Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/KNUV2ESpLE3ZBZLH4WIO8u-Y3G8.roa
File: KNUV2ESpLE3ZBZLH4WIO8u-Y3G8.roa (raw, json)
Hash identifier: D89KuE+9gylyXfdW9RKAubqOsAYyfSyDy4PQfAIu4DA=
Subject key identifier: 28:D5:15:D8:44:A9:2C:4D:D9:05:92:C7:E1:62:0E:F2:EF:98:DC:6F
Certificate issuer: /CN=8f368feb9e553bdd131562584a3353b1d7555c50
Certificate serial: 018466C2F2375C595FEB34271E1C7615D310
Authority key identifier: 8F:36:8F:EB:9E:55:3B:DD:13:15:62:58:4A:33:53:B1:D7:55:5C:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzaP655VO90TFWJYSjNTsddVXFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/KNUV2ESpLE3ZBZLH4WIO8u-Y3G8.roa
Signing time: Fri 11 Nov 2022 12:56:02 +0000
ROA not before: Fri 11 Nov 2022 12:56:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201565
IP address blocks: 185.91.148.0/23 maxlen: 23
185.91.150.0/23 maxlen: 23
94.176.185.0/24 maxlen: 24
94.176.184.0/24 maxlen: 24
185.59.96.0/22 maxlen: 22
89.35.206.0/24 maxlen: 24
89.35.206.0/23 maxlen: 24
89.35.207.0/24 maxlen: 24
185.11.232.0/22 maxlen: 22
2a03:7e40:5000::/36 maxlen: 36
2a03:7e40:4000::/36 maxlen: 36
2a03:7e40:2000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:66:c2:f2:37:5c:59:5f:eb:34:27:1e:1c:76:15:d3:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f368feb9e553bdd131562584a3353b1d7555c50
Validity
Not Before: Nov 11 12:56:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28d515d844a92c4dd90592c7e1620ef2ef98dc6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1e:5c:69:68:82:0e:08:8a:1f:e1:38:26:3a:
e0:a1:f8:39:55:15:3d:bb:db:15:ba:37:3c:21:7f:
3e:2c:ac:57:af:b9:1a:be:0a:45:1c:e0:33:5d:3e:
e9:eb:28:62:15:07:95:22:c9:02:ca:ef:26:e5:d5:
54:08:8a:f2:d4:74:17:18:3c:cc:27:ef:64:7c:85:
d8:26:d6:81:20:67:7b:71:b6:77:59:98:48:26:32:
37:07:63:d8:56:09:c6:32:88:86:44:6e:84:6a:01:
28:9a:e7:48:29:25:2c:51:8f:05:da:5e:f9:b4:ba:
95:e0:77:0d:5b:8e:9a:f7:4d:a1:a1:39:1b:eb:c7:
b0:6d:65:12:df:43:ed:d5:15:6f:e4:d4:d9:e4:ac:
4e:13:50:f7:03:28:3c:fc:13:8d:27:a1:f6:fe:b9:
0b:70:d0:8a:3a:fc:aa:11:6a:6d:69:50:1b:cf:7f:
de:07:88:6c:57:20:4e:36:e7:72:7d:ce:5b:bb:79:
0a:29:8f:83:f5:dc:f5:dd:b5:21:04:ce:6d:00:e6:
f9:46:e4:dd:c3:50:cf:9b:2c:73:14:96:06:b4:01:
b8:f6:50:87:d6:8a:8d:2e:54:e2:84:38:f9:fe:13:
89:c3:fb:c7:01:e9:f5:79:09:76:59:ee:f5:5c:cb:
74:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D5:15:D8:44:A9:2C:4D:D9:05:92:C7:E1:62:0E:F2:EF:98:DC:6F
X509v3 Authority Key Identifier:
keyid:8F:36:8F:EB:9E:55:3B:DD:13:15:62:58:4A:33:53:B1:D7:55:5C:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzaP655VO90TFWJYSjNTsddVXFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/KNUV2ESpLE3ZBZLH4WIO8u-Y3G8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/jzaP655VO90TFWJYSjNTsddVXFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.206.0/23
94.176.184.0/23
185.11.232.0/22
185.59.96.0/22
185.91.148.0/22
IPv6:
2a03:7e40:2000::/36
2a03:7e40:4000::/35
Signature Algorithm: sha256WithRSAEncryption
ac:99:f7:6d:57:94:54:61:35:02:f2:29:90:0c:d7:34:a8:72:
10:c1:ad:c4:37:82:1a:9c:46:cb:f1:24:03:09:c4:34:2c:14:
86:58:f0:00:ea:fb:8f:1b:52:92:08:eb:9e:c1:96:bf:1f:dc:
1d:5a:06:85:72:86:eb:35:98:c9:a6:22:59:6b:4d:0b:d0:a7:
18:b2:63:42:a9:2d:99:1f:28:b9:2d:ea:3b:48:63:69:22:60:
4c:60:f1:fe:a0:5f:54:de:c0:e7:b2:af:e0:15:67:0d:09:c0:
5b:42:c3:5c:28:dd:ac:5d:90:49:67:d2:e6:b0:32:43:aa:41:
61:a6:cb:ef:bf:28:18:11:b1:a5:b6:8f:f9:f3:ae:25:c1:53:
7c:7d:54:a6:1f:f8:1d:7b:da:ef:87:a3:6e:3d:89:ba:0f:11:
2f:f5:1d:e4:ff:d3:ec:68:77:bb:ef:5a:c1:a4:1f:97:a4:95:
2f:88:68:cf:8f:89:d9:33:d9:c6:c4:66:8a:e2:1f:64:27:32:
35:90:b6:ce:39:24:7c:d7:ac:56:a2:40:78:93:dd:91:68:2b:
07:83:3d:45:49:e7:28:e6:db:2b:37:31:22:92:c2:6f:2f:58:
1b:0a:b3:db:61:cb:cc:a5:0a:6b:86:44:45:25:e5:47:09:86:
ea:93:7c:4d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYRmwvI3XFlf6zQnHhx2FdMQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzY4ZmViOWU1NTNiZGQxMzE1NjI1ODRhMzM1M2IxZDc1
NTVjNTAwHhcNMjIxMTExMTI1NjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQ1MTVkODQ0YTkyYzRkZDkwNTkyYzdlMTYyMGVmMmVmOThkYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR5caWiCDgiKH+E4Jjrgofg5VRU9
u9sVujc8IX8+LKxXr7kavgpFHOAzXT7p6yhiFQeVIskCyu8m5dVUCIry1HQXGDzM
J+9kfIXYJtaBIGd7cbZ3WZhIJjI3B2PYVgnGMoiGRG6EagEomudIKSUsUY8F2l75
tLqV4HcNW46a902hoTkb68ewbWUS30Pt1RVv5NTZ5KxOE1D3Ayg8/BONJ6H2/rkL
cNCKOvyqEWptaVAbz3/eB4hsVyBONudyfc5bu3kKKY+D9dz13bUhBM5tAOb5RuTd
w1DPmyxzFJYGtAG49lCH1oqNLlTihDj5/hOJw/vHAen1eQl2We71XMt0ZQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCjVFdhEqSxN2QWSx+FiDvLvmNxvMB8GA1UdIwQY
MBaAFI82j+ueVTvdExViWEozU7HXVVxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanphUDY1NVZPOTBURldKWVNqTlRzZGRWWEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8wNTQ3Y2ItYzVkYy00ZTJmLWFmZjct
M2VjYTdkZjJhZTU3LzEvS05VVjJFU3BMRTNaQlpMSDRXSU84dS1ZM0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8wNTQ3Y2ItYzVkYy00ZTJmLWFmZjctM2VjYTdkZjJhZTU3
LzEvanphUDY1NVZPOTBURldKWVNqTlRzZGRWWEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQBWSPOAwQB
XrC4AwQCuQvoAwQCuTtgAwQCuVuUMBYEAgACMBADBgQqA35AIAMGBSoDfkBAMA0G
CSqGSIb3DQEBCwUAA4IBAQCsmfdtV5RUYTUC8imQDNc0qHIQwa3EN4IanEbL8SQD
CcQ0LBSGWPAA6vuPG1KSCOuewZa/H9wdWgaFcobrNZjJpiJZa00L0KcYsmNCqS2Z
Hyi5Leo7SGNpImBMYPH+oF9U3sDnsq/gFWcNCcBbQsNcKN2sXZBJZ9LmsDJDqkFh
psvvvygYEbGlto/5864lwVN8fVSmH/gde9rvh6NuPYm6DxEv9R3k/9PsaHe771rB
pB+XpJUviGjPj4nZM9nGxGaK4h9kJzI1kLbOOSR816xWokB4k92RaCsHgz1FSeco
5tsrNzEiksJvL1gbCrPbYcvMpQprhkRFJeVHCYbqk3xN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:51 2024 by rpki-client on console-fra.rpki-client.org