Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/KAqRlwLq2LbkjbDQjHMbbDR-co4.roa
File: KAqRlwLq2LbkjbDQjHMbbDR-co4.roa (raw, json)
Hash identifier: R1UJOBgYL5U1go2pu9aFbYilcN2EBqKavB4ihDrKb6o=
Subject key identifier: 28:0A:91:97:02:EA:D8:B6:E4:8D:B0:D0:8C:73:1B:6C:34:7E:72:8E
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 3884A2BD
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/KAqRlwLq2LbkjbDQjHMbbDR-co4.roa
Signing time: Sat 01 Jan 2022 05:54:19 +0000
ROA not before: Sat 01 Jan 2022 05:54:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43615
IP address blocks: 85.254.44.0/24 maxlen: 24
85.254.86.0/23 maxlen: 23
2a02:610:fffe::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948216509 (0x3884a2bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 05:54:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=280a919702ead8b6e48db0d08c731b6c347e728e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2d:50:8b:6e:ef:a5:a3:5c:cb:56:6b:f6:2f:
2d:11:34:ce:9b:6d:37:ff:94:80:99:1d:bc:3c:d5:
86:28:e9:97:f1:5c:04:25:e2:ad:2b:66:c8:a6:6a:
85:16:c4:58:14:b8:7c:bf:ee:27:64:24:69:3b:4e:
ba:28:c7:52:7d:b6:d9:13:27:74:70:0b:42:7b:73:
a4:da:8e:19:61:24:20:d3:31:50:27:b0:d7:b6:14:
15:3b:d8:2d:ca:18:c6:8e:9e:f9:8f:6f:2d:03:60:
63:eb:8a:67:cb:e5:45:2f:c7:67:7f:6b:cb:ee:81:
35:97:a6:84:5a:d9:31:19:84:e6:92:66:bc:70:ca:
c1:e2:14:a4:4e:08:ac:fc:73:76:dc:da:fb:85:0e:
48:23:5f:fb:47:ca:6b:c0:8b:33:8a:99:a4:27:67:
4d:ed:c9:dc:bc:56:15:6a:a4:ff:02:e5:af:d2:b2:
2c:9d:c2:e4:60:59:32:a6:f7:38:cd:9a:b0:ef:90:
43:51:36:9c:f6:75:32:66:df:a2:7c:64:68:1f:dc:
cb:12:5d:02:f8:3e:2e:d4:e5:53:32:74:ec:9a:ef:
45:dd:a8:c0:d3:98:87:c5:fc:fe:2c:29:d0:e9:91:
43:2c:e1:8b:b6:cc:2a:36:a5:db:b0:4a:d1:4f:1e:
db:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:0A:91:97:02:EA:D8:B6:E4:8D:B0:D0:8C:73:1B:6C:34:7E:72:8E
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/KAqRlwLq2LbkjbDQjHMbbDR-co4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.44.0/24
85.254.86.0/23
IPv6:
2a02:610:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
30:e6:c8:5f:60:c6:46:92:bb:b0:b9:5a:8c:36:af:e0:e3:f6:
1e:18:8d:5f:fa:52:c4:77:74:99:41:53:ed:5d:35:82:56:7f:
03:e6:68:b3:41:b4:f9:76:ff:b2:4a:3e:95:d1:5b:72:5f:95:
c0:d9:7f:70:d4:74:03:3c:70:ef:f1:13:66:7f:b4:d1:66:a3:
9e:8a:79:8c:ae:f8:91:79:51:e7:4c:1d:bd:9e:fb:bc:14:a7:
0b:33:76:0c:e0:ce:a8:2c:d9:3e:34:c2:c8:13:8c:e8:ce:6c:
dd:ef:2f:4a:1b:46:5d:f3:86:52:70:1c:6d:25:0a:88:f3:32:
a8:61:d5:11:0c:fc:74:17:63:f3:a3:40:78:b3:59:38:38:25:
0d:73:06:78:92:ac:68:6e:4d:b3:09:80:af:36:c0:1c:7b:69:
b2:54:ab:d7:dd:0c:b7:02:e5:c4:66:35:f5:70:2f:f0:40:c2:
ad:7a:ac:48:4d:39:64:c7:33:49:35:da:24:37:d7:34:5e:d8:
96:6e:05:53:8a:53:35:c6:c7:e8:6e:b6:4c:fe:64:9c:91:d8:
be:67:eb:e1:1d:57:47:0b:de:c7:10:ff:73:43:1e:64:32:7c:
21:55:25:8a:31:c6:e2:f8:7d:16:bb:2b:a7:70:2a:29:d3:28:
c4:2b:6c:4a
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEOISivTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDEw
MTA1NTQxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjgwYTkxOTcwMmVh
ZDhiNmU0OGRiMGQwOGM3MzFiNmMzNDdlNzI4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKstUItu76WjXMtWa/YvLRE0zpttN/+UgJkdvDzVhijpl/Fc
BCXirStmyKZqhRbEWBS4fL/uJ2QkaTtOuijHUn222RMndHALQntzpNqOGWEkINMx
UCew17YUFTvYLcoYxo6e+Y9vLQNgY+uKZ8vlRS/HZ39ry+6BNZemhFrZMRmE5pJm
vHDKweIUpE4IrPxzdtza+4UOSCNf+0fKa8CLM4qZpCdnTe3J3LxWFWqk/wLlr9Ky
LJ3C5GBZMqb3OM2asO+QQ1E2nPZ1MmbfonxkaB/cyxJdAvg+LtTlUzJ07JrvRd2o
wNOYh8X8/iwp0OmRQyzhi7bMKjal27BK0U8e24ECAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQoCpGXAurYtuSNsNCMcxtsNH5yjjAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L0tBcVJsd0xxMkxia2piRFFqSE1iYkRSLWNvNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAFX+LAMEAVX+VjAPBAIAAjAJAwcA
KgIGEP/+MA0GCSqGSIb3DQEBCwUAA4IBAQAw5shfYMZGkruwuVqMNq/g4/YeGI1f
+lLEd3SZQVPtXTWCVn8D5mizQbT5dv+ySj6V0VtyX5XA2X9w1HQDPHDv8RNmf7TR
ZqOeinmMrviReVHnTB29nvu8FKcLM3YM4M6oLNk+NMLIE4zozmzd7y9KG0Zd84ZS
cBxtJQqI8zKoYdURDPx0F2Pzo0B4s1k4OCUNcwZ4kqxobk2zCYCvNsAce2myVKvX
3Qy3AuXEZjX1cC/wQMKteqxITTlkxzNJNdokN9c0XtiWbgVTilM1xsfobrZM/mSc
kdi+Z+vhHVdHC97HEP9zQx5kMnwhVSWKMcbi+H0WuyuncCop0yjEK2xK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:45 2023 by rpki-client on console-fra.rpki-client.org