Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/KtB0pRb0ivLK1VLsCj3ui_nZiBU.roa
File: KtB0pRb0ivLK1VLsCj3ui_nZiBU.roa (raw, json)
Hash identifier: t1fqo/SXnqw3cKkDwTcMGBcEsaUZmANH4vMspDTzRE4=
Subject key identifier: 2A:D0:74:A5:16:F4:8A:F2:CA:D5:52:EC:0A:3D:EE:8B:F9:D9:88:15
Certificate issuer: /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial: A83030
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/KtB0pRb0ivLK1VLsCj3ui_nZiBU.roa
Signing time: Sat 01 Jan 2022 02:59:45 +0000
ROA not before: Sat 01 Jan 2022 02:59:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34884
IP address blocks: 185.38.28.0/22 maxlen: 24
185.95.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11022384 (0xa83030)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
Validity
Not Before: Jan 1 02:59:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ad074a516f48af2cad552ec0a3dee8bf9d98815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:51:4f:0d:e3:11:8b:ae:c1:b3:45:a0:4f:97:
81:93:91:7e:ed:d4:48:a5:ab:8f:1e:4c:fd:14:7a:
bc:be:1a:dc:39:48:94:f4:95:fe:8a:8c:26:91:78:
21:dd:1d:7e:a0:5a:81:5a:6b:9b:92:71:e8:7b:94:
17:85:c4:e7:60:a6:d5:2e:f6:9e:0a:66:7c:8d:9d:
95:f3:ec:90:0d:f4:eb:74:da:3a:ed:6b:0a:7d:3b:
ed:f2:d0:09:25:bd:a1:28:a4:2e:ce:bd:ef:13:41:
cf:e9:5c:84:7d:e4:d5:cc:66:2e:4d:82:a5:40:04:
8a:5d:8c:cd:d6:9c:93:5d:4b:35:20:f4:ed:e3:ff:
e3:9c:65:11:cd:2f:5c:a5:43:aa:5c:69:ab:78:57:
95:8e:9f:70:cd:fe:68:52:af:5f:a1:12:b7:b2:57:
93:23:d5:21:a1:2c:db:54:5f:6c:e6:a4:17:20:f8:
75:8d:1e:04:a8:93:35:91:65:31:fc:74:3d:24:e2:
e7:a3:4e:fd:04:d9:7f:71:6c:55:ce:68:2a:00:ad:
a8:4b:9f:ab:40:4e:b0:c4:1b:62:0a:a5:21:4e:24:
4f:bb:e2:1d:c5:e9:e4:64:1e:d1:95:80:3f:3f:86:
7d:4e:a6:5c:4b:3d:35:aa:07:fe:24:2e:e5:3c:10:
0c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D0:74:A5:16:F4:8A:F2:CA:D5:52:EC:0A:3D:EE:8B:F9:D9:88:15
X509v3 Authority Key Identifier:
keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/KtB0pRb0ivLK1VLsCj3ui_nZiBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.28.0/22
185.95.252.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:02:52:ff:52:a4:2e:e2:b9:5b:91:91:88:5b:3e:bd:01:1b:
14:76:b1:d7:fa:3d:76:11:39:75:03:30:d2:ee:3d:ea:51:8b:
d4:43:bb:85:bc:21:76:95:59:05:25:2d:b3:bc:10:b9:98:bd:
37:01:0c:d2:23:bd:a9:c5:9e:f8:d3:31:4b:c1:99:29:c7:c3:
ff:7d:85:03:2c:eb:dd:f2:9f:c7:af:c7:94:16:36:a0:4e:01:
17:2d:eb:64:5a:8c:26:e3:b3:e9:76:9c:25:ae:e1:82:0f:b3:
95:2b:2d:9c:1e:fa:b5:22:d5:a2:a3:4f:2a:fa:70:f6:ce:6e:
dd:f2:66:11:5b:98:49:61:c0:c9:61:14:9c:f0:45:55:d3:ed:
6f:ae:14:96:d8:99:d7:bd:f6:c7:14:d8:b3:7a:1c:a8:5d:5e:
37:24:6a:ee:8f:ad:69:3d:64:34:6e:0a:94:b7:78:74:51:01:
63:02:a8:0c:a7:36:38:0b:fc:cc:41:ce:99:23:94:35:b7:3c:
14:d6:5f:16:67:82:a1:54:4d:82:19:19:ca:33:e6:c3:e7:c4:
79:b8:56:1d:e6:68:c2:dd:68:59:8b:58:80:78:94:d5:2c:70:
cd:cc:bd:86:ba:28:4a:c1:c1:40:07:75:22:e4:19:c7:26:e2:
69:f9:35:6d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAKgwMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDg0N2Y4MjIxODk3ZDZlOTUyZTg2ZWEyYzMzOWFiYWFjYzEzMWY1MB4XDTIyMDEw
MTAyNTk0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFkMDc0YTUxNmY0
OGFmMmNhZDU1MmVjMGEzZGVlOGJmOWQ5ODgxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPVRTw3jEYuuwbNFoE+XgZORfu3USKWrjx5M/RR6vL4a3DlI
lPSV/oqMJpF4Id0dfqBagVprm5Jx6HuUF4XE52Cm1S72ngpmfI2dlfPskA3063Ta
Ou1rCn077fLQCSW9oSikLs697xNBz+lchH3k1cxmLk2CpUAEil2Mzdack11LNSD0
7eP/45xlEc0vXKVDqlxpq3hXlY6fcM3+aFKvX6ESt7JXkyPVIaEs21RfbOakFyD4
dY0eBKiTNZFlMfx0PSTi56NO/QTZf3FsVc5oKgCtqEufq0BOsMQbYgqlIU4kT7vi
HcXp5GQe0ZWAPz+GfU6mXEs9NaoH/iQu5TwQDCECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQq0HSlFvSK8srVUuwKPe6L+dmIFTAfBgNVHSMEGDAWgBRwhH+CIYl9bpUu
huosM5q6rMEx9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NJUl9naUdKZlc2VkxvYnFMRE9hdXF6Qk1mVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNzA2YzAzLTdkMzUtNDkxMy04YTE4LTZlODc4NGE3YWQwOS8x
L0t0QjBwUmIwaXZMSzFWTHNDajN1aV9uWmlCVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NzA2YzAzLTdkMzUtNDkxMy04YTE4LTZlODc4NGE3YWQwOS8xL2NJUl9naUdKZlc2
VkxvYnFMRE9hdXF6Qk1mVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkmHAMEArlf/DANBgkqhkiG9w0B
AQsFAAOCAQEAoQJS/1KkLuK5W5GRiFs+vQEbFHax1/o9dhE5dQMw0u496lGL1EO7
hbwhdpVZBSUts7wQuZi9NwEM0iO9qcWe+NMxS8GZKcfD/32FAyzr3fKfx6/HlBY2
oE4BFy3rZFqMJuOz6XacJa7hgg+zlSstnB76tSLVoqNPKvpw9s5u3fJmEVuYSWHA
yWEUnPBFVdPtb64UltiZ1732xxTYs3ocqF1eNyRq7o+taT1kNG4KlLd4dFEBYwKo
DKc2OAv8zEHOmSOUNbc8FNZfFmeCoVRNghkZyjPmw+fEebhWHeZowt1oWYtYgHiU
1Sxwzcy9hrooSsHBQAd1IuQZxybiafk1bQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:18 2024 by rpki-client on console-ams.rpki-client.org