Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/KjGGL81sjvnXkNE7EWoe5HGqtJ0.roa
File: KjGGL81sjvnXkNE7EWoe5HGqtJ0.roa (raw, json)
Hash identifier: rqOgaQPhc0ZwzWRB+xnVJycOzJRX4rVjkE7UKZWVpaY=
Subject key identifier: 2A:31:86:2F:CD:6C:8E:F9:D7:90:D1:3B:11:6A:1E:E4:71:AA:B4:9D
Certificate issuer: /CN=148a0c4067ca33ac76573fc86cfd75b7ecd200ff
Certificate serial: 0850EE9A
Authority key identifier: 14:8A:0C:40:67:CA:33:AC:76:57:3F:C8:6C:FD:75:B7:EC:D2:00:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FIoMQGfKM6x2Vz_IbP11t-zSAP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/KjGGL81sjvnXkNE7EWoe5HGqtJ0.roa
Signing time: Sat 01 Jan 2022 02:55:21 +0000
ROA not before: Sat 01 Jan 2022 02:55:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25472
IP address blocks: 188.73.232.0/22 maxlen: 22
188.73.232.0/21 maxlen: 21
188.73.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139521690 (0x850ee9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=148a0c4067ca33ac76573fc86cfd75b7ecd200ff
Validity
Not Before: Jan 1 02:55:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a31862fcd6c8ef9d790d13b116a1ee471aab49d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:09:6c:08:d2:8b:75:12:c1:6b:63:e0:19:7e:
28:21:c7:d4:36:e0:68:63:87:94:ff:01:47:62:b2:
4b:7e:b5:8d:84:b3:9d:ab:cc:b9:1f:13:8e:ca:a5:
59:c2:17:07:3e:30:93:e6:a8:25:78:0e:90:ae:a1:
0e:5d:ba:f4:93:1d:e0:57:99:ae:a7:c7:c1:a3:6f:
12:bf:0a:09:08:e2:bb:a4:54:3d:20:b8:94:e6:5d:
2a:1d:0d:29:b5:58:b9:75:3d:8c:c1:0f:94:36:d0:
85:da:6d:ac:7a:30:26:b3:24:6a:5c:ab:5b:a0:bf:
44:eb:0c:e6:ab:98:a1:f7:30:c4:5a:c0:3e:aa:a7:
b6:a2:c2:11:c1:21:da:98:65:73:f0:d6:1b:cd:84:
5d:6d:28:7b:4a:4a:5b:3d:e7:bf:24:ba:95:d9:61:
bb:c3:9c:fb:33:e2:f6:da:95:68:39:96:47:6f:93:
1c:8a:8b:26:8f:7c:32:e8:a4:36:16:42:c1:a0:59:
d6:da:f0:64:3a:65:27:04:14:71:14:60:41:59:b9:
72:36:45:6e:60:63:fa:db:16:44:f4:49:fc:7e:df:
73:f9:a4:f7:bc:33:73:90:c4:bf:8e:9c:f6:18:ab:
95:c7:8b:b1:a9:36:9c:ed:f5:a3:6b:74:db:4d:ee:
de:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:31:86:2F:CD:6C:8E:F9:D7:90:D1:3B:11:6A:1E:E4:71:AA:B4:9D
X509v3 Authority Key Identifier:
keyid:14:8A:0C:40:67:CA:33:AC:76:57:3F:C8:6C:FD:75:B7:EC:D2:00:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FIoMQGfKM6x2Vz_IbP11t-zSAP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/KjGGL81sjvnXkNE7EWoe5HGqtJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/FIoMQGfKM6x2Vz_IbP11t-zSAP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.73.232.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:5b:da:74:83:f2:13:28:b4:de:b1:e6:98:86:d2:7b:34:66:
56:6f:b6:5c:e7:8d:9a:8d:91:4a:a6:31:df:d3:3d:52:2b:60:
85:14:34:b0:cf:ce:1a:3f:17:3f:24:9c:7b:4e:08:34:57:40:
65:52:c9:ff:9f:7e:93:a0:2a:f0:6f:6c:dd:1a:49:c6:39:54:
af:ad:59:96:cd:b8:10:fa:3c:cc:5e:ed:ac:1f:a5:28:9c:c8:
8d:a1:ed:4b:cb:c6:da:12:ff:1c:6b:a3:78:7c:79:a4:ac:1d:
17:6b:03:f5:0d:dc:3d:13:74:ce:97:f6:2a:27:0c:1e:e3:16:
89:17:85:56:ef:e4:bf:3a:fa:19:bc:58:36:ca:70:06:b9:cb:
38:5b:74:3c:69:f6:7d:6b:22:8f:11:fd:4d:7a:5c:84:fd:da:
72:f0:6a:67:b8:ff:22:20:5b:b3:10:da:75:7b:5e:40:8a:27:
21:2e:60:94:d9:d7:3b:8d:77:ad:c1:e8:97:64:d4:f9:8f:c0:
d6:ab:24:3a:4a:99:f3:27:fb:26:b2:93:e0:a3:d5:72:40:3d:
b7:8d:4e:5b:1f:f8:6d:3d:54:21:57:a4:97:dc:e2:49:7b:5c:
a3:74:f5:f0:3e:01:98:2d:09:25:d9:47:a8:f0:9d:2d:46:3a:
3b:06:27:74
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECFDumjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NDhhMGM0MDY3Y2EzM2FjNzY1NzNmYzg2Y2ZkNzViN2VjZDIwMGZmMB4XDTIyMDEw
MTAyNTUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmEzMTg2MmZjZDZj
OGVmOWQ3OTBkMTNiMTE2YTFlZTQ3MWFhYjQ5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4JbAjSi3USwWtj4Bl+KCHH1DbgaGOHlP8BR2KyS361jYSz
navMuR8TjsqlWcIXBz4wk+aoJXgOkK6hDl269JMd4FeZrqfHwaNvEr8KCQjiu6RU
PSC4lOZdKh0NKbVYuXU9jMEPlDbQhdptrHowJrMkalyrW6C/ROsM5quYofcwxFrA
PqqntqLCEcEh2phlc/DWG82EXW0oe0pKWz3nvyS6ldlhu8Oc+zPi9tqVaDmWR2+T
HIqLJo98MuikNhZCwaBZ1trwZDplJwQUcRRgQVm5cjZFbmBj+tsWRPRJ/H7fc/mk
97wzc5DEv46c9hirlceLsak2nO31o2t0203u3tECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQqMYYvzWyO+deQ0TsRah7kcaq0nTAfBgNVHSMEGDAWgBQUigxAZ8ozrHZX
P8hs/XW37NIA/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZJb01RR2ZLTTZ4MlZ6X0liUDExdC16U0FQOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvMDA5ZmI3LTllZDAtNDRmZi1iN2RiLTllMDdiNTZiNTdiOC8x
L0tqR0dMODFzanZuWGtORTdFV29lNUhHcXRKMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
MDA5ZmI3LTllZDAtNDRmZi1iN2RiLTllMDdiNTZiNTdiOC8xL0ZJb01RR2ZLTTZ4
MlZ6X0liUDExdC16U0FQOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7xJ6DANBgkqhkiG9w0BAQsFAAOC
AQEAmlvadIPyEyi03rHmmIbSezRmVm+2XOeNmo2RSqYx39M9UitghRQ0sM/OGj8X
PySce04INFdAZVLJ/59+k6Aq8G9s3RpJxjlUr61Zls24EPo8zF7trB+lKJzIjaHt
S8vG2hL/HGujeHx5pKwdF2sD9Q3cPRN0zpf2KicMHuMWiReFVu/kvzr6GbxYNspw
BrnLOFt0PGn2fWsijxH9TXpchP3acvBqZ7j/IiBbsxDadXteQIonIS5glNnXO413
rcHol2TU+Y/A1qskOkqZ8yf7JrKT4KPVckA9t41OWx/4bT1UIVekl9ziSXtco3T1
8D4BmC0JJdlHqPCdLUY6OwYndA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:41 2024 by rpki-client on console-ams.rpki-client.org