Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/KPzCb9RXyDnDWTfM_8hwlK2tb10.roa
File: KPzCb9RXyDnDWTfM_8hwlK2tb10.roa (raw, json)
Hash identifier: bFVn8U40LpgD/9wGscc+9Xxf1IOlgX5aPzKoY+yKIak=
Subject key identifier: 28:FC:C2:6F:D4:57:C8:39:C3:59:37:CC:FF:C8:70:94:AD:AD:6F:5D
Certificate issuer: /CN=05881f357ea6680dde52a2a9bfbbb6ed4385d8d9
Certificate serial: 053A4389
Authority key identifier: 05:88:1F:35:7E:A6:68:0D:DE:52:A2:A9:BF:BB:B6:ED:43:85:D8:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BYgfNX6maA3eUqKpv7u27UOF2Nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/KPzCb9RXyDnDWTfM_8hwlK2tb10.roa
Signing time: Sat 01 Jan 2022 09:56:29 +0000
ROA not before: Sat 01 Jan 2022 09:56:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8240
IP address blocks: 185.172.24.0/22 maxlen: 22
195.80.96.0/19 maxlen: 19
213.184.32.0/19 maxlen: 19
2a02:88::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87704457 (0x53a4389)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05881f357ea6680dde52a2a9bfbbb6ed4385d8d9
Validity
Not Before: Jan 1 09:56:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28fcc26fd457c839c35937ccffc87094adad6f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3e:fc:a0:70:03:72:01:93:33:6a:75:38:c8:
ee:fc:8b:78:af:d3:1e:a4:77:59:61:8d:a5:b3:4b:
07:aa:64:8f:3e:54:66:73:31:c9:f9:6c:9b:12:e0:
c2:bf:ab:d3:a2:af:64:e4:0d:b1:c2:d7:a6:6b:2a:
df:43:f6:83:50:4f:56:cb:d4:a4:c3:7b:7a:fc:f9:
28:10:fb:7a:13:5d:a4:ea:9b:79:c7:42:b7:a4:12:
ab:3f:75:a8:2d:7a:74:05:ba:ea:e6:e7:ae:81:da:
cd:d0:fe:46:42:55:c7:2a:6a:fd:4e:d6:48:0d:ca:
aa:23:37:d5:3b:22:9e:f0:ce:57:13:5c:1e:5b:70:
06:19:43:a6:92:b2:b7:17:06:29:26:09:63:d2:85:
56:6f:5d:b7:fd:ab:f6:44:fd:ee:67:84:ed:a8:f4:
9e:28:b4:71:54:e1:ce:6e:a9:53:83:a0:4c:58:b1:
86:31:24:17:12:77:f8:12:af:ba:1c:3d:fb:3c:50:
cc:97:ce:8a:60:1c:d3:9a:26:31:e0:ea:97:9f:06:
64:2a:3d:d1:73:b3:9b:1d:c3:39:2b:74:2a:73:52:
d8:2d:c0:c4:77:2e:69:dc:4e:22:26:02:49:a8:4c:
de:32:53:3c:76:d5:e2:9a:a1:72:95:d5:b9:f3:4a:
45:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FC:C2:6F:D4:57:C8:39:C3:59:37:CC:FF:C8:70:94:AD:AD:6F:5D
X509v3 Authority Key Identifier:
keyid:05:88:1F:35:7E:A6:68:0D:DE:52:A2:A9:BF:BB:B6:ED:43:85:D8:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYgfNX6maA3eUqKpv7u27UOF2Nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/KPzCb9RXyDnDWTfM_8hwlK2tb10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/BYgfNX6maA3eUqKpv7u27UOF2Nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.24.0/22
195.80.96.0/19
213.184.32.0/19
IPv6:
2a02:88::/32
Signature Algorithm: sha256WithRSAEncryption
34:31:47:32:34:eb:b1:4e:35:ce:e0:af:fc:7c:f5:a8:d1:27:
40:5b:03:5d:5e:2d:df:75:b2:99:4a:b9:6a:e5:0b:4c:b3:b2:
02:0a:02:40:71:f3:2d:82:46:43:17:a9:91:48:0f:a6:68:e4:
34:c3:34:31:03:50:b0:d5:87:a6:a7:38:16:ea:27:3c:a5:f9:
d8:e0:59:ee:4e:39:ad:ac:a0:e7:e5:04:ef:a2:0f:dd:9f:54:
eb:51:fe:cb:29:dd:92:85:42:10:06:eb:e5:ae:87:fa:d7:bc:
f3:81:95:24:23:0b:ab:0f:92:d0:eb:a6:1e:df:01:1d:69:4c:
58:37:72:67:32:62:77:7d:02:05:cb:58:ec:30:2a:95:38:db:
c3:15:6a:cf:f1:4d:72:2e:b3:1a:35:68:f3:2c:41:e0:b7:e8:
0a:cf:ff:f5:7c:e7:dd:74:32:0a:0d:fd:50:ed:0a:1d:3b:b7:
97:bf:13:15:b2:c3:cf:76:58:d9:e9:18:1d:3a:ec:40:6f:12:
42:46:2c:d3:21:6c:48:a2:93:8e:62:c5:90:9e:8e:37:7b:7e:
ed:6d:f3:92:ac:c8:02:23:37:9c:83:d8:e5:fc:ce:90:7f:63:
2d:2c:5a:e5:fc:6d:0f:4b:3d:c3:6a:2e:57:b4:43:49:cf:b8:
dc:61:d6:ef
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBTpDiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTg4MWYzNTdlYTY2ODBkZGU1MmEyYTliZmJiYjZlZDQzODVkOGQ5MB4XDTIyMDEw
MTA5NTYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhmY2MyNmZkNDU3
YzgzOWMzNTkzN2NjZmZjODcwOTRhZGFkNmY1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM0+/KBwA3IBkzNqdTjI7vyLeK/THqR3WWGNpbNLB6pkjz5U
ZnMxyflsmxLgwr+r06KvZOQNscLXpmsq30P2g1BPVsvUpMN7evz5KBD7ehNdpOqb
ecdCt6QSqz91qC16dAW66ubnroHazdD+RkJVxypq/U7WSA3KqiM31TsinvDOVxNc
HltwBhlDppKytxcGKSYJY9KFVm9dt/2r9kT97meE7aj0nii0cVThzm6pU4OgTFix
hjEkFxJ3+BKvuhw9+zxQzJfOimAc05omMeDql58GZCo90XOzmx3DOSt0KnNS2C3A
xHcuadxOIiYCSahM3jJTPHbV4pqhcpXVufNKReMCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQo/MJv1FfIOcNZN8z/yHCUra1vXTAfBgNVHSMEGDAWgBQFiB81fqZoDd5S
oqm/u7btQ4XY2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JZZ2ZOWDZtYUEzZVVxS3B2N3UyN1VPRjJOay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvYWJjMTAzLWNlNjYtNGZjYy04ZmUxLTNjOTFhZDRiM2UwOC8x
L0tQekNiOVJYeURuRFdUZk1fOGh3bEsydGIxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
YWJjMTAzLWNlNjYtNGZjYy04ZmUxLTNjOTFhZDRiM2UwOC8xL0JZZ2ZOWDZtYUEz
ZVVxS3B2N3UyN1VPRjJOay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArmsGAMEBcNQYAMEBdW4IDANBAIA
AjAHAwUAKgIAiDANBgkqhkiG9w0BAQsFAAOCAQEANDFHMjTrsU41zuCv/Hz1qNEn
QFsDXV4t33WymUq5auULTLOyAgoCQHHzLYJGQxepkUgPpmjkNMM0MQNQsNWHpqc4
FuonPKX52OBZ7k45rayg5+UE76IP3Z9U61H+yyndkoVCEAbr5a6H+te884GVJCML
qw+S0OumHt8BHWlMWDdyZzJid30CBctY7DAqlTjbwxVqz/FNci6zGjVo8yxB4Lfo
Cs//9Xzn3XQyCg39UO0KHTu3l78TFbLDz3ZY2ekYHTrsQG8SQkYs0yFsSKKTjmLF
kJ6ON3t+7W3zkqzIAiM3nIPY5fzOkH9jLSxa5fxtD0s9w2ouV7RDSc+43GHW7w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:21 2023 by rpki-client on console-fra.rpki-client.org