Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/k2aAO0biHh5nr7vQI56eSKSoEY8.roa
File: k2aAO0biHh5nr7vQI56eSKSoEY8.roa (raw, json)
Hash identifier: KIU8mbrDio3HUOKEXpfSShhCIF4LokvhIzI4unYfXRQ=
Subject key identifier: 93:66:80:3B:46:E2:1E:1E:67:AF:BB:D0:23:9E:9E:48:A4:A8:11:8F
Certificate issuer: /CN=1aa19c92e96677f5f96f68f1ca0aad9fa311eb45
Certificate serial: 0182CF1B189240A75AA02056BA897A4FCD4D
Authority key identifier: 1A:A1:9C:92:E9:66:77:F5:F9:6F:68:F1:CA:0A:AD:9F:A3:11:EB:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GqGckulmd_X5b2jxygqtn6MR60U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/k2aAO0biHh5nr7vQI56eSKSoEY8.roa
Signing time: Wed 24 Aug 2022 09:07:15 +0000
ROA not before: Wed 24 Aug 2022 09:07:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8788
IP address blocks: 193.138.87.0/24 maxlen: 24
212.26.128.0/19 maxlen: 19
194.32.109.0/24 maxlen: 24
194.32.110.0/24 maxlen: 24
178.211.96.0/19 maxlen: 20
194.32.108.0/24 maxlen: 24
194.32.108.0/23 maxlen: 23
212.26.140.0/24 maxlen: 24
212.80.32.0/19 maxlen: 20
2a00:e780:2::/48 maxlen: 48
2a00:e780::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:cf:1b:18:92:40:a7:5a:a0:20:56:ba:89:7a:4f:cd:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aa19c92e96677f5f96f68f1ca0aad9fa311eb45
Validity
Not Before: Aug 24 09:07:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9366803b46e21e1e67afbbd0239e9e48a4a8118f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ec:3b:1d:d3:97:cb:3e:6b:55:2a:c0:5e:52:
60:4e:61:86:1a:2a:7b:10:05:1b:b7:a9:ef:cc:61:
81:6c:e8:b4:8a:16:95:3b:04:76:7f:81:f0:27:b5:
2f:43:c4:8a:ec:8c:72:66:b9:36:1c:1f:dd:78:dd:
4e:8f:26:68:3d:ce:60:34:4f:4b:44:f6:5e:60:43:
1e:30:8f:5b:b9:5e:be:71:f8:ee:fa:01:ae:a3:14:
81:05:89:9c:c9:8b:3b:31:72:59:6c:64:79:04:5b:
f8:d8:7b:bc:83:dc:c7:2c:41:61:dc:30:23:36:f7:
f2:d3:82:a6:51:2e:dc:39:f3:65:4b:7a:a9:b4:cb:
34:ad:7a:d4:62:1e:44:cd:5b:7d:25:a1:64:da:d0:
be:71:90:3f:22:24:81:4e:73:e7:ec:3b:a9:23:fe:
6e:6a:e3:03:b5:39:1a:e3:76:76:6b:bf:67:65:89:
4f:92:d8:cc:cf:54:a6:1e:2f:d8:b7:a9:1c:5f:23:
77:82:a1:72:f1:67:03:90:f5:00:1b:c4:ba:2b:e1:
f2:8b:1f:f5:28:49:7c:df:d0:f6:31:03:05:57:26:
7d:74:e8:cf:11:15:19:ee:5d:d8:32:98:f6:d9:06:
f5:4a:e6:cf:0e:dd:2f:13:c6:c3:1b:c8:1b:d1:3d:
51:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:66:80:3B:46:E2:1E:1E:67:AF:BB:D0:23:9E:9E:48:A4:A8:11:8F
X509v3 Authority Key Identifier:
keyid:1A:A1:9C:92:E9:66:77:F5:F9:6F:68:F1:CA:0A:AD:9F:A3:11:EB:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GqGckulmd_X5b2jxygqtn6MR60U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/k2aAO0biHh5nr7vQI56eSKSoEY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/GqGckulmd_X5b2jxygqtn6MR60U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.211.96.0/19
193.138.87.0/24
194.32.108.0-194.32.110.255
212.26.128.0/19
212.80.32.0/19
IPv6:
2a00:e780::/32
Signature Algorithm: sha256WithRSAEncryption
25:79:e7:95:0e:9e:b1:54:f4:2b:e9:fe:6e:f8:b1:07:96:59:
02:ff:ce:2c:61:8c:12:59:7b:81:e7:1c:3b:06:11:e7:56:4a:
62:d0:a7:89:67:9f:dd:91:f7:72:30:61:a5:56:f7:1a:01:26:
6c:ad:84:4b:71:4d:f3:5d:36:69:34:8e:e9:29:a2:dc:6e:cb:
1a:7c:57:92:d6:ea:7e:31:f0:eb:67:6f:bd:60:a4:5e:42:70:
d7:6b:c2:93:b4:73:76:2c:ca:48:95:2e:d2:79:4e:ee:a1:0e:
8b:96:65:bf:ff:2d:18:41:98:0a:9b:f8:15:68:fd:3d:59:e3:
1a:dd:e4:85:6b:3b:b2:42:e8:ab:7d:e4:46:9a:a4:ce:8f:2a:
e7:c0:ab:0f:5f:f5:1c:e4:25:38:44:10:d3:5e:70:dc:a9:3d:
26:0d:6f:c0:72:13:1c:86:8a:22:e6:b4:0e:fc:14:12:bf:be:
e3:9e:92:58:a5:b2:92:bb:1d:7f:49:4c:35:8d:ac:4a:74:97:
b7:4c:2d:fe:96:9e:9e:90:77:f8:6f:62:36:16:cd:87:e3:98:
95:b5:ef:0b:46:e9:c1:d5:7c:2c:be:f9:26:ab:6b:22:42:77:
15:33:93:c7:05:de:87:67:c5:ea:0c:3a:5a:07:97:ad:21:c8:
ac:c6:5c:47
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYLPGxiSQKdaoCBWuol6T81NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYTE5YzkyZTk2Njc3ZjVmOTZmNjhmMWNhMGFhZDlmYTMx
MWViNDUwHhcNMjIwODI0MDkwNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzY2ODAzYjQ2ZTIxZTFlNjdhZmJiZDAyMzllOWU0OGE0YTgxMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ew7HdOXyz5rVSrAXlJgTmGGGip7
EAUbt6nvzGGBbOi0ihaVOwR2f4HwJ7UvQ8SK7IxyZrk2HB/deN1OjyZoPc5gNE9L
RPZeYEMeMI9buV6+cfju+gGuoxSBBYmcyYs7MXJZbGR5BFv42Hu8g9zHLEFh3DAj
Nvfy04KmUS7cOfNlS3qptMs0rXrUYh5EzVt9JaFk2tC+cZA/IiSBTnPn7DupI/5u
auMDtTka43Z2a79nZYlPktjMz1SmHi/Yt6kcXyN3gqFy8WcDkPUAG8S6K+Hyix/1
KEl839D2MQMFVyZ9dOjPERUZ7l3YMpj22Qb1SubPDt0vE8bDG8gb0T1RywIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJNmgDtG4h4eZ6+70COenkikqBGPMB8GA1UdIwQY
MBaAFBqhnJLpZnf1+W9o8coKrZ+jEetFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3FHY2t1bG1kX1g1YjJqeHlncXRuNk1SNjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8wMGFkYjAtODkwZC00N2FkLWExOGMt
NGFkMGFiZWMyNzVlLzEvazJhQU8wYmlIaDVucjd2UUk1NmVTS1NvRVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8wMGFkYjAtODkwZC00N2FkLWExOGMtNGFkMGFiZWMyNzVl
LzEvR3FHY2t1bG1kX1g1YjJqeHlncXRuNk1SNjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQFstNgAwQA
wYpXMAwDBALCIGwDBADCIG4DBAXUGoADBAXUUCAwDQQCAAIwBwMFACoA54AwDQYJ
KoZIhvcNAQELBQADggEBACV555UOnrFU9Cvp/m74sQeWWQL/zixhjBJZe4HnHDsG
EedWSmLQp4lnn92R93IwYaVW9xoBJmythEtxTfNdNmk0jukpotxuyxp8V5LW6n4x
8Otnb71gpF5CcNdrwpO0c3YsykiVLtJ5Tu6hDouWZb//LRhBmAqb+BVo/T1Z4xrd
5IVrO7JC6Kt95EaapM6PKufAqw9f9RzkJThEENNecNypPSYNb8ByExyGiiLmtA78
FBK/vuOeklilspK7HX9JTDWNrEp0l7dMLf6Wnp6Qd/hvYjYWzYfjmJW17wtG6cHV
fCy++SarayJCdxUzk8cF3odnxeoMOloHl60hyKzGXEc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:05 2023 by rpki-client on console-ams.rpki-client.org