:c7:
fa:53:4f:9b:8a:c8:86:2a:31:c2:1d:77:a4:ba:07:de:1f:ee:
f3:bf:29:01:a4:a7:b0:99:84:61:6a:32:52:21:5d:35:9e:ec:
88:1e:1f:fb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYJZWaP4ueN4Lx7Ya9As7YruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ODAyZmMxZDBmM2UzYTQ0NjI1NjJkMmYwNmYyYjNkZWZm
OGY0ZTcwHhcNMjIwODAxMTIyMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQ4M2EzMzMzYzAzMGM3N2VhYjNkNDdjNDRkNjM5ZGEyYjBlODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvvKjP00d8jyYMCFoNx8mQ23ZYIQ
I7xWsdDzOJXQfitol3dFIfEgh1K16mVIzql0+VxDRUhEyeaBaYhum5jK+yDmjy/u
B3KKPVKXmXma41eZ2eIX/YImNkK1kNn84j6mzTk2BdtABA+mS0cTDawrnEPFpaxe
8CFDRatJeKNbprTIRYereVYd53De9zrMtfr9PxqDZUz42fp9Il1ek6yOIpVfzzpL
Evc60aZmP6o8qwxThjTJlcqp0zEyWlu7EUOSZqJg1LefrV7k3Mm+Ef/PcbNipk/m
fx1a0u5ktjFLOKdFYSQxv0OvkDwr//4r/Mi+o3GsaCK2h3szBn//VuLE/wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJHYOjMzwDDHfqs9R8RNY52isOicMB8GA1UdIwQY
MBaAFIWAL8HQ8+OkRiVi0vBvKz3v+PTnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFlBdndkRHo0NlJHSldMUzhHOHJQZV80OU9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hZjhiMjktYjFhZi00Y2Y2LWJmMTYt
YjA1ODMyYmM2OTYyLzEva2RnNk16UEFNTWQtcXoxSHhFMWpuYUt3Nkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9hZjhiMjktYjFhZi00Y2Y2LWJmMTYtYjA1ODMyYmM2OTYy
LzEvaFlBdndkRHo0NlJHSldMUzhHOHJQZV80OU9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEH4fAAwQA
uRcHMA0EAgACMAcDBQMqDmTAMA0GCSqGSIb3DQEBCwUAA4IBAQB1A1Odc9WxEKjN
EW396amJND9bRSf78aL5LHf3//o7vZ8iQMsX40hSJq6tw/5Z5mG6ndj2j9Wn8KIe
j190smRl4oktaqaqGAjOl3hPrqGD3US3XgOZXDeh3WAeZZY1fpMoJ9Y3ZZkKrtRq
Vui43mTAPwf9zISABvTRqF3aXEUJ5vJdhnLkCOEDIad4/85VXGXg790jOT1Jidx1
DuBCsq/1He4t3v6Y4+lUJUn+zjQB7zbTXKslEkpb0KOtzEgAZJ9mdDC/Bm8cTwvm
SsAm2c08vPdreWJQCsf6U0+bisiGKjHCHXekugfeH+7zvykBpKewmYRhajJSIV01
nuyIHh/7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:10 2024 by rpki-client on console-fra.rpki-client.org