Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/Kf7r4nLB2t_-1hOkHrkEtT65pmI.roa
File: Kf7r4nLB2t_-1hOkHrkEtT65pmI.roa (raw, json)
Hash identifier: MNJRZo2gZ7GeXn2aU3MXyS2ykYYCoeLWJUJweWkMd2o=
Subject key identifier: 29:FE:EB:E2:72:C1:DA:DF:FE:D6:13:A4:1E:B9:04:B5:3E:B9:A6:62
Certificate issuer: /CN=056ad2f4ffc5872e35a429e53ef179925ff4215e
Certificate serial: 19B89CC3
Authority key identifier: 05:6A:D2:F4:FF:C5:87:2E:35:A4:29:E5:3E:F1:79:92:5F:F4:21:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWrS9P_Fhy41pCnlPvF5kl_0IV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/Kf7r4nLB2t_-1hOkHrkEtT65pmI.roa
Signing time: Wed 25 May 2022 01:33:14 +0000
ROA not before: Wed 25 May 2022 01:33:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5605
IP address blocks: 193.102.227.0/24 maxlen: 24
193.101.58.0/24 maxlen: 24
195.244.233.0/24 maxlen: 24
195.244.232.0/24 maxlen: 24
195.244.228.0/24 maxlen: 24
195.244.229.0/24 maxlen: 24
195.244.240.0/24 maxlen: 24
195.244.235.0/24 maxlen: 24
195.244.234.0/24 maxlen: 24
195.244.236.0/24 maxlen: 24
195.244.246.0/24 maxlen: 24
195.244.242.0/24 maxlen: 24
195.244.241.0/24 maxlen: 24
195.244.243.0/24 maxlen: 24
195.244.245.0/24 maxlen: 24
195.244.244.0/24 maxlen: 24
193.98.110.0/24 maxlen: 24
195.244.247.0/24 maxlen: 24
195.244.254.0/24 maxlen: 24
195.244.255.0/24 maxlen: 24
2a00:fa8::/32 maxlen: 48
2a00:fa8:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 431529155 (0x19b89cc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=056ad2f4ffc5872e35a429e53ef179925ff4215e
Validity
Not Before: May 25 01:33:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29feebe272c1dadffed613a41eb904b53eb9a662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:05:5d:67:bb:3a:57:0c:fe:b4:e9:25:f1:fb:
23:43:48:9a:a2:43:06:7d:74:51:a3:dc:62:da:b0:
32:9e:2e:a6:88:c3:3b:bf:1f:ec:5d:2c:b2:7b:35:
81:0e:ee:74:f2:ec:60:ef:70:04:2c:ca:cd:5f:aa:
f5:6a:ff:bd:91:11:9d:bc:6a:78:69:9d:3f:6b:ef:
0a:99:30:98:54:1c:32:81:72:d2:96:e6:3f:67:94:
8b:bc:a8:fb:bc:5a:ae:a8:73:0f:87:ea:f2:82:e8:
ec:a3:27:21:75:ca:32:da:f1:00:53:8b:92:d0:47:
dd:4b:86:88:4d:2c:90:08:74:a6:22:a4:75:88:59:
4f:85:27:3f:69:5e:9c:ed:64:da:1b:16:82:65:5c:
f2:4a:ad:29:45:11:90:cc:fb:31:b5:28:6a:39:b6:
e0:50:ff:e6:6a:85:83:6e:91:04:2c:b7:49:fa:3b:
94:0d:80:fd:30:73:f6:b3:1c:61:f7:25:09:4b:b0:
e4:0b:58:1c:2a:d2:fb:b6:b1:02:59:71:bc:13:db:
7f:46:15:fb:16:b7:90:0e:56:37:3b:90:77:1e:c4:
09:48:a6:e6:4f:fb:15:fd:5f:85:f8:a2:68:b3:6d:
07:28:10:03:2d:e8:e9:79:9d:af:7f:e0:40:cc:e5:
3a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:FE:EB:E2:72:C1:DA:DF:FE:D6:13:A4:1E:B9:04:B5:3E:B9:A6:62
X509v3 Authority Key Identifier:
keyid:05:6A:D2:F4:FF:C5:87:2E:35:A4:29:E5:3E:F1:79:92:5F:F4:21:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWrS9P_Fhy41pCnlPvF5kl_0IV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/Kf7r4nLB2t_-1hOkHrkEtT65pmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/BWrS9P_Fhy41pCnlPvF5kl_0IV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.98.110.0/24
193.101.58.0/24
193.102.227.0/24
195.244.228.0/23
195.244.232.0-195.244.236.255
195.244.240.0/21
195.244.254.0/23
IPv6:
2a00:fa8::/32
Signature Algorithm: sha256WithRSAEncryption
0c:23:63:73:4b:30:3c:e1:4b:83:3a:a3:60:88:b8:0a:7d:07:
8e:10:40:9d:aa:fa:66:9d:6b:e2:17:88:ba:63:44:46:55:b2:
3b:e2:48:c6:f3:87:68:6c:bf:4a:79:66:f2:a0:a5:8e:cc:47:
0d:61:c2:d2:ab:26:25:0f:3c:ec:e6:94:af:f7:82:63:53:59:
5b:93:4d:d9:e4:bc:5b:a9:c0:bc:68:a7:4b:a1:dc:64:f8:04:
a4:aa:2c:79:36:5f:86:64:16:9c:4b:28:91:4e:bf:93:a8:56:
08:8e:a4:3a:49:6f:a6:d6:f3:ae:b6:21:c4:12:fe:b8:c1:88:
07:55:90:f1:79:43:1b:df:51:6a:5f:a4:ff:59:40:49:83:79:
cc:b6:41:d6:0a:9a:e7:40:fc:8e:4f:74:76:23:7d:bb:db:cd:
6f:e0:e5:2a:68:5d:b5:09:5c:f5:01:60:a7:94:38:a2:fb:96:
19:49:b5:33:a9:3e:b6:f1:b6:c4:21:7d:b3:e2:5a:54:e6:5e:
ad:33:ff:1d:09:ee:92:5d:87:0b:8b:c7:73:19:ac:d8:4f:3f:
65:1d:22:a0:2a:ea:3f:15:98:0f:8b:a7:50:ed:62:53:5c:92:
8e:6e:6d:94:05:98:d3:6c:97:97:a0:4d:1a:29:4f:cc:18:44:
e7:0c:76:66
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIEGbicwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTZhZDJmNGZmYzU4NzJlMzVhNDI5ZTUzZWYxNzk5MjVmZjQyMTVlMB4XDTIyMDUy
NTAxMzMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjlmZWViZTI3MmMx
ZGFkZmZlZDYxM2E0MWViOTA0YjUzZWI5YTY2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO0FXWe7OlcM/rTpJfH7I0NImqJDBn10UaPcYtqwMp4upojD
O78f7F0ssns1gQ7udPLsYO9wBCzKzV+q9Wr/vZERnbxqeGmdP2vvCpkwmFQcMoFy
0pbmP2eUi7yo+7xarqhzD4fq8oLo7KMnIXXKMtrxAFOLktBH3UuGiE0skAh0piKk
dYhZT4UnP2lenO1k2hsWgmVc8kqtKUURkMz7MbUoajm24FD/5mqFg26RBCy3Sfo7
lA2A/TBz9rMcYfclCUuw5AtYHCrS+7axAllxvBPbf0YV+xa3kA5WNzuQdx7ECUim
5k/7Ff1fhfiiaLNtBygQAy3o6Xmdr3/gQMzlOqECAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBQp/uvicsHa3/7WE6QeuQS1PrmmYjAfBgNVHSMEGDAWgBQFatL0/8WHLjWk
KeU+8XmSX/QhXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JXclM5UF9GaHk0MXBDbmxQdkY1a2xfMElWNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvNDMzMGZlLWRiZmMtNDgxZi04ZmQ5LTFlNGZjYjFjNjBjYi8x
L0tmN3I0bkxCMnRfLTFoT2tIcmtFdFQ2NXBtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
NDMzMGZlLWRiZmMtNDgxZi04ZmQ5LTFlNGZjYjFjNjBjYi8xL0JXclM5UF9GaHk0
MXBDbmxQdkY1a2xfMElWNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwOAQCAAEwMgMEAMFibgMEAMFlOgMEAMFm4wMEAcP0
5DAMAwQDw/ToAwQAw/TsAwQDw/TwAwQBw/T+MA0EAgACMAcDBQAqAA+oMA0GCSqG
SIb3DQEBCwUAA4IBAQAMI2NzSzA84UuDOqNgiLgKfQeOEECdqvpmnWviF4i6Y0RG
VbI74kjG84dobL9KeWbyoKWOzEcNYcLSqyYlDzzs5pSv94JjU1lbk03Z5LxbqcC8
aKdLodxk+ASkqix5Nl+GZBacSyiRTr+TqFYIjqQ6SW+m1vOutiHEEv64wYgHVZDx
eUMb31FqX6T/WUBJg3nMtkHWCprnQPyOT3R2I327281v4OUqaF21CVz1AWCnlDii
+5YZSbUzqT628bbEIX2z4lpU5l6tM/8dCe6SXYcLi8dzGazYTz9lHSKgKuo/FZgP
i6dQ7WJTXJKObm2UBZjTbJeXoE0aKU/MGETnDHZm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:42 2023 by rpki-client on console-ams.rpki-client.org