Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/KKZcC_tOogZ32uMqkNXJChH7R04.roa
File: KKZcC_tOogZ32uMqkNXJChH7R04.roa (raw, json)
Hash identifier: Fnl338qOigJVBiTKhnd1GZrL6qMRGazqcDdObzvjN8U=
Subject key identifier: 28:A6:5C:0B:FB:4E:A2:06:77:DA:E3:2A:90:D5:C9:0A:11:FB:47:4E
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505E12B7BD133BAC72FA2ED196DB1F760
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/KKZcC_tOogZ32uMqkNXJChH7R04.roa
Signing time: Mon 12 Dec 2022 10:28:40 +0000
ROA not before: Mon 12 Dec 2022 10:28:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31224
IP address blocks: 178.176.104.0/21 maxlen: 21
83.149.32.0/22 maxlen: 22
83.149.36.0/22 maxlen: 22
83.149.34.0/24 maxlen: 24
83.149.37.0/24 maxlen: 24
83.149.39.0/24 maxlen: 24
85.26.192.0/22 maxlen: 22
178.178.88.0/22 maxlen: 22
178.178.92.0/22 maxlen: 22
31.173.96.0/24 maxlen: 24
31.173.97.0/24 maxlen: 24
31.173.102.0/24 maxlen: 24
31.173.99.0/24 maxlen: 24
31.173.103.0/24 maxlen: 24
31.173.100.0/24 maxlen: 24
31.173.100.0/23 maxlen: 23
31.173.101.0/24 maxlen: 24
178.176.112.0/24 maxlen: 24
178.176.113.0/24 maxlen: 24
83.169.216.0/24 maxlen: 24
188.162.0.0/16 maxlen: 24
31.173.123.0/24 maxlen: 24
31.173.122.0/24 maxlen: 24
31.173.121.0/24 maxlen: 24
31.173.125.0/24 maxlen: 24
31.173.120.0/24 maxlen: 24
31.173.124.0/24 maxlen: 24
31.173.127.0/24 maxlen: 24
31.173.126.0/24 maxlen: 24
78.25.88.0/22 maxlen: 22
46.229.132.0/22 maxlen: 22
128.204.68.0/24 maxlen: 24
128.204.69.0/24 maxlen: 24
37.29.44.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:e1:2b:7b:d1:33:ba:c7:2f:a2:ed:19:6d:b1:f7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 10:28:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28a65c0bfb4ea20677dae32a90d5c90a11fb474e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:82:25:d6:51:7d:a3:13:51:62:50:bf:22:e8:
30:a3:19:9b:71:78:01:03:42:71:af:bb:29:bb:a3:
ae:4b:31:fe:e9:cc:20:cc:be:34:c3:ee:be:d9:b1:
19:48:35:4d:0a:65:44:56:6d:46:37:fc:ec:0e:4c:
68:9b:a9:8b:71:0c:d3:98:b3:9a:d4:31:82:33:c3:
5d:95:73:76:c3:6c:e1:c6:d1:8b:1b:39:2d:82:06:
54:9b:45:03:a7:fb:1a:1c:c4:c1:c9:92:1d:2b:6f:
e1:eb:8a:05:e4:de:10:f1:9c:4a:76:09:7b:9f:6e:
65:b2:d2:93:1a:21:73:ca:b8:07:8c:b4:e6:93:d8:
4e:d9:83:f1:cc:2a:3f:5b:65:c1:5f:b6:87:03:ab:
c4:0a:87:27:84:da:85:eb:cf:dd:ad:a9:7d:67:c7:
a6:2c:16:fa:d6:53:d0:d3:d1:0a:2e:70:af:00:6b:
87:54:9b:8b:77:31:11:75:c7:a3:d9:f4:3c:c2:cc:
ac:db:57:41:6f:4b:ce:0d:0c:dd:40:fc:42:73:7d:
36:6e:27:58:b7:bb:83:98:9d:02:93:77:9c:da:60:
b5:da:18:6b:f8:45:e6:b9:22:f7:0e:df:f5:0d:7b:
d5:ea:c3:44:61:2d:94:f7:b1:f4:29:85:24:6b:07:
e6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A6:5C:0B:FB:4E:A2:06:77:DA:E3:2A:90:D5:C9:0A:11:FB:47:4E
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/KKZcC_tOogZ32uMqkNXJChH7R04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.96.0/23
31.173.99.0-31.173.103.255
31.173.120.0/21
37.29.44.0/22
46.229.132.0/22
78.25.88.0/22
83.149.32.0/21
83.169.216.0/24
85.26.192.0/22
128.204.68.0/23
178.176.104.0-178.176.113.255
178.178.88.0/21
188.162.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0c:2a:6e:67:2d:c9:74:22:f6:ce:51:35:08:d9:aa:60:23:fe:
4b:92:d1:fe:7e:24:95:2d:70:86:14:1a:ff:d0:bb:28:5c:90:
d8:c3:95:a2:7a:3f:c0:5f:c5:5f:8a:e1:f7:dd:10:d0:bb:94:
d4:b8:3a:6a:39:b0:5d:f2:a4:19:41:8d:df:19:d6:07:9d:7c:
0a:a9:49:a1:47:1e:43:08:86:7d:d0:3c:03:b2:9d:88:63:2c:
d1:bc:2f:f2:47:4c:e1:d3:32:57:6d:31:e9:22:9f:73:87:28:
c1:cc:a4:f2:da:76:b4:ee:0d:02:2f:75:fb:bd:19:da:33:f6:
fe:13:51:80:3f:cd:69:35:79:fa:6e:41:58:92:1f:b6:60:1b:
46:95:4c:d6:41:3a:82:7b:52:cf:04:fb:8a:7c:f5:f2:80:69:
31:fe:c2:da:5d:f8:5d:3f:44:49:af:5a:63:1a:66:03:ee:3b:
a2:4b:ba:91:6f:30:e8:e8:4f:ac:d1:ea:ed:fe:82:98:4c:f2:
7b:8f:a5:c5:da:20:81:8b:f0:73:f8:de:8d:58:92:97:96:f7:
40:44:a8:7f:60:f7:7e:93:9a:50:f8:c0:94:4c:5b:cc:35:4b:
cc:cf:2a:48:ee:da:aa:26:35:ac:be:65:d2:97:da:f1:9c:04:
21:85:3e:b3
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYUF4St70TO6xy+i7RltsfdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTAyODQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGE2NWMwYmZiNGVhMjA2NzdkYWUzMmE5MGQ1YzkwYTExZmI0NzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIIl1lF9oxNRYlC/IugwoxmbcXgB
A0Jxr7spu6OuSzH+6cwgzL40w+6+2bEZSDVNCmVEVm1GN/zsDkxom6mLcQzTmLOa
1DGCM8NdlXN2w2zhxtGLGzktggZUm0UDp/saHMTByZIdK2/h64oF5N4Q8ZxKdgl7
n25lstKTGiFzyrgHjLTmk9hO2YPxzCo/W2XBX7aHA6vECocnhNqF68/dral9Z8em
LBb61lPQ09EKLnCvAGuHVJuLdzERdcej2fQ8wsys21dBb0vODQzdQPxCc302bidY
t7uDmJ0Ck3ec2mC12hhr+EXmuSL3Dt/1DXvV6sNEYS2U97H0KYUkawfmlwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFCimXAv7TqIGd9rjKpDVyQoR+0dOMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvS0taY0NfdE9vZ1ozMnVNcWtOWEpDaEg3UjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBjBAIAATBdAwQBH61gMAwD
BAAfrWMDBAMfrWADBAMfrXgDBAIlHSwDBAIu5YQDBAJOGVgDBANTlSADBABTqdgD
BAJVGsADBAGAzEQwDAMEA7KwaAMEAbKwcAMEA7KyWAMDALyiMA0GCSqGSIb3DQEB
CwUAA4IBAQAMKm5nLcl0IvbOUTUI2apgI/5LktH+fiSVLXCGFBr/0LsoXJDYw5Wi
ej/AX8VfiuH33RDQu5TUuDpqObBd8qQZQY3fGdYHnXwKqUmhRx5DCIZ90DwDsp2I
YyzRvC/yR0zh0zJXbTHpIp9zhyjBzKTy2na07g0CL3X7vRnaM/b+E1GAP81pNXn6
bkFYkh+2YBtGlUzWQTqCe1LPBPuKfPXygGkx/sLaXfhdP0RJr1pjGmYD7juiS7qR
bzDo6E+s0ert/oKYTPJ7j6XF2iCBi/Bz+N6NWJKXlvdARKh/YPd+k5pQ+MCUTFvM
NUvMzypI7tqqJjWsvmXSl9rxnAQhhT6z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org