Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/KNVoomIOeE_5PTFvD26DBHrjHOo.roa
File: KNVoomIOeE_5PTFvD26DBHrjHOo.roa (raw, json)
Hash identifier: iXZvc0qkemHYtYT+Hl4aY5HBoN4lbXsVVawX/v+zcNU=
Subject key identifier: 28:D5:68:A2:62:0E:78:4F:F9:3D:31:6F:0F:6E:83:04:7A:E3:1C:EA
Certificate issuer: /CN=2450ca4aab2a3f8abc6c973aa7c0fa13f2571081
Certificate serial: 08D72CC0
Authority key identifier: 24:50:CA:4A:AB:2A:3F:8A:BC:6C:97:3A:A7:C0:FA:13:F2:57:10:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFDKSqsqP4q8bJc6p8D6E_JXEIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/KNVoomIOeE_5PTFvD26DBHrjHOo.roa
Signing time: Mon 04 Jul 2022 14:23:25 +0000
ROA not before: Mon 04 Jul 2022 14:23:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16190
IP address blocks: 91.195.255.0/24 maxlen: 24
91.195.254.0/24 maxlen: 24
91.195.254.0/23 maxlen: 23
2.56.206.0/23 maxlen: 23
2.56.204.0/23 maxlen: 23
2.56.204.0/22 maxlen: 22
91.198.109.0/24 maxlen: 24
91.198.108.0/24 maxlen: 24
91.198.108.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148319424 (0x8d72cc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2450ca4aab2a3f8abc6c973aa7c0fa13f2571081
Validity
Not Before: Jul 4 14:23:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28d568a2620e784ff93d316f0f6e83047ae31cea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:dc:26:18:a3:0a:df:1d:65:c8:0e:84:e9:11:
f0:f3:81:b8:96:58:d0:00:d6:49:d8:4c:a5:d5:4b:
d9:c8:0f:a9:13:18:52:57:8c:f1:de:89:63:4f:f7:
6e:00:da:5d:54:aa:76:4a:79:8c:9d:9e:3f:36:f6:
94:7f:8a:fc:9b:81:3b:40:be:ac:d8:7d:d6:c5:db:
ca:bb:59:db:ce:50:e4:e5:b2:3a:45:04:24:4e:51:
3e:43:ab:2b:99:b7:f4:65:dc:2e:d3:99:09:cb:47:
bf:10:11:f0:0b:d2:23:e0:bc:87:9d:3c:5d:23:90:
58:73:9a:71:9b:e4:d1:db:1f:d4:45:81:b9:7d:6e:
3e:4f:3c:16:d6:ca:97:56:af:90:4f:66:fa:67:3b:
07:fc:1a:ca:dc:37:98:eb:d8:84:a7:f6:ab:18:8b:
30:6d:7a:c7:48:ad:ec:0b:3b:5a:a6:74:79:94:7b:
b0:78:c6:94:e3:54:13:53:10:73:f9:f0:e0:5d:6f:
08:36:4a:24:b0:f1:66:a9:cf:b9:6e:ba:4b:58:5a:
c8:23:75:0b:56:04:93:93:5c:41:68:40:ed:7d:0a:
b2:29:23:13:77:bd:af:a6:97:33:3f:19:bc:3d:c5:
07:92:8b:54:e6:0d:91:6f:be:cd:14:10:ae:07:e2:
af:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D5:68:A2:62:0E:78:4F:F9:3D:31:6F:0F:6E:83:04:7A:E3:1C:EA
X509v3 Authority Key Identifier:
keyid:24:50:CA:4A:AB:2A:3F:8A:BC:6C:97:3A:A7:C0:FA:13:F2:57:10:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFDKSqsqP4q8bJc6p8D6E_JXEIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/KNVoomIOeE_5PTFvD26DBHrjHOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/219c6f-e30f-4a9e-acc0-e0d576d5577a/1/JFDKSqsqP4q8bJc6p8D6E_JXEIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.204.0/22
91.195.254.0/23
91.198.108.0/23
Signature Algorithm: sha256WithRSAEncryption
74:f6:f3:d8:6a:b3:25:54:40:66:b2:d4:dc:af:e5:c5:2c:ca:
8b:84:15:66:de:ef:bd:03:f0:39:d4:db:2f:df:29:04:c5:ca:
f7:24:de:4d:ad:ac:56:d4:99:f1:25:b3:46:6c:ca:53:32:c9:
be:35:36:35:f9:24:8e:7d:ec:93:0d:05:45:83:9f:e6:00:e8:
7b:4f:9f:e6:fe:9b:47:55:31:e6:a6:3e:2b:e9:22:63:77:ec:
f4:25:d6:09:1d:72:ec:d7:6d:0a:91:04:44:03:e3:8e:0b:74:
bc:ba:97:26:4c:39:40:24:2d:2e:d4:a5:07:3e:93:74:fb:7e:
5a:c1:f2:65:62:08:93:1b:e2:4d:93:68:e8:d6:c3:41:2d:8b:
86:fe:96:e7:12:19:cf:7e:59:82:c7:9c:23:5b:95:b3:ff:dd:
44:f1:05:54:c5:0f:ff:26:52:5b:92:79:b8:c7:f9:e0:5e:64:
dc:8d:74:8a:6b:4d:43:a3:5c:45:72:3c:dd:06:15:e6:19:db:
73:60:75:00:5c:a1:5e:0f:4e:55:25:d9:d5:a4:f5:a6:ee:5d:
c9:ed:4a:5d:19:33:02:a9:b7:2e:77:45:28:b4:1f:34:1c:7c:
7d:97:d5:9c:d2:3f:d5:45:df:c4:c0:92:48:7f:18:67:16:1d:
81:d9:b3:86
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECNcswDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NDUwY2E0YWFiMmEzZjhhYmM2Yzk3M2FhN2MwZmExM2YyNTcxMDgxMB4XDTIyMDcw
NDE0MjMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhkNTY4YTI2MjBl
Nzg0ZmY5M2QzMTZmMGY2ZTgzMDQ3YWUzMWNlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzcJhijCt8dZcgOhOkR8POBuJZY0ADWSdhMpdVL2cgPqRMY
UleM8d6JY0/3bgDaXVSqdkp5jJ2ePzb2lH+K/JuBO0C+rNh91sXbyrtZ285Q5OWy
OkUEJE5RPkOrK5m39GXcLtOZCctHvxAR8AvSI+C8h508XSOQWHOacZvk0dsf1EWB
uX1uPk88FtbKl1avkE9m+mc7B/waytw3mOvYhKf2qxiLMG16x0it7As7WqZ0eZR7
sHjGlONUE1MQc/nw4F1vCDZKJLDxZqnPuW66S1hayCN1C1YEk5NcQWhA7X0Ksikj
E3e9r6aXMz8ZvD3FB5KLVOYNkW++zRQQrgfir8kCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQo1WiiYg54T/k9MW8PboMEeuMc6jAfBgNVHSMEGDAWgBQkUMpKqyo/irxs
lzqnwPoT8lcQgTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pGREtTcXNxUDRxOGJKYzZwOEQ2RV9KWEVJRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWUvMjE5YzZmLWUzMGYtNGE5ZS1hY2MwLWUwZDU3NmQ1NTc3YS8x
L0tOVm9vbUlPZUVfNVBURnZEMjZEQkhyakhPby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUv
MjE5YzZmLWUzMGYtNGE5ZS1hY2MwLWUwZDU3NmQ1NTc3YS8xL0pGREtTcXNxUDRx
OGJKYzZwOEQ2RV9KWEVJRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAgI4zAMEAVvD/gMEAVvGbDANBgkq
hkiG9w0BAQsFAAOCAQEAdPbz2GqzJVRAZrLU3K/lxSzKi4QVZt7vvQPwOdTbL98p
BMXK9yTeTa2sVtSZ8SWzRmzKUzLJvjU2Nfkkjn3skw0FRYOf5gDoe0+f5v6bR1Ux
5qY+K+kiY3fs9CXWCR1y7NdtCpEERAPjjgt0vLqXJkw5QCQtLtSlBz6TdPt+WsHy
ZWIIkxviTZNo6NbDQS2Lhv6W5xIZz35ZgsecI1uVs//dRPEFVMUP/yZSW5J5uMf5
4F5k3I10imtNQ6NcRXI83QYV5hnbc2B1AFyhXg9OVSXZ1aT1pu5dye1KXRkzAqm3
LndFKLQfNBx8fZfVnNI/1UXfxMCSSH8YZxYdgdmzhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:44 2024 by rpki-client on console-fra.rpki-client.org