Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/KIQ6vF--frQjLfj7wPH0P-IymSI.roa
File: KIQ6vF--frQjLfj7wPH0P-IymSI.roa (raw, json)
Hash identifier: LEF2udcX/z7nA6DMv/YQciNnUKE5bjbmkh6Ndv1vGA4=
Subject key identifier: 28:84:3A:BC:5F:BE:7E:B4:23:2D:F8:FB:C0:F1:F4:3F:E2:32:99:22
Certificate issuer: /CN=3664e4462a2902a52f826dae38565731efc5bdd3
Certificate serial: 056F0DE6
Authority key identifier: 36:64:E4:46:2A:29:02:A5:2F:82:6D:AE:38:56:57:31:EF:C5:BD:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NmTkRiopAqUvgm2uOFZXMe_FvdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/KIQ6vF--frQjLfj7wPH0P-IymSI.roa
Signing time: Sat 01 Jan 2022 04:02:48 +0000
ROA not before: Sat 01 Jan 2022 04:02:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199265
IP address blocks: 193.17.14.0/24 maxlen: 25
185.69.196.0/22 maxlen: 23
128.0.37.0/24 maxlen: 25
2001:67c:155c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91164134 (0x56f0de6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3664e4462a2902a52f826dae38565731efc5bdd3
Validity
Not Before: Jan 1 04:02:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28843abc5fbe7eb4232df8fbc0f1f43fe2329922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:35:b6:73:d1:f5:f1:a9:5d:cd:95:35:2a:7a:
c6:ab:68:ef:c8:1e:09:5e:85:d1:87:8a:fe:5f:56:
59:5c:25:ef:ee:0d:fa:95:99:4f:e9:98:39:83:4e:
44:74:c2:9e:32:bd:f2:b0:69:0a:41:f7:52:82:d2:
8f:ed:47:e9:20:f0:93:13:68:d7:60:60:18:99:20:
95:f5:be:a2:04:bf:2a:4b:3d:64:d4:f8:7c:e8:47:
88:a6:29:90:b4:bc:65:e8:21:07:52:58:b2:f4:10:
63:91:bc:93:38:81:dd:de:70:3a:56:c2:6b:91:91:
07:5c:4c:c6:62:bf:d8:49:83:46:96:23:b1:0e:c2:
29:b0:38:b0:45:4f:9a:42:92:34:00:b5:83:00:24:
3b:07:7f:b3:9c:04:b1:ca:3e:14:13:23:0e:5e:0d:
31:46:67:8f:f1:43:b9:eb:7f:af:85:46:3c:4a:eb:
c3:43:24:1b:3f:8e:38:ae:ed:08:7e:1b:fb:f5:42:
fd:a8:59:5c:36:8f:ed:13:70:05:7d:c9:27:b7:48:
30:ce:73:5e:c5:13:b1:ec:db:73:39:1a:3c:db:38:
a3:21:c8:54:1c:a1:b9:3a:6f:e9:da:58:37:b2:24:
1f:9a:6a:3f:32:3f:03:29:48:5f:2b:2b:c2:0e:d3:
4e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:84:3A:BC:5F:BE:7E:B4:23:2D:F8:FB:C0:F1:F4:3F:E2:32:99:22
X509v3 Authority Key Identifier:
keyid:36:64:E4:46:2A:29:02:A5:2F:82:6D:AE:38:56:57:31:EF:C5:BD:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NmTkRiopAqUvgm2uOFZXMe_FvdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/KIQ6vF--frQjLfj7wPH0P-IymSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/NmTkRiopAqUvgm2uOFZXMe_FvdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.37.0/24
185.69.196.0/22
193.17.14.0/24
IPv6:
2001:67c:155c::/48
Signature Algorithm: sha256WithRSAEncryption
aa:02:b6:c5:1b:a5:a6:5f:c4:88:dc:c9:5b:a1:2e:85:16:2d:
f3:09:32:b4:51:e1:4c:57:8b:3e:1c:e1:1e:b0:71:7c:e0:a5:
82:dd:50:1d:f5:b8:dc:ac:53:d6:b2:d2:f6:63:d5:59:9b:12:
de:6d:8f:a5:ae:a7:49:6c:f8:fa:42:a8:8a:6a:b4:47:cb:e8:
89:f3:11:e5:56:9c:08:9b:98:8b:5c:31:35:2b:4e:ac:f5:3f:
ca:51:02:35:7f:01:32:53:11:ba:d6:dc:6b:b1:80:37:97:b3:
9e:09:6d:56:2c:c0:7c:53:cf:76:d5:60:ad:c8:ae:23:71:04:
f0:1b:f3:29:e2:85:73:51:f8:e3:a9:76:6f:82:15:72:8a:f8:
0d:05:c8:da:5d:50:77:f6:81:fa:6c:d2:61:b0:50:ed:a1:a8:
d2:d9:b7:9e:51:d3:51:f4:8b:39:42:cd:3a:a6:d0:aa:e8:88:
f2:3f:5e:ba:4e:03:e7:0a:1b:a9:25:d5:9a:5b:b1:51:84:75:
6e:4c:4d:d8:28:a6:55:3c:4c:db:63:5b:ef:16:c4:cb:54:84:
6e:9c:a8:1a:d9:e7:f0:36:9b:ff:15:8d:c7:e5:d7:c4:6c:99:
03:2d:fc:64:13:fa:b6:6c:cc:50:61:96:e4:87:13:00:b8:3f:
46:15:b0:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEBW8N5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjY0ZTQ0NjJhMjkwMmE1MmY4MjZkYWUzODU2NTczMWVmYzViZGQzMB4XDTIyMDEw
MTA0MDI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjg4NDNhYmM1ZmJl
N2ViNDIzMmRmOGZiYzBmMWY0M2ZlMjMyOTkyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALw1tnPR9fGpXc2VNSp6xqto78geCV6F0YeK/l9WWVwl7+4N
+pWZT+mYOYNORHTCnjK98rBpCkH3UoLSj+1H6SDwkxNo12BgGJkglfW+ogS/Kks9
ZNT4fOhHiKYpkLS8ZeghB1JYsvQQY5G8kziB3d5wOlbCa5GRB1xMxmK/2EmDRpYj
sQ7CKbA4sEVPmkKSNAC1gwAkOwd/s5wEsco+FBMjDl4NMUZnj/FDuet/r4VGPErr
w0MkGz+OOK7tCH4b+/VC/ahZXDaP7RNwBX3JJ7dIMM5zXsUTsezbczkaPNs4oyHI
VByhuTpv6dpYN7IkH5pqPzI/AylIXysrwg7TThECAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQohDq8X75+tCMt+PvA8fQ/4jKZIjAfBgNVHSMEGDAWgBQ2ZORGKikCpS+C
ba44Vlcx78W90zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05tVGtSaW9wQXFVdmdtMnVPRlpYTWVfRnZkTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvYmEwMDg1LTMwNjAtNGM5Ni05MGRhLWE0NWIxYTRhY2U1Ni8x
L0tJUTZ2Ri0tZnJRakxmajd3UEgwUC1JeW1TSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
YmEwMDg1LTMwNjAtNGM5Ni05MGRhLWE0NWIxYTRhY2U1Ni8xL05tVGtSaW9wQXFV
dmdtMnVPRlpYTWVfRnZkTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAIAAJQMEArlFxAMEAMERDjAPBAIA
AjAJAwcAIAEGfBVcMA0GCSqGSIb3DQEBCwUAA4IBAQCqArbFG6WmX8SI3MlboS6F
Fi3zCTK0UeFMV4s+HOEesHF84KWC3VAd9bjcrFPWstL2Y9VZmxLebY+lrqdJbPj6
QqiKarRHy+iJ8xHlVpwIm5iLXDE1K06s9T/KUQI1fwEyUxG61txrsYA3l7OeCW1W
LMB8U8921WCtyK4jcQTwG/Mp4oVzUfjjqXZvghVyivgNBcjaXVB39oH6bNJhsFDt
oajS2beeUdNR9Is5Qs06ptCq6IjyP166TgPnChupJdWaW7FRhHVuTE3YKKZVPEzb
Y1vvFsTLVIRunKga2efwNpv/FY3H5dfEbJkDLfxkE/q2bMxQYZbkhxMAuD9GFbB4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:49 2024 by rpki-client on console-fra.rpki-client.org