Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Km1-9EqISOAJmNE7Pb56pDStI3w.roa
File: Km1-9EqISOAJmNE7Pb56pDStI3w.roa (raw, json)
Hash identifier: SBxiom3fJqHLlfM515f6eAR7qlclysVZDVWVA5G5SoY=
Subject key identifier: 2A:6D:7E:F4:4A:88:48:E0:09:98:D1:3B:3D:BE:7A:A4:34:AD:23:7C
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018466D800F9FA4DDCD318CEB50D25EBA749
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Km1-9EqISOAJmNE7Pb56pDStI3w.roa
Signing time: Fri 11 Nov 2022 13:19:02 +0000
ROA not before: Fri 11 Nov 2022 13:19:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207326
IP address blocks: 82.163.64.0/22 maxlen: 24
89.46.176.0/22 maxlen: 24
82.163.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:66:d8:00:f9:fa:4d:dc:d3:18:ce:b5:0d:25:eb:a7:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 11 13:19:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a6d7ef44a8848e00998d13b3dbe7aa434ad237c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c9:15:1f:1d:11:5d:c1:a6:10:2c:b3:94:7b:
85:4a:61:0a:00:df:f8:f5:ed:c5:35:09:7b:14:8e:
3e:9b:3f:55:b4:53:b4:ba:31:c6:a6:bd:1a:9f:81:
11:07:46:7e:7b:50:9a:0c:97:45:11:d0:4e:a8:9d:
26:a4:68:14:11:d3:87:e1:c6:aa:4f:cf:5e:40:7a:
7d:4a:38:e5:98:d7:92:6e:50:7c:8e:1e:88:85:ae:
cb:83:6b:28:c9:5b:be:1c:22:19:09:88:9c:78:d6:
2c:35:8d:c2:24:5e:36:cb:22:c5:68:2d:9e:9d:be:
26:cd:9a:cc:97:c6:b3:52:aa:da:31:7b:38:16:b4:
57:30:c3:bc:57:e3:84:90:f1:6c:39:b7:e1:a4:43:
c4:c0:a0:de:65:11:66:db:51:41:c6:49:cb:a1:1e:
50:e6:ac:cf:05:1f:74:db:4d:fa:96:d6:0a:c8:d7:
4c:b6:2f:2d:f4:42:a1:07:ed:35:f6:cd:d7:d3:49:
91:b9:ed:18:06:f9:41:fb:4c:58:5c:04:4a:4f:cc:
e4:c1:db:23:08:d9:0d:c1:a4:b7:1d:65:9b:99:63:
d0:36:2d:d5:88:bb:c8:45:b4:04:6c:49:5f:5e:b2:
66:f0:83:83:1f:2a:6d:b2:8d:43:c8:bd:ed:66:29:
bc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:6D:7E:F4:4A:88:48:E0:09:98:D1:3B:3D:BE:7A:A4:34:AD:23:7C
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Km1-9EqISOAJmNE7Pb56pDStI3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.64.0/22
82.163.228.0/22
89.46.176.0/22
Signature Algorithm: sha256WithRSAEncryption
58:48:40:1d:60:ec:0c:3c:b4:29:90:ef:93:82:25:37:e2:8f:
d8:68:be:7d:d9:a9:ba:92:5b:b4:0f:76:69:07:73:f1:58:54:
d2:d8:66:9c:3e:62:1d:4a:7d:5c:dc:09:d1:77:c2:3c:9e:23:
03:b1:4b:67:ed:ab:a5:3b:77:c8:f5:0f:1a:27:76:73:68:bc:
fc:40:43:8a:d0:0c:a6:88:33:65:f8:88:7d:e0:84:74:41:3e:
ad:5a:2b:be:55:2b:96:14:62:a8:f4:ed:10:20:81:ed:af:4f:
9d:93:f2:d9:81:e8:c7:d4:0f:f6:84:63:4c:cb:52:60:21:66:
84:d3:26:d9:88:4b:05:4c:e3:69:ea:7f:2c:76:e3:0a:66:b8:
2a:53:a1:d5:2c:11:75:5f:a9:6f:28:ba:53:8e:5a:e5:2a:ee:
98:8f:b8:60:b0:d0:91:55:ac:07:8b:e2:38:a8:b0:0a:fc:53:
8b:61:86:76:74:6a:29:1a:47:95:a0:be:30:1e:75:91:08:4a:
6b:ae:72:bf:c2:fb:67:bc:96:a6:b7:33:cb:fc:32:20:57:0a:
86:7c:c9:59:0f:22:23:e7:34:e9:9a:1f:fc:7b:c8:34:cf:64:
86:4c:f2:4b:6c:70:ae:d6:78:e8:0f:1e:14:65:7e:e1:cd:0c:
1f:1c:9c:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRm2AD5+k3c0xjOtQ0l66dJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMTExMTMxOTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTZkN2VmNDRhODg0OGUwMDk5OGQxM2IzZGJlN2FhNDM0YWQyMzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMkVHx0RXcGmECyzlHuFSmEKAN/4
9e3FNQl7FI4+mz9VtFO0ujHGpr0an4ERB0Z+e1CaDJdFEdBOqJ0mpGgUEdOH4caq
T89eQHp9SjjlmNeSblB8jh6Iha7Lg2soyVu+HCIZCYiceNYsNY3CJF42yyLFaC2e
nb4mzZrMl8azUqraMXs4FrRXMMO8V+OEkPFsObfhpEPEwKDeZRFm21FBxknLoR5Q
5qzPBR902036ltYKyNdMti8t9EKhB+019s3X00mRue0YBvlB+0xYXARKT8zkwdsj
CNkNwaS3HWWbmWPQNi3ViLvIRbQEbElfXrJm8IODHyptso1DyL3tZim8twIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCptfvRKiEjgCZjROz2+eqQ0rSN8MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvS20xLTlFcUlTT0FKbU5FN1BiNTZwRFN0STN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUqNAAwQC
UqPkAwQCWS6wMA0GCSqGSIb3DQEBCwUAA4IBAQBYSEAdYOwMPLQpkO+TgiU34o/Y
aL592am6klu0D3ZpB3PxWFTS2GacPmIdSn1c3AnRd8I8niMDsUtn7aulO3fI9Q8a
J3ZzaLz8QEOK0AymiDNl+Ih94IR0QT6tWiu+VSuWFGKo9O0QIIHtr0+dk/LZgejH
1A/2hGNMy1JgIWaE0ybZiEsFTONp6n8sduMKZrgqU6HVLBF1X6lvKLpTjlrlKu6Y
j7hgsNCRVawHi+I4qLAK/FOLYYZ2dGopGkeVoL4wHnWRCEprrnK/wvtnvJamtzPL
/DIgVwqGfMlZDyIj5zTpmh/8e8g0z2SGTPJLbHCu1njoDx4UZX7hzQwfHJzW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org