Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/Kkdahh-1w6dTCgQJh1VfmFil7iY.roa
File: Kkdahh-1w6dTCgQJh1VfmFil7iY.roa (raw, json)
Hash identifier: V4Jm16mXlV8MDTFfJ2SqfWObMEI2svoK9P5Jx6+V/10=
Subject key identifier: 2A:47:5A:86:1F:B5:C3:A7:53:0A:04:09:87:55:5F:98:58:A5:EE:26
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 09A1E168
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/Kkdahh-1w6dTCgQJh1VfmFil7iY.roa
Signing time: Sat 01 Jan 2022 01:51:58 +0000
ROA not before: Sat 01 Jan 2022 01:51:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 85.153.127.0/24 maxlen: 24
85.153.56.0/24 maxlen: 24
85.153.57.0/24 maxlen: 24
85.153.100.0/24 maxlen: 24
85.153.101.0/24 maxlen: 24
85.153.102.0/24 maxlen: 24
85.153.103.0/24 maxlen: 24
85.153.6.0/24 maxlen: 24
85.153.7.0/24 maxlen: 24
85.153.8.0/24 maxlen: 24
85.153.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161603944 (0x9a1e168)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Jan 1 01:51:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a475a861fb5c3a7530a040987555f9858a5ee26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:67:41:db:a5:31:10:80:92:15:e2:77:1c:9b:
21:f1:4f:d3:b5:a3:b9:f3:8c:e2:08:1c:7e:9b:d3:
c1:2d:fb:92:f8:10:e9:0f:0c:0b:58:94:b7:93:ed:
a3:46:94:0c:a1:b7:91:1a:3d:9c:ba:d2:5e:20:e4:
71:ef:e7:78:0e:d5:4e:30:d8:6d:15:05:5e:ad:ac:
aa:35:27:e0:60:3c:73:91:8a:b7:4b:ef:62:95:88:
c7:39:0a:16:fa:12:dd:ff:75:71:11:fc:e8:a3:76:
e0:54:af:4d:5f:21:ef:4c:20:fb:8c:7a:83:ed:b7:
cd:d2:ba:f0:49:07:95:f2:04:2b:28:29:d4:5f:9c:
1b:c8:7e:73:cd:1f:b0:d7:68:cb:90:47:d5:3e:da:
96:24:17:4e:d0:ae:4b:96:00:f1:1f:7b:54:f0:0a:
f5:86:db:4b:5e:6c:d3:92:ca:65:f6:92:6e:a4:a2:
af:f0:f6:45:00:c8:ed:9e:2e:3f:85:7c:2c:49:06:
d4:9a:7b:6c:67:02:38:a6:45:b1:34:9c:dd:41:e1:
1c:1f:38:1e:bc:b9:df:b9:2d:69:5d:f9:82:71:26:
09:2b:99:24:f1:af:6e:ed:90:6f:e1:9d:c8:2a:ab:
0a:16:23:ba:8d:e3:69:0c:83:76:15:ae:fb:a5:a3:
11:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:47:5A:86:1F:B5:C3:A7:53:0A:04:09:87:55:5F:98:58:A5:EE:26
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/Kkdahh-1w6dTCgQJh1VfmFil7iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.6.0-85.153.9.255
85.153.56.0/23
85.153.100.0/22
85.153.127.0/24
Signature Algorithm: sha256WithRSAEncryption
05:26:a8:ee:37:02:fe:36:21:47:cc:1a:d3:b0:b8:5b:14:be:
b4:a7:a5:a1:bf:e9:6b:07:9b:0e:da:85:0b:36:7d:72:92:6b:
c0:de:67:41:bb:ca:a5:88:74:71:01:9e:15:d9:76:96:21:31:
12:58:a1:ad:ea:57:d2:f1:45:96:fd:f6:24:45:b0:66:1d:3b:
ba:94:2a:31:ac:05:24:e0:09:2b:b7:db:05:e6:b8:06:ed:35:
55:05:65:40:aa:18:10:cc:f2:1a:27:09:bb:85:ca:82:42:2f:
6f:3d:60:43:4c:0e:4d:e4:42:8a:6f:0b:fb:ed:89:3a:70:ae:
75:5c:fc:bd:4c:b2:a3:5c:15:e7:a1:3a:49:87:99:d8:0b:98:
6f:ac:97:24:e8:28:4b:8c:bb:16:ec:52:c2:87:fd:97:b4:b0:
83:6c:96:34:10:88:a5:2f:0e:d2:e0:a0:45:83:ff:4f:31:73:
2d:4f:71:94:46:55:e7:0f:4b:0a:5b:28:d3:78:b2:d4:19:df:
85:61:80:4a:28:49:8f:c7:b7:79:bf:ab:89:bc:df:38:38:0e:
ae:cc:e5:76:d8:a3:5c:ea:ba:3d:10:69:ca:6f:a6:f5:02:6a:
60:8b:5c:34:41:49:2d:72:31:49:dc:a6:1e:9d:a8:54:c9:cd:
d8:61:42:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIECaHhaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MWExODVkMGViMGNhNzgxMWM1ODY0MjVkZTBlOTYwZTFjZmViNjFiMB4XDTIyMDEw
MTAxNTE1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE0NzVhODYxZmI1
YzNhNzUzMGEwNDA5ODc1NTVmOTg1OGE1ZWUyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMlnQdulMRCAkhXidxybIfFP07WjufOM4ggcfpvTwS37kvgQ
6Q8MC1iUt5Pto0aUDKG3kRo9nLrSXiDkce/neA7VTjDYbRUFXq2sqjUn4GA8c5GK
t0vvYpWIxzkKFvoS3f91cRH86KN24FSvTV8h70wg+4x6g+23zdK68EkHlfIEKygp
1F+cG8h+c80fsNdoy5BH1T7aliQXTtCuS5YA8R97VPAK9YbbS15s05LKZfaSbqSi
r/D2RQDI7Z4uP4V8LEkG1Jp7bGcCOKZFsTSc3UHhHB84Hry537ktaV35gnEmCSuZ
JPGvbu2Qb+GdyCqrChYjuo3jaQyDdhWu+6WjEX0CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQqR1qGH7XDp1MKBAmHVV+YWKXuJjAfBgNVHSMEGDAWgBQxoYXQ6wyngRxY
ZCXeDpYOHP62GzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01hR0YwT3NNcDRFY1dHUWwzZzZXRGh6LXRocy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvMDgxYzZlLTFkNjUtNGNjZC05NmY1LTFkY2M4NmMxMWU3NC8x
L0trZGFoaC0xdzZkVENnUUpoMVZmbUZpbDdpWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
MDgxYzZlLTFkNjUtNGNjZC05NmY1LTFkY2M4NmMxMWU3NC8xL01hR0YwT3NNcDRF
Y1dHUWwzZzZXRGh6LXRocy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQBVZkGAwQBVZkIAwQBVZk4AwQC
VZlkAwQAVZl/MA0GCSqGSIb3DQEBCwUAA4IBAQAFJqjuNwL+NiFHzBrTsLhbFL60
p6Whv+lrB5sO2oULNn1ykmvA3mdBu8qliHRxAZ4V2XaWITESWKGt6lfS8UWW/fYk
RbBmHTu6lCoxrAUk4Akrt9sF5rgG7TVVBWVAqhgQzPIaJwm7hcqCQi9vPWBDTA5N
5EKKbwv77Yk6cK51XPy9TLKjXBXnoTpJh5nYC5hvrJck6ChLjLsW7FLCh/2XtLCD
bJY0EIilLw7S4KBFg/9PMXMtT3GURlXnD0sKWyjTeLLUGd+FYYBKKEmPx7d5v6uJ
vN84OA6uzOV22KNc6ro9EGnKb6b1Ampgi1w0QUktcjFJ3KYenahUyc3YYUIM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:40 2024 by rpki-client on console-ams.rpki-client.org