Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/kamnauhBQwjyYRImBUXM1jmFwBE.roa
File: kamnauhBQwjyYRImBUXM1jmFwBE.roa (raw, json)
Hash identifier: CfbZMdJfWNQIBMzc/grQb3+5JaXs53DJEMpO45fX8Cs=
Subject key identifier: 91:A9:A7:6A:E8:41:43:08:F2:61:12:26:05:45:CC:D6:39:85:C0:11
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01853E8BB7580791A6C51B3A688745B1AE6B
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/kamnauhBQwjyYRImBUXM1jmFwBE.roa
Signing time: Fri 23 Dec 2022 10:33:41 +0000
ROA not before: Fri 23 Dec 2022 10:33:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48146
IP address blocks: 92.118.248.0/22 maxlen: 24
151.237.131.0/24 maxlen: 24
185.240.22.0/24 maxlen: 24
185.240.20.0/23 maxlen: 24
185.240.23.0/24 maxlen: 24
151.237.58.0/24 maxlen: 24
194.36.104.0/22 maxlen: 24
185.209.8.0/22 maxlen: 24
151.237.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:8b:b7:58:07:91:a6:c5:1b:3a:68:87:45:b1:ae:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 23 10:33:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91a9a76ae8414308f26112260545ccd63985c011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a0:97:93:30:3d:ac:a5:63:8a:a5:d3:f3:82:
0a:52:73:22:e8:b1:6e:ad:05:04:3f:fb:d4:03:41:
b2:9f:91:31:16:b6:73:ac:b9:ca:3a:89:3d:8c:ef:
46:db:7d:b3:83:dd:e6:8f:dc:5c:57:e2:97:64:c5:
a8:88:74:1f:9d:fa:00:c9:8b:2d:15:cc:a3:9c:6e:
4e:94:c6:b2:84:9e:43:a3:7b:6f:45:7b:b7:50:a2:
78:4a:85:fa:5d:60:7c:8e:0d:d1:4c:9f:8c:07:dc:
40:87:7d:d1:a6:d0:04:94:12:9d:7b:46:cf:16:a5:
67:ca:d5:ba:96:57:e1:5b:4e:f0:05:ec:47:c9:5f:
89:29:5c:82:44:07:08:f3:53:16:2c:a2:fd:82:15:
0c:50:ca:91:4f:ad:80:63:d8:6b:fa:20:f2:f9:39:
b8:97:5c:8f:94:2a:ce:fa:54:f3:86:af:a6:b6:5f:
fa:cc:e4:75:92:fc:4a:2b:ed:d9:ab:27:f5:dd:39:
d5:02:20:46:67:25:f8:de:fb:c2:fc:37:cb:6f:9b:
a5:b0:70:bf:1c:90:db:4c:20:78:58:10:45:7b:76:
dd:d2:f1:e8:04:db:d3:0e:2a:c0:1a:ef:4d:71:25:
5d:ad:5b:55:90:33:ed:b4:bd:b6:dd:23:3a:0b:39:
ce:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A9:A7:6A:E8:41:43:08:F2:61:12:26:05:45:CC:D6:39:85:C0:11
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/kamnauhBQwjyYRImBUXM1jmFwBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.248.0/22
151.237.58.0/23
151.237.131.0/24
185.209.8.0/22
185.240.20.0/22
194.36.104.0/22
Signature Algorithm: sha256WithRSAEncryption
04:5d:c4:c6:d8:82:f0:5b:74:26:f5:d6:58:9e:86:d6:54:61:
59:a2:bb:3a:54:cd:f1:87:36:16:b0:ba:7a:e5:fe:db:04:a6:
33:44:4d:30:0a:d2:10:08:03:fd:bf:72:d1:33:30:51:0d:2b:
48:17:57:1f:8a:00:cd:cc:43:37:3b:08:54:16:c5:c7:70:14:
44:90:4e:a2:73:f0:46:c1:e2:fe:5a:91:97:67:5c:93:0f:24:
42:fc:3c:21:09:a8:a3:b5:66:f1:29:33:e9:38:09:9e:b0:c6:
91:e5:d1:1e:57:27:20:6f:b4:23:cc:a5:4c:93:86:3e:e6:6e:
e6:c5:7f:f1:ee:5a:c9:05:02:17:9b:f6:e8:0b:81:c0:1e:dc:
a6:ac:8e:54:d4:78:4a:0d:52:c2:27:8e:dd:83:b2:3a:65:16:
d3:0e:0e:87:14:02:7a:8c:19:c8:66:70:71:ca:c6:10:69:49:
45:b9:cc:cf:e6:71:76:ca:05:a4:03:64:c3:69:18:f7:1c:94:
b1:c4:3d:b8:5f:03:ce:87:b3:3a:18:9b:39:32:4a:97:9e:95:
64:f5:ea:15:e3:64:2a:5f:2a:f7:09:c4:6d:cf:fa:4f:67:e4:
67:3e:8f:04:86:59:5a:83:e4:40:fd:20:e4:5f:e5:42:3d:bb:
f8:7f:4b:ff
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYU+i7dYB5GmxRs6aIdFsa5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIzMTAzMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWE5YTc2YWU4NDE0MzA4ZjI2MTEyMjYwNTQ1Y2NkNjM5ODVjMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKCXkzA9rKVjiqXT84IKUnMi6LFu
rQUEP/vUA0Gyn5ExFrZzrLnKOok9jO9G232zg93mj9xcV+KXZMWoiHQfnfoAyYst
FcyjnG5OlMayhJ5Do3tvRXu3UKJ4SoX6XWB8jg3RTJ+MB9xAh33RptAElBKde0bP
FqVnytW6llfhW07wBexHyV+JKVyCRAcI81MWLKL9ghUMUMqRT62AY9hr+iDy+Tm4
l1yPlCrO+lTzhq+mtl/6zOR1kvxKK+3Zqyf13TnVAiBGZyX43vvC/DfLb5ulsHC/
HJDbTCB4WBBFe3bd0vHoBNvTDirAGu9NcSVdrVtVkDPttL223SM6CznOcwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJGpp2roQUMI8mESJgVFzNY5hcARMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEva2FtbmF1aEJRd2p5WVJJbUJVWE0xam1Gd0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCXHb4AwQB
l+06AwQAl+2DAwQCudEIAwQCufAUAwQCwiRoMA0GCSqGSIb3DQEBCwUAA4IBAQAE
XcTG2ILwW3Qm9dZYnobWVGFZors6VM3xhzYWsLp65f7bBKYzRE0wCtIQCAP9v3LR
MzBRDStIF1cfigDNzEM3OwhUFsXHcBREkE6ic/BGweL+WpGXZ1yTDyRC/DwhCaij
tWbxKTPpOAmesMaR5dEeVycgb7QjzKVMk4Y+5m7mxX/x7lrJBQIXm/boC4HAHtym
rI5U1HhKDVLCJ47dg7I6ZRbTDg6HFAJ6jBnIZnBxysYQaUlFuczP5nF2ygWkA2TD
aRj3HJSxxD24XwPOh7M6GJs5MkqXnpVk9eoV42QqXyr3CcRtz/pPZ+RnPo8Ehlla
g+RA/SDkX+VCPbv4f0v/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:51 2024 by rpki-client on console-ams.rpki-client.org