Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/KWU309rYZ7GcctjGmX4B2NRK3YE.roa
File: KWU309rYZ7GcctjGmX4B2NRK3YE.roa (raw, json)
Hash identifier: Aa1DflvH1JV0B8F6iX/58nFcXApR47eeOlmkaTcbluc=
Subject key identifier: 29:65:37:D3:DA:D8:67:B1:9C:72:D8:C6:99:7E:01:D8:D4:4A:DD:81
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0993CED6
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/KWU309rYZ7GcctjGmX4B2NRK3YE.roa
Signing time: Sat 01 Jan 2022 05:04:06 +0000
ROA not before: Sat 01 Jan 2022 05:04:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60807
IP address blocks: 84.236.250.0/24 maxlen: 24
178.156.47.0/24 maxlen: 24
84.236.180.0/24 maxlen: 24
88.148.96.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160681686 (0x993ced6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 1 05:04:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=296537d3dad867b19c72d8c6997e01d8d44add81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:71:47:f2:8a:12:8c:0e:15:6e:48:46:15:07:
d3:e0:3e:31:43:01:68:00:0f:86:d0:90:71:4e:e2:
6f:c1:ee:ea:cd:79:5f:99:93:ed:48:7a:2a:c7:a5:
ca:43:63:52:80:b0:fb:c5:62:93:e4:67:a6:0a:da:
99:2c:cf:c3:af:c8:f5:66:2c:3a:94:56:c4:18:78:
d9:55:ce:4c:4d:28:34:52:85:9b:57:b4:f1:2b:17:
92:70:c2:44:43:2a:7b:51:f1:66:ab:f2:48:a2:ea:
16:e0:73:74:7c:d4:bd:18:96:fc:65:7a:fc:bb:d4:
dc:86:b4:04:2b:c3:20:b1:14:13:9f:2a:66:73:be:
7f:40:ab:08:c9:39:91:31:8c:76:a1:76:bb:1f:02:
0c:01:6e:9c:5f:26:e3:ae:88:61:63:18:71:5c:00:
f8:da:ca:84:3e:f2:5a:fd:82:3f:ab:d7:f7:ee:05:
63:75:d3:ce:1d:60:5c:e6:7f:ee:31:1f:29:7b:f3:
0e:97:e3:94:b5:ed:cb:d1:57:ce:0a:79:31:a9:77:
34:09:ce:8c:c1:56:55:46:35:e5:1f:ee:ba:d7:f1:
19:76:fe:ad:a5:a1:13:2d:98:9c:17:70:75:12:12:
c8:c0:75:d3:d7:89:2c:70:28:10:b6:e7:47:73:cf:
0a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:65:37:D3:DA:D8:67:B1:9C:72:D8:C6:99:7E:01:D8:D4:4A:DD:81
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/KWU309rYZ7GcctjGmX4B2NRK3YE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.236.180.0/24
84.236.250.0/24
88.148.96.0/23
178.156.47.0/24
Signature Algorithm: sha256WithRSAEncryption
18:b8:bc:35:0e:be:c8:45:c5:d4:a0:87:16:30:52:88:8d:8b:
f6:62:62:39:11:6e:5f:27:7f:56:64:4f:95:e7:32:38:99:41:
cb:80:d1:c4:3c:e4:25:c7:4d:ee:c4:87:cc:3f:ec:0a:57:cf:
12:cc:1d:fd:0b:7d:aa:ce:ba:66:2e:26:17:13:5d:db:11:a6:
96:1f:46:ce:16:6a:81:9d:c7:9e:27:90:61:a5:b1:0f:f2:4d:
02:21:71:fc:6a:ee:e5:57:c1:41:33:fd:aa:65:0b:e0:51:cb:
85:5d:4c:91:59:02:d1:43:e2:d7:eb:2a:85:35:7e:43:d3:4c:
d7:3d:d3:15:49:ed:82:17:e7:05:a2:04:f3:02:fb:8d:59:3e:
b6:06:25:8f:21:86:f6:b0:d4:6c:a2:2f:e1:5d:4e:c7:e5:f4:
09:f1:1e:04:23:3c:2d:47:55:d3:da:40:a7:fe:97:03:48:51:
e4:2c:ec:70:e7:eb:24:32:1a:df:54:95:60:06:07:67:d7:28:
b8:62:b6:e3:bd:08:d0:d8:d4:63:89:52:d8:31:b3:64:1f:e1:
c3:cd:99:ef:8d:b6:d4:36:55:e7:44:1f:d3:a1:38:9c:78:7a:
fe:8c:34:5b:a2:97:46:c2:33:d5:ca:b8:6f:3d:02:84:25:59:
cb:ff:a8:7b
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECZPO1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMB4XDTIyMDEw
MTA1MDQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk2NTM3ZDNkYWQ4
NjdiMTljNzJkOGM2OTk3ZTAxZDhkNDRhZGQ4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIRxR/KKEowOFW5IRhUH0+A+MUMBaAAPhtCQcU7ib8Hu6s15
X5mT7Uh6KselykNjUoCw+8Vik+RnpgramSzPw6/I9WYsOpRWxBh42VXOTE0oNFKF
m1e08SsXknDCREMqe1HxZqvySKLqFuBzdHzUvRiW/GV6/LvU3Ia0BCvDILEUE58q
ZnO+f0CrCMk5kTGMdqF2ux8CDAFunF8m466IYWMYcVwA+NrKhD7yWv2CP6vX9+4F
Y3XTzh1gXOZ/7jEfKXvzDpfjlLXty9FXzgp5Mal3NAnOjMFWVUY15R/uutfxGXb+
raWhEy2YnBdwdRISyMB109eJLHAoELbnR3PPCr0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQpZTfT2thnsZxy2MaZfgHY1ErdgTAfBgNVHSMEGDAWgBTarxewAV27fNmS
8mzf8BxOJiC3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8x
L0tXVTMwOXJZWjdHY2N0akdtWDRCMk5SSzNZRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Yzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6
Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFTstAMEAFTs+gMEAViUYAMEALKc
LzANBgkqhkiG9w0BAQsFAAOCAQEAGLi8NQ6+yEXF1KCHFjBSiI2L9mJiORFuXyd/
VmRPlecyOJlBy4DRxDzkJcdN7sSHzD/sClfPEswd/Qt9qs66Zi4mFxNd2xGmlh9G
zhZqgZ3HnieQYaWxD/JNAiFx/Gru5VfBQTP9qmUL4FHLhV1MkVkC0UPi1+sqhTV+
Q9NM1z3TFUntghfnBaIE8wL7jVk+tgYljyGG9rDUbKIv4V1Ox+X0CfEeBCM8LUdV
09pAp/6XA0hR5CzscOfrJDIa31SVYAYHZ9couGK2470I0NjUY4lS2DGzZB/hw82Z
74221DZV50Qf06E4nHh6/ow0W6KXRsIz1cq4bz0ChCVZy/+oew==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:20 2023 by rpki-client on console-fra.rpki-client.org