Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/koKRgzM5jAIr4EpXkjBuZIK4nHM.roa
File: koKRgzM5jAIr4EpXkjBuZIK4nHM.roa (raw, json)
Hash identifier: niLpe7aIlF7UcdgVmUIU79lNRnQfrvRxbcwv4IidYSg=
Subject key identifier: 92:82:91:83:33:39:8C:02:2B:E0:4A:57:92:30:6E:64:82:B8:9C:73
Certificate issuer: /CN=f806ec9cf1deabf9d6cd5f8891bb82d56f91d678
Certificate serial: 03E3430D
Authority key identifier: F8:06:EC:9C:F1:DE:AB:F9:D6:CD:5F:88:91:BB:82:D5:6F:91:D6:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/koKRgzM5jAIr4EpXkjBuZIK4nHM.roa
Signing time: Sat 01 Jan 2022 10:55:45 +0000
ROA not before: Sat 01 Jan 2022 10:55:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21032
IP address blocks: 185.159.208.0/22 maxlen: 22
195.85.202.0/24 maxlen: 24
80.78.160.0/20 maxlen: 20
80.78.176.0/20 maxlen: 20
193.109.138.0/23 maxlen: 23
89.145.0.0/18 maxlen: 18
2a02:5d0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65225485 (0x3e3430d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f806ec9cf1deabf9d6cd5f8891bb82d56f91d678
Validity
Not Before: Jan 1 10:55:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9282918333398c022be04a5792306e6482b89c73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ea:8c:f5:d4:b8:a4:e4:ff:28:e5:79:df:ae:
50:cb:ab:4e:5c:5e:9c:f5:71:16:42:cc:fd:a0:8e:
b2:22:bc:5a:e1:a3:15:7b:d2:26:6a:be:17:65:65:
f1:4c:f9:45:07:b0:d1:6c:f9:b2:79:d1:ce:04:ae:
e3:dc:5f:1b:d1:85:65:a4:3a:57:74:17:f8:70:59:
a2:cf:0f:c7:1c:9a:7c:72:1b:90:df:06:86:c2:03:
9a:bc:37:db:5e:2e:31:d6:cc:57:47:75:b4:57:0d:
2e:3e:50:da:7d:9d:95:af:27:8b:02:8a:9a:d2:87:
ae:7e:7a:68:d4:1a:aa:1e:95:a1:ef:09:c5:ac:7e:
c9:a1:e3:c6:a0:31:09:b9:a6:42:78:13:49:c6:ed:
23:ef:8e:24:07:13:46:34:04:38:5a:12:0f:ad:d7:
c5:57:21:e4:f2:24:47:71:4e:49:4d:56:b0:34:8e:
ee:78:fe:bf:53:eb:a3:af:66:86:e2:70:e5:43:2b:
03:ac:f9:03:60:5d:64:e0:15:f7:ae:f2:87:ce:b0:
5e:c6:e7:f8:cb:cb:49:f0:df:4a:2d:40:6c:c5:36:
7f:6a:a7:e5:15:2b:06:01:5a:34:c9:67:f2:a6:ba:
b7:97:98:54:3b:8f:3b:b0:4b:3c:12:f9:c2:05:65:
00:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:82:91:83:33:39:8C:02:2B:E0:4A:57:92:30:6E:64:82:B8:9C:73
X509v3 Authority Key Identifier:
keyid:F8:06:EC:9C:F1:DE:AB:F9:D6:CD:5F:88:91:BB:82:D5:6F:91:D6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/koKRgzM5jAIr4EpXkjBuZIK4nHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4404f5-e10c-4190-9270-ac0a84a27d53/1/1-AbsnPHeq_nWzV-IkbuC1W-R1ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.78.160.0/19
89.145.0.0/18
185.159.208.0/22
193.109.138.0/23
195.85.202.0/24
IPv6:
2a02:5d0::/29
Signature Algorithm: sha256WithRSAEncryption
74:bd:49:16:0f:63:71:d2:fb:98:97:e4:18:0b:51:8a:83:4a:
8e:37:12:9e:82:fe:db:df:d5:a1:90:b6:14:46:2c:ad:67:74:
17:e7:15:4e:d2:65:c8:b8:dd:10:75:52:d1:a5:97:04:b2:03:
39:07:b9:3f:98:33:67:e5:0c:b7:ba:e9:2d:83:d6:1e:58:f6:
1c:07:61:bc:81:bc:39:0a:78:1e:83:0b:36:f4:44:ca:6f:13:
b7:8c:63:08:6c:58:57:69:57:d7:8d:c1:fa:8e:2b:86:99:a1:
71:70:28:08:61:f3:7d:6a:da:0e:e8:06:b8:aa:00:2f:df:55:
f5:da:8d:4e:46:95:46:da:2a:39:e9:6c:65:cb:45:cc:aa:70:
ec:05:82:25:23:88:07:43:e4:a3:51:b9:a8:7e:6f:c9:0a:53:
53:69:a7:1c:5b:2e:d9:b9:24:49:fa:a8:41:0f:19:72:5a:69:
5f:a5:9b:0c:ca:ac:4b:0c:40:d3:7b:09:3a:83:af:fb:07:f1:
db:c8:c7:7e:1d:90:1e:36:6a:68:17:a5:f1:c7:62:ea:28:7b:
9e:4d:2e:8c:cf:0b:dc:4c:78:4f:cd:cc:97:32:51:9e:6c:55:
06:34:49:d0:20:77:f5:de:aa:98:24:09:9e:60:0f:a8:c9:d7:
f6:e9:54:15
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEA+NDDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODA2ZWM5Y2YxZGVhYmY5ZDZjZDVmODg5MWJiODJkNTZmOTFkNjc4MB4XDTIyMDEw
MTEwNTU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTI4MjkxODMzMzM5
OGMwMjJiZTA0YTU3OTIzMDZlNjQ4MmI4OWM3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbqjPXUuKTk/yjled+uUMurTlxenPVxFkLM/aCOsiK8WuGj
FXvSJmq+F2Vl8Uz5RQew0Wz5snnRzgSu49xfG9GFZaQ6V3QX+HBZos8PxxyafHIb
kN8GhsIDmrw3214uMdbMV0d1tFcNLj5Q2n2dla8niwKKmtKHrn56aNQaqh6Voe8J
xax+yaHjxqAxCbmmQngTScbtI++OJAcTRjQEOFoSD63XxVch5PIkR3FOSU1WsDSO
7nj+v1Pro69mhuJw5UMrA6z5A2BdZOAV967yh86wXsbn+MvLSfDfSi1AbMU2f2qn
5RUrBgFaNMln8qa6t5eYVDuPO7BLPBL5wgVlAIkCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBSSgpGDMzmMAivgSleSMG5kgricczAfBgNVHSMEGDAWgBT4Buyc8d6r+dbN
X4iRu4LVb5HWeDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtQWJzblBIZXFfbld6Vi1Ja2J1QzFXLVIxbmcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzBhLzQ0MDRmNS1lMTBjLTQxOTAtOTI3MC1hYzBhODRhMjdkNTMv
MS9rb0tSZ3pNNWpBSXI0RXBYa2pCdVpJSzRuSE0ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBh
LzQ0MDRmNS1lMTBjLTQxOTAtOTI3MC1hYzBhODRhMjdkNTMvMS8xLUFic25QSGVx
X25XelYtSWtidUMxVy1SMW5nLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFUE6gAwQGWZEAAwQCuZ/QAwQB
wW2KAwQAw1XKMA0EAgACMAcDBQMqAgXQMA0GCSqGSIb3DQEBCwUAA4IBAQB0vUkW
D2Nx0vuYl+QYC1GKg0qONxKegv7b39WhkLYURiytZ3QX5xVO0mXIuN0QdVLRpZcE
sgM5B7k/mDNn5Qy3uuktg9YeWPYcB2G8gbw5Cngegws29ETKbxO3jGMIbFhXaVfX
jcH6jiuGmaFxcCgIYfN9atoO6Aa4qgAv31X12o1ORpVG2io56Wxly0XMqnDsBYIl
I4gHQ+SjUbmofm/JClNTaaccWy7ZuSRJ+qhBDxlyWmlfpZsMyqxLDEDTewk6g6/7
B/HbyMd+HZAeNmpoF6Xxx2LqKHueTS6MzwvcTHhPzcyXMlGebFUGNEnQIHf13qqY
JAmeYA+oydf26VQV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:20 2024 by rpki-client on console-fra.rpki-client.org