Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/KkW1BQpI90E_wqQbdf4j-3h96T8.roa
File: KkW1BQpI90E_wqQbdf4j-3h96T8.roa (raw, json)
Hash identifier: b84796C/2dVHbABnQMynktCuDVvHyIM3QBLrblNoCv0=
Subject key identifier: 2A:45:B5:05:0A:48:F7:41:3F:C2:A4:1B:75:FE:23:FB:78:7D:E9:3F
Certificate issuer: /CN=d3860a9b36585fb8aa051fc37fcc6a0773990cbf
Certificate serial: 0182FE3020CC020CFA024C1E7370D8A6E730
Authority key identifier: D3:86:0A:9B:36:58:5F:B8:AA:05:1F:C3:7F:CC:6A:07:73:99:0C:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04YKmzZYX7iqBR_Df8xqB3OZDL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/KkW1BQpI90E_wqQbdf4j-3h96T8.roa
Signing time: Fri 02 Sep 2022 12:32:22 +0000
ROA not before: Fri 02 Sep 2022 12:32:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62303
IP address blocks: 185.235.81.0/24 maxlen: 24
185.235.83.0/24 maxlen: 24
185.235.82.0/24 maxlen: 24
2a0d:4d00:81::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fe:30:20:cc:02:0c:fa:02:4c:1e:73:70:d8:a6:e7:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3860a9b36585fb8aa051fc37fcc6a0773990cbf
Validity
Not Before: Sep 2 12:32:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a45b5050a48f7413fc2a41b75fe23fb787de93f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7f:f4:7a:71:49:4a:11:28:ea:4b:ae:fd:63:
5b:00:73:8c:fd:26:3e:90:72:a0:6d:b1:d7:cc:48:
c0:e8:b0:76:47:50:e4:00:f8:66:48:59:0f:d4:59:
89:df:d2:1c:55:56:93:65:5c:41:e9:5e:1b:f6:2c:
12:c7:c6:7e:be:30:92:4d:5d:18:f0:c8:d1:82:8c:
d0:05:0b:5f:dd:65:42:dc:ec:24:fa:eb:c7:93:52:
fa:18:87:3e:58:ce:e9:b2:9a:ba:ed:3d:8e:e1:c0:
a7:f6:1d:3b:c5:be:69:75:f2:b9:64:55:de:13:51:
dd:c9:f3:ab:fe:a1:c4:82:2f:93:7c:0b:79:7a:a9:
61:23:15:ae:7f:6b:b8:6b:c5:de:80:da:8d:00:47:
9b:9c:33:ee:4d:f9:ed:fa:8f:b1:65:5a:ac:4f:9b:
f7:e0:a8:b9:97:a2:a4:6c:37:5e:89:ea:de:ea:46:
af:6c:04:cf:85:5f:cc:54:ed:3c:12:a2:2c:14:86:
9a:38:dd:a4:4f:71:8f:8c:35:82:56:7a:31:d6:61:
fd:f3:5c:bd:4f:66:c6:05:db:92:c6:e9:f7:7e:f7:
ee:8b:7a:ae:93:8a:6d:5b:11:77:0f:e0:ae:7f:48:
1b:c2:48:f4:34:99:7b:b9:df:04:8c:42:df:bc:65:
be:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:45:B5:05:0A:48:F7:41:3F:C2:A4:1B:75:FE:23:FB:78:7D:E9:3F
X509v3 Authority Key Identifier:
keyid:D3:86:0A:9B:36:58:5F:B8:AA:05:1F:C3:7F:CC:6A:07:73:99:0C:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04YKmzZYX7iqBR_Df8xqB3OZDL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/KkW1BQpI90E_wqQbdf4j-3h96T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/04YKmzZYX7iqBR_Df8xqB3OZDL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.81.0-185.235.83.255
IPv6:
2a0d:4d00:81::/48
Signature Algorithm: sha256WithRSAEncryption
1e:60:00:15:f2:8c:79:31:3a:88:51:55:95:09:27:0c:bc:e2:
2b:ee:7f:16:cd:7a:a1:0d:f0:88:36:0d:f7:ac:dc:c9:b0:ad:
0b:42:07:1f:77:93:22:65:c3:f8:58:6d:1c:02:da:46:02:89:
f6:d1:6e:ee:08:bc:c1:c7:2d:48:3a:10:90:23:19:6b:3b:f4:
64:f2:fa:a1:1e:c8:8d:fe:d9:46:af:c7:a9:ae:a5:f8:b1:e4:
e2:bb:de:be:3a:5d:3e:a9:05:f4:c9:85:62:f9:46:eb:28:7b:
bd:7e:c3:8e:5c:cb:f9:b7:ff:fc:da:49:29:f1:7f:da:6d:00:
ee:33:09:5c:06:5d:18:fd:8b:b3:27:33:66:2f:5e:83:70:eb:
46:70:1e:e5:7e:52:18:a2:b1:0e:b7:1f:94:44:e4:cd:2e:10:
52:11:14:1f:e3:e2:c5:77:d7:c2:df:69:73:54:ae:0b:99:6e:
72:ba:c4:0a:3f:55:fb:5a:3d:82:6b:7b:65:17:45:75:1b:b4:
08:f3:2f:a9:a1:66:d0:e0:56:99:5c:fb:cb:97:e7:6c:c0:3c:
97:c5:8b:49:a6:7d:89:95:ed:e6:b5:14:7a:6c:15:84:3e:0e:
51:17:6a:d1:87:53:32:2c:80:75:89:ea:40:38:82:2c:2d:8b:
4b:90:c8:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYL+MCDMAgz6Akwec3DYpucwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODYwYTliMzY1ODVmYjhhYTA1MWZjMzdmY2M2YTA3NzM5
OTBjYmYwHhcNMjIwOTAyMTIzMjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQ1YjUwNTBhNDhmNzQxM2ZjMmE0MWI3NWZlMjNmYjc4N2RlOTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH/0enFJShEo6kuu/WNbAHOM/SY+
kHKgbbHXzEjA6LB2R1DkAPhmSFkP1FmJ39IcVVaTZVxB6V4b9iwSx8Z+vjCSTV0Y
8MjRgozQBQtf3WVC3Owk+uvHk1L6GIc+WM7pspq67T2O4cCn9h07xb5pdfK5ZFXe
E1HdyfOr/qHEgi+TfAt5eqlhIxWuf2u4a8XegNqNAEebnDPuTfnt+o+xZVqsT5v3
4Ki5l6KkbDdeiere6kavbATPhV/MVO08EqIsFIaaON2kT3GPjDWCVnox1mH981y9
T2bGBduSxun3fvfui3quk4ptWxF3D+Cuf0gbwkj0NJl7ud8EjELfvGW+GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpFtQUKSPdBP8KkG3X+I/t4fek/MB8GA1UdIwQY
MBaAFNOGCps2WF+4qgUfw3/MagdzmQy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRZS216WllYN2lxQlJfRGY4eHFCM09aREw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wM2M0MzAtZmIwNC00MGVhLTg1ZDEt
YzkyYzYxNjVkZTE4LzEvS2tXMUJRcEk5MEVfd3FRYmRmNGotM2g5NlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wM2M0MzAtZmIwNC00MGVhLTg1ZDEtYzkyYzYxNjVkZTE4
LzEvMDRZS216WllYN2lxQlJfRGY4eHFCM09aREw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAC561ED
BAK561AwDwQCAAIwCQMHACoNTQAAgTANBgkqhkiG9w0BAQsFAAOCAQEAHmAAFfKM
eTE6iFFVlQknDLziK+5/Fs16oQ3wiDYN96zcybCtC0IHH3eTImXD+FhtHALaRgKJ
9tFu7gi8wcctSDoQkCMZazv0ZPL6oR7Ijf7ZRq/Hqa6l+LHk4rvevjpdPqkF9MmF
YvlG6yh7vX7DjlzL+bf//NpJKfF/2m0A7jMJXAZdGP2LsyczZi9eg3DrRnAe5X5S
GKKxDrcflETkzS4QUhEUH+PixXfXwt9pc1SuC5lucrrECj9V+1o9gmt7ZRdFdRu0
CPMvqaFm0OBWmVz7y5fnbMA8l8WLSaZ9iZXt5rUUemwVhD4OURdq0YdTMiyAdYnq
QDiCLC2LS5DIFQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:00 2023 by rpki-client on console-fra.rpki-client.org