Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/kalKcwB8ODDKixohkXSmWllHNfA.roa
File: kalKcwB8ODDKixohkXSmWllHNfA.roa (raw, json)
Hash identifier: M9rH6u7r3VYAG9Hplp6lR51x2OXo2plKXnhZp5ON3xg=
Subject key identifier: 91:A9:4A:73:00:7C:38:30:CA:8B:1A:21:91:74:A6:5A:59:47:35:F0
Certificate issuer: /CN=884bf80e72f50f09bf563493ebdb11a34bba312d
Certificate serial: 067E36D7
Authority key identifier: 88:4B:F8:0E:72:F5:0F:09:BF:56:34:93:EB:DB:11:A3:4B:BA:31:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/kalKcwB8ODDKixohkXSmWllHNfA.roa
Signing time: Tue 01 Mar 2022 13:05:05 +0000
ROA not before: Tue 01 Mar 2022 13:05:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202486
IP address blocks: 194.76.221.0/24 maxlen: 24
194.76.220.0/23 maxlen: 24
194.76.220.0/24 maxlen: 24
194.76.237.0/24 maxlen: 24
194.76.236.0/23 maxlen: 24
194.76.236.0/24 maxlen: 24
5.183.183.0/24 maxlen: 24
5.183.182.0/24 maxlen: 24
193.161.212.0/24 maxlen: 24
5.183.180.0/24 maxlen: 24
193.161.213.0/24 maxlen: 24
5.183.181.0/24 maxlen: 24
193.161.214.0/24 maxlen: 24
193.161.215.0/24 maxlen: 24
92.118.93.0/24 maxlen: 24
92.118.92.0/24 maxlen: 24
92.118.95.0/24 maxlen: 24
92.118.94.0/24 maxlen: 24
2a0c:a0c1::/32 maxlen: 32
2a0c:a0c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108934871 (0x67e36d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=884bf80e72f50f09bf563493ebdb11a34bba312d
Validity
Not Before: Mar 1 13:05:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91a94a73007c3830ca8b1a219174a65a594735f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f0:69:4b:4f:2c:6d:bd:7d:ce:93:fe:d8:f3:
e1:05:ca:65:f3:59:a3:21:95:26:0e:cb:89:ee:b3:
bd:6b:b0:de:07:2b:e0:70:e1:55:71:47:b6:7b:b8:
09:ea:23:98:d5:59:d8:c6:0d:ba:ee:07:60:39:be:
72:88:82:aa:3f:e0:a9:ec:b9:1d:e4:cc:30:b3:71:
f8:f5:4c:44:cf:d1:a0:65:21:78:7c:61:61:fd:af:
61:08:6f:80:66:40:06:4b:95:ca:7f:82:e7:27:bd:
ec:cb:bf:7c:e1:0c:4f:0d:8a:0a:c8:44:15:2a:2a:
c5:7a:a9:26:2f:f0:27:fb:99:13:d8:76:63:1f:9d:
ff:30:c9:6e:be:8a:fa:82:df:33:7d:f2:ea:05:78:
88:d6:c2:27:aa:b7:8d:ff:f7:98:65:ab:7f:74:41:
e2:ac:86:04:4b:eb:74:1d:9a:40:a5:5a:51:4b:7b:
82:91:82:41:ed:6d:0f:a5:99:bb:ec:22:bd:af:b6:
a8:95:31:e8:27:b8:b8:78:cf:10:bb:57:c2:3f:b0:
a2:ec:e3:3f:b5:59:a1:38:3a:f9:fe:ee:2c:d0:27:
de:56:55:53:3e:97:89:e1:6d:98:4a:e4:7b:36:6a:
c6:74:89:1f:48:12:b6:df:27:d2:11:e1:7c:3d:8b:
42:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A9:4A:73:00:7C:38:30:CA:8B:1A:21:91:74:A6:5A:59:47:35:F0
X509v3 Authority Key Identifier:
keyid:88:4B:F8:0E:72:F5:0F:09:BF:56:34:93:EB:DB:11:A3:4B:BA:31:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/kalKcwB8ODDKixohkXSmWllHNfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/iEv4DnL1Dwm_VjST69sRo0u6MS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.180.0/22
92.118.92.0/22
193.161.212.0/22
194.76.220.0/23
194.76.236.0/23
IPv6:
2a0c:a0c0::/31
Signature Algorithm: sha256WithRSAEncryption
82:df:06:36:7a:38:4a:6d:94:8b:9d:13:fa:85:11:b4:54:6b:
47:23:f7:fd:0e:98:88:70:e5:23:ce:ed:c6:ab:7f:d8:01:d6:
14:8e:32:9f:46:c8:ee:55:e6:07:74:3f:4d:9a:86:c1:43:0f:
4a:07:f0:54:78:c6:f9:b8:29:95:8a:07:b1:2d:46:c6:4b:7d:
02:4e:0a:5f:64:5c:ad:8e:18:76:94:4d:05:c5:8b:4a:2b:bf:
9e:db:21:e9:89:b1:10:08:e8:33:cb:34:70:bc:36:12:6a:70:
7c:7b:77:29:26:de:c7:1c:4f:d3:d9:09:13:6c:b2:e3:0f:af:
4b:23:84:f6:8e:82:a2:ae:60:ee:69:e9:d0:c4:a1:70:34:fc:
cb:63:39:47:c6:83:a8:b0:0e:b4:af:ad:be:7d:66:b2:47:5c:
65:d9:02:e8:4c:72:69:a2:76:a8:f3:31:be:bc:a7:58:73:f5:
e2:b0:b8:d6:ee:c5:63:1e:15:02:82:7d:f6:fa:11:96:17:56:
41:0b:f7:52:8f:aa:9e:3e:af:a7:72:96:a8:84:80:6e:c1:4e:
87:c6:13:a9:26:a6:71:c1:4c:20:33:15:62:5e:66:b2:da:9f:
a2:a8:5a:d3:f2:8c:e7:25:85:b2:30:5a:b7:f0:51:f6:29:da:
98:38:a5:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBn421zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODRiZjgwZTcyZjUwZjA5YmY1NjM0OTNlYmRiMTFhMzRiYmEzMTJkMB4XDTIyMDMw
MTEzMDUwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFhOTRhNzMwMDdj
MzgzMGNhOGIxYTIxOTE3NGE2NWE1OTQ3MzVmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTwaUtPLG29fc6T/tjz4QXKZfNZoyGVJg7Lie6zvWuw3gcr
4HDhVXFHtnu4CeojmNVZ2MYNuu4HYDm+coiCqj/gqey5HeTMMLNx+PVMRM/RoGUh
eHxhYf2vYQhvgGZABkuVyn+C5ye97Mu/fOEMTw2KCshEFSoqxXqpJi/wJ/uZE9h2
Yx+d/zDJbr6K+oLfM33y6gV4iNbCJ6q3jf/3mGWrf3RB4qyGBEvrdB2aQKVaUUt7
gpGCQe1tD6WZu+wiva+2qJUx6Ce4uHjPELtXwj+wouzjP7VZoTg6+f7uLNAn3lZV
Uz6XieFtmErkezZqxnSJH0gStt8n0hHhfD2LQiUCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSRqUpzAHw4MMqLGiGRdKZaWUc18DAfBgNVHSMEGDAWgBSIS/gOcvUPCb9W
NJPr2xGjS7oxLTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lFdjREbkwxRHdtX1ZqU1Q2OXNSbzB1Nk1TMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvYjEyZTRkLThhMWEtNDAxMC05YThiLTM2Zjk4NDdhYzM1Yi8x
L2thbEtjd0I4T0RES2l4b2hrWFNtV2xsSE5mQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
YjEyZTRkLThhMWEtNDAxMC05YThiLTM2Zjk4NDdhYzM1Yi8xL2lFdjREbkwxRHdt
X1ZqU1Q2OXNSbzB1Nk1TMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAgW3tAMEAlx2XAMEAsGh1AMEAcJM
3AMEAcJM7DANBAIAAjAHAwUBKgygwDANBgkqhkiG9w0BAQsFAAOCAQEAgt8GNno4
Sm2Ui50T+oURtFRrRyP3/Q6YiHDlI87txqt/2AHWFI4yn0bI7lXmB3Q/TZqGwUMP
SgfwVHjG+bgplYoHsS1Gxkt9Ak4KX2RcrY4YdpRNBcWLSiu/ntsh6YmxEAjoM8s0
cLw2EmpwfHt3KSbexxxP09kJE2yy4w+vSyOE9o6Coq5g7mnp0MShcDT8y2M5R8aD
qLAOtK+tvn1mskdcZdkC6ExyaaJ2qPMxvrynWHP14rC41u7FYx4VAoJ99voRlhdW
QQv3Uo+qnj6vp3KWqISAbsFOh8YTqSamccFMIDMVYl5mstqfoqha0/KM5yWFsjBa
t/BR9inamDilRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:52 2024 by rpki-client on console-ams.rpki-client.org