Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/KlNYYE1XJXNUTPgZSqqgMkJKLfA.roa
File: KlNYYE1XJXNUTPgZSqqgMkJKLfA.roa (raw, json)
Hash identifier: yx+QVxQREGqKkgftFXyUqzyDuquPfSZ12vtCWCJbNR4=
Subject key identifier: 2A:53:58:60:4D:57:25:73:54:4C:F8:19:4A:AA:A0:32:42:4A:2D:F0
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0C06A3B5
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/KlNYYE1XJXNUTPgZSqqgMkJKLfA.roa
Signing time: Fri 06 May 2022 14:06:18 +0000
ROA not before: Fri 06 May 2022 14:06:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29262
IP address blocks: 185.87.24.0/24 maxlen: 24
185.87.27.0/24 maxlen: 24
185.87.26.0/24 maxlen: 24
185.85.191.0/24 maxlen: 24
185.85.190.0/24 maxlen: 24
185.85.189.0/24 maxlen: 24
185.87.123.0/24 maxlen: 24
185.87.122.0/24 maxlen: 24
185.87.121.0/24 maxlen: 24
185.119.83.0/24 maxlen: 24
185.119.82.0/24 maxlen: 24
185.119.81.0/24 maxlen: 24
185.119.80.0/24 maxlen: 24
185.85.237.0/24 maxlen: 24
185.85.239.0/24 maxlen: 24
185.85.238.0/24 maxlen: 24
185.86.5.0/24 maxlen: 24
185.86.13.0/24 maxlen: 24
185.86.154.0/24 maxlen: 24
185.86.153.0/24 maxlen: 24
185.86.166.0/24 maxlen: 24
185.86.165.0/24 maxlen: 24
185.86.164.0/24 maxlen: 24
185.86.167.0/24 maxlen: 24
185.98.60.0/24 maxlen: 24
2a0b:6780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 201761717 (0xc06a3b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: May 6 14:06:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a5358604d572573544cf8194aaaa032424a2df0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:cc:f8:28:b4:23:10:35:da:72:b0:d0:df:dd:
40:45:db:d4:fa:07:e1:22:14:6e:f3:42:f8:ff:bc:
24:d2:79:d0:8b:90:8a:63:82:5b:41:05:aa:b9:6f:
da:9e:29:11:65:5c:13:a2:5e:c9:4b:eb:01:86:fc:
39:59:86:8b:f4:2b:fe:9f:a2:06:0c:c0:6c:bb:79:
0c:df:96:42:34:7a:a5:92:e6:25:63:79:12:eb:9f:
e8:b9:bb:7d:04:2e:38:7b:da:b7:f7:6e:5b:97:76:
53:24:95:39:fb:86:8d:81:d6:27:52:bd:05:30:99:
a3:07:b8:8b:09:a8:15:89:72:70:5c:b6:5d:73:c6:
c2:00:03:51:9b:05:ee:73:a3:d5:01:f7:20:e6:cd:
de:24:30:8c:2c:17:b2:25:7c:5b:60:39:cf:e2:69:
4d:44:bf:88:94:a0:18:27:52:16:58:15:c2:ae:f0:
92:d1:9b:26:dd:8d:ab:f7:bc:c2:38:97:61:71:42:
f3:f9:74:d9:50:57:e8:89:86:47:2e:83:a9:27:b9:
75:57:64:59:c4:4f:b9:2e:f4:cc:06:22:d9:da:c7:
2b:0e:bb:cd:e6:e7:87:e8:c4:78:6f:aa:57:73:5f:
51:77:59:63:b2:02:a6:02:65:09:bc:89:c1:67:3c:
22:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:53:58:60:4D:57:25:73:54:4C:F8:19:4A:AA:A0:32:42:4A:2D:F0
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/KlNYYE1XJXNUTPgZSqqgMkJKLfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.189.0-185.85.191.255
185.85.237.0-185.85.239.255
185.86.5.0/24
185.86.13.0/24
185.86.153.0-185.86.154.255
185.86.164.0/22
185.87.24.0/24
185.87.26.0/23
185.87.121.0-185.87.123.255
185.98.60.0/24
185.119.80.0/22
IPv6:
2a0b:6780::/29
Signature Algorithm: sha256WithRSAEncryption
73:a2:68:39:38:c6:31:52:58:e3:41:5f:94:bc:af:1b:cb:09:
2e:05:4c:94:b4:07:e0:69:5b:29:26:1f:ca:8e:6e:79:76:f7:
08:f8:4c:a9:a4:e9:b3:31:5c:68:38:08:ca:f4:11:39:18:d9:
cd:f1:a2:aa:a3:87:56:97:84:c1:47:67:bd:16:51:2a:d0:1f:
13:f1:e9:e7:10:ec:60:18:88:f3:c6:a4:21:0f:76:1d:d1:7e:
1d:c4:a8:53:7a:d8:6f:49:75:24:b9:ec:10:6f:c0:c9:30:7d:
da:80:80:0c:34:35:f4:3a:94:c3:d7:df:22:70:8e:fc:ff:40:
2d:eb:6e:5f:7e:73:ef:5f:b0:7b:6b:bd:71:f6:0c:bc:4a:52:
c8:9c:bc:08:59:dc:53:5d:06:6a:81:22:da:f4:e8:04:f4:eb:
8b:af:a7:7a:9d:f4:49:cf:94:29:93:43:44:55:7e:84:14:c0:
df:ba:26:d6:7a:87:3e:b7:11:7d:8c:2d:cb:d0:4e:25:90:31:
a4:45:35:8f:e8:2e:6a:72:d5:5a:30:0d:b0:78:08:77:10:04:
6d:44:bb:dc:ea:0e:40:0d:e2:60:35:9a:62:4b:a6:cd:da:79:
16:a6:b6:df:dd:fc:35:8c:4c:cd:e0:af:83:01:2f:6b:db:61:
11:89:5d:b5
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIEDAajtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjE2YzQxOTUxNTJlZmZlZGJmN2IzYWZlZTJhYTcyZTE5MDkwZTRkMB4XDTIyMDUw
NjE0MDYxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE1MzU4NjA0ZDU3
MjU3MzU0NGNmODE5NGFhYWEwMzI0MjRhMmRmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAODM+Ci0IxA12nKw0N/dQEXb1PoH4SIUbvNC+P+8JNJ50IuQ
imOCW0EFqrlv2p4pEWVcE6JeyUvrAYb8OVmGi/Qr/p+iBgzAbLt5DN+WQjR6pZLm
JWN5Euuf6Lm7fQQuOHvat/duW5d2UySVOfuGjYHWJ1K9BTCZowe4iwmoFYlycFy2
XXPGwgADUZsF7nOj1QH3IObN3iQwjCwXsiV8W2A5z+JpTUS/iJSgGCdSFlgVwq7w
ktGbJt2Nq/e8wjiXYXFC8/l02VBX6ImGRy6DqSe5dVdkWcRPuS70zAYi2drHKw67
zebnh+jEeG+qV3NfUXdZY7ICpgJlCbyJwWc8IgUCAwEAAaOCAnUwggJxMB0GA1Ud
DgQWBBQqU1hgTVclc1RM+BlKqqAyQkot8DAfBgNVHSMEGDAWgBTGFsQZUVLv/tv3
s6/uKqcuGQkOTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hoYkVHVkZTN183Yjk3T3Y3aXFuTGhrSkRrMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvYWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8x
L0tsTllZRTFYSlhOVVRQZ1pTcXFnTWtKS0xmQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
YWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8xL3hoYkVHVkZTN183
Yjk3T3Y3aXFuTGhrSkRrMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
igYIKwYBBQUHAQcBAf8EezB5MGgEAgABMGIwDAMEALlVvQMEBrlVgDAMAwQAuVXt
AwQEuVXgAwQAuVYFAwQAuVYNMAwDBAC5VpkDBAC5VpoDBAK5VqQDBAC5VxgDBAG5
VxowDAMEALlXeQMEArlXeAMEALliPAMEArl3UDANBAIAAjAHAwUDKgtngDANBgkq
hkiG9w0BAQsFAAOCAQEAc6JoOTjGMVJY40FflLyvG8sJLgVMlLQH4GlbKSYfyo5u
eXb3CPhMqaTpszFcaDgIyvQRORjZzfGiqqOHVpeEwUdnvRZRKtAfE/Hp5xDsYBiI
88akIQ92HdF+HcSoU3rYb0l1JLnsEG/AyTB92oCADDQ19DqUw9ffInCO/P9ALetu
X35z71+we2u9cfYMvEpSyJy8CFncU10GaoEi2vToBPTri6+nep30Sc+UKZNDRFV+
hBTA37om1nqHPrcRfYwty9BOJZAxpEU1j+guanLVWjANsHgIdxAEbUS73OoOQA3i
YDWaYkumzdp5Fqa23938NYxMzeCvgwEva9thEYldtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:24 2024 by rpki-client on console-ams.rpki-client.org