Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/kKyM232GkYKjYKSmnKYTGpQEA1A.roa
File: kKyM232GkYKjYKSmnKYTGpQEA1A.roa (raw, json)
Hash identifier: Vp2Jr96pQuJ//cZVkDdOch7YhMEdnK3Y5+J5IvBstJA=
Subject key identifier: 90:AC:8C:DB:7D:86:91:82:A3:60:A4:A6:9C:A6:13:1A:94:04:03:50
Certificate issuer: /CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Certificate serial: 1C599034
Authority key identifier: EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/kKyM232GkYKjYKSmnKYTGpQEA1A.roa
Signing time: Sat 01 Jan 2022 03:54:35 +0000
ROA not before: Sat 01 Jan 2022 03:54:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31621
IP address blocks: 91.194.188.0/23 maxlen: 24
185.31.24.0/22 maxlen: 24
193.23.48.0/24 maxlen: 24
178.21.152.0/21 maxlen: 24
194.0.251.0/24 maxlen: 24
2a02:dcc::/30 maxlen: 43
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 475631668 (0x1c599034)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Validity
Not Before: Jan 1 03:54:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90ac8cdb7d869182a360a4a69ca6131a94040350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:cf:84:5d:6c:27:b7:7a:1d:d0:20:2b:34:3f:
24:7b:df:2f:15:0b:6e:54:a8:53:ed:1b:9b:1b:1d:
81:ae:4c:f1:60:a2:16:cd:85:df:29:11:b4:f7:66:
c8:68:7f:87:f4:25:9d:e8:f5:5b:89:15:51:3e:58:
6c:1c:d2:eb:f1:20:4d:a5:0e:9b:c4:27:2b:e2:0d:
1a:9d:60:e1:8b:ac:3e:2d:9d:8d:f6:87:39:f0:6a:
7f:60:84:50:6b:3f:31:6a:e2:fb:82:e3:c2:4d:ee:
36:e3:4f:56:2c:d5:fe:9d:d1:70:ef:6e:8c:2e:57:
b5:5d:4f:42:ef:03:6a:f1:d0:b7:9c:21:4a:80:fc:
fd:07:ab:cb:09:da:f2:80:9c:df:5b:44:c9:70:ed:
55:90:67:9e:05:79:8d:2f:13:e5:81:0a:a5:5e:39:
8a:ba:6c:25:42:7c:5d:b7:d7:fe:04:5d:e4:88:c4:
39:bc:25:1d:48:47:4d:dc:2c:12:b9:50:9b:af:fb:
c1:8c:1f:8f:67:93:a4:98:1b:41:33:ae:16:14:33:
8d:5d:ba:2f:97:30:76:6d:de:b6:aa:ce:a4:b4:ec:
62:b9:91:a9:8b:f1:a2:a4:67:96:f4:39:3e:0c:30:
0a:6d:50:9a:cf:73:05:83:a2:dc:49:80:cd:98:fa:
99:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:AC:8C:DB:7D:86:91:82:A3:60:A4:A6:9C:A6:13:1A:94:04:03:50
X509v3 Authority Key Identifier:
keyid:EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/kKyM232GkYKjYKSmnKYTGpQEA1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/7JsJMRGPCL9KNLPgUv2PilweyrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.188.0/23
178.21.152.0/21
185.31.24.0/22
193.23.48.0/24
194.0.251.0/24
IPv6:
2a02:dcc::/30
Signature Algorithm: sha256WithRSAEncryption
a8:44:b1:0e:74:1a:48:0d:08:9e:25:8d:86:2b:af:d3:26:67:
e7:68:c1:0f:cc:ce:29:25:00:99:5d:bb:a6:87:aa:75:cf:31:
f9:18:39:4a:d4:58:e7:82:4c:e8:72:a4:16:45:96:2e:46:4a:
96:41:cf:90:0c:63:2c:f1:dd:67:52:e2:0e:26:b5:72:7d:1a:
48:e9:3d:8b:f2:b7:dd:d7:75:1c:32:bd:2c:30:34:c3:c7:95:
98:b0:de:67:d1:69:f4:a0:98:2d:74:e5:25:ab:a4:ae:6d:bd:
23:87:7c:f3:98:b1:e5:df:e7:3b:4d:61:52:11:24:9d:28:69:
68:aa:31:ed:3f:83:68:0e:de:7e:2b:45:b5:e8:9d:7b:97:c8:
13:86:60:c4:ec:e9:32:16:f1:7a:ec:b6:b8:e8:42:24:62:bd:
8e:40:38:fc:f5:c8:83:92:de:94:67:39:0f:02:49:58:3c:6c:
7a:3d:a3:4b:f1:a4:19:3c:de:72:ef:c3:b4:0a:a8:a7:c1:4d:
f5:55:6e:e0:10:60:b5:c8:c2:23:14:63:d4:f8:30:54:fb:b4:
dd:6d:80:64:23:58:ef:b9:d7:00:6d:f5:71:23:66:d8:ec:ec:
a2:36:0f:59:33:0c:f0:d1:52:8c:13:ac:21:62:f2:6a:b3:79:
29:99:cb:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEHFmQNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzliMDkzMTExOGYwOGJmNGEzNGIzZTA1MmZkOGY4YTVjMWVjYWIwMB4XDTIyMDEw
MTAzNTQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTBhYzhjZGI3ZDg2
OTE4MmEzNjBhNGE2OWNhNjEzMWE5NDA0MDM1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3PhF1sJ7d6HdAgKzQ/JHvfLxULblSoU+0bmxsdga5M8WCi
Fs2F3ykRtPdmyGh/h/Qlnej1W4kVUT5YbBzS6/EgTaUOm8QnK+INGp1g4YusPi2d
jfaHOfBqf2CEUGs/MWri+4Ljwk3uNuNPVizV/p3RcO9ujC5XtV1PQu8DavHQt5wh
SoD8/Qerywna8oCc31tEyXDtVZBnngV5jS8T5YEKpV45irpsJUJ8XbfX/gRd5IjE
ObwlHUhHTdwsErlQm6/7wYwfj2eTpJgbQTOuFhQzjV26L5cwdm3etqrOpLTsYrmR
qYvxoqRnlvQ5PgwwCm1Qms9zBYOi3EmAzZj6mU8CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSQrIzbfYaRgqNgpKacphMalAQDUDAfBgNVHSMEGDAWgBTsmwkxEY8Iv0o0
s+BS/Y+KXB7KsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdKc0pNUkdQQ0w5S05MUGdVdjJQaWx3ZXlyQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvMDc3NmEyLTVlODktNGUyYy05MzcwLTViMzA0ZWVjMDAyNS8x
L2tLeU0yMzJHa1lLallLU21uS1lUR3BRRUExQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
MDc3NmEyLTVlODktNGUyYy05MzcwLTViMzA0ZWVjMDAyNS8xLzdKc0pNUkdQQ0w5
S05MUGdVdjJQaWx3ZXlyQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAVvCvAMEA7IVmAMEArkfGAMEAMEX
MAMEAMIA+zANBAIAAjAHAwUCKgINzDANBgkqhkiG9w0BAQsFAAOCAQEAqESxDnQa
SA0IniWNhiuv0yZn52jBD8zOKSUAmV27poeqdc8x+Rg5StRY54JM6HKkFkWWLkZK
lkHPkAxjLPHdZ1LiDia1cn0aSOk9i/K33dd1HDK9LDA0w8eVmLDeZ9Fp9KCYLXTl
Jaukrm29I4d885ix5d/nO01hUhEknShpaKox7T+DaA7efitFteide5fIE4ZgxOzp
Mhbxeuy2uOhCJGK9jkA4/PXIg5LelGc5DwJJWDxsej2jS/GkGTzecu/DtAqop8FN
9VVu4BBgtcjCIxRj1PgwVPu03W2AZCNY77nXAG31cSNm2OzsojYPWTMM8NFSjBOs
IWLyarN5KZnLcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:14 2024 by rpki-client on console-fra.rpki-client.org