Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/KRCItjTIwF6lyqUjvDr9722XkCs.roa
File: KRCItjTIwF6lyqUjvDr9722XkCs.roa (raw, json)
Hash identifier: ZCih/Soj2OhAl4RD+Tm+4zLs1Fj1fnhJivrN577PA4k=
Subject key identifier: 29:10:88:B6:34:C8:C0:5E:A5:CA:A5:23:BC:3A:FD:EF:6D:97:90:2B
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 199AA5A8
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/KRCItjTIwF6lyqUjvDr9722XkCs.roa
Signing time: Sun 10 Apr 2022 22:04:23 +0000
ROA not before: Sun 10 Apr 2022 22:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46261
IP address blocks: 5.183.204.0/23 maxlen: 32
45.12.232.0/24 maxlen: 32
45.82.206.0/23 maxlen: 32
45.15.38.0/23 maxlen: 32
92.119.151.0/24 maxlen: 32
193.187.153.0/24 maxlen: 32
193.187.154.0/23 maxlen: 32
45.14.46.0/24 maxlen: 32
45.138.210.0/23 maxlen: 24
193.160.212.0/24 maxlen: 32
213.232.104.0/24 maxlen: 32
5.181.148.0/23 maxlen: 32
45.67.16.0/23 maxlen: 32
185.226.75.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 429565352 (0x199aa5a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 10 22:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=291088b634c8c05ea5caa523bc3afdef6d97902b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cf:20:62:f3:59:0d:a7:c9:87:31:2d:f0:00:
ec:52:9a:f3:73:1d:5e:86:e2:5e:a3:09:bf:0e:97:
46:e5:3c:7f:4a:66:2d:32:c3:9a:79:ac:ef:93:91:
11:57:ad:4f:81:a6:85:d7:58:41:df:17:7f:34:95:
24:69:61:cc:be:c8:54:d1:5c:7b:d7:18:a6:65:95:
d7:93:3c:77:d2:fd:f1:f8:9d:73:79:a1:7d:da:90:
ff:d1:76:a5:4f:a8:9b:f9:3d:1b:c9:ce:37:f1:9b:
f5:97:66:bb:23:02:3a:3e:93:a4:41:36:38:54:ab:
2a:90:e1:02:7e:c4:8d:97:1b:f9:6f:5f:88:8c:d5:
17:65:50:6f:84:dd:a7:72:f1:ed:5f:de:52:c9:b1:
d6:be:47:4f:11:ae:ca:9b:ef:cc:7f:ea:9d:43:96:
28:b0:dc:b9:e2:72:71:20:c4:ad:d4:1d:ed:a4:a9:
12:da:fa:bf:86:7c:18:09:fc:22:04:0c:ba:9e:e8:
91:25:a2:ea:b3:73:eb:8c:a0:6a:8b:6e:4f:d3:f0:
f4:e1:0f:b1:ea:95:89:12:28:67:59:bd:98:53:ad:
9a:eb:02:1a:7b:b9:8e:3b:43:58:1f:c0:27:8c:37:
b6:14:9f:56:08:d6:fa:82:27:11:fa:fd:52:55:f5:
ea:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:10:88:B6:34:C8:C0:5E:A5:CA:A5:23:BC:3A:FD:EF:6D:97:90:2B
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/KRCItjTIwF6lyqUjvDr9722XkCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.148.0/23
5.183.204.0/23
45.12.232.0/24
45.14.46.0/24
45.15.38.0/23
45.67.16.0/23
45.82.206.0/23
45.138.210.0/23
92.119.151.0/24
185.226.75.0/24
193.160.212.0/24
193.187.153.0-193.187.155.255
213.232.104.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:b2:2a:b7:7b:60:b7:60:f8:09:ea:aa:94:32:44:6a:e3:96:
1f:bb:6f:b6:55:6e:36:36:7d:23:b0:5a:86:bb:9d:c8:c2:95:
d6:9d:e0:c0:ca:aa:e4:6f:b3:af:03:b4:70:65:77:48:69:0e:
f3:81:8d:3b:63:a0:a4:50:29:c5:0a:27:25:3f:af:fc:3c:6d:
56:d2:ba:98:f8:0b:ff:58:7c:a0:92:b0:03:6a:46:9a:96:5a:
d0:1f:fe:89:6b:7f:48:00:fd:76:7c:0b:33:8d:5a:38:70:15:
c7:9e:dd:16:59:63:6e:30:3b:10:05:1f:ba:82:47:05:b6:e4:
68:c7:4d:45:85:f2:90:a0:8b:d4:68:19:d6:d9:9e:49:24:a6:
eb:7a:ea:4c:8a:18:fb:15:69:c7:75:29:7e:39:59:dd:ae:04:
0e:9f:99:60:27:1b:d2:07:3d:33:97:28:04:fa:27:07:97:15:
15:b8:b4:2b:2a:aa:e5:30:cb:78:1d:bf:d5:cf:6c:d8:eb:9f:
a1:bf:e1:c8:74:8b:f9:e6:33:48:4d:d8:31:0f:88:7c:d0:0c:
0f:c9:37:e2:e8:01:cd:1e:52:2a:a0:c4:25:57:13:23:08:05:
08:2f:e3:36:b6:43:77:e4:56:e4:54:85:2b:fb:19:df:a5:de:
e9:fc:5c:27
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIEGZqlqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQx
MDIyMDQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkxMDg4YjYzNGM4
YzA1ZWE1Y2FhNTIzYmMzYWZkZWY2ZDk3OTAyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMnPIGLzWQ2nyYcxLfAA7FKa83MdXobiXqMJvw6XRuU8f0pm
LTLDmnms75OREVetT4GmhddYQd8XfzSVJGlhzL7IVNFce9cYpmWV15M8d9L98fid
c3mhfdqQ/9F2pU+om/k9G8nON/Gb9ZdmuyMCOj6TpEE2OFSrKpDhAn7EjZcb+W9f
iIzVF2VQb4Tdp3Lx7V/eUsmx1r5HTxGuypvvzH/qnUOWKLDcueJycSDErdQd7aSp
Etr6v4Z8GAn8IgQMup7okSWi6rNz64ygaotuT9Pw9OEPseqViRIoZ1m9mFOtmusC
Gnu5jjtDWB/AJ4w3thSfVgjW+oInEfr9UlX16icCAwEAAaOCAlkwggJVMB0GA1Ud
DgQWBBQpEIi2NMjAXqXKpSO8Ov3vbZeQKzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L0tSQ0l0alRJd0Y2bHlxVWp2RHI5NzIyWGtDcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBv
BggrBgEFBQcBBwEB/wRgMF4wXAQCAAEwVgMEAQW1lAMEAQW3zAMEAC0M6AMEAC0O
LgMEAS0PJgMEAS1DEAMEAS1SzgMEAS2K0gMEAFx3lwMEALniSwMEAMGg1DAMAwQA
wbuZAwQCwbuYAwQA1ehoMA0GCSqGSIb3DQEBCwUAA4IBAQDKsiq3e2C3YPgJ6qqU
MkRq45Yfu2+2VW42Nn0jsFqGu53IwpXWneDAyqrkb7OvA7RwZXdIaQ7zgY07Y6Ck
UCnFCiclP6/8PG1W0rqY+Av/WHygkrADakaallrQH/6Ja39IAP12fAszjVo4cBXH
nt0WWWNuMDsQBR+6gkcFtuRox01FhfKQoIvUaBnW2Z5JJKbreupMihj7FWnHdSl+
OVndrgQOn5lgJxvSBz0zlygE+icHlxUVuLQrKqrlMMt4Hb/Vz2zY65+hv+HIdIv5
5jNITdgxD4h80AwPyTfi6AHNHlIqoMQlVxMjCAUIL+M2tkN35FbkVIUr+xnfpd7p
/Fwn
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org