Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/KSYWssbkLKjSqgJ2Ksi59ZzNhwk.roa
File: KSYWssbkLKjSqgJ2Ksi59ZzNhwk.roa (raw, json)
Hash identifier: 01aDqVo2HWctQoDy7xklfteGrA9FiRxzJy0GunBke14=
Subject key identifier: 29:26:16:B2:C6:E4:2C:A8:D2:AA:02:76:2A:C8:B9:F5:9C:CD:87:09
Certificate issuer: /CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Certificate serial: 01835A449FC28EF17988B781ABF560D04654
Authority key identifier: DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/KSYWssbkLKjSqgJ2Ksi59ZzNhwk.roa
Signing time: Tue 20 Sep 2022 09:39:50 +0000
ROA not before: Tue 20 Sep 2022 09:39:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206273
IP address blocks: 185.198.60.0/23 maxlen: 23
185.198.62.0/23 maxlen: 23
178.212.58.0/23 maxlen: 23
31.130.242.0/23 maxlen: 23
31.130.244.0/22 maxlen: 22
91.218.154.0/23 maxlen: 23
2a0a:15c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5a:44:9f:c2:8e:f1:79:88:b7:81:ab:f5:60:d0:46:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Validity
Not Before: Sep 20 09:39:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=292616b2c6e42ca8d2aa02762ac8b9f59ccd8709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:cc:f8:3b:69:4d:e5:76:6b:43:2e:e9:73:65:
a3:ae:d8:30:8d:ca:d0:a9:06:c0:99:98:23:09:78:
66:09:aa:87:5d:56:31:54:90:c4:7e:d7:b0:a7:4e:
c0:4c:28:12:d9:ec:ca:1c:8a:98:dd:94:2b:e7:30:
0b:5c:37:62:e5:61:6d:17:c4:29:26:73:39:e7:d5:
ea:2d:74:52:c7:25:34:86:9c:4f:27:10:fd:ae:38:
b7:25:4e:5a:76:37:55:b1:73:7b:4a:cf:1d:4c:2f:
9b:11:67:a4:9b:23:3c:e1:11:e6:00:79:28:16:77:
8b:3c:6a:94:0f:88:7f:b4:10:81:c6:0f:7d:91:e7:
9b:76:00:5d:dc:e5:e1:d2:d4:ab:4c:62:4f:de:60:
aa:cf:45:98:16:2d:fa:7c:07:d4:89:02:1b:9b:4f:
4f:73:ce:d5:62:83:5b:64:e7:43:24:22:ab:28:50:
fe:0c:fe:d9:4b:48:6d:3e:88:a1:f1:fa:7b:7e:f3:
3d:dd:0f:cf:27:cf:25:71:ca:37:52:ce:ad:21:f2:
95:f6:97:e9:8b:9a:d9:3c:4c:ff:ba:25:9d:0a:70:
63:c2:07:1e:d6:ff:45:8d:5c:88:e5:06:2c:d1:25:
36:cc:24:de:d8:1f:9f:2c:89:38:ea:f4:27:5d:cc:
3d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:26:16:B2:C6:E4:2C:A8:D2:AA:02:76:2A:C8:B9:F5:9C:CD:87:09
X509v3 Authority Key Identifier:
keyid:DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/KSYWssbkLKjSqgJ2Ksi59ZzNhwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.242.0-31.130.247.255
91.218.154.0/23
178.212.58.0/23
185.198.60.0/22
IPv6:
2a0a:15c0::/29
Signature Algorithm: sha256WithRSAEncryption
1e:a8:fc:9d:13:f3:7b:fc:78:cf:7a:1a:9e:87:23:0b:e0:12:
30:11:6a:30:55:76:94:dd:7f:65:03:b8:a6:e2:82:0a:ac:51:
83:65:4c:1d:ad:d5:91:d7:1e:88:f4:16:77:fe:d9:4a:12:0e:
d6:b5:19:92:d8:e8:67:0d:22:3e:92:60:c9:cf:34:52:61:17:
70:81:65:4a:9f:7d:3e:e8:6c:76:15:11:d4:b1:51:76:5b:f2:
d9:67:02:a8:e6:62:a0:e2:85:77:56:80:e1:8f:45:81:29:33:
b8:86:82:bf:fb:c2:3f:18:77:65:0d:70:cb:ab:cd:22:48:63:
1d:95:b1:ce:d4:cc:3c:fe:e0:de:cf:d9:b2:34:7f:86:88:01:
f5:d3:5a:2f:18:2e:63:6e:b3:39:5f:1f:7c:6a:ad:8b:42:16:
33:82:1c:0a:71:e4:f7:1c:b6:db:5d:59:b0:03:c8:e9:99:fc:
f4:a7:a4:6d:65:be:84:8f:45:59:de:8c:c6:c0:38:fa:c6:ac:
a2:47:fe:a5:ff:b6:3f:ae:79:fa:66:df:a0:2b:06:fc:f1:76:
42:ce:c6:3a:d1:62:45:15:58:aa:f3:9b:14:7b:8d:4e:ed:f4:
2f:9b:d9:ab:c9:09:9e:97:ab:16:f4:74:cf:85:9a:62:95:0d:
26:54:72:c9
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYNaRJ/CjvF5iLeBq/Vg0EZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYmU2ZTBhZGFlOGJiNDc4MzkzYWFiMTc1YjYzODY0NGM3
NGNjYjcwHhcNMjIwOTIwMDkzOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTI2MTZiMmM2ZTQyY2E4ZDJhYTAyNzYyYWM4YjlmNTljY2Q4NzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6cz4O2lN5XZrQy7pc2WjrtgwjcrQ
qQbAmZgjCXhmCaqHXVYxVJDEftewp07ATCgS2ezKHIqY3ZQr5zALXDdi5WFtF8Qp
JnM559XqLXRSxyU0hpxPJxD9rji3JU5adjdVsXN7Ss8dTC+bEWekmyM84RHmAHko
FneLPGqUD4h/tBCBxg99keebdgBd3OXh0tSrTGJP3mCqz0WYFi36fAfUiQIbm09P
c87VYoNbZOdDJCKrKFD+DP7ZS0htPoih8fp7fvM93Q/PJ88lcco3Us6tIfKV9pfp
i5rZPEz/uiWdCnBjwgce1v9FjVyI5QYs0SU2zCTe2B+fLIk46vQnXcw9IQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFCkmFrLG5Cyo0qoCdirIufWczYcJMB8GA1UdIwQY
MBaAFN2+bgra6LtHg5OqsXW2OGRMdMy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjkt
NmJhYTNiNTQ4ZDIzLzEvS1NZV3NzYmtMS2pTcWdKMktzaTU5WnpOaHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjktNmJhYTNiNTQ4ZDIz
LzEvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAEfgvID
BAMfgvADBAFb2poDBAGy1DoDBAK5xjwwDQQCAAIwBwMFAyoKFcAwDQYJKoZIhvcN
AQELBQADggEBAB6o/J0T83v8eM96Gp6HIwvgEjARajBVdpTdf2UDuKbiggqsUYNl
TB2t1ZHXHoj0Fnf+2UoSDta1GZLY6GcNIj6SYMnPNFJhF3CBZUqffT7obHYVEdSx
UXZb8tlnAqjmYqDihXdWgOGPRYEpM7iGgr/7wj8Yd2UNcMurzSJIYx2Vsc7UzDz+
4N7P2bI0f4aIAfXTWi8YLmNuszlfH3xqrYtCFjOCHApx5PcctttdWbADyOmZ/PSn
pG1lvoSPRVnejMbAOPrGrKJH/qX/tj+uefpm36ArBvzxdkLOxjrRYkUVWKrzmxR7
jU7t9C+b2avJCZ6Xqxb0dM+FmmKVDSZUcsk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:00 2024 by rpki-client on console-ams.rpki-client.org