Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/KIBi6lnZ7qx210G2CkhLdz92NQ0.roa
File: KIBi6lnZ7qx210G2CkhLdz92NQ0.roa (raw, json)
Hash identifier: wNSE0lULTli/lZt7xHRM4wOhHY2mOboRQ4IrLjqJUZQ=
Subject key identifier: 28:80:62:EA:59:D9:EE:AC:76:D7:41:B6:0A:48:4B:77:3F:76:35:0D
Certificate issuer: /CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Certificate serial: 037D8F1F
Authority key identifier: AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/KIBi6lnZ7qx210G2CkhLdz92NQ0.roa
Signing time: Sat 01 Jan 2022 04:03:55 +0000
ROA not before: Sat 01 Jan 2022 04:03:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42010
IP address blocks: 185.136.72.0/22 maxlen: 24
5.175.56.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58560287 (0x37d8f1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Validity
Not Before: Jan 1 04:03:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=288062ea59d9eeac76d741b60a484b773f76350d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:86:ad:f2:39:96:67:62:fe:c6:4b:90:88:bb:
eb:c6:d0:c0:af:f6:2d:9f:af:ea:97:bc:ed:8b:24:
46:28:77:84:5b:f4:1f:17:16:b5:40:8b:70:51:18:
4a:75:e7:8d:63:5e:4a:51:69:9c:9a:1e:48:93:b1:
3b:ac:37:f3:b4:f3:f6:b2:75:a8:a5:d3:4d:64:9a:
4a:84:59:98:b8:96:99:43:36:43:91:c4:0c:78:48:
6a:51:2b:a0:66:a0:4b:3a:37:ec:a5:d0:33:3b:af:
90:83:4d:8a:3d:db:b6:18:7c:49:9d:86:55:31:b8:
b3:c9:e3:c8:1f:e5:0d:fa:2b:e0:90:a3:73:8c:a0:
36:22:7b:65:fe:82:01:89:eb:47:1c:78:4d:7c:7e:
07:13:2b:68:72:7e:7a:64:e2:43:07:a7:91:c9:08:
2c:bb:c0:2d:c7:46:17:06:1e:0a:39:ca:00:04:f7:
46:15:1a:f3:c5:68:d7:19:cb:8d:8b:c7:1b:eb:4e:
c7:08:25:6f:a5:b2:16:7a:04:8d:38:6a:40:39:41:
42:e3:26:79:34:83:d6:90:61:1b:31:77:c7:df:3d:
15:4b:fc:20:9e:b1:60:6d:22:4b:d1:29:43:16:f7:
63:fc:f2:6f:1a:76:30:b5:05:9d:de:2e:89:3a:50:
67:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:80:62:EA:59:D9:EE:AC:76:D7:41:B6:0A:48:4B:77:3F:76:35:0D
X509v3 Authority Key Identifier:
keyid:AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/KIBi6lnZ7qx210G2CkhLdz92NQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/qlTEdj6gGMPccCA9BO_nH9SxsGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.56.0/21
185.136.72.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:ff:99:ee:63:af:58:78:f2:b0:7c:2d:4d:d7:53:ba:90:35:
84:59:84:5e:49:3b:8b:89:d5:13:fa:ed:4b:4c:f0:ef:f7:41:
33:f3:f1:a5:da:33:05:55:2e:f2:7d:a6:3f:96:3b:60:74:d0:
e6:2b:53:36:0f:dc:79:61:4c:6a:e6:b9:a9:08:31:69:14:17:
56:6c:1d:1b:fa:cf:f8:07:ba:56:41:eb:5f:91:f8:9b:19:9b:
37:43:a3:34:3e:98:4a:3f:7b:96:f0:5f:2c:52:02:92:be:af:
53:97:4b:c6:2c:14:ad:b8:39:5d:84:e2:fc:7a:78:f7:83:0c:
3c:d8:42:f4:a3:94:bd:d7:af:7b:2d:f6:a4:c4:1a:b5:16:21:
5e:47:83:43:08:79:75:4f:91:a4:d0:6b:88:a1:35:bd:38:80:
06:ae:ba:42:41:a2:f3:04:54:ad:93:5f:8a:b8:54:79:55:a9:
c7:23:af:05:31:25:d8:34:bc:01:3c:27:c0:dd:6b:de:b6:8c:
c0:70:01:2a:02:9b:9f:03:f3:39:9e:54:a9:76:74:cc:29:91:
52:c5:ae:b3:d2:41:76:93:ce:34:a3:83:1e:9d:68:f5:4c:50:
60:d1:1a:02:9a:03:8d:fc:d1:e8:68:76:08:bc:57:e2:2f:54:
c1:39:34:14
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA32PHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTU0YzQ3NjNlYTAxOGMzZGM3MDIwM2QwNGVmZTcxZmQ0YjFiMDY2MB4XDTIyMDEw
MTA0MDM1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjg4MDYyZWE1OWQ5
ZWVhYzc2ZDc0MWI2MGE0ODRiNzczZjc2MzUwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSGrfI5lmdi/sZLkIi768bQwK/2LZ+v6pe87YskRih3hFv0
HxcWtUCLcFEYSnXnjWNeSlFpnJoeSJOxO6w387Tz9rJ1qKXTTWSaSoRZmLiWmUM2
Q5HEDHhIalEroGagSzo37KXQMzuvkINNij3bthh8SZ2GVTG4s8njyB/lDfor4JCj
c4ygNiJ7Zf6CAYnrRxx4TXx+BxMraHJ+emTiQwenkckILLvALcdGFwYeCjnKAAT3
RhUa88Vo1xnLjYvHG+tOxwglb6WyFnoEjThqQDlBQuMmeTSD1pBhGzF3x989FUv8
IJ6xYG0iS9EpQxb3Y/zybxp2MLUFnd4uiTpQZxsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQogGLqWdnurHbXQbYKSEt3P3Y1DTAfBgNVHSMEGDAWgBSqVMR2PqAYw9xw
ID0E7+cf1LGwZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FsVEVkajZnR01QY2NDQTlCT19uSDlTeHNHWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYTIxYzllLTg3ZjEtNDk4My04Mzk0LWRlMzc2NzNjNDA5Yy8x
L0tJQmk2bG5aN3F4MjEwRzJDa2hMZHo5Mk5RMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YTIxYzllLTg3ZjEtNDk4My04Mzk0LWRlMzc2NzNjNDA5Yy8xL3FsVEVkajZnR01Q
Y2NDQTlCT19uSDlTeHNHWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAwWvOAMEArmISDANBgkqhkiG9w0B
AQsFAAOCAQEAm/+Z7mOvWHjysHwtTddTupA1hFmEXkk7i4nVE/rtS0zw7/dBM/Px
pdozBVUu8n2mP5Y7YHTQ5itTNg/ceWFMaua5qQgxaRQXVmwdG/rP+Ae6VkHrX5H4
mxmbN0OjND6YSj97lvBfLFICkr6vU5dLxiwUrbg5XYTi/Hp494MMPNhC9KOUvdev
ey32pMQatRYhXkeDQwh5dU+RpNBriKE1vTiABq66QkGi8wRUrZNfirhUeVWpxyOv
BTEl2DS8ATwnwN1r3raMwHABKgKbnwPzOZ5UqXZ0zCmRUsWus9JBdpPONKODHp1o
9UxQYNEaApoDjfzR6Gh2CLxX4i9UwTk0FA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:56 2024 by rpki-client on console-fra.rpki-client.org