Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/K0AQYCEO6gwy6SNVnqXXapBcAZw.roa
File: K0AQYCEO6gwy6SNVnqXXapBcAZw.roa (raw, json)
Hash identifier: 6DSX9r6Ak6TQbgD9KNb2aL4+KPjJxAiI6Md/gsXetUo=
Subject key identifier: 2B:40:10:60:21:0E:EA:0C:32:E9:23:55:9E:A5:D7:6A:90:5C:01:9C
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0181F637067C2DFE999074BF2F062CCBA470
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/K0AQYCEO6gwy6SNVnqXXapBcAZw.roa
Signing time: Wed 13 Jul 2022 06:20:10 +0000
ROA not before: Wed 13 Jul 2022 06:20:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42568
IP address blocks: 85.120.60.0/24 maxlen: 24
194.153.249.0/24 maxlen: 24
85.121.180.0/23 maxlen: 23
85.122.44.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f6:37:06:7c:2d:fe:99:90:74:bf:2f:06:2c:cb:a4:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jul 13 06:20:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b401060210eea0c32e923559ea5d76a905c019c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7e:d3:15:1d:95:b7:92:fe:9b:7c:95:8d:6a:
9b:ef:b9:b9:d8:0b:5b:ee:0a:ff:06:50:49:81:4e:
19:5b:a2:7e:16:14:ff:03:38:19:94:34:4d:37:58:
30:a1:7a:66:71:ea:f5:bb:1d:b1:f1:a3:69:19:3c:
26:55:44:b3:5a:62:4f:4a:c4:e6:4d:ed:56:4f:e0:
26:b3:ca:2d:48:b5:f8:ca:bd:a1:6c:f3:5f:4b:27:
8b:1f:e9:b7:53:6d:70:49:a0:a9:42:43:32:fc:5f:
a3:61:bd:51:77:40:1f:27:7a:ab:f6:13:de:b5:25:
db:cd:0b:1a:4b:89:34:23:f8:de:86:a0:f8:0c:08:
5d:01:9a:f9:80:6f:c1:49:d8:30:93:4d:e1:f0:77:
80:35:1f:dc:91:3c:2d:d4:69:ce:e8:07:8a:1d:88:
c2:ec:8e:78:6e:42:e6:28:45:70:15:9c:95:86:47:
9e:f9:7a:b2:bc:a1:82:68:25:7e:d6:4a:31:27:63:
13:a1:03:7d:07:61:b0:60:a5:64:61:5f:b3:e5:04:
0f:45:78:ed:98:d6:02:9d:6e:e4:53:15:2e:11:33:
52:36:d9:ac:22:38:cf:4a:9c:4b:8e:d2:06:a5:f8:
24:d3:f4:87:72:c8:43:ea:0f:a0:91:0e:9f:c3:f5:
a6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:40:10:60:21:0E:EA:0C:32:E9:23:55:9E:A5:D7:6A:90:5C:01:9C
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/K0AQYCEO6gwy6SNVnqXXapBcAZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.60.0/24
85.121.180.0/23
85.122.44.0/23
194.153.249.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:04:81:54:52:e6:4f:36:49:ca:be:79:3b:16:53:4c:ad:87:
53:ac:b4:bb:99:15:4d:8a:a5:ad:96:ec:eb:3c:ca:a7:e5:b7:
44:4e:c2:74:8e:fc:2d:19:89:1b:df:b1:d1:db:37:15:cd:ad:
68:24:8e:9d:ff:2a:f2:2c:41:ac:b1:97:d0:dd:26:9a:eb:71:
ec:77:68:dd:fd:c9:68:79:85:43:92:d2:f2:d6:13:d5:37:0e:
e0:a0:e3:09:21:bf:9f:4d:29:1f:f4:51:a7:4a:14:9d:4b:59:
65:37:ec:71:01:b9:b5:6a:3a:ca:40:64:f2:12:2c:af:a3:68:
57:a9:cf:cd:6b:3b:f7:b7:23:a5:03:b8:54:eb:4c:bb:7b:a4:
bf:53:52:14:df:ba:7d:58:71:87:3d:a2:8a:59:c5:cc:5a:0c:
d5:60:c6:d1:ff:71:ca:fc:aa:08:68:00:f9:35:f8:a0:8c:7c:
2d:7f:10:01:58:e5:07:04:40:88:fd:d8:e5:bb:26:03:e4:b3:
b8:8c:2c:62:d3:2b:60:d9:f9:59:fc:4f:a8:bd:63:00:05:a2:
02:a8:a6:7c:89:96:e2:0c:e4:ca:72:37:94:ac:ab:f6:fc:42:
13:da:79:1a:cb:97:98:fa:bf:04:01:cf:f3:02:81:a1:fb:31:
8b:d8:d9:b2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYH2NwZ8Lf6ZkHS/LwYsy6RwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjIwNzEzMDYyMDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjQwMTA2MDIxMGVlYTBjMzJlOTIzNTU5ZWE1ZDc2YTkwNWMwMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlX7TFR2Vt5L+m3yVjWqb77m52Atb
7gr/BlBJgU4ZW6J+FhT/AzgZlDRNN1gwoXpmcer1ux2x8aNpGTwmVUSzWmJPSsTm
Te1WT+Ams8otSLX4yr2hbPNfSyeLH+m3U21wSaCpQkMy/F+jYb1Rd0AfJ3qr9hPe
tSXbzQsaS4k0I/jehqD4DAhdAZr5gG/BSdgwk03h8HeANR/ckTwt1GnO6AeKHYjC
7I54bkLmKEVwFZyVhkee+XqyvKGCaCV+1koxJ2MToQN9B2GwYKVkYV+z5QQPRXjt
mNYCnW7kUxUuETNSNtmsIjjPSpxLjtIGpfgk0/SHcshD6g+gkQ6fw/WmJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCtAEGAhDuoMMukjVZ6l12qQXAGcMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvSzBBUVlDRU82Z3d5NlNOVm5xWFhhcEJjQVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVXg8AwQB
VXm0AwQBVXosAwQAwpn5MA0GCSqGSIb3DQEBCwUAA4IBAQAMBIFUUuZPNknKvnk7
FlNMrYdTrLS7mRVNiqWtluzrPMqn5bdETsJ0jvwtGYkb37HR2zcVza1oJI6d/yry
LEGssZfQ3Saa63Hsd2jd/cloeYVDktLy1hPVNw7goOMJIb+fTSkf9FGnShSdS1ll
N+xxAbm1ajrKQGTyEiyvo2hXqc/Nazv3tyOlA7hU60y7e6S/U1IU37p9WHGHPaKK
WcXMWgzVYMbR/3HK/KoIaAD5NfigjHwtfxABWOUHBECI/djluyYD5LO4jCxi0ytg
2flZ/E+ovWMABaICqKZ8iZbiDOTKcjeUrKv2/EIT2nkay5eY+r8EAc/zAoGh+zGL
2Nmy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org