Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/KWVNZ0s0M-qFg6WZEaCKFona5r4.roa
File: KWVNZ0s0M-qFg6WZEaCKFona5r4.roa (raw, json)
Hash identifier: bhV740iV9Wlud0CfgzBoy3m00Fkz5I8mWjA7xqfQkvg=
Subject key identifier: 29:65:4D:67:4B:34:33:EA:85:83:A5:99:11:A0:8A:16:89:DA:E6:BE
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 0182B57A6D2C45AA5222F9AAC4A2D69B82AD
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/KWVNZ0s0M-qFg6WZEaCKFona5r4.roa
Signing time: Fri 19 Aug 2022 09:41:15 +0000
ROA not before: Fri 19 Aug 2022 09:41:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51032
IP address blocks: 91.202.204.0/22 maxlen: 22
178.216.176.0/21 maxlen: 21
89.23.128.0/19 maxlen: 19
89.23.128.0/21 maxlen: 21
91.123.80.0/20 maxlen: 20
89.23.144.0/20 maxlen: 24
89.23.146.0/24 maxlen: 24
89.23.147.0/24 maxlen: 24
89.23.160.0/19 maxlen: 19
31.128.128.0/19 maxlen: 19
89.23.168.0/21 maxlen: 21
89.23.176.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b5:7a:6d:2c:45:aa:52:22:f9:aa:c4:a2:d6:9b:82:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Aug 19 09:41:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29654d674b3433ea8583a59911a08a1689dae6be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5c:d9:3d:35:59:19:03:42:2a:67:6f:a8:0a:
71:46:80:3a:19:ba:33:07:e8:ef:29:e0:70:07:7b:
f9:76:92:56:35:eb:fc:b0:2c:26:d4:95:af:03:c5:
33:b5:fa:ac:d4:aa:e7:38:f1:51:32:85:01:41:28:
c2:ca:39:91:7a:1d:b4:57:17:9c:2d:a2:8d:e3:ba:
3b:9a:ea:99:dc:b0:4e:26:09:c3:8d:15:2d:ea:48:
03:01:d3:af:8a:7f:c7:d0:a5:94:cc:22:9b:b4:c2:
75:07:f2:e7:98:94:c7:6b:b1:d3:88:da:e0:ef:e5:
cd:7c:d1:a4:19:e0:97:3f:6f:c4:24:ac:9f:d8:54:
c0:3d:08:4b:c0:65:3e:c5:2c:4b:60:07:7a:64:b8:
a6:d0:45:a9:e9:4a:12:e4:60:21:48:93:a1:74:f5:
ab:2c:1c:0c:73:8a:de:65:2c:61:b2:4a:a7:5a:69:
b3:aa:31:f0:ad:9f:0d:7e:a8:11:03:f2:1e:a6:43:
b4:43:ae:6a:26:06:de:79:67:bf:ed:bc:03:ab:f2:
1a:64:60:5c:2c:07:ba:40:92:91:1f:46:eb:cb:39:
9a:0e:66:9c:e9:a1:0b:42:4c:ad:d4:14:ee:50:03:
ce:f9:80:ca:4d:0e:7a:a2:f8:fa:1b:28:4d:e1:9e:
06:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:65:4D:67:4B:34:33:EA:85:83:A5:99:11:A0:8A:16:89:DA:E6:BE
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/KWVNZ0s0M-qFg6WZEaCKFona5r4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.128.0/19
89.23.128.0/18
91.123.80.0/20
91.202.204.0/22
178.216.176.0/21
Signature Algorithm: sha256WithRSAEncryption
b4:98:e0:53:b4:34:f6:4e:72:f0:93:0b:4a:87:c3:27:a7:fa:
a5:5b:dc:e4:54:ef:a8:57:5e:82:a0:bb:ca:27:c2:d5:b6:10:
6b:56:12:d9:43:ab:e4:98:e6:fb:c9:64:6a:5b:d9:f9:24:b1:
3b:5e:9a:9e:10:27:3f:79:be:14:cb:b4:37:88:84:88:2a:6c:
cd:06:4b:f0:50:b1:ea:21:ac:b8:02:00:8e:51:b4:06:0d:f4:
39:da:63:4f:e9:71:58:a2:a1:8d:82:f6:7a:0d:9f:d8:c3:8d:
6a:62:58:d7:42:5a:a3:66:38:53:4c:40:d3:8f:46:3b:42:15:
58:8e:24:8c:e1:7f:bd:a9:54:d2:fd:f7:74:a1:44:de:a5:54:
cb:df:55:59:00:7a:b5:dd:42:72:01:55:1c:73:0c:e3:ba:67:
c1:fd:e8:7f:81:e8:82:5f:19:3b:4a:7f:0a:39:d4:e3:cb:a6:
7e:06:a6:c7:4b:87:ea:3b:13:f3:54:82:41:01:4d:cd:07:df:
bf:5e:1f:79:d9:31:1a:57:11:1d:6c:fd:52:87:9f:5e:94:fc:
94:0c:79:00:f8:a6:47:a4:2d:85:5a:1d:cc:2d:12:bc:12:9c:
85:4d:42:23:22:bf:75:c2:40:d3:9c:d2:45:d6:e8:40:7b:09:
aa:df:e7:fc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYK1em0sRapSIvmqxKLWm4KtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjIwODE5MDk0MTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTY1NGQ2NzRiMzQzM2VhODU4M2E1OTkxMWEwOGExNjg5ZGFlNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolzZPTVZGQNCKmdvqApxRoA6Gboz
B+jvKeBwB3v5dpJWNev8sCwm1JWvA8Uztfqs1KrnOPFRMoUBQSjCyjmReh20Vxec
LaKN47o7muqZ3LBOJgnDjRUt6kgDAdOvin/H0KWUzCKbtMJ1B/LnmJTHa7HTiNrg
7+XNfNGkGeCXP2/EJKyf2FTAPQhLwGU+xSxLYAd6ZLim0EWp6UoS5GAhSJOhdPWr
LBwMc4reZSxhskqnWmmzqjHwrZ8NfqgRA/IepkO0Q65qJgbeeWe/7bwDq/IaZGBc
LAe6QJKRH0bryzmaDmac6aELQkyt1BTuUAPO+YDKTQ56ovj6GyhN4Z4GcQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCllTWdLNDPqhYOlmRGgihaJ2ua+MB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvS1dWTlowczBNLXFGZzZXWkVhQ0tGb25hNXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFH4CAAwQG
WReAAwQEW3tQAwQCW8rMAwQDstiwMA0GCSqGSIb3DQEBCwUAA4IBAQC0mOBTtDT2
TnLwkwtKh8Mnp/qlW9zkVO+oV16CoLvKJ8LVthBrVhLZQ6vkmOb7yWRqW9n5JLE7
XpqeECc/eb4Uy7Q3iISIKmzNBkvwULHqIay4AgCOUbQGDfQ52mNP6XFYoqGNgvZ6
DZ/Yw41qYljXQlqjZjhTTEDTj0Y7QhVYjiSM4X+9qVTS/fd0oUTepVTL31VZAHq1
3UJyAVUccwzjumfB/eh/geiCXxk7Sn8KOdTjy6Z+BqbHS4fqOxPzVIJBAU3NB9+/
Xh952TEaVxEdbP1Sh59elPyUDHkA+KZHpC2FWh3MLRK8EpyFTUIjIr91wkDTnNJF
1uhAewmq3+f8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:42 2023 by rpki-client on console-fra.rpki-client.org