Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/kkHN-f5wOHUra9IIPQlfTFaCdOw.roa
File: kkHN-f5wOHUra9IIPQlfTFaCdOw.roa (raw, json)
Hash identifier: hIog3Ca0SxXk/CtB6kRXdYgnwB6g4VE9SYPIjfWa418=
Subject key identifier: 92:41:CD:F9:FE:70:38:75:2B:6B:D2:08:3D:09:5F:4C:56:82:74:EC
Certificate issuer: /CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
Certificate serial: 071CB848
Authority key identifier: D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/kkHN-f5wOHUra9IIPQlfTFaCdOw.roa
Signing time: Wed 08 Jun 2022 12:02:16 +0000
ROA not before: Wed 08 Jun 2022 12:02:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200561
IP address blocks: 185.79.24.0/22 maxlen: 22
185.79.24.0/24 maxlen: 24
185.79.25.0/24 maxlen: 24
185.175.29.0/24 maxlen: 24
185.175.28.0/24 maxlen: 24
185.175.28.0/22 maxlen: 24
2a0b:cb00::/29 maxlen: 29
2a03:20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119322696 (0x71cb848)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
Validity
Not Before: Jun 8 12:02:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9241cdf9fe7038752b6bd2083d095f4c568274ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:95:c1:13:e6:02:ae:f6:cd:89:9b:67:72:17:
a4:28:52:73:16:e2:c5:11:be:1e:7e:e5:7e:6e:73:
ad:5a:ed:d9:39:d1:80:55:e6:d5:e5:50:8b:d7:11:
5a:91:47:93:e5:b1:63:71:3a:60:1f:b6:eb:7e:81:
71:41:01:8f:bf:1f:a8:c0:70:b3:1b:75:70:a1:39:
1a:f4:fc:6b:51:b8:f0:38:46:f6:0f:bd:bd:b2:9f:
a3:f0:85:d2:90:30:a7:4c:51:ab:50:22:04:a9:58:
33:3b:63:a6:98:10:fd:38:a3:4c:42:be:6c:91:8b:
a9:76:78:e3:15:37:05:d8:11:f5:a3:a7:f8:6c:8a:
d2:24:a8:ab:91:eb:f7:30:4d:1f:8f:fd:50:21:dd:
5f:ba:7f:2f:94:63:b6:ec:48:78:e6:da:e2:7b:39:
7f:e1:f8:ec:26:ce:a2:66:e5:a1:23:5c:9f:93:a3:
45:24:59:ba:5b:10:52:79:7f:03:e5:69:2e:00:9f:
3b:13:f1:ad:89:c8:56:0e:bf:85:96:15:f5:3b:9a:
44:79:86:ef:0b:bc:c9:99:eb:9e:18:8d:b4:aa:10:
58:79:92:34:ef:44:7b:f4:43:19:eb:88:95:08:37:
b4:68:a2:48:6e:b2:f0:92:8f:b9:b0:f7:58:ca:5e:
19:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:41:CD:F9:FE:70:38:75:2B:6B:D2:08:3D:09:5F:4C:56:82:74:EC
X509v3 Authority Key Identifier:
keyid:D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/kkHN-f5wOHUra9IIPQlfTFaCdOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1TX4-scGL3fyS5jNXDtUqJutSDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.24.0/22
185.175.28.0/22
IPv6:
2a03:20::/32
2a0b:cb00::/29
Signature Algorithm: sha256WithRSAEncryption
5b:24:1e:f9:ae:26:aa:2b:a1:5c:d5:3d:e4:2a:fe:55:d3:9b:
b6:04:b4:90:66:aa:6e:f7:c2:90:fc:01:f5:f5:86:86:60:ce:
a5:a2:e4:4d:86:57:cd:ec:35:5c:33:c4:b5:fb:12:85:b4:a0:
7b:92:69:1d:8f:fa:95:9a:f9:e2:19:00:7a:ee:dd:60:71:32:
19:a9:6c:6a:96:a6:20:d1:b7:47:19:59:d7:6e:85:a6:e6:90:
55:06:dc:d1:c2:60:36:35:b5:94:d9:c7:8a:8c:42:71:86:c5:
8c:a3:ce:31:ed:b2:a8:46:54:7e:65:ef:5c:42:6a:e1:ed:56:
0c:0c:e5:5f:96:d0:f5:cd:23:f0:6c:26:c5:70:ab:75:2a:94:
06:d5:86:c7:af:75:c8:69:22:1d:50:d3:70:24:45:76:ba:21:
12:42:16:dc:ee:17:3e:87:7f:b0:53:f7:75:26:6a:93:65:a3:
2b:da:e9:0a:1c:12:ec:cf:73:a3:e9:07:2b:d6:72:ee:ea:3d:
82:b2:58:85:b3:e6:4a:f7:78:6d:0a:15:60:c6:5b:f2:60:58:
2a:c1:de:ca:40:3b:dd:73:01:db:26:ca:93:95:7d:e7:ae:f4:
31:a9:73:ce:91:36:b2:ec:19:5a:37:e1:20:1e:6d:02:0d:2e:
1b:e1:4f:76
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBxy4SDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTM1ZjhmYWM3MDYyZjc3ZjI0Yjk4Y2Q1YzNiNTRhODliYWQ0ODM4MB4XDTIyMDYw
ODEyMDIxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTI0MWNkZjlmZTcw
Mzg3NTJiNmJkMjA4M2QwOTVmNGM1NjgyNzRlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyVwRPmAq72zYmbZ3IXpChScxbixRG+Hn7lfm5zrVrt2TnR
gFXm1eVQi9cRWpFHk+WxY3E6YB+2636BcUEBj78fqMBwsxt1cKE5GvT8a1G48DhG
9g+9vbKfo/CF0pAwp0xRq1AiBKlYMztjppgQ/TijTEK+bJGLqXZ44xU3BdgR9aOn
+GyK0iSoq5Hr9zBNH4/9UCHdX7p/L5RjtuxIeOba4ns5f+H47CbOombloSNcn5Oj
RSRZulsQUnl/A+VpLgCfOxPxrYnIVg6/hZYV9TuaRHmG7wu8yZnrnhiNtKoQWHmS
NO9Ee/RDGeuIlQg3tGiiSG6y8JKPubD3WMpeGYsCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBSSQc35/nA4dStr0gg9CV9MVoJ07DAfBgNVHSMEGDAWgBTVNfj6xwYvd/JL
mM1cO1Som61IODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFUWDQtc2NHTDNmeVM1ak5YRHRVcUp1dFNEZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvMDk3ZGExLTdjYzktNDM0My04MDI0LWIzMTBkNzFjMmNhZC8x
L2trSE4tZjV3T0hVcmE5SUlQUWxmVEZhQ2RPdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
MDk3ZGExLTdjYzktNDM0My04MDI0LWIzMTBkNzFjMmNhZC8xLzFUWDQtc2NHTDNm
eVM1ak5YRHRVcUp1dFNEZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEArlPGAMEArmvHDAUBAIAAjAOAwUA
KgMAIAMFAyoLywAwDQYJKoZIhvcNAQELBQADggEBAFskHvmuJqoroVzVPeQq/lXT
m7YEtJBmqm73wpD8AfX1hoZgzqWi5E2GV83sNVwzxLX7EoW0oHuSaR2P+pWa+eIZ
AHru3WBxMhmpbGqWpiDRt0cZWdduhabmkFUG3NHCYDY1tZTZx4qMQnGGxYyjzjHt
sqhGVH5l71xCauHtVgwM5V+W0PXNI/BsJsVwq3UqlAbVhsevdchpIh1Q03AkRXa6
IRJCFtzuFz6Hf7BT93UmapNloyva6QocEuzPc6PpByvWcu7qPYKyWIWz5kr3eG0K
FWDGW/JgWCrB3spAO91zAdsmypOVfeeu9DGpc86RNrLsGVo34SAebQINLhvhT3Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:23 2024 by rpki-client on console-ams.rpki-client.org