Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d201e6-906e-47d8-8923-6efab9b176d9/1/KrJ3OicmrPtvRwqyWHDg5Ext_HI.roa
File: KrJ3OicmrPtvRwqyWHDg5Ext_HI.roa (raw, json)
Hash identifier: RKswhkTh2Vd3qp8IdN7pe7kPJ8qXS2cGuVoWMvgQr3s=
Subject key identifier: 2A:B2:77:3A:27:26:AC:FB:6F:47:0A:B2:58:70:E0:E4:4C:6D:FC:72
Certificate issuer: /CN=ecccc2b909c7c815caccb5fce531c32526fadd5a
Certificate serial: 01849C4BAD9C3045CE9AD858EE7047F98B2F
Authority key identifier: EC:CC:C2:B9:09:C7:C8:15:CA:CC:B5:FC:E5:31:C3:25:26:FA:DD:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7MzCuQnHyBXKzLX85THDJSb63Vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/d201e6-906e-47d8-8923-6efab9b176d9/1/KrJ3OicmrPtvRwqyWHDg5Ext_HI.roa
Signing time: Mon 21 Nov 2022 22:25:16 +0000
ROA not before: Mon 21 Nov 2022 22:25:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29044
IP address blocks: 195.68.196.0/24 maxlen: 24
195.68.196.0/23 maxlen: 23
195.68.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9c:4b:ad:9c:30:45:ce:9a:d8:58:ee:70:47:f9:8b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecccc2b909c7c815caccb5fce531c32526fadd5a
Validity
Not Before: Nov 21 22:25:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ab2773a2726acfb6f470ab25870e0e44c6dfc72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e7:c2:cb:8d:6a:7d:e9:df:7a:c4:fe:9b:17:
70:d9:d6:82:6d:67:16:18:29:18:82:1e:d9:0b:b1:
c0:c4:22:bc:92:ad:d8:4f:31:83:bc:69:91:ed:4e:
55:e5:2e:a1:62:fd:a0:36:52:3d:a8:ce:d0:dc:98:
87:9e:50:f9:22:60:70:e1:52:d0:88:06:35:45:b7:
60:47:65:a7:c5:3e:f7:71:4e:70:0a:94:d9:01:e2:
ec:ce:77:73:3a:ae:74:ac:6e:c2:63:2e:cb:71:78:
39:a2:d4:a2:e2:50:3c:79:78:4a:33:0c:96:53:c8:
fd:69:4b:4f:3c:59:d5:0a:66:11:c0:aa:70:79:51:
48:a1:ee:b9:7d:46:d4:bb:a0:86:dc:a8:bc:45:8b:
1a:75:1d:98:51:41:6f:7a:1c:6e:ff:41:cd:a1:0b:
ff:54:74:d6:7e:f9:01:ef:00:c8:6b:9e:24:38:9a:
f7:ee:a2:b6:fd:9f:b3:85:87:9d:b4:a5:99:04:c2:
82:ea:22:10:d2:e0:6a:2f:8f:50:a5:f7:27:dd:92:
f3:01:4f:c8:7d:1b:2b:de:f6:2f:46:6f:ce:5f:a1:
98:dc:69:d1:3c:92:38:e9:52:9d:fe:e1:e0:4c:22:
08:e1:59:25:aa:0d:ae:71:3e:e3:dc:cb:ec:0e:cb:
b6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B2:77:3A:27:26:AC:FB:6F:47:0A:B2:58:70:E0:E4:4C:6D:FC:72
X509v3 Authority Key Identifier:
keyid:EC:CC:C2:B9:09:C7:C8:15:CA:CC:B5:FC:E5:31:C3:25:26:FA:DD:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7MzCuQnHyBXKzLX85THDJSb63Vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d201e6-906e-47d8-8923-6efab9b176d9/1/KrJ3OicmrPtvRwqyWHDg5Ext_HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d201e6-906e-47d8-8923-6efab9b176d9/1/7MzCuQnHyBXKzLX85THDJSb63Vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.68.196.0/23
Signature Algorithm: sha256WithRSAEncryption
74:f2:41:68:c2:6c:7a:4f:3f:4a:6c:24:62:c2:c8:36:51:03:
c9:90:86:96:46:7a:02:2b:41:e6:37:2b:cf:99:65:07:ce:48:
35:52:a3:5f:9b:8e:1d:bb:f8:b2:61:d8:89:7f:37:28:af:dc:
ec:61:19:f1:c4:f6:e6:ec:9b:4b:bb:01:00:35:18:84:54:76:
77:9a:42:14:b5:79:a9:b2:71:df:70:7a:17:74:e0:c1:93:7c:
24:17:cd:9d:f5:22:82:e7:25:bb:40:23:31:5f:bb:e8:24:7d:
6e:ff:82:77:12:22:48:7d:50:5a:30:ec:29:55:84:cc:2f:31:
4e:04:20:ca:98:95:63:e7:57:6e:57:3d:80:38:4c:61:1a:6b:
3b:67:23:cb:18:ee:52:c4:67:73:d6:47:ec:ba:44:d0:84:92:
96:59:9d:93:1a:8e:f6:ae:98:fd:7b:46:78:79:31:1d:bb:bc:
53:77:cf:3d:71:9b:d9:ab:8a:b7:16:c8:6a:c0:d5:a1:93:00:
4c:23:e1:4b:fb:4d:d1:a6:92:3d:99:87:b9:fd:30:58:5f:19:
d6:46:a3:03:dd:e9:59:f9:01:53:a4:fe:fc:e5:b3:4b:e8:f1:
bb:23:61:77:be:76:c5:1c:c1:d2:4b:c6:7a:1e:51:0f:88:89:
f0:09:a1:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYScS62cMEXOmthY7nBH+YsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjY2NjMmI5MDljN2M4MTVjYWNjYjVmY2U1MzFjMzI1MjZm
YWRkNWEwHhcNMjIxMTIxMjIyNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWIyNzczYTI3MjZhY2ZiNmY0NzBhYjI1ODcwZTBlNDRjNmRmYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhefCy41qfenfesT+mxdw2daCbWcW
GCkYgh7ZC7HAxCK8kq3YTzGDvGmR7U5V5S6hYv2gNlI9qM7Q3JiHnlD5ImBw4VLQ
iAY1RbdgR2WnxT73cU5wCpTZAeLszndzOq50rG7CYy7LcXg5otSi4lA8eXhKMwyW
U8j9aUtPPFnVCmYRwKpweVFIoe65fUbUu6CG3Ki8RYsadR2YUUFvehxu/0HNoQv/
VHTWfvkB7wDIa54kOJr37qK2/Z+zhYedtKWZBMKC6iIQ0uBqL49Qpfcn3ZLzAU/I
fRsr3vYvRm/OX6GY3GnRPJI46VKd/uHgTCII4Vklqg2ucT7j3MvsDsu2LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqydzonJqz7b0cKslhw4ORMbfxyMB8GA1UdIwQY
MBaAFOzMwrkJx8gVysy1/OUxwyUm+t1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN016Q3VRbkh5QlhLekxYODVUSERKU2I2M1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjAxZTYtOTA2ZS00N2Q4LTg5MjMt
NmVmYWI5YjE3NmQ5LzEvS3JKM09pY21yUHR2UndxeVdIRGc1RXh0X0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjAxZTYtOTA2ZS00N2Q4LTg5MjMtNmVmYWI5YjE3NmQ5
LzEvN016Q3VRbkh5QlhLekxYODVUSERKU2I2M1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw0TEMA0G
CSqGSIb3DQEBCwUAA4IBAQB08kFowmx6Tz9KbCRiwsg2UQPJkIaWRnoCK0HmNyvP
mWUHzkg1UqNfm44du/iyYdiJfzcor9zsYRnxxPbm7JtLuwEANRiEVHZ3mkIUtXmp
snHfcHoXdODBk3wkF82d9SKC5yW7QCMxX7voJH1u/4J3EiJIfVBaMOwpVYTMLzFO
BCDKmJVj51duVz2AOExhGms7ZyPLGO5SxGdz1kfsukTQhJKWWZ2TGo72rpj9e0Z4
eTEdu7xTd889cZvZq4q3FshqwNWhkwBMI+FL+03RppI9mYe5/TBYXxnWRqMD3elZ
+QFTpP785bNL6PG7I2F3vnbFHMHSS8Z6HlEPiInwCaHB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:27 2024 by rpki-client on console-fra.rpki-client.org