Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/KQS8keG8JSyUwyg7imM2Xbqz4ak.roa
File: KQS8keG8JSyUwyg7imM2Xbqz4ak.roa (raw, json)
Hash identifier: SNHKKTNXm5XqG/M1ivkOMBiSl3NYMTI9lYUBmeB76Nw=
Subject key identifier: 29:04:BC:91:E1:BC:25:2C:94:C3:28:3B:8A:63:36:5D:BA:B3:E1:A9
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 018408F0677632A4B0ABCD0BD3C2DB145744
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/KQS8keG8JSyUwyg7imM2Xbqz4ak.roa
Signing time: Mon 24 Oct 2022 07:41:23 +0000
ROA not before: Mon 24 Oct 2022 07:41:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47447
IP address blocks: 193.38.156.0/22 maxlen: 22
45.87.136.0/22 maxlen: 24
2a0e:fe80::/29 maxlen: 48
2a0d:6940::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:08:f0:67:76:32:a4:b0:ab:cd:0b:d3:c2:db:14:57:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Oct 24 07:41:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2904bc91e1bc252c94c3283b8a63365dbab3e1a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0f:a4:53:e0:9f:f6:69:32:17:0c:8c:18:8a:
24:18:73:83:be:0f:ac:c5:4c:63:f0:2e:c1:b8:97:
83:02:bc:30:f9:32:19:0b:cd:0b:fc:d1:5e:c6:85:
0f:a3:1b:09:58:c5:30:1e:f1:df:cc:f7:58:1e:6e:
77:7f:9d:d4:60:a8:dd:6a:1f:23:fa:2a:aa:5c:c9:
b5:a6:b0:9c:3b:04:c8:b8:08:cc:c2:b4:00:5e:03:
0c:6f:c8:53:fe:4e:65:e0:50:fa:5b:84:9f:1a:6f:
99:00:88:cb:1b:71:68:46:27:3f:5e:18:de:aa:9c:
7f:63:55:0f:06:33:f9:5a:3b:95:dd:8f:5a:bb:e3:
a6:61:7a:ba:06:30:1a:1a:ec:92:92:58:f6:5b:98:
83:c6:3d:ce:46:90:1a:74:94:61:e1:34:90:fc:a2:
7b:c4:76:82:62:2e:57:ca:d1:e6:6e:28:1b:b1:5b:
1c:d3:d2:1c:ce:7a:e9:23:42:c3:5c:bb:f8:74:17:
a6:83:3e:cc:d3:87:89:da:19:3f:9b:2a:ad:7d:2d:
7f:b0:45:28:88:70:c3:9a:15:be:e1:45:1a:d3:3c:
30:e6:89:16:b9:ab:f3:11:40:ca:dc:70:42:44:cc:
18:51:d7:6a:79:c4:dd:af:a1:67:87:96:97:b7:4d:
d8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:04:BC:91:E1:BC:25:2C:94:C3:28:3B:8A:63:36:5D:BA:B3:E1:A9
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/KQS8keG8JSyUwyg7imM2Xbqz4ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.136.0/22
193.38.156.0/22
IPv6:
2a0d:6940::/29
2a0e:fe80::/29
Signature Algorithm: sha256WithRSAEncryption
23:03:79:b4:84:4c:68:b9:41:88:89:9c:0b:a1:d5:6d:d1:85:
93:aa:6b:b9:ec:da:02:cc:d8:99:c2:f4:8d:68:bb:f8:b8:0d:
83:29:5a:e3:60:9f:eb:74:c0:c1:14:04:da:fc:4f:3d:a1:2d:
9d:d6:f6:5e:00:60:47:32:e2:bf:46:e7:57:50:48:b4:ff:11:
2e:69:d3:28:c9:b3:58:c9:72:f5:a3:29:a5:48:16:bd:6b:44:
77:a6:37:07:e3:4b:15:ba:ff:23:25:8a:fc:b6:59:8a:8e:6c:
36:26:54:6d:d9:6d:ef:b9:df:7b:87:ce:7c:ee:7c:1b:a5:a1:
1e:7f:20:2d:89:1c:c3:99:9f:08:58:3f:5d:3f:d4:32:86:12:
9c:72:08:dd:41:75:07:33:8b:e2:1d:25:ee:24:14:a2:da:8a:
e3:b6:7c:9d:21:b9:b5:ef:b7:0b:18:57:70:a5:7c:d6:91:ad:
2b:3d:2c:84:96:77:7e:91:e2:e6:29:2f:ba:91:08:af:2e:c5:
86:5d:44:7d:d5:40:99:c2:5f:e0:bb:2b:a4:ce:3b:5b:2f:d5:
f6:f6:49:33:af:5e:dc:b4:85:b7:b3:d8:2a:86:06:9d:bc:c8:
96:38:03:d1:8c:6c:0b:93:6c:a5:72:b6:82:d0:4b:36:29:6c:
17:37:2f:7f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYQI8Gd2MqSwq80L08LbFFdEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjIxMDI0MDc0MTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTA0YmM5MWUxYmMyNTJjOTRjMzI4M2I4YTYzMzY1ZGJhYjNlMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzg+kU+Cf9mkyFwyMGIokGHODvg+s
xUxj8C7BuJeDArww+TIZC80L/NFexoUPoxsJWMUwHvHfzPdYHm53f53UYKjdah8j
+iqqXMm1prCcOwTIuAjMwrQAXgMMb8hT/k5l4FD6W4SfGm+ZAIjLG3FoRic/Xhje
qpx/Y1UPBjP5WjuV3Y9au+OmYXq6BjAaGuySklj2W5iDxj3ORpAadJRh4TSQ/KJ7
xHaCYi5XytHmbigbsVsc09IcznrpI0LDXLv4dBemgz7M04eJ2hk/myqtfS1/sEUo
iHDDmhW+4UUa0zww5okWuavzEUDK3HBCRMwYUddqecTdr6Fnh5aXt03YxwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCkEvJHhvCUslMMoO4pjNl26s+GpMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvS1FTOGtlRzhKU3lVd3lnN2ltTTJYYnF6NGFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLVeIAwQC
wSacMBQEAgACMA4DBQMqDWlAAwUDKg7+gDANBgkqhkiG9w0BAQsFAAOCAQEAIwN5
tIRMaLlBiImcC6HVbdGFk6pruezaAszYmcL0jWi7+LgNgyla42Cf63TAwRQE2vxP
PaEtndb2XgBgRzLiv0bnV1BItP8RLmnTKMmzWMly9aMppUgWvWtEd6Y3B+NLFbr/
IyWK/LZZio5sNiZUbdlt77nfe4fOfO58G6WhHn8gLYkcw5mfCFg/XT/UMoYSnHII
3UF1BzOL4h0l7iQUotqK47Z8nSG5te+3CxhXcKV81pGtKz0shJZ3fpHi5ikvupEI
ry7Fhl1EfdVAmcJf4LsrpM47Wy/V9vZJM69e3LSFt7PYKoYGnbzIljgD0YxsC5Ns
pXK2gtBLNilsFzcvfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:44 2024 by rpki-client on console-ams.rpki-client.org