Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/K5bqgeqYvGfrEFHDLKSO-g5SXII.roa
File: K5bqgeqYvGfrEFHDLKSO-g5SXII.roa (raw, json)
Hash identifier: VTQ9JHADLYZZj2mkTDMqUv6m/Zrne5pya01yNEUL9us=
Subject key identifier: 2B:96:EA:81:EA:98:BC:67:EB:10:51:C3:2C:A4:8E:FA:0E:52:5C:82
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01828C461E5912CF60E3E27A53DD3DBE0DDA
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/K5bqgeqYvGfrEFHDLKSO-g5SXII.roa
Signing time: Thu 11 Aug 2022 09:39:41 +0000
ROA not before: Thu 11 Aug 2022 09:39:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210000
IP address blocks: 176.119.223.0/24 maxlen: 24
194.156.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8c:46:1e:59:12:cf:60:e3:e2:7a:53:dd:3d:be:0d:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Aug 11 09:39:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b96ea81ea98bc67eb1051c32ca48efa0e525c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0c:a5:44:24:e3:b2:8b:3c:b9:ea:33:29:fa:
a8:8f:73:5c:0d:3c:15:b7:09:be:76:9f:86:f5:5e:
6c:b3:b0:06:36:11:2d:9c:97:4f:39:88:01:05:ba:
f7:0f:46:b6:5a:b8:ad:44:79:42:ee:32:31:83:64:
5a:33:23:b3:81:97:d9:90:c1:89:94:f6:d4:2d:30:
78:7b:63:6a:34:04:11:45:b5:d9:d4:91:84:91:e0:
e3:0a:b9:b6:ec:15:ec:32:6e:2f:ae:30:2f:2d:3c:
ff:6f:42:9f:e7:42:e2:63:8d:41:8b:4e:f7:b7:01:
49:3d:d7:11:7f:12:50:f5:1f:e8:8b:38:2d:af:0b:
79:d9:6b:dd:6c:e8:4e:81:10:cd:4d:9c:19:bd:c3:
62:00:68:8e:99:39:8a:6a:08:7b:5f:a6:c5:dc:d7:
a2:6f:3f:f7:a3:3f:76:2f:1f:48:f9:4b:50:bf:e0:
06:b6:8f:af:21:95:06:87:8f:fc:8c:c5:c2:01:d2:
9d:14:75:dd:0d:89:09:f5:77:56:34:e6:93:01:16:
98:0f:ca:5f:29:2e:62:3d:5d:e4:e1:ed:d9:22:97:
e0:7c:0d:0d:49:0a:50:0c:64:de:3f:84:79:4b:52:
8e:2b:87:e3:1f:26:97:03:97:da:ac:95:93:da:d6:
3a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:96:EA:81:EA:98:BC:67:EB:10:51:C3:2C:A4:8E:FA:0E:52:5C:82
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/K5bqgeqYvGfrEFHDLKSO-g5SXII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.223.0/24
194.156.188.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:f8:c0:84:8b:88:5a:c9:31:94:97:a0:67:40:68:a4:b4:bf:
d1:f4:94:e3:c6:a8:85:e2:56:8a:15:63:d4:31:19:cb:27:10:
05:b1:60:c0:00:a1:a1:f7:ab:07:59:3c:de:78:f3:5c:5e:a9:
fd:47:48:2e:0e:2e:bb:c3:7f:db:b0:d0:99:23:b1:ff:f8:69:
fc:96:0d:ab:92:f7:dd:b3:65:1a:c7:93:92:7a:1b:2b:9a:fb:
a4:ac:30:ed:8d:b3:a2:61:5b:6f:bc:f4:31:c9:7e:4e:03:99:
fe:a7:ab:0e:de:42:00:d6:0d:83:ff:e9:00:a1:10:77:38:4b:
5e:70:e2:a1:f5:79:18:38:ba:3c:bf:53:ab:bb:61:0f:57:0a:
28:de:93:0c:7b:da:b4:99:7f:e6:f1:6f:fd:69:65:71:ec:2a:
eb:22:09:62:5b:67:8f:ee:66:2e:d0:bb:a5:8e:7b:09:26:a1:
1e:89:ce:89:19:29:f3:7c:d5:6b:c8:98:70:d6:10:8d:5a:48:
30:0d:f2:f1:17:55:de:38:11:39:ee:d5:0c:52:25:6d:16:42:
7d:5d:38:d9:0b:3e:76:6b:53:c0:f4:e9:2a:f3:21:e3:23:24:
1a:9d:69:80:fa:d5:76:4f:b5:e8:b7:84:2f:42:f2:87:e6:f7:
3c:27:8c:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKMRh5ZEs9g4+J6U909vg3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjIwODExMDkzOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjk2ZWE4MWVhOThiYzY3ZWIxMDUxYzMyY2E0OGVmYTBlNTI1YzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAylRCTjsos8ueozKfqoj3NcDTwV
twm+dp+G9V5ss7AGNhEtnJdPOYgBBbr3D0a2WritRHlC7jIxg2RaMyOzgZfZkMGJ
lPbULTB4e2NqNAQRRbXZ1JGEkeDjCrm27BXsMm4vrjAvLTz/b0Kf50LiY41Bi073
twFJPdcRfxJQ9R/oizgtrwt52WvdbOhOgRDNTZwZvcNiAGiOmTmKagh7X6bF3Nei
bz/3oz92Lx9I+UtQv+AGto+vIZUGh4/8jMXCAdKdFHXdDYkJ9XdWNOaTARaYD8pf
KS5iPV3k4e3ZIpfgfA0NSQpQDGTeP4R5S1KOK4fjHyaXA5farJWT2tY60QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCuW6oHqmLxn6xBRwyykjvoOUlyCMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvSzVicWdlcVl2R2ZyRUZIRExLU08tZzVTWElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsHffAwQA
wpy8MA0GCSqGSIb3DQEBCwUAA4IBAQAb+MCEi4hayTGUl6BnQGiktL/R9JTjxqiF
4laKFWPUMRnLJxAFsWDAAKGh96sHWTzeePNcXqn9R0guDi67w3/bsNCZI7H/+Gn8
lg2rkvfds2Uax5OSehsrmvukrDDtjbOiYVtvvPQxyX5OA5n+p6sO3kIA1g2D/+kA
oRB3OEtecOKh9XkYOLo8v1Oru2EPVwoo3pMMe9q0mX/m8W/9aWVx7CrrIgliW2eP
7mYu0LuljnsJJqEeic6JGSnzfNVryJhw1hCNWkgwDfLxF1XeOBE57tUMUiVtFkJ9
XTjZCz52a1PA9Okq8yHjIyQanWmA+tV2T7Xot4QvQvKH5vc8J4y7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:46 2023 by rpki-client on console-fra.rpki-client.org