Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/Kg5U1CCwPoXHhXDGwuChlPzVIO0.roa
File: Kg5U1CCwPoXHhXDGwuChlPzVIO0.roa (raw, json)
Hash identifier: U5pYhgRlKonB6ASy2vbRAhMg/rk7fecgZqBl4vrLA5w=
Subject key identifier: 2A:0E:54:D4:20:B0:3E:85:C7:85:70:C6:C2:E0:A1:94:FC:D5:20:ED
Certificate issuer: /CN=84a3cf114be4fa4c4ff76b218fad50e51739160d
Certificate serial: 01428741
Authority key identifier: 84:A3:CF:11:4B:E4:FA:4C:4F:F7:6B:21:8F:AD:50:E5:17:39:16:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/Kg5U1CCwPoXHhXDGwuChlPzVIO0.roa
Signing time: Sat 01 Jan 2022 04:02:23 +0000
ROA not before: Sat 01 Jan 2022 04:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212140
IP address blocks: 185.205.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21137217 (0x1428741)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84a3cf114be4fa4c4ff76b218fad50e51739160d
Validity
Not Before: Jan 1 04:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a0e54d420b03e85c78570c6c2e0a194fcd520ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:c7:75:75:80:8b:b5:6b:cf:cc:98:ce:49:87:
41:89:f2:8a:41:73:97:63:7b:82:54:6c:87:2f:af:
42:1a:9e:60:14:02:7a:70:56:27:49:90:0b:48:5d:
40:c1:13:a8:79:35:fc:98:a3:a2:67:66:74:d7:63:
25:59:8d:fc:f2:e9:c7:b8:9e:81:3f:47:6b:51:7a:
23:ea:64:93:e5:b5:5d:81:d3:f5:29:ab:4a:0c:58:
df:68:d3:bd:62:a5:ee:e4:52:b5:91:d2:98:c3:19:
38:64:f7:0f:ff:19:e0:6b:88:75:1e:98:bf:f7:05:
e0:3e:0e:79:d5:73:b5:28:27:d9:0c:bc:f3:5c:14:
07:ed:62:66:57:d1:72:37:1e:ab:ca:4e:9d:e2:0a:
a9:3f:5a:f4:a5:aa:52:0b:a8:a2:ca:64:25:80:f6:
38:38:39:e2:6c:93:92:b5:46:15:72:59:d5:68:bc:
a6:8d:27:4f:8b:c8:0d:12:eb:ba:8b:d4:c6:56:98:
53:28:67:8b:b8:3c:32:8c:07:4c:b7:cc:71:7c:f0:
20:be:01:00:24:89:80:e9:90:6e:3d:e3:85:b7:e7:
18:40:23:70:ff:9b:58:aa:6b:8b:2e:8a:2d:f0:ce:
45:b9:80:8f:61:58:09:e6:ee:be:9b:ee:a8:d1:56:
ce:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0E:54:D4:20:B0:3E:85:C7:85:70:C6:C2:E0:A1:94:FC:D5:20:ED
X509v3 Authority Key Identifier:
keyid:84:A3:CF:11:4B:E4:FA:4C:4F:F7:6B:21:8F:AD:50:E5:17:39:16:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hKPPEUvk-kxP92shj61Q5Rc5Fg0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/Kg5U1CCwPoXHhXDGwuChlPzVIO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/605f46-7d4c-46b8-baa5-539329bed46e/1/hKPPEUvk-kxP92shj61Q5Rc5Fg0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.71.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:e5:76:09:f4:b7:13:6f:5c:57:de:b5:07:a6:c9:a1:91:8c:
28:1a:b2:ca:4c:02:b9:08:53:5d:69:41:e3:57:46:cc:13:3a:
e7:b9:3a:d1:9b:0b:cf:54:bb:dd:c0:bb:c2:bf:35:77:9b:b7:
88:be:9f:c1:9d:60:62:cd:00:67:7c:a3:25:9b:69:c6:47:7a:
4a:c8:79:98:d5:79:0d:bf:9b:eb:8c:be:dd:4b:a9:ef:aa:d5:
ec:a8:5c:32:d3:06:43:e6:1e:f9:1d:f7:b1:63:e8:2d:ac:a2:
8e:5a:19:dd:8a:48:26:30:9b:ed:d1:49:cb:24:0c:de:0a:7e:
e6:63:97:2b:46:60:de:bf:3b:f0:ef:8b:a7:b4:5f:2f:35:23:
02:58:a9:7b:04:c5:3b:cd:88:63:13:b7:0f:2d:04:e7:f1:43:
dd:ca:2c:18:5d:b6:f9:20:21:a0:72:29:f8:56:7c:39:5d:61:
0f:61:e8:d8:d0:13:3b:8a:fd:13:d3:c2:c6:4e:cb:5b:3c:a1:
45:17:ce:85:01:3a:e9:14:57:ed:c3:03:30:10:e3:c8:fa:aa:
9a:5d:08:e8:8b:b5:eb:6b:9f:b1:2b:af:49:b6:b4:39:90:49:
3b:86:04:9c:b0:88:32:ef:fc:07:39:31:69:56:87:04:c9:48:
87:4a:6d:76
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAUKHQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGEzY2YxMTRiZTRmYTRjNGZmNzZiMjE4ZmFkNTBlNTE3MzkxNjBkMB4XDTIyMDEw
MTA0MDIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmEwZTU0ZDQyMGIw
M2U4NWM3ODU3MGM2YzJlMGExOTRmY2Q1MjBlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPXHdXWAi7Vrz8yYzkmHQYnyikFzl2N7glRshy+vQhqeYBQC
enBWJ0mQC0hdQMETqHk1/JijomdmdNdjJVmN/PLpx7iegT9Ha1F6I+pkk+W1XYHT
9SmrSgxY32jTvWKl7uRStZHSmMMZOGT3D/8Z4GuIdR6Yv/cF4D4OedVztSgn2Qy8
81wUB+1iZlfRcjceq8pOneIKqT9a9KWqUguoospkJYD2ODg54myTkrVGFXJZ1Wi8
po0nT4vIDRLruovUxlaYUyhni7g8MowHTLfMcXzwIL4BACSJgOmQbj3jhbfnGEAj
cP+bWKpriy6KLfDORbmAj2FYCebuvpvuqNFWzhsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQqDlTUILA+hceFcMbC4KGU/NUg7TAfBgNVHSMEGDAWgBSEo88RS+T6TE/3
ayGPrVDlFzkWDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hLUFBFVXZrLWt4UDkyc2hqNjFRNVJjNUZnMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvNjA1ZjQ2LTdkNGMtNDZiOC1iYWE1LTUzOTMyOWJlZDQ2ZS8x
L0tnNVUxQ0N3UG9YSGhYREd3dUNobFB6VklPMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
NjA1ZjQ2LTdkNGMtNDZiOC1iYWE1LTUzOTMyOWJlZDQ2ZS8xL2hLUFBFVXZrLWt4
UDkyc2hqNjFRNVJjNUZnMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnNRzANBgkqhkiG9w0BAQsFAAOC
AQEAiuV2CfS3E29cV961B6bJoZGMKBqyykwCuQhTXWlB41dGzBM657k60ZsLz1S7
3cC7wr81d5u3iL6fwZ1gYs0AZ3yjJZtpxkd6Ssh5mNV5Db+b64y+3Uup76rV7Khc
MtMGQ+Ye+R33sWPoLayijloZ3YpIJjCb7dFJyyQM3gp+5mOXK0Zg3r878O+Lp7Rf
LzUjAlipewTFO82IYxO3Dy0E5/FD3cosGF22+SAhoHIp+FZ8OV1hD2Ho2NATO4r9
E9PCxk7LWzyhRRfOhQE66RRX7cMDMBDjyPqqml0I6Iu162ufsSuvSba0OZBJO4YE
nLCIMu/8BzkxaVaHBMlIh0ptdg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:31 2024 by rpki-client on console-ams.rpki-client.org