Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/KFGwErwik7tB7Z9fCJ9KRKn_vqU.roa
File: KFGwErwik7tB7Z9fCJ9KRKn_vqU.roa (raw, json)
Hash identifier: 3GVCmC63M+jgZULeHDceYaHLucnq2S/r8JZNsV1bJ/4=
Subject key identifier: 28:51:B0:12:BC:22:93:BB:41:ED:9F:5F:08:9F:4A:44:A9:FF:BE:A5
Certificate issuer: /CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
Certificate serial: 0183EBCC343FD71C17D49FF932D154091F42
Authority key identifier: 6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/KFGwErwik7tB7Z9fCJ9KRKn_vqU.roa
Signing time: Tue 18 Oct 2022 15:52:51 +0000
ROA not before: Tue 18 Oct 2022 15:52:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64476
IP address blocks: 185.253.169.0/24 maxlen: 26
185.253.170.0/24 maxlen: 24
185.253.168.0/22 maxlen: 22
185.253.168.0/24 maxlen: 24
185.253.171.0/24 maxlen: 24
85.190.64.0/20 maxlen: 20
85.190.67.0/24 maxlen: 24
46.247.138.0/23 maxlen: 23
46.247.136.0/23 maxlen: 23
185.161.168.0/22 maxlen: 22
46.247.140.0/24 maxlen: 24
185.231.8.0/22 maxlen: 24
85.190.79.0/24 maxlen: 24
85.190.80.0/22 maxlen: 22
85.190.81.0/24 maxlen: 24
85.190.84.0/24 maxlen: 24
85.190.85.0/24 maxlen: 24
85.190.84.0/22 maxlen: 22
85.190.88.0/21 maxlen: 22
87.121.208.0/21 maxlen: 21
2a0a:e800::/32 maxlen: 32
2a0a:e806::/32 maxlen: 32
2a0a:e805:710::/44 maxlen: 44
2a0a:e805:210::/44 maxlen: 44
2a0a:e805:610::/44 maxlen: 44
2a0a:e804::/32 maxlen: 32
2a0a:e805:500::/40 maxlen: 40
2a0a:e805:100::/40 maxlen: 40
2a0a:e805:400::/40 maxlen: 40
2a0a:e805:300::/40 maxlen: 40
2a0a:e805::/32 maxlen: 32
2a0a:e803::/32 maxlen: 32
2a0a:e807::/32 maxlen: 32
2a0a:e801::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:eb:cc:34:3f:d7:1c:17:d4:9f:f9:32:d1:54:09:1f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
Validity
Not Before: Oct 18 15:52:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2851b012bc2293bb41ed9f5f089f4a44a9ffbea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:29:72:c2:c7:c8:6a:55:40:9d:7e:b1:7d:d2:
0c:a5:01:a1:2b:d2:37:50:54:fe:a6:bd:b8:93:d1:
a3:0a:7e:b9:2b:17:a2:e9:6f:b3:5f:bb:91:a6:df:
28:a6:16:78:5a:e3:3e:ec:a4:38:1b:75:93:70:01:
3f:31:98:1f:52:4d:62:9d:a1:65:ce:00:31:82:2b:
28:e8:07:f8:61:46:e8:33:9f:83:b4:93:29:3d:f8:
3d:c7:89:aa:d8:d4:72:fa:ec:cd:21:db:46:88:50:
23:62:01:c4:c2:4a:29:d9:f3:a6:7c:95:33:29:f9:
e7:3b:4d:b2:85:bf:18:95:5e:75:c5:96:74:84:e0:
db:7b:4d:e7:11:2c:0f:05:e1:bd:4c:a4:62:7c:7e:
d8:fc:b4:13:f5:00:6b:9f:46:bd:70:c4:82:87:26:
58:33:06:78:61:45:12:5f:67:95:f6:5b:51:05:ba:
35:bb:1c:aa:c5:1c:93:fe:17:59:df:43:e8:6e:8e:
51:1a:47:71:5f:8a:7f:8d:8d:09:80:46:38:a0:43:
55:9a:0b:bb:12:5a:4b:88:c9:71:c8:a4:d0:6f:9b:
52:c7:bf:cd:5f:d0:d0:06:70:75:57:99:e3:08:ea:
3e:d8:56:ed:d9:0b:39:ae:81:0c:29:e8:c9:44:0e:
19:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:51:B0:12:BC:22:93:BB:41:ED:9F:5F:08:9F:4A:44:A9:FF:BE:A5
X509v3 Authority Key Identifier:
keyid:6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/KFGwErwik7tB7Z9fCJ9KRKn_vqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/bxDY4VZOQDEsnd8huiqgO6VZ6tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.136.0-46.247.140.255
85.190.64.0/19
87.121.208.0/21
185.161.168.0/22
185.231.8.0/22
185.253.168.0/22
IPv6:
2a0a:e800::/31
2a0a:e803::-2a0a:e807:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5e:0e:40:14:80:c1:1b:e9:6a:71:bd:58:59:1d:a6:dc:3e:89:
31:4c:fd:40:b5:cb:af:1d:7b:07:0f:65:ae:b4:87:4b:14:73:
42:9e:af:45:cc:7d:f9:8d:c3:94:5e:0a:ad:8d:1d:8c:d2:82:
78:79:c5:5d:5d:37:d8:29:16:c2:e6:d7:fc:d1:ec:40:60:8e:
7b:59:1f:b3:4e:c1:71:41:55:b3:1f:a6:0e:be:55:5e:98:4d:
96:72:4e:0a:b0:85:3b:1f:bd:28:70:37:af:6f:a8:99:11:d8:
fc:5d:f8:fe:fc:54:06:04:bf:90:f8:01:3b:2c:d4:96:c7:00:
ac:72:b3:7d:4c:95:03:ae:6a:59:e1:35:3f:c4:2e:08:8f:ae:
90:3a:48:a8:70:b1:5c:72:5a:d7:9d:13:fc:13:c5:34:ac:70:
d6:f4:22:89:2f:6f:05:df:eb:4b:24:7d:e4:c6:5e:3f:bf:eb:
e4:d5:d5:12:74:17:4e:16:03:17:f1:69:00:4c:57:85:b0:2b:
5c:94:ac:0c:13:66:76:12:71:8f:31:9f:7e:11:3f:de:12:c8:
10:0b:07:61:25:41:5d:42:bc:bb:e8:a4:52:f8:51:6d:0d:bc:
80:40:13:f6:03:6f:44:e0:d4:e4:62:0b:fd:5b:36:14:ea:25:
df:75:ae:cd
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYPrzDQ/1xwX1J/5MtFUCR9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTBkOGUxNTY0ZTQwMzEyYzlkZGYyMWJhMmFhMDNiYTU1
OWVhZDYwHhcNMjIxMDE4MTU1MjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODUxYjAxMmJjMjI5M2JiNDFlZDlmNWYwODlmNGE0NGE5ZmZiZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSlywsfIalVAnX6xfdIMpQGhK9I3
UFT+pr24k9GjCn65Kxei6W+zX7uRpt8ophZ4WuM+7KQ4G3WTcAE/MZgfUk1inaFl
zgAxgiso6Af4YUboM5+DtJMpPfg9x4mq2NRy+uzNIdtGiFAjYgHEwkop2fOmfJUz
KfnnO02yhb8YlV51xZZ0hODbe03nESwPBeG9TKRifH7Y/LQT9QBrn0a9cMSChyZY
MwZ4YUUSX2eV9ltRBbo1uxyqxRyT/hdZ30Pobo5RGkdxX4p/jY0JgEY4oENVmgu7
ElpLiMlxyKTQb5tSx7/NX9DQBnB1V5njCOo+2Fbt2Qs5roEMKejJRA4ZOwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFChRsBK8IpO7Qe2fXwifSkSp/76lMB8GA1UdIwQY
MBaAFG8Q2OFWTkAxLJ3fIboqoDulWerWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYt
YjZhOGY4ZTgwZjdiLzEvS0ZHd0Vyd2lrN3RCN1o5ZkNKOUtSS25fdnFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYtYjZhOGY4ZTgwZjdi
LzEvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAyBAIAATAsMAwDBAMu94gD
BAAu94wDBAVVvkADBANXedADBAK5oagDBAK55wgDBAK5/agwHQQCAAIwFwMFASoK
6AAwDgMFACoK6AMDBQMqCugAMA0GCSqGSIb3DQEBCwUAA4IBAQBeDkAUgMEb6Wpx
vVhZHabcPokxTP1AtcuvHXsHD2WutIdLFHNCnq9FzH35jcOUXgqtjR2M0oJ4ecVd
XTfYKRbC5tf80exAYI57WR+zTsFxQVWzH6YOvlVemE2Wck4KsIU7H70ocDevb6iZ
Edj8Xfj+/FQGBL+Q+AE7LNSWxwCscrN9TJUDrmpZ4TU/xC4Ij66QOkiocLFcclrX
nRP8E8U0rHDW9CKJL28F3+tLJH3kxl4/v+vk1dUSdBdOFgMX8WkATFeFsCtclKwM
E2Z2EnGPMZ9+ET/eEsgQCwdhJUFdQry76KRS+FFtDbyAQBP2A29E4NTkYgv9WzYU
6iXfda7N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:06 2024 by rpki-client on console-fra.rpki-client.org