Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/khLoL-GIXCA6aeqr5jMfLXx6fEk.roa
File: khLoL-GIXCA6aeqr5jMfLXx6fEk.roa (raw, json)
Hash identifier: 2Ac6u1OVA9FFUVJrBx3PPtRZp7yJzu+vdG3MjcgdJmY=
Subject key identifier: 92:12:E8:2F:E1:88:5C:20:3A:69:EA:AB:E6:33:1F:2D:7C:7A:7C:49
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 04EA6F3B
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/khLoL-GIXCA6aeqr5jMfLXx6fEk.roa
Signing time: Sat 01 Jan 2022 07:56:33 +0000
ROA not before: Sat 01 Jan 2022 07:56:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 185.58.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82472763 (0x4ea6f3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 1 07:56:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9212e82fe1885c203a69eaabe6331f2d7c7a7c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:98:b4:f4:0a:19:f2:16:c4:80:0c:be:c9:bf:
72:e5:03:1b:00:83:04:02:f6:88:0b:4c:58:0a:89:
b2:ad:e8:fc:bd:8a:a7:0d:d9:26:e7:72:c7:15:a0:
e3:08:78:53:21:77:ce:f5:68:be:a4:da:25:41:d6:
5d:97:17:7d:81:37:22:e9:c9:40:75:4f:a8:2c:20:
75:1f:44:2b:ab:59:87:d8:cf:2f:1d:96:21:8e:f8:
9d:db:24:76:9a:57:14:b6:fb:23:55:25:83:7c:3b:
c2:79:17:a3:67:ca:96:15:1e:59:72:58:f8:b3:eb:
13:0d:ce:76:06:15:63:54:64:bb:cf:fa:3d:a5:77:
9c:5a:e3:76:1e:ff:21:d7:54:ad:b9:cf:fb:d3:6a:
5f:20:ac:85:1a:2b:95:fa:06:f5:b4:95:da:5e:84:
96:c5:b8:d1:11:74:49:cb:f9:34:bb:22:2c:12:a5:
e7:e0:53:4a:6f:0e:a4:cc:ee:c2:1d:93:a5:c9:1e:
04:86:14:bd:5e:7a:86:b8:80:21:c4:aa:ce:a7:a1:
ac:a9:44:18:82:f3:7a:12:57:4f:53:5b:3a:a5:5d:
e0:4d:4e:4d:eb:50:71:48:ff:44:3c:2f:e5:89:15:
2b:76:01:ad:2b:5c:f8:4a:db:dc:7e:5b:58:4a:28:
91:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:12:E8:2F:E1:88:5C:20:3A:69:EA:AB:E6:33:1F:2D:7C:7A:7C:49
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/khLoL-GIXCA6aeqr5jMfLXx6fEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.114.0/24
Signature Algorithm: sha256WithRSAEncryption
65:ae:af:72:03:52:2e:f8:a8:fa:11:d7:c5:15:1b:08:86:62:
98:0a:02:cf:fd:fc:e2:f4:85:28:0e:49:7a:cb:c5:cc:66:44:
57:65:dd:b8:25:33:c5:be:60:ce:fc:20:c5:01:10:e0:99:d7:
12:37:22:75:8d:f7:c0:dc:0d:6d:69:6b:eb:66:06:55:66:e4:
74:c4:83:16:fe:31:54:0e:04:b5:f9:ab:1a:1a:a9:dc:7f:02:
1d:2c:60:8c:de:6b:01:8d:86:16:2c:6c:7c:b2:8f:ae:a5:d4:
50:eb:9f:1b:d7:82:2d:0f:4a:f0:b0:bf:fa:a9:b6:b6:b5:3b:
d5:bf:14:37:d2:e9:ef:6c:a2:ec:b8:c7:2c:95:ad:89:90:4a:
56:e3:88:85:42:33:a1:9a:91:75:c2:e0:8a:f4:f6:76:9d:be:
bc:26:16:c6:5c:46:a1:3f:82:b5:b3:5a:45:cd:08:09:bf:02:
f0:64:c3:c5:c6:ab:e6:48:58:54:f8:ec:6a:7d:74:b3:ba:5d:
fb:f9:bb:dc:c7:4f:e3:10:fb:5c:a0:6c:5c:21:c6:70:a4:44:
01:0a:a5:8e:de:24:ac:45:5a:a0:94:21:0b:85:88:16:b5:c2:
28:42:e3:44:bf:1d:38:15:34:0e:09:00:ba:4f:e0:4d:a7:30:
33:3f:87:a7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBOpvOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YWVlMTVjMzNkZTM1ODkzOGQ2OTAwYTFiM2MxNDQ4MGEzODllODViMB4XDTIyMDEw
MTA3NTYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIxMmU4MmZlMTg4
NWMyMDNhNjllYWFiZTYzMzFmMmQ3YzdhN2M0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+YtPQKGfIWxIAMvsm/cuUDGwCDBAL2iAtMWAqJsq3o/L2K
pw3ZJudyxxWg4wh4UyF3zvVovqTaJUHWXZcXfYE3IunJQHVPqCwgdR9EK6tZh9jP
Lx2WIY74ndskdppXFLb7I1Ulg3w7wnkXo2fKlhUeWXJY+LPrEw3OdgYVY1Rku8/6
PaV3nFrjdh7/IddUrbnP+9NqXyCshRorlfoG9bSV2l6ElsW40RF0Scv5NLsiLBKl
5+BTSm8OpMzuwh2TpckeBIYUvV56hriAIcSqzqehrKlEGILzehJXT1NbOqVd4E1O
TetQcUj/RDwv5YkVK3YBrStc+Erb3H5bWEookSsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSSEugv4YhcIDpp6qvmMx8tfHp8STAfBgNVHSMEGDAWgBSa7hXDPeNYk41p
AKGzwUSAo4noWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L211NFZ3ejNqV0pPTmFRQ2hzOEZFZ0tPSjZGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvNzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8x
L2toTG9MLUdJWENBNmFlcXI1ak1mTFh4NmZFay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
NzJmNzdmLTc2YWItNGU3OS1hMDYyLTZlZTUzNGQ5MmU1Mi8xL211NFZ3ejNqV0pP
TmFRQ2hzOEZFZ0tPSjZGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALk6cjANBgkqhkiG9w0BAQsFAAOC
AQEAZa6vcgNSLvio+hHXxRUbCIZimAoCz/384vSFKA5JesvFzGZEV2XduCUzxb5g
zvwgxQEQ4JnXEjcidY33wNwNbWlr62YGVWbkdMSDFv4xVA4EtfmrGhqp3H8CHSxg
jN5rAY2GFixsfLKPrqXUUOufG9eCLQ9K8LC/+qm2trU71b8UN9Lp72yi7LjHLJWt
iZBKVuOIhUIzoZqRdcLgivT2dp2+vCYWxlxGoT+CtbNaRc0ICb8C8GTDxcar5khY
VPjsan10s7pd+/m73MdP4xD7XKBsXCHGcKREAQqljt4krEVaoJQhC4WIFrXCKELj
RL8dOBU0DgkAuk/gTacwMz+Hpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org