Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/KJLJUkJlOTEipkpfmuoyhRJlZJ0.roa
File: KJLJUkJlOTEipkpfmuoyhRJlZJ0.roa (raw, json)
Hash identifier: 76WhoFUJGlpqLjkz3QbWCoS+0zgFOmWeR8WFPeSaJuA=
Subject key identifier: 28:92:C9:52:42:65:39:31:22:A6:4A:5F:9A:EA:32:85:12:65:64:9D
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185304F15C77B1902B5E5D96D45ACAD94F7
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/KJLJUkJlOTEipkpfmuoyhRJlZJ0.roa
Signing time: Tue 20 Dec 2022 16:12:47 +0000
ROA not before: Tue 20 Dec 2022 16:12:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48990
IP address blocks: 185.210.88.0/22 maxlen: 24
185.235.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:4f:15:c7:7b:19:02:b5:e5:d9:6d:45:ac:ad:94:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 20 16:12:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2892c9524265393122a64a5f9aea32851265649d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:31:75:17:b5:fe:59:c3:db:46:50:88:bd:4b:
38:af:cc:25:5c:b3:f1:e6:0c:e6:a5:9b:72:d2:72:
cb:ea:94:0d:71:55:6e:7f:1e:34:49:e5:b0:cc:4e:
68:d3:7b:d0:a8:06:5b:60:1b:71:bb:49:0f:c6:93:
26:43:af:ae:e1:ad:68:db:47:8c:dc:3d:e1:6c:5e:
2b:a9:f8:23:ff:2b:9b:75:ba:09:9f:9d:0d:97:1d:
34:67:7b:b4:0d:59:ea:44:21:d7:ee:7a:0c:a0:30:
5b:1d:22:46:c5:82:7b:b1:ec:43:d1:bb:bf:d5:9f:
ef:92:cf:98:02:1e:71:f1:9c:a7:ff:3e:5f:bd:40:
2f:3b:88:bb:4d:b0:94:d4:0e:db:cb:69:9a:2d:be:
0b:df:bb:87:e9:70:f9:24:c6:49:da:a5:8d:f3:43:
e0:1f:dd:f6:d6:7d:25:5e:20:9c:7e:d3:ca:88:1f:
f8:a0:f3:19:a6:50:c2:fb:d4:1e:3a:19:b6:b8:d4:
f9:ce:c5:c9:cd:81:30:1c:97:15:63:a8:77:ff:8a:
9c:a4:7e:45:3c:39:d4:f1:24:53:b8:94:11:19:b5:
6b:a9:1f:30:6d:31:be:88:99:83:6d:a0:ce:38:d1:
cc:b1:c0:6e:6c:81:9d:da:c0:c8:a5:ab:3d:63:87:
ff:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:92:C9:52:42:65:39:31:22:A6:4A:5F:9A:EA:32:85:12:65:64:9D
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/KJLJUkJlOTEipkpfmuoyhRJlZJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.88.0/22
185.235.100.0/22
Signature Algorithm: sha256WithRSAEncryption
88:3e:97:89:ec:63:bb:9a:0d:9a:e1:b9:b6:c8:8e:1f:3f:5d:
48:ca:b6:c2:8c:77:de:22:bc:67:f2:e6:f7:07:e5:f2:9a:6d:
ec:64:3c:49:ef:aa:a9:9e:9d:82:64:7b:08:b5:02:a0:d0:08:
d0:40:61:a3:28:68:9d:25:ee:f0:af:7a:64:3c:4c:54:a6:cd:
e5:8e:5a:2a:7f:ac:de:36:e4:75:54:b0:d6:9a:18:60:f3:e3:
87:6f:f3:d9:fe:71:65:8a:c6:9b:ed:78:87:b6:50:c1:b3:05:
ce:97:93:55:47:26:f7:f7:1e:30:11:0f:fc:a5:3a:46:95:e8:
c0:c4:91:14:50:f4:3d:ff:68:c0:c0:67:ad:ca:b0:fe:7d:be:
2c:00:25:e3:79:4d:cd:82:f2:84:17:54:71:6f:75:3d:1d:a1:
79:a5:5f:3f:99:0b:c0:e7:65:29:f9:99:d3:ce:a9:0f:89:25:
f8:3d:08:0e:3f:51:ae:df:e8:a9:43:66:18:b0:4a:90:02:d8:
04:8e:16:e8:24:5f:ca:3e:8c:fa:85:ca:a5:b3:3e:0c:77:b6:
01:6e:ff:a5:41:fb:3e:37:2f:4d:a5:da:5f:77:82:71:8e:91:
ea:15:56:06:eb:9e:79:06:c0:c1:c6:eb:21:48:89:cd:09:9b:
8f:68:ca:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUwTxXHexkCteXZbUWsrZT3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIwMTYxMjQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODkyYzk1MjQyNjUzOTMxMjJhNjRhNWY5YWVhMzI4NTEyNjU2NDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzF1F7X+WcPbRlCIvUs4r8wlXLPx
5gzmpZty0nLL6pQNcVVufx40SeWwzE5o03vQqAZbYBtxu0kPxpMmQ6+u4a1o20eM
3D3hbF4rqfgj/yubdboJn50Nlx00Z3u0DVnqRCHX7noMoDBbHSJGxYJ7sexD0bu/
1Z/vks+YAh5x8Zyn/z5fvUAvO4i7TbCU1A7by2maLb4L37uH6XD5JMZJ2qWN80Pg
H9321n0lXiCcftPKiB/4oPMZplDC+9QeOhm2uNT5zsXJzYEwHJcVY6h3/4qcpH5F
PDnU8SRTuJQRGbVrqR8wbTG+iJmDbaDOONHMscBubIGd2sDIpas9Y4f/TQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCiSyVJCZTkxIqZKX5rqMoUSZWSdMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvS0pMSlVrSmxPVEVpcGtwZm11b3loUkpsWkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCudJYAwQC
uetkMA0GCSqGSIb3DQEBCwUAA4IBAQCIPpeJ7GO7mg2a4bm2yI4fP11IyrbCjHfe
Irxn8ub3B+Xymm3sZDxJ76qpnp2CZHsItQKg0AjQQGGjKGidJe7wr3pkPExUps3l
jloqf6zeNuR1VLDWmhhg8+OHb/PZ/nFlisab7XiHtlDBswXOl5NVRyb39x4wEQ/8
pTpGlejAxJEUUPQ9/2jAwGetyrD+fb4sACXjeU3NgvKEF1Rxb3U9HaF5pV8/mQvA
52Up+ZnTzqkPiSX4PQgOP1Gu3+ipQ2YYsEqQAtgEjhboJF/KPoz6hcqlsz4Md7YB
bv+lQfs+Ny9Npdpfd4JxjpHqFVYG6555BsDBxushSInNCZuPaMoX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org