Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/KnhOHrWpgxtUTRJqh0Q4a__CoTM.roa
File: KnhOHrWpgxtUTRJqh0Q4a__CoTM.roa (raw, json)
Hash identifier: r0+qcfWmp4a0xw+88sgzt0PomBfY6+iSYvVaenZGsmQ=
Subject key identifier: 2A:78:4E:1E:B5:A9:83:1B:54:4D:12:6A:87:44:38:6B:FF:C2:A1:33
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 08803443
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/KnhOHrWpgxtUTRJqh0Q4a__CoTM.roa
Signing time: Tue 21 Jun 2022 17:27:45 +0000
ROA not before: Tue 21 Jun 2022 17:27:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209574
IP address blocks: 86.106.114.0/23 maxlen: 24
89.40.207.0/24 maxlen: 24
188.213.252.0/22 maxlen: 22
188.213.248.0/22 maxlen: 22
188.208.48.0/22 maxlen: 22
89.35.90.0/24 maxlen: 24
91.218.238.0/23 maxlen: 23
91.218.236.0/23 maxlen: 23
188.208.109.0/24 maxlen: 24
86.104.224.0/23 maxlen: 23
86.104.222.0/23 maxlen: 23
86.106.140.0/23 maxlen: 23
188.214.94.0/24 maxlen: 24
93.114.51.0/24 maxlen: 24
93.114.52.0/23 maxlen: 23
93.114.54.0/24 maxlen: 24
89.39.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142619715 (0x8803443)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Jun 21 17:27:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a784e1eb5a9831b544d126a8744386bffc2a133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7a:8e:59:a6:b0:56:9d:a0:68:2a:8d:84:1c:
7a:2d:c8:23:b6:4f:6e:42:47:44:c9:b2:15:66:93:
fc:d5:f8:06:d9:f9:48:c4:34:db:2a:b9:4e:c9:0e:
00:83:68:15:37:a1:b7:73:d9:4e:28:22:09:ef:d5:
ff:b5:ec:f8:4a:8f:29:dd:31:7d:ed:1d:2e:a9:af:
57:f2:a4:90:b9:fc:30:11:cc:ce:2e:3a:f5:80:c8:
da:2a:de:e2:da:e9:f1:86:13:57:55:51:32:66:d7:
19:a1:b8:91:2c:2f:3c:b7:ff:6a:d4:b7:26:94:0d:
bb:46:5f:02:ee:c6:eb:7e:89:8f:a8:47:72:ff:02:
21:a1:00:06:58:39:19:f4:e1:7f:23:bb:6e:c8:4e:
53:5b:57:ed:72:a6:d6:51:be:29:f1:9c:f1:4d:43:
0b:53:c7:00:74:b5:fe:dc:2a:57:61:d7:cf:49:cf:
1e:b6:f7:84:4c:6c:1a:65:d6:f7:ce:1e:e3:7f:9e:
ce:8a:d9:d6:6b:19:46:12:2a:d6:ee:3a:9f:c7:d2:
22:9b:a3:05:a0:ea:e9:d7:86:66:1b:64:52:c7:3a:
63:c8:36:15:4b:ba:9d:e4:63:18:b4:17:ba:10:11:
45:9f:fc:48:f6:7f:87:59:2c:e8:59:fd:16:ec:d4:
8b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:78:4E:1E:B5:A9:83:1B:54:4D:12:6A:87:44:38:6B:FF:C2:A1:33
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/KnhOHrWpgxtUTRJqh0Q4a__CoTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.222.0-86.104.225.255
86.106.114.0/23
86.106.140.0/23
89.35.90.0/24
89.39.69.0/24
89.40.207.0/24
91.218.236.0/22
93.114.51.0-93.114.54.255
188.208.48.0/22
188.208.109.0/24
188.213.248.0/21
188.214.94.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:ab:3f:c9:62:b5:f6:2c:50:e4:a7:87:05:7c:dd:b9:ba:82:
18:1d:4f:06:1b:f3:f6:b1:64:6a:26:0e:f8:e0:d9:79:82:ea:
ec:7f:35:66:06:4a:be:af:59:e8:d6:6c:ec:57:5a:92:76:91:
86:1f:50:1f:29:0d:ba:27:c4:aa:94:8a:be:77:88:07:5c:6b:
ec:a0:0d:45:c1:1c:35:d9:99:8e:ef:6b:1a:d7:01:15:71:01:
84:92:1d:3d:86:3f:57:c3:c9:64:1a:79:6c:14:c6:76:9e:93:
00:d4:de:e5:f3:a4:b7:b6:74:51:8e:08:95:05:1a:7f:86:b2:
bc:96:f8:3f:56:8e:fc:12:05:66:2a:48:dd:7f:5a:81:89:14:
63:46:8b:48:e0:29:b3:98:34:f4:ae:e8:09:68:a4:49:e6:e1:
f2:d9:35:a6:a1:f3:f5:6a:4c:9f:e9:02:91:92:91:f6:c6:4c:
6d:98:be:2b:48:35:1d:a8:58:63:db:0a:6e:df:2e:e0:e5:cf:
83:e5:d5:64:09:3d:6f:18:01:6d:85:c2:89:83:af:f6:8d:ad:
1b:fe:7c:3d:9a:1d:28:0f:fa:c7:a6:bb:98:29:f9:be:a5:22:
2b:79:91:63:ba:7f:5b:74:52:90:10:5e:06:48:fe:68:dc:b4:
97:25:32:cc
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIECIA0QzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGY4MjRkMzJkZjFhNTExM2Q4MjEwMTM0NWQ3ODVhMzhhZGRiZGU1MB4XDTIyMDYy
MTE3Mjc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE3ODRlMWViNWE5
ODMxYjU0NGQxMjZhODc0NDM4NmJmZmMyYTEzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKh6jlmmsFadoGgqjYQcei3II7ZPbkJHRMmyFWaT/NX4Btn5
SMQ02yq5TskOAINoFTeht3PZTigiCe/V/7Xs+EqPKd0xfe0dLqmvV/KkkLn8MBHM
zi469YDI2ire4trp8YYTV1VRMmbXGaG4kSwvPLf/atS3JpQNu0ZfAu7G636Jj6hH
cv8CIaEABlg5GfThfyO7bshOU1tX7XKm1lG+KfGc8U1DC1PHAHS1/twqV2HXz0nP
Hrb3hExsGmXW984e43+ezorZ1msZRhIq1u46n8fSIpujBaDq6deGZhtkUsc6Y8g2
FUu6neRjGLQXuhARRZ/8SPZ/h1ks6Fn9FuzUi0sCAwEAAaOCAlswggJXMB0GA1Ud
DgQWBBQqeE4etamDG1RNEmqHRDhr/8KhMzAfBgNVHSMEGDAWgBSE+CTTLfGlET2C
EBNF14Wjit295TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hQZ2sweTN4cFJFOWdoQVRSZGVGbzRyZHZlVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvOWQ2NWJiLWFiNGYtNDNhYS1iYmE4LTQzNzM5NDkzOGM1Mi8x
L0tuaE9IcldwZ3h0VVRSSnFoMFE0YV9fQ29UTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
OWQ2NWJiLWFiNGYtNDNhYS1iYmE4LTQzNzM5NDkzOGM1Mi8xL2hQZ2sweTN4cFJF
OWdoQVRSZGVGbzRyZHZlVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBx
BggrBgEFBQcBBwEB/wRiMGAwXgQCAAEwWDAMAwQBVmjeAwQBVmjgAwQBVmpyAwQB
VmqMAwQAWSNaAwQAWSdFAwQAWSjPAwQCW9rsMAwDBABdcjMDBABdcjYDBAK80DAD
BAC80G0DBAO81fgDBAC81l4wDQYJKoZIhvcNAQELBQADggEBAEyrP8litfYsUOSn
hwV83bm6ghgdTwYb8/axZGomDvjg2XmC6ux/NWYGSr6vWejWbOxXWpJ2kYYfUB8p
DbonxKqUir53iAdca+ygDUXBHDXZmY7vaxrXARVxAYSSHT2GP1fDyWQaeWwUxnae
kwDU3uXzpLe2dFGOCJUFGn+GsryW+D9WjvwSBWYqSN1/WoGJFGNGi0jgKbOYNPSu
6AlopEnm4fLZNaah8/VqTJ/pApGSkfbGTG2YvitINR2oWGPbCm7fLuDlz4Pl1WQJ
PW8YAW2FwomDr/aNrRv+fD2aHSgP+semu5gp+b6lIit5kWO6f1t0UpAQXgZI/mjc
tJclMsw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:58 2024 by rpki-client on console-ams.rpki-client.org