Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/43-KRZatDN_9g53n0LL7rURL29k.roa
File: 43-KRZatDN_9g53n0LL7rURL29k.roa (raw, json)
Hash identifier: vG4oIdrM9qvdU+1Zys5nCD/HHtJl/6a+kZLTQO2p1II=
Subject key identifier: E3:7F:8A:45:96:AD:0C:DF:FD:83:9D:E7:D0:B2:FB:AD:44:4B:DB:D9
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 3666C827
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/43-KRZatDN_9g53n0LL7rURL29k.roa
Signing time: Sat 01 Jan 2022 13:57:26 +0000
ROA not before: Sat 01 Jan 2022 13:57:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61412
IP address blocks: 93.119.104.0/24 maxlen: 24
93.119.105.0/24 maxlen: 24
93.119.107.0/24 maxlen: 24
188.240.210.0/24 maxlen: 24
188.240.221.0/24 maxlen: 24
89.33.192.0/22 maxlen: 22
89.33.192.0/24 maxlen: 24
89.33.193.0/24 maxlen: 24
89.33.194.0/24 maxlen: 24
89.33.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 912705575 (0x3666c827)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 13:57:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e37f8a4596ad0cdffd839de7d0b2fbad444bdbd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5e:97:7b:03:c5:58:12:65:16:74:f5:ec:fe:
c3:eb:2d:09:b5:01:aa:c6:cf:77:0b:70:cd:cb:44:
a1:84:17:25:34:20:dc:5c:2b:15:4a:8f:22:1d:79:
fe:4d:62:8f:af:b1:2a:dc:c9:a9:96:ae:34:87:a4:
c8:d3:89:48:37:83:2d:40:b5:60:c0:45:73:91:99:
42:ba:06:ac:1e:d3:96:eb:74:66:cd:5e:cc:3d:18:
d3:fa:7e:9b:11:d3:e5:99:0b:cc:a4:ad:09:0a:54:
1d:7a:12:43:f0:7b:4d:63:47:1b:59:8f:e4:e8:d8:
4e:20:3d:72:bf:5d:e9:15:e2:28:3f:8e:c0:a2:c1:
c4:7a:05:7a:56:5c:11:f5:1d:62:63:2e:cf:9f:c3:
a5:19:d8:60:b0:ba:40:87:e8:20:7e:2b:67:37:29:
14:5c:ef:06:95:51:4e:a6:30:a7:46:97:de:6c:14:
74:21:b2:b4:9e:68:2d:0b:e7:3a:64:46:7e:76:7d:
31:ba:3b:f4:38:b8:29:40:c6:6e:fb:fd:f8:86:9c:
57:56:90:bf:ad:86:68:6c:4a:f3:ba:ba:6c:6a:04:
05:43:83:b3:17:fc:2c:5b:6d:9f:21:bf:f1:a2:c6:
88:c1:cc:a6:b1:ec:48:dd:b1:63:83:e1:b9:a2:0a:
65:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:7F:8A:45:96:AD:0C:DF:FD:83:9D:E7:D0:B2:FB:AD:44:4B:DB:D9
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/43-KRZatDN_9g53n0LL7rURL29k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.192.0/22
93.119.104.0/23
93.119.107.0/24
188.240.210.0/24
188.240.221.0/24
Signature Algorithm: sha256WithRSAEncryption
48:47:e8:03:5d:78:5b:a6:7e:de:13:2a:71:af:de:2c:94:7a:
3a:94:3c:31:7a:c6:58:88:fd:55:bd:24:ed:27:25:9f:5e:04:
99:1c:db:31:bb:e1:32:0e:ac:56:c2:d4:59:ef:64:8f:32:7a:
b2:23:26:fc:46:d9:0b:94:1b:6b:ed:86:34:60:1a:56:1b:25:
a0:85:fe:07:bc:77:3c:9f:6e:b1:8b:35:58:7a:67:68:4f:9c:
bd:d8:76:f5:a8:59:f5:0f:5a:d9:07:49:ad:38:81:36:c0:44:
52:79:05:36:47:65:cb:4a:0e:92:4d:63:af:d2:d8:fa:95:36:
e8:f1:51:5d:0d:c3:b0:46:a7:ec:de:bb:eb:0a:e3:c4:fb:18:
22:f1:36:b3:33:71:4b:ca:76:87:38:85:00:e6:15:47:7c:b5:
db:ed:af:74:fd:f8:13:e3:7d:41:35:a1:c4:56:d5:91:b6:ab:
d2:c0:7f:c4:f3:5f:52:80:11:a7:66:59:8c:fd:8f:f8:04:4f:
ce:40:3c:1d:46:29:20:20:a2:34:ba:a5:08:18:da:cb:44:da:
ff:79:15:67:8d:65:df:72:69:7b:8f:99:3f:fc:85:f1:07:30:
d6:1e:69:66:0e:5b:77:d1:74:6e:35:9e:87:22:6d:06:6e:7c:
45:5b:f0:2a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIENmbIJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MWQ0NmUwZTNlOGNhYWFlZDRhNTI5YmQ3ZDczMDhiZDFlZjAxYzFkMB4XDTIyMDEw
MTEzNTcyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM3ZjhhNDU5NmFk
MGNkZmZkODM5ZGU3ZDBiMmZiYWQ0NDRiZGJkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpel3sDxVgSZRZ09ez+w+stCbUBqsbPdwtwzctEoYQXJTQg
3FwrFUqPIh15/k1ij6+xKtzJqZauNIekyNOJSDeDLUC1YMBFc5GZQroGrB7Tlut0
Zs1ezD0Y0/p+mxHT5ZkLzKStCQpUHXoSQ/B7TWNHG1mP5OjYTiA9cr9d6RXiKD+O
wKLBxHoFelZcEfUdYmMuz5/DpRnYYLC6QIfoIH4rZzcpFFzvBpVRTqYwp0aX3mwU
dCGytJ5oLQvnOmRGfnZ9Mbo79Di4KUDGbvv9+IacV1aQv62GaGxK87q6bGoEBUOD
sxf8LFttnyG/8aLGiMHMprHsSN2xY4PhuaIKZVMCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTjf4pFlq0M3/2DnefQsvutREvb2TAfBgNVHSMEGDAWgBTx1G4OPoyqrtSl
Kb19cwi9HvAcHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8x
LzQzLUtSWmF0RE5fOWc1M24wTEw3clVSTDI5ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
ODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8xLzhkUnVEajZNcXE3
VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAlkhwAMEAV13aAMEAF13awMEALzw
0gMEALzw3TANBgkqhkiG9w0BAQsFAAOCAQEASEfoA114W6Z+3hMqca/eLJR6OpQ8
MXrGWIj9Vb0k7Scln14EmRzbMbvhMg6sVsLUWe9kjzJ6siMm/EbZC5Qba+2GNGAa
VhsloIX+B7x3PJ9usYs1WHpnaE+cvdh29ahZ9Q9a2QdJrTiBNsBEUnkFNkdly0oO
kk1jr9LY+pU26PFRXQ3DsEan7N676wrjxPsYIvE2szNxS8p2hziFAOYVR3y12+2v
dP34E+N9QTWhxFbVkbar0sB/xPNfUoARp2ZZjP2P+ARPzkA8HUYpICCiNLqlCBja
y0Ta/3kVZ41l33Jpe4+ZP/yF8Qcw1h5pZg5bd9F0bjWehyJtBm58RVvwKg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org