Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/Kkz4tH-qU-ffTzXocofJQrhhuaA.roa
File: Kkz4tH-qU-ffTzXocofJQrhhuaA.roa (raw, json)
Hash identifier: F5BVihgSqY9Kh7/JZ2eworYUUTA3Fcsyyt9J0NsvmEw=
Subject key identifier: 2A:4C:F8:B4:7F:AA:53:E7:DF:4F:35:E8:72:87:C9:42:B8:61:B9:A0
Certificate issuer: /CN=cd6b9d593ac54aa6cbb83889277ba24f54067889
Certificate serial: 0587AA54
Authority key identifier: CD:6B:9D:59:3A:C5:4A:A6:CB:B8:38:89:27:7B:A2:4F:54:06:78:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWudWTrFSqbLuDiJJ3uiT1QGeIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/Kkz4tH-qU-ffTzXocofJQrhhuaA.roa
Signing time: Sat 01 Jan 2022 12:54:40 +0000
ROA not before: Sat 01 Jan 2022 12:54:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 192.109.10.0/23 maxlen: 24
192.109.40.0/23 maxlen: 24
94.190.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92777044 (0x587aa54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd6b9d593ac54aa6cbb83889277ba24f54067889
Validity
Not Before: Jan 1 12:54:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a4cf8b47faa53e7df4f35e87287c942b861b9a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d2:09:7d:7c:18:27:67:68:9c:8a:cf:ed:db:
4b:c7:88:5d:0c:41:3e:af:6d:af:5d:37:1f:64:bc:
99:cc:68:38:05:82:c4:b6:f0:af:c2:82:1b:15:f5:
b6:80:c2:10:b7:98:f6:63:6b:4f:86:a7:e7:9b:da:
e8:65:49:11:1e:1f:89:d3:b2:eb:44:95:5b:dc:ae:
03:08:77:73:3c:47:de:28:6f:8d:4e:61:7e:d0:67:
62:51:23:0d:7e:56:86:41:ba:8d:b5:ee:3a:52:43:
a3:c1:2c:44:94:c1:16:8a:aa:23:b8:14:68:6b:9c:
3b:e8:a9:50:89:ec:3c:f3:c7:a5:3f:e0:5c:c1:ea:
08:c1:a4:7f:75:b8:f3:0f:e9:a6:24:cf:c1:e8:e1:
c3:cb:2b:7e:3d:d2:6c:4e:0d:8d:22:1d:24:1f:fa:
c1:2b:87:c5:cb:e5:bc:6e:39:d7:8c:f4:12:dc:13:
bb:fb:b2:82:00:90:72:56:e9:1f:51:05:16:13:97:
44:07:a7:c5:92:7c:3f:04:bd:f2:64:39:a3:15:92:
c0:90:36:e7:6d:40:c4:ed:ab:67:7a:e1:c8:fc:ac:
fa:66:30:c3:c4:da:a7:a7:4a:66:f7:58:56:b0:8f:
db:8b:ca:d3:60:7e:4d:b1:b5:88:7e:f4:e4:a3:54:
b3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:4C:F8:B4:7F:AA:53:E7:DF:4F:35:E8:72:87:C9:42:B8:61:B9:A0
X509v3 Authority Key Identifier:
keyid:CD:6B:9D:59:3A:C5:4A:A6:CB:B8:38:89:27:7B:A2:4F:54:06:78:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWudWTrFSqbLuDiJJ3uiT1QGeIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/Kkz4tH-qU-ffTzXocofJQrhhuaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/zWudWTrFSqbLuDiJJ3uiT1QGeIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.190.132.0/22
192.109.10.0/23
192.109.40.0/23
Signature Algorithm: sha256WithRSAEncryption
02:d1:f8:1d:5c:23:4e:87:7b:20:32:7b:79:79:c1:d5:6d:37:
50:db:85:2b:7b:b3:1d:09:4d:9b:61:7e:c1:27:a7:e1:58:1a:
9c:ce:59:1b:c4:52:57:b7:db:c2:f4:84:b0:c0:18:36:0b:9e:
8b:f0:b7:37:98:87:92:76:82:02:f2:35:bf:73:2f:6d:a3:13:
f2:e8:92:fc:5e:07:e7:29:5f:05:4b:7e:af:05:88:c1:37:af:
81:c4:1b:05:51:33:16:c1:91:2c:dc:76:d0:37:72:1f:6d:48:
5d:b6:e6:71:db:97:b6:30:be:5d:c6:35:ce:0d:f0:e6:9b:43:
76:cb:d9:bd:69:92:3b:14:87:44:b0:bc:c9:00:be:bd:2a:7f:
f3:ba:2e:8e:81:ee:16:56:da:8f:93:91:5f:89:c5:5e:4b:4a:
43:b6:4a:52:16:40:1b:46:8a:a7:85:06:fe:9a:45:0f:03:82:
c8:85:83:d5:56:3f:97:74:92:6d:13:67:fd:af:48:53:00:16:
85:68:93:ab:5a:f0:f8:58:0f:9f:9a:d9:65:8c:ce:2f:22:9f:
b9:84:69:0c:58:6f:f7:f7:f4:1d:01:72:b8:9c:99:6c:23:e4:
92:48:51:38:46:8e:f8:8f:c8:12:cf:a3:7d:74:7e:be:04:45:
0f:e6:21:db
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBYeqVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDZiOWQ1OTNhYzU0YWE2Y2JiODM4ODkyNzdiYTI0ZjU0MDY3ODg5MB4XDTIyMDEw
MTEyNTQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE0Y2Y4YjQ3ZmFh
NTNlN2RmNGYzNWU4NzI4N2M5NDJiODYxYjlhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHSCX18GCdnaJyKz+3bS8eIXQxBPq9tr103H2S8mcxoOAWC
xLbwr8KCGxX1toDCELeY9mNrT4an55va6GVJER4fidOy60SVW9yuAwh3czxH3ihv
jU5hftBnYlEjDX5WhkG6jbXuOlJDo8EsRJTBFoqqI7gUaGucO+ipUInsPPPHpT/g
XMHqCMGkf3W48w/ppiTPwejhw8srfj3SbE4NjSIdJB/6wSuHxcvlvG4514z0EtwT
u/uyggCQclbpH1EFFhOXRAenxZJ8PwS98mQ5oxWSwJA2521AxO2rZ3rhyPys+mYw
w8Tap6dKZvdYVrCP24vK02B+TbG1iH705KNUsxUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQqTPi0f6pT599PNehyh8lCuGG5oDAfBgNVHSMEGDAWgBTNa51ZOsVKpsu4
OIkne6JPVAZ4iTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pXdWRXVHJGU3FiTHVEaUpKM3VpVDFRR2VJay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvZTY4ZTFiLTM1NmMtNDg2OC05MDlmLTQyNjA2ZjVhYTViOS8x
L0trejR0SC1xVS1mZlR6WG9jb2ZKUXJoaHVhQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
ZTY4ZTFiLTM1NmMtNDg2OC05MDlmLTQyNjA2ZjVhYTViOS8xL3pXdWRXVHJGU3Fi
THVEaUpKM3VpVDFRR2VJay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAl6+hAMEAcBtCgMEAcBtKDANBgkq
hkiG9w0BAQsFAAOCAQEAAtH4HVwjTod7IDJ7eXnB1W03UNuFK3uzHQlNm2F+wSen
4VganM5ZG8RSV7fbwvSEsMAYNguei/C3N5iHknaCAvI1v3MvbaMT8uiS/F4H5ylf
BUt+rwWIwTevgcQbBVEzFsGRLNx20DdyH21IXbbmcduXtjC+XcY1zg3w5ptDdsvZ
vWmSOxSHRLC8yQC+vSp/87oujoHuFlbaj5ORX4nFXktKQ7ZKUhZAG0aKp4UG/ppF
DwOCyIWD1VY/l3SSbRNn/a9IUwAWhWiTq1rw+FgPn5rZZYzOLyKfuYRpDFhv9/f0
HQFyuJyZbCPkkkhROEaO+I/IEs+jfXR+vgRFD+Yh2w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:37 2023 by rpki-client on console-fra.rpki-client.org