Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/706837-d55d-432d-b0a4-b0814007528f/1/kgTh3IW_dQJLrbvlULwWSmab1-U.roa
File: kgTh3IW_dQJLrbvlULwWSmab1-U.roa (raw, json)
Hash identifier: llTekVFDhMiUBr4InBqTpmTDdIdQFDu6DgpxmG/XFMo=
Subject key identifier: 92:04:E1:DC:85:BF:75:02:4B:AD:BB:E5:50:BC:16:4A:66:9B:D7:E5
Certificate issuer: /CN=3bbe44355e06faadbeb19455adc316d9b9f0f10e
Certificate serial: 01832150BF004862C7216ECCEF6EA206FF1D
Authority key identifier: 3B:BE:44:35:5E:06:FA:AD:BE:B1:94:55:AD:C3:16:D9:B9:F0:F1:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O75ENV4G-q2-sZRVrcMW2bnw8Q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/706837-d55d-432d-b0a4-b0814007528f/1/kgTh3IW_dQJLrbvlULwWSmab1-U.roa
Signing time: Fri 09 Sep 2022 08:14:43 +0000
ROA not before: Fri 09 Sep 2022 08:14:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28892
IP address blocks: 195.245.209.0/24 maxlen: 24
2001:67c:28b8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:21:50:bf:00:48:62:c7:21:6e:cc:ef:6e:a2:06:ff:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bbe44355e06faadbeb19455adc316d9b9f0f10e
Validity
Not Before: Sep 9 08:14:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9204e1dc85bf75024badbbe550bc164a669bd7e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ac:88:10:a1:17:79:38:d4:56:c1:1c:e4:7f:
a9:38:25:1f:97:1c:8b:7b:c0:dc:43:4b:ce:24:24:
00:e0:fd:15:9f:db:a4:a7:45:31:99:4c:fc:15:b3:
14:b4:21:ac:15:b8:07:c6:e4:4a:9b:76:6f:70:02:
ab:df:bd:4b:41:e6:ff:a3:ef:2f:f9:e1:bb:e7:ee:
80:42:fa:be:fe:27:aa:2a:61:47:3a:24:f1:17:57:
eb:99:75:f5:58:29:5f:0d:cf:ab:d7:b3:7d:3e:ec:
a6:3a:9e:f3:6e:1f:d3:38:2d:62:97:11:b5:e6:af:
30:db:80:01:f7:b5:ba:e9:b2:b9:36:a8:19:d2:b3:
ff:ba:96:c6:51:5d:0d:b0:69:e0:73:c2:17:89:08:
ab:98:93:7c:0b:d9:82:03:75:28:56:79:18:62:bb:
1f:2b:ec:b8:b9:cc:b2:81:be:24:d1:e3:8f:9e:50:
d4:2d:a5:47:7a:07:5b:2d:c3:76:71:29:cb:f9:0b:
1a:b3:dc:f7:6e:49:7d:56:5d:ac:f5:dd:b2:a6:db:
27:52:05:fc:7b:3d:1d:24:ee:f4:7e:c0:00:43:cf:
1c:12:ec:c6:3c:7b:49:f3:15:c4:56:b3:ba:8a:21:
cc:59:25:89:36:39:90:29:fa:b1:f4:23:81:ac:d5:
e7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:04:E1:DC:85:BF:75:02:4B:AD:BB:E5:50:BC:16:4A:66:9B:D7:E5
X509v3 Authority Key Identifier:
keyid:3B:BE:44:35:5E:06:FA:AD:BE:B1:94:55:AD:C3:16:D9:B9:F0:F1:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O75ENV4G-q2-sZRVrcMW2bnw8Q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/706837-d55d-432d-b0a4-b0814007528f/1/kgTh3IW_dQJLrbvlULwWSmab1-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/706837-d55d-432d-b0a4-b0814007528f/1/O75ENV4G-q2-sZRVrcMW2bnw8Q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.245.209.0/24
IPv6:
2001:67c:28b8::/48
Signature Algorithm: sha256WithRSAEncryption
0f:f0:ac:b7:81:b8:2e:df:05:e6:96:e5:ac:73:1c:0a:12:8a:
5f:bf:40:bc:a1:ff:0e:63:35:02:44:fa:96:64:2b:b8:a5:ff:
4e:52:4d:95:28:fd:11:4f:0e:07:f1:f0:6c:bc:54:33:68:76:
98:fc:b0:b7:09:9d:29:4e:37:3c:56:8b:08:1a:e7:24:8b:08:
c5:24:aa:b4:b3:84:4a:21:57:8d:95:41:11:b4:92:68:c6:8f:
ed:22:24:1f:c4:5d:29:14:d9:35:ed:bb:4a:54:8c:d0:ed:0b:
52:3f:a1:60:dc:bf:31:08:46:8a:87:e1:04:73:39:41:57:73:
ba:1c:c4:58:b9:48:6d:5d:ba:47:e0:54:99:ef:11:71:58:7b:
b7:53:d9:a8:5e:3e:91:53:95:0f:20:a8:80:b7:2b:cc:89:ce:
96:89:dc:ef:3c:66:6b:d5:5f:52:f6:63:8d:7a:3b:74:b2:87:
26:72:53:16:0b:59:8f:8e:79:fb:f9:73:a6:3f:f2:85:a8:54:
e4:dc:bc:04:3b:fa:8f:45:7f:c0:d3:c0:cb:bd:03:54:17:55:
20:08:33:e8:ea:25:4f:64:af:63:ba:26:d4:ac:13:e3:76:0b:
f1:88:b9:aa:c0:b1:5e:4c:c4:f0:6c:e6:b3:34:a1:45:7e:f7:
f1:a7:84:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMhUL8ASGLHIW7M726iBv8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYmU0NDM1NWUwNmZhYWRiZWIxOTQ1NWFkYzMxNmQ5Yjlm
MGYxMGUwHhcNMjIwOTA5MDgxNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjA0ZTFkYzg1YmY3NTAyNGJhZGJiZTU1MGJjMTY0YTY2OWJkN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqyIEKEXeTjUVsEc5H+pOCUflxyL
e8DcQ0vOJCQA4P0Vn9ukp0UxmUz8FbMUtCGsFbgHxuRKm3ZvcAKr371LQeb/o+8v
+eG75+6AQvq+/ieqKmFHOiTxF1frmXX1WClfDc+r17N9PuymOp7zbh/TOC1ilxG1
5q8w24AB97W66bK5NqgZ0rP/upbGUV0NsGngc8IXiQirmJN8C9mCA3UoVnkYYrsf
K+y4ucyygb4k0eOPnlDULaVHegdbLcN2cSnL+Qsas9z3bkl9Vl2s9d2yptsnUgX8
ez0dJO70fsAAQ88cEuzGPHtJ8xXEVrO6iiHMWSWJNjmQKfqx9COBrNXnaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJIE4dyFv3UCS6275VC8Fkpmm9flMB8GA1UdIwQY
MBaAFDu+RDVeBvqtvrGUVa3DFtm58PEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzc1RU5WNEctcTItc1pSVnJjTVcyYm53OFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS83MDY4MzctZDU1ZC00MzJkLWIwYTQt
YjA4MTQwMDc1MjhmLzEva2dUaDNJV19kUUpMcmJ2bFVMd1dTbWFiMS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS83MDY4MzctZDU1ZC00MzJkLWIwYTQtYjA4MTQwMDc1Mjhm
LzEvTzc1RU5WNEctcTItc1pSVnJjTVcyYm53OFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw/XRMA8E
AgACMAkDBwAgAQZ8KLgwDQYJKoZIhvcNAQELBQADggEBAA/wrLeBuC7fBeaW5axz
HAoSil+/QLyh/w5jNQJE+pZkK7il/05STZUo/RFPDgfx8Gy8VDNodpj8sLcJnSlO
NzxWiwga5ySLCMUkqrSzhEohV42VQRG0kmjGj+0iJB/EXSkU2TXtu0pUjNDtC1I/
oWDcvzEIRoqH4QRzOUFXc7ocxFi5SG1dukfgVJnvEXFYe7dT2ahePpFTlQ8gqIC3
K8yJzpaJ3O88ZmvVX1L2Y416O3SyhyZyUxYLWY+Oefv5c6Y/8oWoVOTcvAQ7+o9F
f8DTwMu9A1QXVSAIM+jqJU9kr2O6JtSsE+N2C/GIuarAsV5MxPBs5rM0oUV+9/Gn
hDU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:03 2024 by rpki-client on console-fra.rpki-client.org