Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/KXVm4F_QXZKPaz1sppK2cN9aTnk.roa
File: KXVm4F_QXZKPaz1sppK2cN9aTnk.roa (raw, json)
Hash identifier: RXZbJTaoQ9LQctvs7TrleeXDfNyRefe4ppHwCXAZi7c=
Subject key identifier: 29:75:66:E0:5F:D0:5D:92:8F:6B:3D:6C:A6:92:B6:70:DF:5A:4E:79
Certificate issuer: /CN=d897faea94815e0520b46f185c3ebec29b376ef0
Certificate serial: 32789B
Authority key identifier: D8:97:FA:EA:94:81:5E:05:20:B4:6F:18:5C:3E:BE:C2:9B:37:6E:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Jf66pSBXgUgtG8YXD6-wps3bvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/KXVm4F_QXZKPaz1sppK2cN9aTnk.roa
Signing time: Thu 09 Jun 2022 13:08:04 +0000
ROA not before: Thu 09 Jun 2022 13:08:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212882
IP address blocks: 185.14.110.0/24 maxlen: 24
185.14.111.0/24 maxlen: 24
185.14.108.0/24 maxlen: 24
185.14.109.0/24 maxlen: 24
95.130.184.0/22 maxlen: 23
95.130.186.0/23 maxlen: 23
2a03:ac40:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3307675 (0x32789b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d897faea94815e0520b46f185c3ebec29b376ef0
Validity
Not Before: Jun 9 13:08:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=297566e05fd05d928f6b3d6ca692b670df5a4e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:22:2b:2f:fe:d8:9f:cb:e2:20:5c:47:ad:c7:
8a:8d:01:1d:f8:43:56:f7:e7:52:91:48:99:af:e8:
fa:b9:17:a6:bb:1a:3c:b7:38:23:c1:16:51:53:2e:
24:2e:45:77:e3:72:27:fe:98:2d:73:02:2a:f8:dd:
06:fd:ba:1b:73:d3:bd:bc:90:de:43:00:c4:ef:27:
bd:41:50:47:b8:2c:03:25:02:70:c6:c5:58:38:ca:
56:73:59:ad:68:c1:cf:14:c8:d6:46:d5:6c:b2:11:
7c:84:78:62:47:d3:50:ba:fe:04:23:8b:ef:81:a7:
8b:e1:30:46:40:fa:4f:73:c8:f0:99:92:30:67:93:
a7:93:5a:c9:f8:3a:a3:be:d8:2a:42:ed:5b:fe:93:
da:76:a5:75:37:41:15:75:ad:c9:72:d9:4f:f8:fa:
60:5c:a9:c2:a9:4e:1b:4d:df:82:a9:d5:bb:0e:54:
bd:04:32:b7:cc:c9:df:b3:2d:9f:a2:98:dc:5f:3b:
24:06:dc:d2:43:46:b0:0c:e0:b9:61:b8:5d:de:2e:
84:60:0f:b4:b9:6f:7c:8e:5b:46:a4:72:47:92:24:
3e:31:ad:a7:ee:93:7c:50:9b:43:b8:b5:30:ee:98:
f9:ea:ae:2d:aa:d6:76:58:8d:28:6a:6c:f7:4b:45:
47:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:75:66:E0:5F:D0:5D:92:8F:6B:3D:6C:A6:92:B6:70:DF:5A:4E:79
X509v3 Authority Key Identifier:
keyid:D8:97:FA:EA:94:81:5E:05:20:B4:6F:18:5C:3E:BE:C2:9B:37:6E:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Jf66pSBXgUgtG8YXD6-wps3bvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/KXVm4F_QXZKPaz1sppK2cN9aTnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/2Jf66pSBXgUgtG8YXD6-wps3bvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.184.0/22
185.14.108.0/22
IPv6:
2a03:ac40:1::/48
Signature Algorithm: sha256WithRSAEncryption
04:d6:bf:18:21:f7:aa:95:70:8c:e0:80:d6:d8:e7:06:a9:d4:
b9:23:0a:7d:70:ad:8f:f3:6c:1f:57:38:51:79:cf:7e:7e:ab:
dd:ff:d2:97:76:2f:ab:61:1d:cf:ee:2a:7e:be:6e:63:0a:dd:
da:d5:0c:29:be:ab:7c:d5:f6:9a:81:3d:50:fa:73:3d:57:2b:
6b:37:6b:ce:89:d8:0f:56:b7:3e:f3:9a:e4:fb:41:a3:50:50:
37:77:d0:da:4f:2d:16:35:37:7c:6d:72:b6:5a:eb:36:39:27:
dd:30:dd:8d:7c:b7:b7:91:3f:ae:f6:a5:2e:24:12:01:62:a0:
c7:8e:c9:78:fd:1f:6c:cc:c6:75:75:79:2e:70:6d:da:90:ba:
e8:f7:ef:49:f3:d2:82:82:bc:40:95:26:ed:cb:c7:22:60:54:
42:e5:dc:7f:d6:6f:8a:7c:50:be:c2:91:37:fb:8f:b7:da:b5:
8c:39:82:0a:f5:8f:b5:bf:b5:f0:3d:eb:fa:ab:14:16:d5:37:
a1:15:a3:45:51:3b:64:28:b3:2d:d6:a9:f6:19:eb:2c:38:1b:
da:dc:ce:76:7f:e7:1f:e6:fc:ea:3d:2f:56:78:a6:b9:4a:63:
5b:cb:dc:2a:da:b6:d6:f8:90:e3:17:00:3e:30:dc:d3:11:d4:
7d:70:0b:c1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIDMnibMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
OTdmYWVhOTQ4MTVlMDUyMGI0NmYxODVjM2ViZWMyOWIzNzZlZjAwHhcNMjIwNjA5
MTMwODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOTc1NjZlMDVmZDA1
ZDkyOGY2YjNkNmNhNjkyYjY3MGRmNWE0ZTc5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxCIrL/7Yn8viIFxHrceKjQEd+ENW9+dSkUiZr+j6uRemuxo8
tzgjwRZRUy4kLkV343In/pgtcwIq+N0G/bobc9O9vJDeQwDE7ye9QVBHuCwDJQJw
xsVYOMpWc1mtaMHPFMjWRtVsshF8hHhiR9NQuv4EI4vvgaeL4TBGQPpPc8jwmZIw
Z5Onk1rJ+DqjvtgqQu1b/pPadqV1N0EVda3JctlP+PpgXKnCqU4bTd+CqdW7DlS9
BDK3zMnfsy2fopjcXzskBtzSQ0awDOC5Ybhd3i6EYA+0uW98jltGpHJHkiQ+Ma2n
7pN8UJtDuLUw7pj56q4tqtZ2WI0oamz3S0VHyQIDAQABo4ICIDCCAhwwHQYDVR0O
BBYEFCl1ZuBf0F2Sj2s9bKaStnDfWk55MB8GA1UdIwQYMBaAFNiX+uqUgV4FILRv
GFw+vsKbN27wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MkpmNjZwU0JYZ1VndEc4WVhENi13cHMzYnZBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jOC83NmEyMTYtY2FlNy00ODg2LThlNzctYzgxM2NlMGY1ZTQ3LzEv
S1hWbTRGX1FYWktQYXoxc3BwSzJjTjlhVG5rLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC83
NmEyMTYtY2FlNy00ODg2LThlNzctYzgxM2NlMGY1ZTQ3LzEvMkpmNjZwU0JYZ1Vn
dEc4WVhENi13cHMzYnZBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYG
CCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCX4K4AwQCuQ5sMA8EAgACMAkDBwAq
A6xAAAEwDQYJKoZIhvcNAQELBQADggEBAATWvxgh96qVcIzggNbY5wap1LkjCn1w
rY/zbB9XOFF5z35+q93/0pd2L6thHc/uKn6+bmMK3drVDCm+q3zV9pqBPVD6cz1X
K2s3a86J2A9Wtz7zmuT7QaNQUDd30NpPLRY1N3xtcrZa6zY5J90w3Y18t7eRP672
pS4kEgFioMeOyXj9H2zMxnV1eS5wbdqQuuj370nz0oKCvECVJu3LxyJgVELl3H/W
b4p8UL7CkTf7j7fatYw5ggr1j7W/tfA96/qrFBbVN6EVo0VRO2Qosy3WqfYZ6yw4
G9rcznZ/5x/m/Oo9L1Z4prlKY1vL3Crattb4kOMXAD4w3NMR1H1wC8E=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:43 2023 by rpki-client on console-ams.rpki-client.org