Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/KnyjqtmJccfB1pj_mbAJOQMKrQQ.roa
File: KnyjqtmJccfB1pj_mbAJOQMKrQQ.roa (raw, json)
Hash identifier: QSocNYIAyzxjpKr5TgRc9VY3GSENscau2ymCsLtxEGY=
Subject key identifier: 2A:7C:A3:AA:D9:89:71:C7:C1:D6:98:FF:99:B0:09:39:03:0A:AD:04
Certificate issuer: /CN=5c76eff26884bf006207d722b3b01a44d2b56199
Certificate serial: 018502370CBD5F413B891759C885609BB1DE
Authority key identifier: 5C:76:EF:F2:68:84:BF:00:62:07:D7:22:B3:B0:1A:44:D2:B5:61:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHbv8miEvwBiB9cis7AaRNK1YZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/KnyjqtmJccfB1pj_mbAJOQMKrQQ.roa
Signing time: Sun 11 Dec 2022 17:24:00 +0000
ROA not before: Sun 11 Dec 2022 17:24:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6799
IP address blocks: 185.174.56.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:02:37:0c:bd:5f:41:3b:89:17:59:c8:85:60:9b:b1:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c76eff26884bf006207d722b3b01a44d2b56199
Validity
Not Before: Dec 11 17:24:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a7ca3aad98971c7c1d698ff99b00939030aad04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2f:ba:17:d3:f2:f5:6a:88:b5:28:65:99:f9:
b3:7d:f9:28:2e:b9:aa:fe:6c:77:2a:b8:98:69:74:
a6:c7:4a:91:4a:ec:ee:2f:4e:d2:c6:c5:59:da:15:
78:50:a0:d2:a8:bb:4c:fa:48:fb:73:5f:73:c7:59:
1d:fb:f4:6c:63:93:0e:9a:72:f0:41:5d:f4:16:4c:
2d:4f:c5:b8:25:1a:f7:dc:15:cb:a8:18:1b:57:76:
b3:44:dc:39:98:f6:8d:eb:65:ac:a7:b8:e4:13:74:
69:f6:59:f0:c5:4f:84:85:28:24:7f:c2:76:b7:43:
3c:f9:7f:7b:4d:7e:0c:50:d8:9e:e6:fb:20:fd:75:
65:57:24:d3:f2:6e:c2:31:f8:55:39:b1:a8:f2:db:
aa:ed:4d:47:5c:75:a4:75:5b:2d:48:df:82:1c:0c:
22:ba:aa:c0:3b:6e:4d:d6:44:4f:6d:63:6d:c2:0d:
d1:cd:66:23:5c:c4:8a:c5:74:aa:85:12:ae:0d:63:
47:1f:e6:b3:0f:85:13:16:63:0e:d7:59:d4:f4:a2:
d9:82:b5:17:c2:ad:8e:b9:4a:20:c9:af:97:51:a6:
36:ef:e0:c5:02:26:c7:84:17:51:38:c5:0a:0c:a1:
60:85:44:4d:7e:e6:25:b3:48:c2:a5:84:29:99:93:
57:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7C:A3:AA:D9:89:71:C7:C1:D6:98:FF:99:B0:09:39:03:0A:AD:04
X509v3 Authority Key Identifier:
keyid:5C:76:EF:F2:68:84:BF:00:62:07:D7:22:B3:B0:1A:44:D2:B5:61:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHbv8miEvwBiB9cis7AaRNK1YZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/KnyjqtmJccfB1pj_mbAJOQMKrQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/862232-58d7-4c1d-b198-660411b9d167/1/XHbv8miEvwBiB9cis7AaRNK1YZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.56.0/24
Signature Algorithm: sha256WithRSAEncryption
00:62:3c:33:45:8d:54:18:9e:db:d6:4f:65:83:3c:b5:ca:da:
c6:35:00:9d:c3:a1:21:1b:e5:21:e0:76:71:55:a4:52:d7:f9:
57:cb:37:0d:5c:1e:b8:4d:45:79:4b:96:30:24:b4:c3:c5:f1:
0c:f0:32:69:66:d2:de:46:f5:c9:41:ca:95:e7:94:bb:a4:7f:
57:a8:0b:e0:6e:82:93:1c:67:5a:06:02:37:0a:35:93:20:3c:
d0:1b:f1:37:ba:20:26:8d:6d:cf:5d:a2:60:03:65:6f:bd:e9:
e4:dd:84:f5:df:97:20:9f:26:6d:53:83:03:d3:5a:09:8c:75:
d1:2c:a4:57:71:13:23:bc:cf:31:87:d8:78:ec:06:8b:72:cf:
15:84:e9:7c:68:0b:7a:4e:d6:31:2d:86:2f:98:d7:25:12:4b:
a7:25:93:c1:0e:a0:df:56:9c:28:dc:83:0e:15:e7:da:8a:61:
c4:59:13:de:73:12:bd:5e:c6:84:0a:8c:49:e9:62:ea:01:f6:
be:f8:43:9b:05:5f:45:e2:d0:b8:14:20:b3:c7:ca:16:48:c5:
a1:a3:30:be:b8:57:65:56:ad:35:f2:d4:09:26:c7:d4:8c:c0:
ad:bc:4c:a1:fe:c4:d9:dc:fa:a6:41:fd:80:54:a2:c2:21:92:
b4:a8:ca:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUCNwy9X0E7iRdZyIVgm7HeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzZlZmYyNjg4NGJmMDA2MjA3ZDcyMmIzYjAxYTQ0ZDJi
NTYxOTkwHhcNMjIxMjExMTcyNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdjYTNhYWQ5ODk3MWM3YzFkNjk4ZmY5OWIwMDkzOTAzMGFhZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS+6F9Py9WqItShlmfmzffkoLrmq
/mx3KriYaXSmx0qRSuzuL07SxsVZ2hV4UKDSqLtM+kj7c19zx1kd+/RsY5MOmnLw
QV30FkwtT8W4JRr33BXLqBgbV3azRNw5mPaN62Wsp7jkE3Rp9lnwxU+EhSgkf8J2
t0M8+X97TX4MUNie5vsg/XVlVyTT8m7CMfhVObGo8tuq7U1HXHWkdVstSN+CHAwi
uqrAO25N1kRPbWNtwg3RzWYjXMSKxXSqhRKuDWNHH+azD4UTFmMO11nU9KLZgrUX
wq2OuUogya+XUaY27+DFAibHhBdROMUKDKFghURNfuYls0jCpYQpmZNXCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCp8o6rZiXHHwdaY/5mwCTkDCq0EMB8GA1UdIwQY
MBaAFFx27/JohL8AYgfXIrOwGkTStWGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhidjhtaUV2d0JpQjljaXM3QWFSTksxWVprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84NjIyMzItNThkNy00YzFkLWIxOTgt
NjYwNDExYjlkMTY3LzEvS255anF0bUpjY2ZCMXBqX21iQUpPUU1LclFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84NjIyMzItNThkNy00YzFkLWIxOTgtNjYwNDExYjlkMTY3
LzEvWEhidjhtaUV2d0JpQjljaXM3QWFSTksxWVprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua44MA0G
CSqGSIb3DQEBCwUAA4IBAQAAYjwzRY1UGJ7b1k9lgzy1ytrGNQCdw6EhG+Uh4HZx
VaRS1/lXyzcNXB64TUV5S5YwJLTDxfEM8DJpZtLeRvXJQcqV55S7pH9XqAvgboKT
HGdaBgI3CjWTIDzQG/E3uiAmjW3PXaJgA2Vvvenk3YT135cgnyZtU4MD01oJjHXR
LKRXcRMjvM8xh9h47AaLcs8VhOl8aAt6TtYxLYYvmNclEkunJZPBDqDfVpwo3IMO
FefaimHEWRPecxK9XsaECoxJ6WLqAfa++EObBV9F4tC4FCCzx8oWSMWhozC+uFdl
Vq018tQJJsfUjMCtvEyh/sTZ3PqmQf2AVKLCIZK0qMoj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:42 2024 by rpki-client on console-ams.rpki-client.org