Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/35kr_qv0dFYFjQTQ4XDLiPc25HA.roa
File: 35kr_qv0dFYFjQTQ4XDLiPc25HA.roa (raw, json)
Hash identifier: bW2DYAm0EOFjm6Pn3mZ0v1DHlVJ8AbC6RG9mxtfC7/E=
Subject key identifier: DF:99:2B:FE:AB:F4:74:56:05:8D:04:D0:E1:70:CB:88:F7:36:E4:70
Certificate issuer: /CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Certificate serial: 03D96F2A
Authority key identifier: D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/35kr_qv0dFYFjQTQ4XDLiPc25HA.roa
Signing time: Sat 01 Jan 2022 04:52:59 +0000
ROA not before: Sat 01 Jan 2022 04:52:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33876
IP address blocks: 185.76.4.0/22 maxlen: 24
185.12.116.0/22 maxlen: 24
185.11.164.0/22 maxlen: 24
91.198.47.0/24 maxlen: 24
94.126.168.0/21 maxlen: 24
176.61.144.0/21 maxlen: 24
194.8.30.0/24 maxlen: 24
2a03:8bc0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64581418 (0x3d96f2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Validity
Not Before: Jan 1 04:52:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df992bfeabf47456058d04d0e170cb88f736e470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ba:c2:0c:4c:19:b6:14:ed:5d:11:c7:3e:b2:
c2:20:30:ba:36:09:03:12:c6:52:de:97:78:24:4c:
8c:e6:0b:68:0f:3c:28:c6:e5:22:63:c8:f9:71:b5:
c3:ad:61:bd:f3:bb:cb:0e:81:28:43:e6:74:8b:0c:
5a:8d:8c:26:6f:d1:ca:61:e9:ff:28:69:77:4a:19:
44:89:71:d7:f8:c7:f1:4e:f4:3e:84:70:d9:ba:17:
36:73:5a:7a:63:34:e2:1b:ab:7b:4a:5f:c0:24:db:
e7:b8:28:e0:4f:3a:d2:7e:6b:02:e3:3c:d9:1f:95:
2c:31:2e:71:fb:35:f4:10:24:8b:b0:ea:81:f7:66:
b5:75:30:a1:e4:b0:0b:8b:cf:0b:d9:8f:d4:1b:4c:
3d:de:83:8b:ae:a0:67:c7:06:ed:b8:61:6c:fc:91:
24:2c:7b:7e:cf:11:1f:34:71:56:07:31:4f:62:ab:
73:30:4d:b5:d2:88:3b:11:24:ff:b8:ab:1e:8e:83:
d6:20:4b:e8:9b:41:77:5e:95:6a:a6:d2:b5:48:ae:
9d:89:b9:bf:ab:6f:9b:72:bd:b8:fc:4d:82:59:dd:
e9:13:95:6e:cf:7e:8c:a1:85:cd:dc:59:ca:a3:be:
e1:ae:ae:43:18:c3:23:aa:ac:94:93:ca:ba:04:73:
33:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:99:2B:FE:AB:F4:74:56:05:8D:04:D0:E1:70:CB:88:F7:36:E4:70
X509v3 Authority Key Identifier:
keyid:D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/35kr_qv0dFYFjQTQ4XDLiPc25HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/01kqrEiVItXbGP1jkeA1qXeOo7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.47.0/24
94.126.168.0/21
176.61.144.0/21
185.11.164.0/22
185.12.116.0/22
185.76.4.0/22
194.8.30.0/24
IPv6:
2a03:8bc0::/32
Signature Algorithm: sha256WithRSAEncryption
86:d8:be:5b:04:ab:d6:0e:d0:1c:c4:4c:5b:23:fa:a7:27:c4:
c9:0a:ee:64:be:64:7a:13:55:69:05:f9:57:c2:11:81:e8:e8:
0f:08:67:dd:24:e7:8c:93:bc:fb:91:2c:82:5f:9f:c1:cd:ef:
2d:d1:32:b1:f3:19:d4:be:66:e4:c3:31:49:6c:28:46:29:72:
22:81:12:cd:2a:09:5e:9d:fe:e1:21:ec:9a:3e:db:c2:58:ce:
c4:05:f9:f1:a2:57:9a:70:68:3f:b9:c4:e4:9a:f4:7b:ed:3f:
e4:57:fb:41:25:e9:0f:17:b4:e4:0b:9e:fa:16:bc:a9:66:81:
e9:e9:4b:75:b7:bc:47:e7:72:c9:c9:61:b4:c8:46:e7:6c:d9:
4a:1f:ea:a0:dc:bc:72:16:95:79:04:de:ee:80:15:90:b7:f5:
1f:40:87:39:38:f5:59:3f:82:b3:e4:9f:db:b5:05:37:d4:ef:
58:84:e4:3d:f1:7c:6c:dd:ea:96:85:5f:f4:21:86:55:d3:8b:
98:ab:65:32:c3:84:b6:76:62:75:2e:50:8d:93:c4:9f:59:d6:
d3:2b:f6:58:d2:17:8f:ed:6f:9e:87:10:0e:e7:a4:84:54:21:
28:c0:41:12:dc:25:6a:73:a3:5d:e5:f5:72:b4:34:5c:ca:63:
0c:da:50:10
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEA9lvKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzU5MmFhYzQ4OTUyMmQ1ZGIxOGZkNjM5MWUwMzVhOTc3OGVhM2IxMB4XDTIyMDEw
MTA0NTI1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGY5OTJiZmVhYmY0
NzQ1NjA1OGQwNGQwZTE3MGNiODhmNzM2ZTQ3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALu6wgxMGbYU7V0Rxz6ywiAwujYJAxLGUt6XeCRMjOYLaA88
KMblImPI+XG1w61hvfO7yw6BKEPmdIsMWo2MJm/RymHp/yhpd0oZRIlx1/jH8U70
PoRw2boXNnNaemM04hure0pfwCTb57go4E860n5rAuM82R+VLDEucfs19BAki7Dq
gfdmtXUwoeSwC4vPC9mP1BtMPd6Di66gZ8cG7bhhbPyRJCx7fs8RHzRxVgcxT2Kr
czBNtdKIOxEk/7irHo6D1iBL6JtBd16VaqbStUiunYm5v6tvm3K9uPxNglnd6ROV
bs9+jKGFzdxZyqO+4a6uQxjDI6qslJPKugRzMykCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTfmSv+q/R0VgWNBNDhcMuI9zbkcDAfBgNVHSMEGDAWgBTTWSqsSJUi1dsY
/WOR4DWpd46jsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzAxa3FyRWlWSXRYYkdQMWprZUExcVhlT283RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvN2IxM2ZlLWY2MmYtNGU5My04MjFlLWUzM2FlMTA2YjU0ZC8x
LzM1a3JfcXYwZEZZRmpRVFE0WERMaVBjMjVIQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
N2IxM2ZlLWY2MmYtNGU5My04MjFlLWUzM2FlMTA2YjU0ZC8xLzAxa3FyRWlWSXRY
YkdQMWprZUExcVhlT283RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAFvGLwMEA15+qAMEA7A9kAMEArkL
pAMEArkMdAMEArlMBAMEAMIIHjANBAIAAjAHAwUAKgOLwDANBgkqhkiG9w0BAQsF
AAOCAQEAhti+WwSr1g7QHMRMWyP6pyfEyQruZL5kehNVaQX5V8IRgejoDwhn3STn
jJO8+5Esgl+fwc3vLdEysfMZ1L5m5MMxSWwoRilyIoESzSoJXp3+4SHsmj7bwljO
xAX58aJXmnBoP7nE5Jr0e+0/5Ff7QSXpDxe05Aue+ha8qWaB6elLdbe8R+dyyclh
tMhG52zZSh/qoNy8chaVeQTe7oAVkLf1H0CHOTj1WT+Cs+Sf27UFN9TvWITkPfF8
bN3qloVf9CGGVdOLmKtlMsOEtnZidS5QjZPEn1nW0yv2WNIXj+1vnocQDuekhFQh
KMBBEtwlanOjXeX1crQ0XMpjDNpQEA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:23 2024 by rpki-client on console-fra.rpki-client.org