Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/KfPVZveFvrOl4j3pbngzTmCXAFY.roa
File: KfPVZveFvrOl4j3pbngzTmCXAFY.roa (raw, json)
Hash identifier: U7nAS3TsYzsRfO/Is9wIpBl7/6dOe3XrHW/KMpV7Adw=
Subject key identifier: 29:F3:D5:66:F7:85:BE:B3:A5:E2:3D:E9:6E:78:33:4E:60:97:00:56
Certificate issuer: /CN=1201cc343074102efa7f0c30f29499e1ad56e29f
Certificate serial: 0184804AE9AE6D2146CCE4899F9579F43CD8
Authority key identifier: 12:01:CC:34:30:74:10:2E:FA:7F:0C:30:F2:94:99:E1:AD:56:E2:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EgHMNDB0EC76fwww8pSZ4a1W4p8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/KfPVZveFvrOl4j3pbngzTmCXAFY.roa
Signing time: Wed 16 Nov 2022 11:55:03 +0000
ROA not before: Wed 16 Nov 2022 11:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42442
IP address blocks: 130.0.77.0/24 maxlen: 24
130.0.72.0/21 maxlen: 32
130.0.73.0/24 maxlen: 24
195.137.170.0/24 maxlen: 32
185.165.16.0/22 maxlen: 22
46.167.160.0/19 maxlen: 24
194.50.164.0/24 maxlen: 32
91.208.160.0/24 maxlen: 24
195.137.170.121/32 maxlen: 32
46.167.169.20/32 maxlen: 32
195.137.170.122/32 maxlen: 32
2a03:9480:302::/48 maxlen: 48
2a03:9480::/32 maxlen: 32
2a03:9480:200::/40 maxlen: 40
2a03:9480:300::/40 maxlen: 40
2a03:9480:301::/48 maxlen: 48
2a00:f660::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:4a:e9:ae:6d:21:46:cc:e4:89:9f:95:79:f4:3c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1201cc343074102efa7f0c30f29499e1ad56e29f
Validity
Not Before: Nov 16 11:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29f3d566f785beb3a5e23de96e78334e60970056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a0:7b:0a:fb:13:77:9f:7e:74:9a:e3:69:93:
3b:b3:a2:86:6d:de:c1:d5:8b:a9:52:7a:7b:1f:27:
56:22:d5:e5:74:a3:0a:42:2d:8f:74:4a:25:07:22:
a4:cb:43:e6:7f:0c:17:55:7a:5a:6c:bd:9a:c3:0a:
31:20:8e:ec:1e:88:92:51:b8:a4:ec:e9:e2:46:49:
05:0f:02:d9:97:d3:93:f2:19:c9:e4:50:42:57:c1:
a8:97:d6:2e:e5:3c:ad:d0:f5:f4:b7:a3:89:a7:67:
fd:de:60:8b:a7:40:83:98:5b:38:c9:48:2c:31:ee:
3f:65:82:36:06:b1:5a:ec:df:ca:ff:5a:41:56:52:
7a:cd:b3:e5:bd:f2:6e:84:ab:41:6d:e7:d5:8b:32:
7d:1b:2b:6a:95:b4:84:f9:9f:c6:f9:c7:ec:cd:a7:
b4:8a:8f:e2:4a:d1:31:25:fd:9f:93:7a:5c:f7:a7:
98:b1:85:53:3d:d8:36:dc:a1:26:b4:bd:a5:90:28:
59:dc:7e:d2:fe:13:e1:9e:ea:b1:80:1f:59:df:3c:
8f:5c:81:bc:df:37:59:61:b8:a3:e8:d6:98:a6:83:
78:65:53:b4:e6:df:3b:bc:b9:d4:ac:8f:41:a3:74:
de:91:90:e2:90:f7:69:93:fb:2f:e7:08:0d:74:10:
0b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F3:D5:66:F7:85:BE:B3:A5:E2:3D:E9:6E:78:33:4E:60:97:00:56
X509v3 Authority Key Identifier:
keyid:12:01:CC:34:30:74:10:2E:FA:7F:0C:30:F2:94:99:E1:AD:56:E2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EgHMNDB0EC76fwww8pSZ4a1W4p8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/KfPVZveFvrOl4j3pbngzTmCXAFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d1628a-33c8-4e47-bfed-99ed6730f84a/1/EgHMNDB0EC76fwww8pSZ4a1W4p8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.160.0/19
91.208.160.0/24
130.0.72.0/21
185.165.16.0/22
194.50.164.0/24
195.137.170.0/24
IPv6:
2a00:f660::/32
2a03:9480::/32
Signature Algorithm: sha256WithRSAEncryption
3c:22:6b:47:45:e7:e7:bd:2e:8a:0e:a9:52:e1:52:ed:18:b3:
a3:44:f1:fe:ca:1f:d3:4f:c5:1c:f3:8d:db:5f:4c:72:f8:d6:
7a:d4:37:5d:67:94:e6:8e:5b:ee:d6:cc:6d:f4:a4:a2:fd:4d:
0a:33:1d:bb:e1:d2:9b:eb:2b:d6:61:9f:f3:f2:cd:e7:30:25:
54:7d:dd:21:83:92:db:6b:7f:e9:78:08:af:2d:80:44:66:ef:
41:a7:a7:8a:b7:3c:b6:8f:19:43:34:a7:c0:5a:bb:c2:c4:c2:
51:bd:cf:ef:e6:4a:16:63:bc:72:c5:e4:ac:10:ea:41:82:43:
c6:a8:63:fd:d5:a9:ac:d4:d7:72:02:59:ba:68:06:a0:9c:73:
40:9b:d1:0f:d2:04:6a:e4:97:5f:2a:d9:66:97:f2:4b:1a:e8:
9b:62:ff:d0:f9:3d:35:65:e8:8d:39:ed:62:c1:89:8b:2b:20:
f7:7b:05:a9:94:84:75:f4:1b:88:7d:46:53:e8:23:c3:4e:26:
48:df:d0:dd:c1:af:b8:1c:ca:07:48:b4:92:94:1b:c9:8e:9e:
ba:cf:c3:ef:fc:25:c2:87:73:57:e1:2e:fd:6d:54:0b:28:f7:
62:23:3e:06:0f:8f:ec:23:f7:c0:40:af:39:6c:9d:f3:35:a4:
13:fa:a7:29
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYSASumubSFGzOSJn5V59DzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMDFjYzM0MzA3NDEwMmVmYTdmMGMzMGYyOTQ5OWUxYWQ1
NmUyOWYwHhcNMjIxMTE2MTE1NTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWYzZDU2NmY3ODViZWIzYTVlMjNkZTk2ZTc4MzM0ZTYwOTcwMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaB7CvsTd59+dJrjaZM7s6KGbd7B
1YupUnp7HydWItXldKMKQi2PdEolByKky0PmfwwXVXpabL2awwoxII7sHoiSUbik
7OniRkkFDwLZl9OT8hnJ5FBCV8Gol9Yu5Tyt0PX0t6OJp2f93mCLp0CDmFs4yUgs
Me4/ZYI2BrFa7N/K/1pBVlJ6zbPlvfJuhKtBbefVizJ9GytqlbSE+Z/G+cfszae0
io/iStExJf2fk3pc96eYsYVTPdg23KEmtL2lkChZ3H7S/hPhnuqxgB9Z3zyPXIG8
3zdZYbij6NaYpoN4ZVO05t87vLnUrI9Bo3TekZDikPdpk/sv5wgNdBALcwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFCnz1Wb3hb6zpeI96W54M05glwBWMB8GA1UdIwQY
MBaAFBIBzDQwdBAu+n8MMPKUmeGtVuKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWdITU5EQjBFQzc2Znd3dzhwU1o0YTFXNHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kMTYyOGEtMzNjOC00ZTQ3LWJmZWQt
OTllZDY3MzBmODRhLzEvS2ZQVlp2ZUZ2ck9sNGozcGJuZ3pUbUNYQUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kMTYyOGEtMzNjOC00ZTQ3LWJmZWQtOTllZDY3MzBmODRh
LzEvRWdITU5EQjBFQzc2Znd3dzhwU1o0YTFXNHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQFLqegAwQA
W9CgAwQDggBIAwQCuaUQAwQAwjKkAwQAw4mqMBQEAgACMA4DBQAqAPZgAwUAKgOU
gDANBgkqhkiG9w0BAQsFAAOCAQEAPCJrR0Xn570uig6pUuFS7Rizo0Tx/sof00/F
HPON219McvjWetQ3XWeU5o5b7tbMbfSkov1NCjMdu+HSm+sr1mGf8/LN5zAlVH3d
IYOS22t/6XgIry2ARGbvQaenirc8to8ZQzSnwFq7wsTCUb3P7+ZKFmO8csXkrBDq
QYJDxqhj/dWprNTXcgJZumgGoJxzQJvRD9IEauSXXyrZZpfySxrom2L/0Pk9NWXo
jTntYsGJiysg93sFqZSEdfQbiH1GU+gjw04mSN/Q3cGvuBzKB0i0kpQbyY6eus/D
7/wlwodzV+Eu/W1UCyj3YiM+Bg+P7CP3wECvOWyd8zWkE/qnKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:02 2024 by rpki-client on console-ams.rpki-client.org