Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/cKk1vSpvXSefRo6b2yxtGukcSDE.roa
File: cKk1vSpvXSefRo6b2yxtGukcSDE.roa (raw, json)
Hash identifier: uSghJKcueliRBcBZcgupC6m0RWhOltHLZxrySdsaghE=
Subject key identifier: 70:A9:35:BD:2A:6F:5D:27:9F:46:8E:9B:DB:2C:6D:1A:E9:1C:48:31
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505A42BB0644ADC78E0C363B2FE59F055
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/cKk1vSpvXSefRo6b2yxtGukcSDE.roa
Signing time: Mon 12 Dec 2022 09:22:03 +0000
ROA not before: Mon 12 Dec 2022 09:22:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35298
IP address blocks: 31.173.176.0/20 maxlen: 20
193.201.228.0/22 maxlen: 24
37.29.76.0/22 maxlen: 22
188.162.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 22
178.176.154.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:a4:2b:b0:64:4a:dc:78:e0:c3:63:b2:fe:59:f0:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:22:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70a935bd2a6f5d279f468e9bdb2c6d1ae91c4831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0c:12:11:7f:9a:5b:44:d9:2a:93:97:75:b3:
54:d9:ef:57:48:cd:00:dc:d3:f9:82:25:d7:69:e0:
a5:c7:cd:2a:2f:09:37:59:89:16:a0:d9:89:04:09:
19:df:56:87:ee:34:e2:9c:25:d8:63:73:05:0f:c0:
32:ff:48:b4:34:e9:80:d0:bc:b5:b8:bc:bb:8d:97:
36:b1:a0:f3:3e:3b:e1:07:c2:09:98:ea:93:fa:aa:
1c:1b:c0:d1:ad:9b:55:04:33:77:97:ef:24:71:89:
05:ff:3f:b7:d8:96:6d:1f:d7:8c:14:2a:d3:93:49:
51:63:11:8a:86:f3:80:6b:b8:ab:8a:b5:f9:7f:59:
9d:ef:68:04:37:09:cb:06:59:a7:5d:9f:28:ae:28:
11:47:20:bd:c1:06:ad:27:5f:08:81:00:f3:fa:6d:
35:2b:75:b9:28:2d:ec:e3:82:08:d7:0c:2e:09:41:
6c:05:74:c5:29:31:44:43:fe:6d:1b:33:03:f7:4e:
e0:d9:1b:ec:af:fc:87:e8:9c:75:bf:15:c4:22:8b:
59:b0:3c:66:fc:e1:fe:cb:93:6d:e6:81:70:e9:bd:
a5:a8:24:1b:c2:5a:8d:9f:ac:2e:96:7f:ec:34:62:
2c:a5:fe:98:24:7d:90:bf:b6:c1:1c:af:2e:fd:84:
eb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A9:35:BD:2A:6F:5D:27:9F:46:8E:9B:DB:2C:6D:1A:E9:1C:48:31
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/cKk1vSpvXSefRo6b2yxtGukcSDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.176.0/20
37.29.76.0/22
78.41.100.0/22
178.176.154.0/23
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
Signature Algorithm: sha256WithRSAEncryption
79:26:4f:40:93:08:27:5c:d1:ad:fa:fc:b9:8c:15:62:99:10:
18:59:fb:22:47:6d:88:c4:d5:f3:31:8f:00:76:92:b8:4e:3e:
7a:df:6f:91:2d:86:3a:af:ec:a9:4d:db:85:9f:83:50:f7:6a:
cb:10:63:7b:39:16:8f:9c:c0:4c:f9:ff:c3:cd:62:c9:5d:af:
84:70:92:17:70:52:bd:75:f4:42:f9:da:dc:34:a6:55:fb:31:
73:80:f9:5d:33:42:b6:7d:59:c4:39:bb:3e:99:04:65:87:ad:
a8:1f:7a:0a:d6:9b:64:bf:58:92:d2:f5:17:bf:27:d5:53:c2:
16:f2:2c:75:41:e5:52:90:35:fd:1a:67:ab:d7:8b:c0:95:e1:
c3:f8:fb:61:7f:53:b5:d4:64:76:a1:16:d0:8d:43:c8:41:3d:
37:a2:4a:9b:88:62:4b:3d:c9:94:36:2e:ef:9f:5e:7f:35:3c:
69:5e:ec:28:43:ec:eb:57:9e:6f:a7:8f:f9:33:2f:96:34:26:
93:97:c6:be:0a:40:98:b0:b5:25:e7:6d:07:d0:a7:47:b1:69:
38:96:89:d0:61:5e:35:14:31:29:37:71:79:0c:9c:3e:e9:ce:
71:31:57:2e:2c:f3:de:7a:c2:46:4b:f2:2e:b3:aa:f1:9a:1e:
83:b2:4a:11
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYUFpCuwZErceODDY7L+WfBVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkyMjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE5MzViZDJhNmY1ZDI3OWY0NjhlOWJkYjJjNmQxYWU5MWM0ODMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwwSEX+aW0TZKpOXdbNU2e9XSM0A
3NP5giXXaeClx80qLwk3WYkWoNmJBAkZ31aH7jTinCXYY3MFD8Ay/0i0NOmA0Ly1
uLy7jZc2saDzPjvhB8IJmOqT+qocG8DRrZtVBDN3l+8kcYkF/z+32JZtH9eMFCrT
k0lRYxGKhvOAa7irirX5f1md72gENwnLBlmnXZ8origRRyC9wQatJ18IgQDz+m01
K3W5KC3s44II1wwuCUFsBXTFKTFEQ/5tGzMD907g2Rvsr/yH6Jx1vxXEIotZsDxm
/OH+y5Nt5oFw6b2lqCQbwlqNn6wuln/sNGIspf6YJH2Qv7bBHK8u/YTrfwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFHCpNb0qb10nn0aOm9ssbRrpHEgxMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvY0trMXZTcHZYU2VmUm82YjJ5eHRHdWtjU0RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTA7BAIAATA1AwQEH62wAwQC
JR1MAwQCTilkAwQBsrCaAwMAvKIDBALByeQDBAXDBYADBAXDEGADBAHDTnQwDQYJ
KoZIhvcNAQELBQADggEBAHkmT0CTCCdc0a36/LmMFWKZEBhZ+yJHbYjE1fMxjwB2
krhOPnrfb5Ethjqv7KlN24Wfg1D3assQY3s5Fo+cwEz5/8PNYsldr4RwkhdwUr11
9EL52tw0plX7MXOA+V0zQrZ9WcQ5uz6ZBGWHragfegrWm2S/WJLS9Re/J9VTwhby
LHVB5VKQNf0aZ6vXi8CV4cP4+2F/U7XUZHahFtCNQ8hBPTeiSpuIYks9yZQ2Lu+f
Xn81PGle7ChD7OtXnm+nj/kzL5Y0JpOXxr4KQJiwtSXnbQfQp0exaTiWidBhXjUU
MSk3cXkMnD7pznExVy4s8956wkZL8i6zqvGaHoOyShE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:35 2024 by rpki-client on console-ams.rpki-client.org