Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/kpgg_946UB_Hu9-Tb2XbmHl-zsM.roa
File: kpgg_946UB_Hu9-Tb2XbmHl-zsM.roa (raw, json)
Hash identifier: eB7C1OgDi5j6WIEsn8VKWV34ejZ7nt1/UW/wVMluoxE=
Subject key identifier: 92:98:20:FF:DE:3A:50:1F:C7:BB:DF:93:6F:65:DB:98:79:7E:CE:C3
Certificate issuer: /CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Certificate serial: 8F31FA
Authority key identifier: 0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/kpgg_946UB_Hu9-Tb2XbmHl-zsM.roa
Signing time: Thu 09 Jun 2022 05:02:05 +0000
ROA not before: Thu 09 Jun 2022 05:02:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209284
IP address blocks: 185.58.189.0/24 maxlen: 24
185.58.190.0/24 maxlen: 24
185.58.191.0/24 maxlen: 24
185.58.188.0/22 maxlen: 22
185.16.104.0/24 maxlen: 24
185.16.104.0/22 maxlen: 22
185.16.106.0/24 maxlen: 24
185.16.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9384442 (0x8f31fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Validity
Not Before: Jun 9 05:02:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=929820ffde3a501fc7bbdf936f65db98797ecec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2e:fe:58:97:4e:07:ad:a8:d5:ab:bc:03:aa:
be:6d:c7:3f:40:77:62:cf:ac:4c:a5:44:06:51:1a:
48:97:81:c5:1a:12:7b:30:22:58:21:89:73:58:38:
b2:c4:5c:e1:df:28:c5:cd:dd:8d:fa:e1:7e:bb:f8:
9c:45:aa:de:d7:4b:8d:bc:84:b1:e5:18:54:09:fb:
c2:7c:b4:9e:2d:0d:fd:d8:60:1c:4b:80:e0:55:10:
6d:b4:ad:a6:38:b7:90:58:ce:96:20:f5:4e:a6:cc:
f0:c1:49:ce:bd:b2:ee:6d:84:6d:04:3a:ce:18:10:
ec:7a:2f:57:4c:f0:e6:c6:63:6b:c8:9c:d8:7a:fb:
86:22:ec:71:44:61:9b:a0:66:d2:3e:9e:8a:60:0d:
72:b7:c6:bf:83:45:6e:cb:95:5c:30:56:9e:34:af:
94:48:eb:59:69:d9:1f:c9:b8:8e:74:a3:a7:89:85:
5a:ae:58:60:ab:25:4b:6d:73:05:cb:f5:b9:f1:c8:
31:5c:94:47:62:90:0c:84:b2:7a:a5:5e:5f:bf:cf:
8d:7c:d6:de:c4:4d:28:55:fa:a6:67:14:77:4a:f9:
c1:ec:d8:88:12:8f:5c:f7:7e:ce:6b:b0:2c:6d:85:
42:69:1f:24:6c:10:e9:fd:88:f2:60:58:17:df:c0:
9c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:98:20:FF:DE:3A:50:1F:C7:BB:DF:93:6F:65:DB:98:79:7E:CE:C3
X509v3 Authority Key Identifier:
keyid:0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/kpgg_946UB_Hu9-Tb2XbmHl-zsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.104.0/22
185.58.188.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:77:85:e8:1f:64:91:88:96:25:f7:da:ad:95:b5:65:39:5b:
be:16:f8:bc:25:0b:98:c2:fe:28:b6:90:07:63:1a:29:0e:37:
73:d5:74:e5:f8:d8:ca:d0:cf:29:4e:56:86:ba:cf:5e:2a:4d:
43:77:70:bb:8a:31:c4:b9:af:3d:96:2d:bc:97:6b:78:c7:26:
2a:fc:a7:28:05:5a:fd:9a:a6:78:2d:06:89:ef:20:73:b6:dc:
92:5e:b2:14:a3:f1:5c:6a:09:9a:ff:93:29:ff:7e:b8:da:53:
86:2f:f3:b7:9f:83:aa:56:09:e7:bc:26:66:34:15:54:f9:af:
79:1e:3c:6f:76:83:96:71:b3:50:ff:d6:fe:39:bf:a4:70:21:
a8:a1:6d:90:bb:f2:cf:f5:3a:98:2b:c7:ad:93:fa:e8:12:75:
5c:b1:6f:0d:c0:46:73:01:13:3b:a6:b7:21:f6:0f:01:87:e6:
cd:2b:23:89:dd:db:5a:0b:64:8f:f1:8d:00:f2:5a:ce:92:68:
90:ab:48:c6:7f:1c:08:e6:69:be:ad:e8:29:a5:30:17:08:a2:
91:0f:3a:e5:65:23:8a:62:86:05:a5:c8:f1:3c:80:ee:e9:d5:
43:cc:96:17:6d:f5:79:21:84:c5:e2:11:fe:ad:62:b6:13:cf:
ba:4a:2d:ae
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAI8x+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZWY4MWQ5ZTg5ZTJjNDcxMzIxZDk2N2Y3MDkyMDk0ZGFkZmUyYWE4MB4XDTIyMDYw
OTA1MDIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTI5ODIwZmZkZTNh
NTAxZmM3YmJkZjkzNmY2NWRiOTg3OTdlY2VjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMu/liXTgetqNWrvAOqvm3HP0B3Ys+sTKVEBlEaSJeBxRoS
ezAiWCGJc1g4ssRc4d8oxc3djfrhfrv4nEWq3tdLjbyEseUYVAn7wny0ni0N/dhg
HEuA4FUQbbStpji3kFjOliD1TqbM8MFJzr2y7m2EbQQ6zhgQ7HovV0zw5sZja8ic
2Hr7hiLscURhm6Bm0j6eimANcrfGv4NFbsuVXDBWnjSvlEjrWWnZH8m4jnSjp4mF
Wq5YYKslS21zBcv1ufHIMVyUR2KQDISyeqVeX7/PjXzW3sRNKFX6pmcUd0r5wezY
iBKPXPd+zmuwLG2FQmkfJGwQ6f2I8mBYF9/AnGMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSSmCD/3jpQH8e735NvZduYeX7OwzAfBgNVHSMEGDAWgBQO+B2eieLEcTId
ln9wkglNrf4qqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0R2Z2Rub25peEhFeUhaWl9jSklKVGEzLUtxZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvNWQxNWE4LTIyYTctNDAxYi04YzVlLTA3NWYyNGU0YmU3MS8x
L2twZ2dfOTQ2VUJfSHU5LVRiMlhibUhsLXpzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
NWQxNWE4LTIyYTctNDAxYi04YzVlLTA3NWYyNGU0YmU3MS8xL0R2Z2Rub25peEhF
eUhaWl9jSklKVGEzLUtxZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkQaAMEArk6vDANBgkqhkiG9w0B
AQsFAAOCAQEAbXeF6B9kkYiWJffarZW1ZTlbvhb4vCULmML+KLaQB2MaKQ43c9V0
5fjYytDPKU5WhrrPXipNQ3dwu4oxxLmvPZYtvJdreMcmKvynKAVa/ZqmeC0Gie8g
c7bckl6yFKPxXGoJmv+TKf9+uNpThi/zt5+DqlYJ57wmZjQVVPmveR48b3aDlnGz
UP/W/jm/pHAhqKFtkLvyz/U6mCvHrZP66BJ1XLFvDcBGcwETO6a3IfYPAYfmzSsj
id3bWgtkj/GNAPJazpJokKtIxn8cCOZpvq3oKaUwFwiikQ865WUjimKGBaXI8TyA
7unVQ8yWF231eSGExeIR/q1ithPPukotrg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:34 2023 by rpki-client on console-fra.rpki-client.org