Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/KAFHgI0i9T80ZiFzm7nlHZj9WQ8.roa
File: KAFHgI0i9T80ZiFzm7nlHZj9WQ8.roa (raw, json)
Hash identifier: UJi8043zeSR7Iw5h2FleixoyfwUJPuIAHK9D3zV+fgE=
Subject key identifier: 28:01:47:80:8D:22:F5:3F:34:66:21:73:9B:B9:E5:1D:98:FD:59:0F
Certificate issuer: /CN=bd972d44276ea4102ef6aed30f2ae58e99b3e751
Certificate serial: 13A52ECC
Authority key identifier: BD:97:2D:44:27:6E:A4:10:2E:F6:AE:D3:0F:2A:E5:8E:99:B3:E7:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vZctRCdupBAu9q7TDyrljpmz51E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/KAFHgI0i9T80ZiFzm7nlHZj9WQ8.roa
Signing time: Wed 02 Mar 2022 14:55:46 +0000
ROA not before: Wed 02 Mar 2022 14:55:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200852
IP address blocks: 185.93.199.0/24 maxlen: 24
185.93.196.0/22 maxlen: 22
185.93.196.0/23 maxlen: 23
185.93.196.0/24 maxlen: 24
185.93.197.0/24 maxlen: 24
185.93.198.0/23 maxlen: 23
185.93.198.0/24 maxlen: 24
2a02:ea00::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 329592524 (0x13a52ecc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd972d44276ea4102ef6aed30f2ae58e99b3e751
Validity
Not Before: Mar 2 14:55:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=280147808d22f53f346621739bb9e51d98fd590f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:15:d8:91:5d:dd:64:33:09:d8:01:f7:b4:59:
3a:43:fd:75:4e:4b:5d:89:8a:92:37:c5:cc:6d:71:
a3:d4:73:ee:ad:11:63:1f:02:6a:cf:77:fd:27:1e:
3d:f1:c5:d9:cd:98:0b:36:51:b1:5f:7e:10:74:25:
94:4c:b3:3f:ef:22:6e:5e:68:e2:47:aa:e3:3a:e2:
e8:85:83:cd:2b:8f:b6:a0:ac:4e:13:ce:98:30:32:
ff:9a:3f:6d:14:90:fc:62:47:2f:ce:4d:92:62:20:
bd:bd:65:cf:b6:83:ab:e9:02:04:0a:32:69:39:ab:
71:1d:86:6d:e2:7d:b5:07:4f:06:a9:21:d2:cb:2e:
a3:d2:7d:3f:b5:31:fe:3e:11:0e:59:b0:3d:ef:44:
c5:7d:76:5e:6e:85:dd:ac:68:16:01:d1:da:65:92:
96:07:d7:ce:a2:80:73:1f:ba:00:14:7d:71:37:fc:
7d:2d:10:e1:10:fb:06:96:34:10:26:a5:78:73:76:
3a:fa:84:59:df:1a:7d:6a:be:a3:3e:9c:9c:77:0a:
ad:68:16:1a:77:07:78:3e:fa:c3:23:a8:9a:46:4b:
a5:17:c1:65:c6:d0:89:93:60:87:f1:18:54:f9:83:
f5:ee:8b:6f:e2:c7:15:0c:f6:82:c1:66:76:41:36:
3f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:01:47:80:8D:22:F5:3F:34:66:21:73:9B:B9:E5:1D:98:FD:59:0F
X509v3 Authority Key Identifier:
keyid:BD:97:2D:44:27:6E:A4:10:2E:F6:AE:D3:0F:2A:E5:8E:99:B3:E7:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vZctRCdupBAu9q7TDyrljpmz51E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/KAFHgI0i9T80ZiFzm7nlHZj9WQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/vZctRCdupBAu9q7TDyrljpmz51E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.196.0/22
IPv6:
2a02:ea00::/29
Signature Algorithm: sha256WithRSAEncryption
54:73:90:15:bb:5b:0b:08:d2:71:56:17:d3:e3:13:a8:db:4c:
89:b6:68:34:5c:b4:4c:04:88:be:1d:58:1b:cd:01:db:bd:93:
58:bc:e5:8c:07:64:6f:c1:60:e5:1a:87:98:ae:00:19:a6:f3:
b7:23:e1:da:da:59:72:9d:e3:a3:7e:ba:e5:5f:ce:be:c1:1d:
f4:65:14:3d:2b:07:24:59:2a:26:71:34:bc:fc:04:e5:d9:50:
16:12:a8:13:8e:23:92:4a:4c:f5:94:12:e6:2b:e2:48:02:39:
b9:4d:d9:e1:5c:fc:6e:d8:0c:63:d5:55:8f:fe:cf:b5:56:7c:
8c:6d:9a:3f:18:57:f9:cb:5d:1c:bc:c2:40:a9:d7:9b:59:95:
b2:60:a4:8a:5e:c7:3c:11:25:9b:c0:e5:43:06:b7:e6:c6:17:
26:b2:14:ae:03:bd:b6:25:41:b0:dc:a0:35:f9:7f:12:53:f7:
8f:e7:bf:25:0d:f6:67:df:bb:61:47:31:36:69:d1:45:4d:df:
ef:86:5f:e7:37:45:bd:7f:b6:76:6c:03:8e:3e:a4:de:dd:db:
52:0a:a7:43:96:57:31:65:00:59:c5:6e:82:81:f4:b1:31:a0:
57:1b:c1:11:3b:72:98:5c:00:70:66:cd:26:b4:98:c6:e1:65:
16:c0:47:d0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEE6UuzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZDk3MmQ0NDI3NmVhNDEwMmVmNmFlZDMwZjJhZTU4ZTk5YjNlNzUxMB4XDTIyMDMw
MjE0NTU0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjgwMTQ3ODA4ZDIy
ZjUzZjM0NjYyMTczOWJiOWU1MWQ5OGZkNTkwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMIV2JFd3WQzCdgB97RZOkP9dU5LXYmKkjfFzG1xo9Rz7q0R
Yx8Cas93/ScePfHF2c2YCzZRsV9+EHQllEyzP+8ibl5o4keq4zri6IWDzSuPtqCs
ThPOmDAy/5o/bRSQ/GJHL85NkmIgvb1lz7aDq+kCBAoyaTmrcR2GbeJ9tQdPBqkh
0ssuo9J9P7Ux/j4RDlmwPe9ExX12Xm6F3axoFgHR2mWSlgfXzqKAcx+6ABR9cTf8
fS0Q4RD7BpY0ECaleHN2OvqEWd8afWq+oz6cnHcKrWgWGncHeD76wyOomkZLpRfB
ZcbQiZNgh/EYVPmD9e6Lb+LHFQz2gsFmdkE2P6MCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQoAUeAjSL1PzRmIXObueUdmP1ZDzAfBgNVHSMEGDAWgBS9ly1EJ26kEC72
rtMPKuWOmbPnUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZaY3RSQ2R1cEJBdTlxN1REeXJsanBtejUxRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvNDE5ZDFiLTU4YjAtNDQ4My05MmQyLTg2YzFlZTJhOWViYS8x
L0tBRkhnSTBpOVQ4MFppRnptN25sSFpqOVdROC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
NDE5ZDFiLTU4YjAtNDQ4My05MmQyLTg2YzFlZTJhOWViYS8xL3ZaY3RSQ2R1cEJB
dTlxN1REeXJsanBtejUxRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArldxDANBAIAAjAHAwUDKgLqADAN
BgkqhkiG9w0BAQsFAAOCAQEAVHOQFbtbCwjScVYX0+MTqNtMibZoNFy0TASIvh1Y
G80B272TWLzljAdkb8Fg5RqHmK4AGabztyPh2tpZcp3jo3665V/OvsEd9GUUPSsH
JFkqJnE0vPwE5dlQFhKoE44jkkpM9ZQS5iviSAI5uU3Z4Vz8btgMY9VVj/7PtVZ8
jG2aPxhX+ctdHLzCQKnXm1mVsmCkil7HPBElm8DlQwa35sYXJrIUrgO9tiVBsNyg
Nfl/ElP3j+e/JQ32Z9+7YUcxNmnRRU3f74Zf5zdFvX+2dmwDjj6k3t3bUgqnQ5ZX
MWUAWcVugoH0sTGgVxvBETtymFwAcGbNJrSYxuFlFsBH0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:11 2024 by rpki-client on console-fra.rpki-client.org