Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/KXTmCfVKlvSBQ26PBPJ5KRHYKI8.roa
File: KXTmCfVKlvSBQ26PBPJ5KRHYKI8.roa (raw, json)
Hash identifier: 2shzDEX5CI6OR9feTCzYHDxInuopEpSxpRDTh/yqLUE=
Subject key identifier: 29:74:E6:09:F5:4A:96:F4:81:43:6E:8F:04:F2:79:29:11:D8:28:8F
Certificate issuer: /CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Certificate serial: 08737F2B
Authority key identifier: 2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/KXTmCfVKlvSBQ26PBPJ5KRHYKI8.roa
Signing time: Sun 17 Apr 2022 15:43:18 +0000
ROA not before: Sun 17 Apr 2022 15:43:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35732
IP address blocks: 91.188.209.0/24 maxlen: 24
91.188.209.224/27 maxlen: 27
91.188.210.0/24 maxlen: 24
91.188.211.0/24 maxlen: 24
91.188.208.0/24 maxlen: 24
2a0f:b1c2:1::/48 maxlen: 48
2a0f:b1c2:3::/48 maxlen: 48
2a0f:b1c1::/32 maxlen: 32
2a0f:b1c2::/48 maxlen: 48
2a0f:b1c0::/32 maxlen: 32
2a0f:b1c2:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141786923 (0x8737f2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bc8695772f0e64f3b9a1621733cc02506f74702
Validity
Not Before: Apr 17 15:43:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2974e609f54a96f481436e8f04f2792911d8288f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:93:a0:57:8e:8d:d3:10:0f:4a:43:3e:25:19:
ed:77:13:10:37:0a:6c:92:dc:0c:91:c0:ff:fa:a6:
f6:92:29:19:32:01:88:6e:8b:db:4b:aa:6b:80:9f:
2b:60:02:62:25:65:34:b4:8a:07:e1:ad:d1:2b:12:
d9:d2:1e:c5:e2:d7:ad:64:c4:bf:dd:9f:98:7f:14:
d7:da:6c:fe:30:dc:11:e8:aa:e9:19:5a:cf:3b:30:
17:06:79:d7:13:51:5a:35:05:b2:f0:c0:ea:3d:d0:
69:3b:89:b3:b7:6c:b5:c9:d7:d7:76:fd:b2:a9:8e:
60:9a:bd:b7:37:6e:37:cb:88:c7:c0:7d:fd:4c:34:
86:cb:cb:ba:96:ee:34:25:14:05:e5:74:ea:c4:40:
5c:1b:28:ff:df:47:a8:80:56:cd:0f:33:99:40:f0:
68:53:47:bb:cb:ec:83:4b:fb:db:9a:53:e2:e0:92:
56:e1:a3:e5:8c:83:ad:16:81:af:34:c4:7b:ad:62:
cf:2a:7f:69:2b:77:72:67:3c:d5:8c:a0:0a:95:7e:
0e:af:12:76:02:fd:fc:df:54:d5:57:66:a4:db:69:
77:51:e3:1c:42:1e:01:c2:83:0a:e7:4b:a5:e5:47:
be:c5:56:a0:4b:b8:b0:dc:ed:ab:aa:37:31:b5:06:
36:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:74:E6:09:F5:4A:96:F4:81:43:6E:8F:04:F2:79:29:11:D8:28:8F
X509v3 Authority Key Identifier:
keyid:2B:C8:69:57:72:F0:E6:4F:3B:9A:16:21:73:3C:C0:25:06:F7:47:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K8hpV3Lw5k87mhYhczzAJQb3RwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/KXTmCfVKlvSBQ26PBPJ5KRHYKI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/cbfa9b-0291-48e3-805c-43d66a0331ec/1/K8hpV3Lw5k87mhYhczzAJQb3RwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.208.0/22
IPv6:
2a0f:b1c0::-2a0f:b1c2:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:12:40:58:99:e6:ee:13:27:d5:cb:e6:ca:dd:41:79:b2:e4:
80:c1:00:0e:f1:78:65:48:6c:31:4a:eb:e3:eb:44:f9:52:18:
f3:f4:84:15:5f:70:84:71:8e:75:f8:33:5d:6f:17:b2:2e:72:
78:0d:56:b9:bc:e8:e5:05:9d:86:e6:31:be:10:c0:8a:70:8c:
8f:4b:d9:e7:2a:42:19:f4:d6:0b:57:9c:df:2a:8e:15:a5:48:
f2:4b:ba:e4:51:4f:ac:8a:a4:23:e3:d4:10:67:38:95:da:be:
d5:9a:9a:e1:37:26:07:97:17:f9:3e:95:b0:91:26:06:f8:4f:
dd:08:ac:b1:da:98:77:db:ba:8e:a2:8e:85:87:a1:51:c9:37:
4f:f3:62:42:d7:b9:2e:a0:9f:0d:9b:8d:f1:be:13:9a:67:bf:
9d:f2:72:54:e1:f6:b7:55:50:54:73:3e:74:c9:ee:61:4d:c2:
ca:1e:ff:59:ac:d3:8f:40:ab:81:c4:07:6b:71:cc:24:b5:f6:
8b:24:db:d5:9d:8b:e9:b7:ef:b7:74:e8:64:79:eb:b2:14:3e:
76:ec:a3:23:95:b0:ce:70:c6:4f:54:85:77:6f:5e:2c:81:e6:
08:57:cc:a6:e4:cc:d1:36:de:06:f2:63:3a:9a:eb:e7:1d:84:
3f:93:6e:22
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIECHN/KzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YmM4Njk1NzcyZjBlNjRmM2I5YTE2MjE3MzNjYzAyNTA2Zjc0NzAyMB4XDTIyMDQx
NzE1NDMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk3NGU2MDlmNTRh
OTZmNDgxNDM2ZThmMDRmMjc5MjkxMWQ4Mjg4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeToFeOjdMQD0pDPiUZ7XcTEDcKbJLcDJHA//qm9pIpGTIB
iG6L20uqa4CfK2ACYiVlNLSKB+Gt0SsS2dIexeLXrWTEv92fmH8U19ps/jDcEeiq
6RlazzswFwZ51xNRWjUFsvDA6j3QaTuJs7dstcnX13b9sqmOYJq9tzduN8uIx8B9
/Uw0hsvLupbuNCUUBeV06sRAXBso/99HqIBWzQ8zmUDwaFNHu8vsg0v725pT4uCS
VuGj5YyDrRaBrzTEe61izyp/aSt3cmc81YygCpV+Dq8SdgL9/N9U1VdmpNtpd1Hj
HEIeAcKDCudLpeVHvsVWoEu4sNztq6o3MbUGNuMCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQpdOYJ9UqW9IFDbo8E8nkpEdgojzAfBgNVHSMEGDAWgBQryGlXcvDmTzua
FiFzPMAlBvdHAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0s4aHBWM0x3NWs4N21oWWhjenpBSlFiM1J3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvY2JmYTliLTAyOTEtNDhlMy04MDVjLTQzZDY2YTAzMzFlYy8x
L0tYVG1DZlZLbHZTQlEyNlBCUEo1S1JIWUtJOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
Y2JmYTliLTAyOTEtNDhlMy04MDVjLTQzZDY2YTAzMzFlYy8xL0s4aHBWM0x3NWs4
N21oWWhjenpBSlFiM1J3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAlu80DAYBAIAAjASMBADBQYqD7HA
AwcCKg+xwgAAMA0GCSqGSIb3DQEBCwUAA4IBAQBiEkBYmebuEyfVy+bK3UF5suSA
wQAO8XhlSGwxSuvj60T5Uhjz9IQVX3CEcY51+DNdbxeyLnJ4DVa5vOjlBZ2G5jG+
EMCKcIyPS9nnKkIZ9NYLV5zfKo4VpUjyS7rkUU+siqQj49QQZziV2r7VmprhNyYH
lxf5PpWwkSYG+E/dCKyx2ph327qOoo6Fh6FRyTdP82JC17kuoJ8Nm43xvhOaZ7+d
8nJU4fa3VVBUcz50ye5hTcLKHv9ZrNOPQKuBxAdrccwktfaLJNvVnYvpt++3dOhk
eeuyFD527KMjlbDOcMZPVIV3b14sgeYIV8ym5MzRNt4G8mM6muvnHYQ/k24i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:01 2024 by rpki-client on console-fra.rpki-client.org