Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/KMB-lARl9Ode74eD8Lb1JWqMP7A.roa
File: KMB-lARl9Ode74eD8Lb1JWqMP7A.roa (raw, json)
Hash identifier: MOxb1qgOuEenRPNTC8V/stfr4dnz03RM9CpVu4Oj4LE=
Subject key identifier: 28:C0:7E:94:04:65:F4:E7:5E:EF:87:83:F0:B6:F5:25:6A:8C:3F:B0
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0481349B
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/KMB-lARl9Ode74eD8Lb1JWqMP7A.roa
Signing time: Mon 24 Jan 2022 12:04:57 +0000
ROA not before: Mon 24 Jan 2022 12:04:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 193.233.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75576475 (0x481349b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 24 12:04:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28c07e940465f4e75eef8783f0b6f5256a8c3fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a7:d4:5e:31:7e:55:66:bd:0d:4d:70:05:8d:
f7:76:9e:e7:b4:98:e2:53:68:1f:c9:6c:fc:88:41:
a3:ba:15:62:7e:2f:c3:8d:6f:9a:18:30:91:d1:c9:
48:48:ad:e4:6a:04:c4:cc:7a:02:12:3c:cf:bf:d6:
8e:b2:33:61:71:15:0a:a7:b2:f7:b2:02:c5:8f:a9:
bd:8c:60:f0:13:17:f3:7a:7e:30:5c:7c:87:81:06:
a9:e7:e0:d4:eb:76:e9:b4:5d:03:57:6f:99:2d:0a:
64:c0:51:3b:65:96:39:28:aa:a8:28:49:39:b2:4f:
d5:50:c6:eb:c3:10:ca:18:c3:82:30:2a:ab:ec:27:
91:3f:cb:cc:d5:13:91:f9:a3:34:76:b8:3c:c4:ed:
80:06:03:08:59:91:68:1d:40:2a:f2:8d:a5:fb:0e:
d8:07:16:13:db:8a:f1:6c:a7:87:3d:63:3b:1b:5e:
0b:c5:e2:fa:74:7e:ae:5f:fb:9d:85:ba:8c:d2:c4:
09:de:aa:97:02:e1:a7:a5:70:61:d7:55:01:5c:1a:
e6:1f:6f:52:11:2f:e9:ec:8f:fa:03:59:27:c4:a4:
c1:8d:18:23:ad:29:76:87:0f:d7:b1:bc:d4:d0:0e:
c4:69:ad:59:9b:aa:ce:77:29:19:a8:0d:4c:19:30:
ee:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C0:7E:94:04:65:F4:E7:5E:EF:87:83:F0:B6:F5:25:6A:8C:3F:B0
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/KMB-lARl9Ode74eD8Lb1JWqMP7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.204.0/22
Signature Algorithm: sha256WithRSAEncryption
69:76:54:5b:62:99:c5:86:69:4e:ba:96:e0:53:47:c6:ba:68:
6e:bd:c7:ed:83:89:bf:83:f8:81:d9:a1:2d:ee:8e:01:c9:73:
14:68:28:52:c8:24:5c:c5:db:a5:3b:5b:4b:eb:76:59:56:5a:
de:4d:a2:76:5b:86:05:20:07:ae:20:e4:50:ba:18:86:2b:4c:
74:6e:35:a2:17:be:35:46:72:8e:e3:67:75:fe:09:3a:a0:bc:
f5:32:e0:e3:f8:b8:bc:1e:25:59:e8:c1:d3:44:f4:20:21:78:
52:50:78:50:d6:cb:57:7c:ef:5d:94:a0:22:db:b5:bd:c7:40:
15:c2:51:ce:82:d0:78:c5:1c:73:00:8c:3f:84:d1:40:fa:15:
24:e7:19:11:fa:f7:0a:69:de:a8:b7:f2:04:e7:d5:24:2a:05:
d1:a2:92:76:15:4b:3f:ea:eb:14:96:20:66:cd:ad:f3:5b:45:
66:f1:ff:40:f3:81:fc:eb:f2:51:df:99:65:6c:c9:0a:cb:b2:
d9:65:f4:02:9e:5c:12:d9:b2:1f:9a:85:52:48:dd:70:ac:c7:
3a:ba:c2:ed:1f:0f:c1:f8:b1:00:2a:49:0b:0a:e9:7e:91:9a:
fd:8b:ec:cf:f6:f0:b0:58:1c:82:a6:c9:d4:60:e8:dc:13:59:
35:40:0d:2d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBIE0mzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmQ2NDhiZGJhOTY1NDYxYjFlOGMxMWI5ZGQ0MzZjNjEzODI4NzNjMB4XDTIyMDEy
NDEyMDQ1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhjMDdlOTQwNDY1
ZjRlNzVlZWY4NzgzZjBiNmY1MjU2YThjM2ZiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOn1F4xflVmvQ1NcAWN93ae57SY4lNoH8ls/IhBo7oVYn4v
w41vmhgwkdHJSEit5GoExMx6AhI8z7/WjrIzYXEVCqey97ICxY+pvYxg8BMX83p+
MFx8h4EGqefg1Ot26bRdA1dvmS0KZMBRO2WWOSiqqChJObJP1VDG68MQyhjDgjAq
q+wnkT/LzNUTkfmjNHa4PMTtgAYDCFmRaB1AKvKNpfsO2AcWE9uK8Wynhz1jOxte
C8Xi+nR+rl/7nYW6jNLECd6qlwLhp6VwYddVAVwa5h9vUhEv6eyP+gNZJ8SkwY0Y
I60pdocP17G81NAOxGmtWZuqzncpGagNTBkw7qkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQowH6UBGX0517vh4PwtvUlaow/sDAfBgNVHSMEGDAWgBSG1ki9upZUYbHo
wRud1DbGE4KHPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8x
L0tNQi1sQVJsOU9kZTc0ZUQ4TGIxSldxTVA3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
YWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0OS8xL2h0Wkl2YnFXVkdH
eDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsHpzDANBgkqhkiG9w0BAQsFAAOC
AQEAaXZUW2KZxYZpTrqW4FNHxrpobr3H7YOJv4P4gdmhLe6OAclzFGgoUsgkXMXb
pTtbS+t2WVZa3k2idluGBSAHriDkULoYhitMdG41ohe+NUZyjuNndf4JOqC89TLg
4/i4vB4lWejB00T0ICF4UlB4UNbLV3zvXZSgItu1vcdAFcJRzoLQeMUccwCMP4TR
QPoVJOcZEfr3CmneqLfyBOfVJCoF0aKSdhVLP+rrFJYgZs2t81tFZvH/QPOB/Ovy
Ud+ZZWzJCsuy2WX0Ap5cEtmyH5qFUkjdcKzHOrrC7R8PwfixACpJCwrpfpGa/Yvs
z/bwsFgcgqbJ1GDo3BNZNUANLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org