Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/KKbfTuEkaV6FL8OweobjrWn1LT4.roa
File: KKbfTuEkaV6FL8OweobjrWn1LT4.roa (raw, json)
Hash identifier: Y8YBfLjECcvgvgECd/6YYr2kBB0mOrNfgY3ZJQ/I+48=
Subject key identifier: 28:A6:DF:4E:E1:24:69:5E:85:2F:C3:B0:7A:86:E3:AD:69:F5:2D:3E
Certificate issuer: /CN=3e20c700d98d76a9c640173889f9367da9de8997
Certificate serial: 3532C7CD
Authority key identifier: 3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/KKbfTuEkaV6FL8OweobjrWn1LT4.roa
Signing time: Sat 01 Jan 2022 11:57:31 +0000
ROA not before: Sat 01 Jan 2022 11:57:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41095
IP address blocks: 176.56.160.0/19 maxlen: 24
91.194.116.0/23 maxlen: 24
185.65.172.0/22 maxlen: 24
193.33.70.0/23 maxlen: 24
195.189.120.0/22 maxlen: 24
87.239.184.0/21 maxlen: 24
2a03:9d40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 892520397 (0x3532c7cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e20c700d98d76a9c640173889f9367da9de8997
Validity
Not Before: Jan 1 11:57:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28a6df4ee124695e852fc3b07a86e3ad69f52d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9c:8a:98:84:23:25:85:a4:df:4d:46:2f:d3:
cf:32:e4:10:d7:53:5c:70:aa:21:29:49:85:4c:d9:
bb:41:e0:af:c0:55:85:c8:0f:c9:0e:c5:10:49:c9:
bf:60:23:b2:b4:9d:15:e2:87:85:8e:29:bb:ed:2e:
2f:40:a6:30:ff:17:0b:83:16:b9:fe:a4:7d:27:f4:
43:45:66:3a:a5:9c:6c:47:f5:08:10:73:8c:84:50:
16:7f:98:a1:35:42:81:e7:20:ff:cc:a5:62:c9:dd:
e6:ef:0a:6b:11:29:83:49:67:60:2d:3b:27:3e:67:
d4:88:ca:13:05:3a:26:24:d3:eb:bd:54:c0:04:80:
dc:e2:ce:7b:c7:31:50:c3:70:f4:39:e6:8e:c8:d4:
dd:19:01:87:d6:e8:23:ea:7a:76:03:ef:3d:a6:04:
39:69:16:78:76:89:a9:42:f4:54:3b:17:c5:2d:4f:
e0:71:01:da:ed:70:3d:a5:99:d3:54:13:dc:72:e8:
74:33:8d:73:9a:02:38:71:19:56:60:b9:d9:08:83:
cc:29:01:9a:06:3b:ee:63:7e:fb:96:b5:67:41:35:
cf:de:13:3c:ef:71:08:36:cc:66:be:11:12:ff:0f:
53:0f:74:31:ad:ae:e9:80:07:cd:f4:04:5d:1b:6a:
12:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A6:DF:4E:E1:24:69:5E:85:2F:C3:B0:7A:86:E3:AD:69:F5:2D:3E
X509v3 Authority Key Identifier:
keyid:3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/KKbfTuEkaV6FL8OweobjrWn1LT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/PiDHANmNdqnGQBc4ifk2faneiZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.184.0/21
91.194.116.0/23
176.56.160.0/19
185.65.172.0/22
193.33.70.0/23
195.189.120.0/22
IPv6:
2a03:9d40::/32
Signature Algorithm: sha256WithRSAEncryption
3e:93:b7:38:ce:65:53:f5:98:e0:4a:0b:77:a4:43:72:cd:1d:
07:db:67:6f:63:96:0b:cb:b6:af:77:2b:cf:14:5c:ad:ea:4a:
27:68:ed:24:81:31:d1:c4:ad:aa:0c:80:b3:7f:fb:8b:70:01:
1d:58:9a:11:ef:ed:79:d5:68:54:23:61:8d:ec:0b:83:c3:16:
24:03:e4:f8:87:35:62:3f:ad:91:ab:f3:43:f5:78:06:f7:41:
c6:4b:c9:9b:cd:76:6a:a0:85:a1:37:63:22:9d:16:2c:5f:b7:
84:82:5f:10:20:98:50:2f:d7:c5:2a:65:8a:85:d9:c5:67:78:
3b:bd:79:e9:d7:12:bf:cb:2e:37:10:42:3e:9a:ae:8e:f6:58:
69:8f:61:b4:f5:5a:12:b8:5a:31:37:11:c1:23:b6:a1:1b:c2:
48:28:5b:5f:9b:19:0e:dc:b2:b3:7d:ef:fe:81:4e:9e:cd:0a:
17:dd:e6:f4:73:73:32:9d:57:cd:7f:6c:6b:f5:a5:e8:92:b5:
37:64:1a:75:e0:9b:9c:94:63:bf:87:86:5a:1a:99:6d:91:bc:
fc:18:8e:a5:7a:13:1d:f6:a0:f8:ef:8a:58:76:9f:4c:86:21:
25:79:70:54:cc:54:67:2d:5b:1c:ca:b2:57:d7:32:fb:56:7f:
34:c1:a3:d5
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIENTLHzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZTIwYzcwMGQ5OGQ3NmE5YzY0MDE3Mzg4OWY5MzY3ZGE5ZGU4OTk3MB4XDTIyMDEw
MTExNTczMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhhNmRmNGVlMTI0
Njk1ZTg1MmZjM2IwN2E4NmUzYWQ2OWY1MmQzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6cipiEIyWFpN9NRi/TzzLkENdTXHCqISlJhUzZu0Hgr8BV
hcgPyQ7FEEnJv2AjsrSdFeKHhY4pu+0uL0CmMP8XC4MWuf6kfSf0Q0VmOqWcbEf1
CBBzjIRQFn+YoTVCgecg/8ylYsnd5u8KaxEpg0lnYC07Jz5n1IjKEwU6JiTT671U
wASA3OLOe8cxUMNw9DnmjsjU3RkBh9boI+p6dgPvPaYEOWkWeHaJqUL0VDsXxS1P
4HEB2u1wPaWZ01QT3HLodDONc5oCOHEZVmC52QiDzCkBmgY77mN++5a1Z0E1z94T
PO9xCDbMZr4REv8PUw90Ma2u6YAHzfQEXRtqEkUCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQopt9O4SRpXoUvw7B6huOtafUtPjAfBgNVHSMEGDAWgBQ+IMcA2Y12qcZA
FziJ+TZ9qd6JlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BpREhBTm1OZHFuR1FCYzRpZmsyZmFuZWlaYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvYWM2YzdiLWQwNTktNDAxNC1hOTY4LWU0NmQ4ZDE2YTE1Zi8x
L0tLYmZUdUVrYVY2Rkw4T3dlb2JqclduMUxUNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
YWM2YzdiLWQwNTktNDAxNC1hOTY4LWU0NmQ4ZDE2YTE1Zi8xL1BpREhBTm1OZHFu
R1FCYzRpZmsyZmFuZWlaYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEA1fvuAMEAVvCdAMEBbA4oAMEArlB
rAMEAcEhRgMEAsO9eDANBAIAAjAHAwUAKgOdQDANBgkqhkiG9w0BAQsFAAOCAQEA
PpO3OM5lU/WY4EoLd6RDcs0dB9tnb2OWC8u2r3crzxRcrepKJ2jtJIEx0cStqgyA
s3/7i3ABHViaEe/tedVoVCNhjewLg8MWJAPk+Ic1Yj+tkavzQ/V4BvdBxkvJm812
aqCFoTdjIp0WLF+3hIJfECCYUC/XxSplioXZxWd4O7156dcSv8suNxBCPpqujvZY
aY9htPVaErhaMTcRwSO2oRvCSChbX5sZDtyys33v/oFOns0KF93m9HNzMp1XzX9s
a/Wl6JK1N2QadeCbnJRjv4eGWhqZbZG8/BiOpXoTHfag+O+KWHafTIYhJXlwVMxU
Zy1bHMqyV9cy+1Z/NMGj1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:34 2024 by rpki-client on console-fra.rpki-client.org