Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/e5c8df-4ef8-4d90-a490-35800e9f170e/1/KSdk2IawZDE46D866zqGndwEn-w.roa
File: KSdk2IawZDE46D866zqGndwEn-w.roa (raw, json)
Hash identifier: /5eIlqSz75IwT3YVROFdw3FD/e6+dvCEsnKOuQjsDso=
Subject key identifier: 29:27:64:D8:86:B0:64:31:38:E8:3F:3A:EB:3A:86:9D:DC:04:9F:EC
Certificate issuer: /CN=44f4c5a61978549b248388f9df449d2a95e10a07
Certificate serial: 129D69DA
Authority key identifier: 44:F4:C5:A6:19:78:54:9B:24:83:88:F9:DF:44:9D:2A:95:E1:0A:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPTFphl4VJskg4j530SdKpXhCgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/e5c8df-4ef8-4d90-a490-35800e9f170e/1/KSdk2IawZDE46D866zqGndwEn-w.roa
Signing time: Sat 01 Jan 2022 05:04:25 +0000
ROA not before: Sat 01 Jan 2022 05:04:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203361
IP address blocks: 185.105.152.0/22 maxlen: 22
2a06:f1c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 312306138 (0x129d69da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44f4c5a61978549b248388f9df449d2a95e10a07
Validity
Not Before: Jan 1 05:04:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=292764d886b0643138e83f3aeb3a869ddc049fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:11:45:d9:cc:fc:3d:8a:93:e9:b2:39:1c:34:
07:f8:67:b6:f6:1c:86:ab:c0:00:b5:96:21:50:b9:
33:af:0b:a2:b6:8e:0d:e0:7f:10:cd:06:e9:2b:a8:
e5:4a:21:ce:4f:6a:ea:00:db:c3:69:a8:ed:a9:14:
1b:3b:77:81:0f:3a:ee:91:39:3e:c1:fb:26:4b:c6:
40:b0:81:50:11:39:99:37:86:02:bd:56:d3:6f:82:
17:5d:de:80:bf:f8:f8:18:5e:18:a9:38:76:a5:41:
c0:ee:02:47:f8:66:4d:d6:0c:96:cd:14:57:0a:eb:
d7:74:ab:16:87:a7:0a:67:5b:3e:a3:8c:42:e7:ff:
ce:b4:2c:ad:35:59:e7:58:18:14:b2:04:41:ea:40:
b2:88:c3:d1:d1:0a:a8:87:e9:60:6e:3d:ed:80:33:
36:b3:19:7e:0d:a7:a9:96:2f:be:0c:c9:ea:c7:c1:
dc:2e:e1:e4:21:43:f1:53:af:89:19:8f:cb:d9:bc:
96:03:d7:1f:60:27:3a:55:64:9d:cf:5a:c1:13:4a:
1e:46:bd:20:e3:e8:98:b3:a5:84:8d:76:34:5e:f9:
e5:cb:23:ba:e6:5a:bb:b1:65:10:4a:5e:10:d3:42:
58:88:22:a1:e6:fe:4a:30:8a:ed:68:e4:1d:08:a3:
74:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:27:64:D8:86:B0:64:31:38:E8:3F:3A:EB:3A:86:9D:DC:04:9F:EC
X509v3 Authority Key Identifier:
keyid:44:F4:C5:A6:19:78:54:9B:24:83:88:F9:DF:44:9D:2A:95:E1:0A:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPTFphl4VJskg4j530SdKpXhCgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e5c8df-4ef8-4d90-a490-35800e9f170e/1/KSdk2IawZDE46D866zqGndwEn-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e5c8df-4ef8-4d90-a490-35800e9f170e/1/RPTFphl4VJskg4j530SdKpXhCgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.152.0/22
IPv6:
2a06:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
51:05:3b:ef:bf:60:f6:58:88:40:08:6f:d5:91:ae:4e:73:f3:
0d:0f:05:13:ef:60:7e:62:cf:09:6b:4b:77:83:1e:91:bb:37:
57:a5:90:83:5f:ce:bb:a5:ec:d0:f7:80:78:d6:6e:b9:32:d5:
0e:6c:42:26:fb:cf:a7:7a:37:96:6c:6b:ca:ef:f9:35:ce:63:
a7:6e:cf:4b:95:1f:ef:fc:c5:99:56:a2:8c:71:ee:17:23:63:
21:d5:ed:00:24:fc:e8:2b:5d:b8:5a:6e:b2:e0:20:30:15:bf:
8a:db:fa:75:28:50:ef:4b:c0:56:f4:3c:d2:c0:ec:6b:9e:b7:
17:69:df:e4:74:e9:9d:b3:3a:30:43:5c:1d:b2:6b:5d:f8:9e:
01:00:d1:97:f2:16:99:de:f5:63:e4:ef:00:5d:9a:13:e5:11:
33:d6:bd:09:55:b6:a7:08:7b:d5:d8:bb:89:14:c2:5a:fa:1f:
7b:ad:7d:ee:67:4e:1f:00:14:fb:9b:e2:5c:99:88:94:d5:fb:
b1:6d:57:85:e0:de:43:24:c7:b2:a8:74:26:69:db:b5:37:7c:
b9:9e:c2:50:70:d7:dd:66:ae:15:e9:50:21:b2:df:28:13:fa:
07:a0:9d:a0:ac:e8:78:36:e5:43:10:78:ec:6b:29:c1:0a:82:
f0:01:7e:15
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEp1p2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NGY0YzVhNjE5Nzg1NDliMjQ4Mzg4ZjlkZjQ0OWQyYTk1ZTEwYTA3MB4XDTIyMDEw
MTA1MDQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkyNzY0ZDg4NmIw
NjQzMTM4ZTgzZjNhZWIzYTg2OWRkYzA0OWZlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4RRdnM/D2Kk+myORw0B/hntvYchqvAALWWIVC5M68LoraO
DeB/EM0G6Suo5Uohzk9q6gDbw2mo7akUGzt3gQ867pE5PsH7JkvGQLCBUBE5mTeG
Ar1W02+CF13egL/4+BheGKk4dqVBwO4CR/hmTdYMls0UVwrr13SrFoenCmdbPqOM
Quf/zrQsrTVZ51gYFLIEQepAsojD0dEKqIfpYG497YAzNrMZfg2nqZYvvgzJ6sfB
3C7h5CFD8VOviRmPy9m8lgPXH2AnOlVknc9awRNKHka9IOPomLOlhI12NF755csj
uuZau7FlEEpeENNCWIgioeb+SjCK7WjkHQijdKkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQpJ2TYhrBkMTjoPzrrOoad3ASf7DAfBgNVHSMEGDAWgBRE9MWmGXhUmySD
iPnfRJ0qleEKBzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JQVEZwaGw0Vkpza2c0ajUzMFNkS3BYaENnYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvZTVjOGRmLTRlZjgtNGQ5MC1hNDkwLTM1ODAwZTlmMTcwZS8x
L0tTZGsySWF3WkRFNDZEODY2enFHbmR3RW4tdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
ZTVjOGRmLTRlZjgtNGQ5MC1hNDkwLTM1ODAwZTlmMTcwZS8xL1JQVEZwaGw0Vkpz
a2c0ajUzMFNkS3BYaENnYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlpmDANBAIAAjAHAwUDKgbxwDAN
BgkqhkiG9w0BAQsFAAOCAQEAUQU7779g9liIQAhv1ZGuTnPzDQ8FE+9gfmLPCWtL
d4Mekbs3V6WQg1/Ou6Xs0PeAeNZuuTLVDmxCJvvPp3o3lmxryu/5Nc5jp27PS5Uf
7/zFmVaijHHuFyNjIdXtACT86CtduFpusuAgMBW/itv6dShQ70vAVvQ80sDsa563
F2nf5HTpnbM6MENcHbJrXfieAQDRl/IWmd71Y+TvAF2aE+URM9a9CVW2pwh71di7
iRTCWvofe6197mdOHwAU+5viXJmIlNX7sW1XheDeQyTHsqh0JmnbtTd8uZ7CUHDX
3WauFelQIbLfKBP6B6CdoKzoeDblQxB47GspwQqC8AF+FQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:42 2024 by rpki-client on console-ams.rpki-client.org