Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/kpLgKwxQ6ntnRYoJP3DqTU7C9SU.roa
File: kpLgKwxQ6ntnRYoJP3DqTU7C9SU.roa (raw, json)
Hash identifier: hI7s+7fO+HNujTJ4mLw153ySGLKLUxlaLcTZbj64fqg=
Subject key identifier: 92:92:E0:2B:0C:50:EA:7B:67:45:8A:09:3F:70:EA:4D:4E:C2:F5:25
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 19261F25
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/kpLgKwxQ6ntnRYoJP3DqTU7C9SU.roa
Signing time: Mon 14 Mar 2022 23:51:04 +0000
ROA not before: Mon 14 Mar 2022 23:51:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 5.183.204.0/23 maxlen: 32
193.187.153.0/24 maxlen: 32
45.82.206.0/23 maxlen: 32
45.12.232.0/24 maxlen: 32
45.10.2.0/23 maxlen: 32
2.59.174.0/23 maxlen: 32
213.232.104.0/24 maxlen: 32
45.15.38.0/23 maxlen: 32
92.119.150.0/23 maxlen: 32
45.67.16.0/23 maxlen: 32
91.188.203.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 421928741 (0x19261f25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Mar 14 23:51:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9292e02b0c50ea7b67458a093f70ea4d4ec2f525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c9:4d:e5:6d:ab:57:9b:fe:7f:8d:c6:bb:03:
21:3e:9b:9b:13:5a:df:96:de:fb:53:c4:58:03:01:
94:4a:d3:c1:81:78:b4:66:d2:7e:c1:f4:18:ce:aa:
29:ee:72:f9:e2:9f:c5:a0:bb:8e:4a:85:d9:92:0c:
b8:32:8a:c9:be:f1:e5:04:1f:f6:09:4d:25:19:86:
11:85:88:f9:de:85:9c:31:b4:51:5c:d0:72:54:1b:
67:5e:7e:54:24:d2:ad:f1:3b:ed:c7:0f:95:f0:75:
d6:70:02:d9:f8:9e:bd:19:28:a2:12:c9:cd:62:9d:
40:8b:e5:e9:2d:92:e4:b8:bf:ab:66:3c:2a:14:7c:
fb:5a:88:c1:a0:48:18:d2:7b:24:8d:5c:d8:4f:78:
59:a6:62:0a:7d:7d:42:aa:45:09:f1:dc:43:52:5f:
0d:d4:8e:16:1d:ca:57:51:3b:36:78:b9:4b:a6:9f:
79:7d:f2:1a:fd:35:77:30:d1:22:65:66:e6:a7:5a:
9b:9f:cc:63:90:80:36:40:ba:65:50:f2:a7:f8:52:
bb:ce:02:75:3b:b8:34:0b:b6:06:26:68:a8:71:c0:
33:6f:9e:9d:8b:c5:d0:47:7c:2c:33:4d:de:d2:65:
9d:29:7a:49:83:0d:f7:ee:e9:e7:01:de:b7:b8:87:
52:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:92:E0:2B:0C:50:EA:7B:67:45:8A:09:3F:70:EA:4D:4E:C2:F5:25
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/kpLgKwxQ6ntnRYoJP3DqTU7C9SU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.174.0/23
5.183.204.0/23
45.10.2.0/23
45.12.232.0/24
45.15.38.0/23
45.67.16.0/23
45.82.206.0/23
91.188.203.0/24
92.119.150.0/23
193.187.153.0/24
213.232.104.0/24
Signature Algorithm: sha256WithRSAEncryption
07:f8:96:e6:96:13:70:60:d5:66:ad:dc:d1:a2:25:b4:fd:37:
21:72:d1:79:3e:85:4a:dc:40:2c:d4:5f:0a:41:8b:84:64:83:
45:0a:5c:18:fd:53:7d:75:06:35:0f:4c:a8:83:f7:f9:ab:a9:
04:6d:62:fd:8e:e1:4e:08:13:0f:38:bf:ea:4c:dc:25:ec:7a:
88:a8:25:76:03:59:fe:61:52:61:94:ac:41:be:f0:cf:9c:fb:
37:76:9a:fc:c9:b9:0b:b4:15:cc:12:52:d9:00:ac:aa:96:12:
0c:b9:a9:ed:cc:b7:4e:74:7d:a2:5c:8d:e1:cd:bd:b8:93:ea:
62:a5:8e:dd:c5:8c:f4:39:43:c3:7b:86:ab:ec:5f:57:c0:ca:
57:24:0b:d8:65:94:59:3b:26:e3:e5:d3:a4:38:66:b3:86:fe:
b9:b2:69:04:1b:d6:9b:51:a0:01:7b:15:6e:9e:18:d2:7c:b3:
b5:1c:17:b1:80:c5:fa:d0:4e:bf:94:cc:ad:33:95:6c:5f:9a:
fc:97:3c:ec:f5:dc:93:44:b4:78:65:cc:8f:52:bf:48:af:12:
fb:e0:5a:f5:88:16:32:0a:c8:46:88:56:9b:73:5f:19:b7:d9:
03:f4:b3:28:38:98:e0:da:50:e7:4b:bd:20:d5:97:93:90:28:
01:6c:d3:6f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEGSYfJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDMx
NDIzNTEwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTI5MmUwMmIwYzUw
ZWE3YjY3NDU4YTA5M2Y3MGVhNGQ0ZWMyZjUyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzJTeVtq1eb/n+NxrsDIT6bmxNa35be+1PEWAMBlErTwYF4
tGbSfsH0GM6qKe5y+eKfxaC7jkqF2ZIMuDKKyb7x5QQf9glNJRmGEYWI+d6FnDG0
UVzQclQbZ15+VCTSrfE77ccPlfB11nAC2fievRkoohLJzWKdQIvl6S2S5Li/q2Y8
KhR8+1qIwaBIGNJ7JI1c2E94WaZiCn19QqpFCfHcQ1JfDdSOFh3KV1E7Nni5S6af
eX3yGv01dzDRImVm5qdam5/MY5CANkC6ZVDyp/hSu84CdTu4NAu2BiZoqHHAM2+e
nYvF0Ed8LDNN3tJlnSl6SYMN9+7p5wHet7iHUikCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBSSkuArDFDqe2dFigk/cOpNTsL1JTAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L2twTGdLd3hRNm50blJZb0pQM0RxVFU3QzlTVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAQI7rgMEAQW3zAMEAS0KAgMEAC0M
6AMEAS0PJgMEAS1DEAMEAS1SzgMEAFu8ywMEAVx3lgMEAMG7mQMEANXoaDANBgkq
hkiG9w0BAQsFAAOCAQEAB/iW5pYTcGDVZq3c0aIltP03IXLReT6FStxALNRfCkGL
hGSDRQpcGP1TfXUGNQ9MqIP3+aupBG1i/Y7hTggTDzi/6kzcJex6iKgldgNZ/mFS
YZSsQb7wz5z7N3aa/Mm5C7QVzBJS2QCsqpYSDLmp7cy3TnR9olyN4c29uJPqYqWO
3cWM9DlDw3uGq+xfV8DKVyQL2GWUWTsm4+XTpDhms4b+ubJpBBvWm1GgAXsVbp4Y
0nyztRwXsYDF+tBOv5TMrTOVbF+a/Jc87PXck0S0eGXMj1K/SK8S++Ba9YgWMgrI
RohWm3NfGbfZA/SzKDiY4NpQ50u9INWXk5AoAWzTbw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org