Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/kvCNIwFc7ljsivQJexAq3KjRc7A.roa
File: kvCNIwFc7ljsivQJexAq3KjRc7A.roa (raw, json)
Hash identifier: R8JA5QiC/9UkuhOOjgC+9gK8Qbp5IrUS01FmrboRC58=
Subject key identifier: 92:F0:8D:23:01:5C:EE:58:EC:8A:F4:09:7B:10:2A:DC:A8:D1:73:B0
Certificate issuer: /CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Certificate serial: 01512E
Authority key identifier: AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/kvCNIwFc7ljsivQJexAq3KjRc7A.roa
Signing time: Wed 11 May 2022 14:00:04 +0000
ROA not before: Wed 11 May 2022 14:00:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21182
IP address blocks: 217.173.192.0/21 maxlen: 21
217.173.200.0/23 maxlen: 23
217.173.206.0/23 maxlen: 23
185.178.156.0/22 maxlen: 22
2a04:9440::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86318 (0x1512e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Validity
Not Before: May 11 14:00:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92f08d23015cee58ec8af4097b102adca8d173b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:57:83:04:34:4e:20:99:47:d0:43:db:9d:36:
ab:24:f4:77:59:fe:da:52:33:79:c8:8a:d9:b4:f5:
e4:87:9d:eb:f7:3c:f2:fc:ca:ce:c0:25:c4:43:ae:
84:15:dd:6a:a8:1f:56:29:17:3a:32:d0:52:c7:42:
80:1f:31:a8:6d:82:b1:4f:1c:2f:14:43:76:a6:63:
e5:a7:79:c2:30:84:40:3b:59:02:9d:8a:12:d9:1c:
df:26:54:50:61:4e:d6:58:e4:83:0e:80:97:4d:9e:
f9:df:66:ce:da:ec:e0:2a:c0:12:9e:0f:d4:71:2e:
54:2d:08:89:4c:ce:8d:bb:4f:97:54:77:3b:70:4c:
61:5a:37:ca:86:d9:ab:72:09:7b:78:5d:12:a3:e0:
5e:2e:f0:94:60:88:ae:dc:d5:39:18:38:00:be:b1:
64:80:a6:52:94:00:4f:02:19:86:ec:f5:63:37:7a:
2e:12:b0:29:21:c1:06:4f:5b:6c:e7:b0:62:fb:ba:
77:31:c7:5a:38:4a:1c:ef:22:40:be:35:ef:20:3d:
35:ff:4b:21:15:71:10:e1:dc:51:d6:d1:e1:ad:52:
12:f7:7f:a1:a3:4d:93:26:d4:64:1f:af:36:22:81:
d2:66:17:b9:3f:91:d7:73:f1:c4:23:56:66:7c:50:
1f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F0:8D:23:01:5C:EE:58:EC:8A:F4:09:7B:10:2A:DC:A8:D1:73:B0
X509v3 Authority Key Identifier:
keyid:AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/kvCNIwFc7ljsivQJexAq3KjRc7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.156.0/22
217.173.192.0-217.173.201.255
217.173.206.0/23
IPv6:
2a04:9440::/30
Signature Algorithm: sha256WithRSAEncryption
2d:7a:95:b9:53:2b:f6:1a:d7:aa:50:88:ce:6e:72:67:47:ec:
98:c0:fc:11:2c:40:a7:a9:08:c6:72:9b:8f:1e:78:d2:b6:6b:
63:90:7c:a2:eb:25:69:8d:78:e3:06:de:30:63:6e:ea:bf:e5:
29:19:36:40:de:4d:21:0b:68:89:6c:cd:c7:87:83:36:3b:ff:
c6:e7:93:1c:ca:72:70:6c:ea:1f:e7:45:f3:8b:00:fa:c5:27:
cc:52:66:be:bd:c8:ca:9c:0f:0f:19:21:22:49:21:a1:37:73:
b6:d5:1b:91:da:97:45:1e:19:f0:e8:2b:ed:5e:55:cd:e1:61:
71:0c:7a:0e:62:00:6d:be:e2:16:f0:64:47:62:4a:c7:9d:88:
82:00:c1:45:25:78:a0:a1:e7:d2:07:af:bf:f6:fe:d4:de:b0:
43:0a:da:91:89:80:f5:58:42:06:ef:8d:65:30:ce:ce:d7:8e:
b9:60:c9:9d:29:99:b0:9f:8f:88:1a:94:f7:a8:4a:90:8f:1c:
f3:b3:17:d2:9a:a1:ba:cd:e9:b2:f8:86:5d:a7:b5:60:2d:d8:
f4:58:4b:8b:04:2e:5a:fd:7e:ed:35:0d:ac:8f:36:6b:32:96:
f4:a7:93:7c:1e:0f:cd:8e:13:03:f9:cd:24:e1:8e:37:f7:d0:
fe:eb:4d:52
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIDAVEuMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFi
MWM4MDBhYTFiNzhhMTdhNDNlMTlmZDk5MzgzNTVkMDQxMWU5NGEwHhcNMjIwNTEx
MTQwMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5MmYwOGQyMzAxNWNl
ZTU4ZWM4YWY0MDk3YjEwMmFkY2E4ZDE3M2IwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAo1eDBDROIJlH0EPbnTarJPR3Wf7aUjN5yIrZtPXkh53r9zzy
/MrOwCXEQ66EFd1qqB9WKRc6MtBSx0KAHzGobYKxTxwvFEN2pmPlp3nCMIRAO1kC
nYoS2RzfJlRQYU7WWOSDDoCXTZ7532bO2uzgKsASng/UcS5ULQiJTM6Nu0+XVHc7
cExhWjfKhtmrcgl7eF0So+BeLvCUYIiu3NU5GDgAvrFkgKZSlABPAhmG7PVjN3ou
ErApIcEGT1ts57Bi+7p3McdaOEoc7yJAvjXvID01/0shFXEQ4dxR1tHhrVIS93+h
o02TJtRkH682IoHSZhe5P5HXc/HEI1ZmfFAf7QIDAQABo4ICLDCCAigwHQYDVR0O
BBYEFJLwjSMBXO5Y7Ir0CXsQKtyo0XOwMB8GA1UdIwQYMBaAFKscgAqht4oXpD4Z
/Zk4NV0EEelKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMtNTBjYmNiNWIxOWMyLzEv
a3ZDTkl3RmM3bGpzaXZRSmV4QXEzS2pSYzdBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8x
YjFjYTAtYmJmMi00NDE5LThhMGMtNTBjYmNiNWIxOWMyLzEvcXh5QUNxRzNpaGVr
UGhuOW1UZzFYUVFSNlVvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEIG
CCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCubKcMAwDBAbZrcADBAHZrcgDBAHZ
rc4wDQQCAAIwBwMFAioElEAwDQYJKoZIhvcNAQELBQADggEBAC16lblTK/Ya16pQ
iM5ucmdH7JjA/BEsQKepCMZym48eeNK2a2OQfKLrJWmNeOMG3jBjbuq/5SkZNkDe
TSELaIlszceHgzY7/8bnkxzKcnBs6h/nRfOLAPrFJ8xSZr69yMqcDw8ZISJJIaE3
c7bVG5Hal0UeGfDoK+1eVc3hYXEMeg5iAG2+4hbwZEdiSsediIIAwUUleKCh59IH
r7/2/tTesEMK2pGJgPVYQgbvjWUwzs7XjrlgyZ0pmbCfj4galPeoSpCPHPOzF9Ka
obrN6bL4hl2ntWAt2PRYS4sELlr9fu01DayPNmsylvSnk3weD82OEwP5zSThjjf3
0P7rTVI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:42 2024 by rpki-client on console-fra.rpki-client.org