Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/kNuWROTk1aCbRHnjUq8_OIGCUcw.roa
File: kNuWROTk1aCbRHnjUq8_OIGCUcw.roa (raw, json)
Hash identifier: tEMTKn8s8lqCb8EW55+Rr2t6HOGFivMCGG5x0N2Izcw=
Subject key identifier: 90:DB:96:44:E4:E4:D5:A0:9B:44:79:E3:52:AF:3F:38:81:82:51:CC
Certificate issuer: /CN=a0bfd06ce855b62d9b688cd8c535d5f494cd3932
Certificate serial: 0C80D6DA
Authority key identifier: A0:BF:D0:6C:E8:55:B6:2D:9B:68:8C:D8:C5:35:D5:F4:94:CD:39:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/kNuWROTk1aCbRHnjUq8_OIGCUcw.roa
Signing time: Tue 12 Apr 2022 07:42:09 +0000
ROA not before: Tue 12 Apr 2022 07:42:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51265
IP address blocks: 176.126.39.0/24 maxlen: 24
193.9.252.0/23 maxlen: 24
178.157.4.0/22 maxlen: 22
185.44.52.0/22 maxlen: 22
185.69.244.0/22 maxlen: 22
62.240.128.0/19 maxlen: 24
83.216.32.0/19 maxlen: 20
2a07:1740::/29 maxlen: 29
2a04:9540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 209770202 (0xc80d6da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0bfd06ce855b62d9b688cd8c535d5f494cd3932
Validity
Not Before: Apr 12 07:42:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90db9644e4e4d5a09b4479e352af3f38818251cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:82:ed:e8:42:3b:0e:6b:0d:2c:1c:67:02:5c:
ae:b8:1c:90:15:57:07:d9:6d:3a:db:5b:b3:5c:a2:
65:0d:37:d4:1f:12:03:31:db:c5:e1:c9:e7:22:ea:
c7:1f:b9:a8:3e:64:c9:aa:df:a6:93:e0:63:16:11:
e0:84:22:55:bf:26:6a:3a:af:33:81:d7:e0:3a:dc:
e5:0b:f6:d6:f5:4a:e8:33:20:7a:03:ec:9a:d2:dc:
9b:54:6b:13:8c:b5:eb:a6:5c:be:8a:27:6d:a0:8d:
33:f7:6e:94:33:16:ec:25:ec:37:8a:65:b1:fa:3f:
75:e7:bf:7d:2c:08:4b:f9:80:a7:43:02:eb:fa:fa:
ff:aa:e3:85:fa:bc:32:49:64:e2:e5:42:28:a4:8f:
8d:5f:62:04:ed:f3:11:b3:9e:45:84:f1:71:a1:df:
c9:55:aa:34:eb:f6:e6:2a:c1:70:58:e3:dd:be:58:
08:7f:66:4f:34:59:17:ff:3c:7e:d7:7d:15:ef:d5:
ec:94:d5:9c:b1:38:8b:8f:76:03:6f:94:53:70:44:
8e:c5:99:b3:03:0c:00:da:07:a9:49:de:c8:39:c8:
2f:a2:38:9f:8e:fe:15:17:7f:69:2f:6a:b3:f5:36:
b8:f4:2b:b3:c3:7b:4d:b5:c0:bc:bd:7e:f4:72:91:
40:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:DB:96:44:E4:E4:D5:A0:9B:44:79:E3:52:AF:3F:38:81:82:51:CC
X509v3 Authority Key Identifier:
keyid:A0:BF:D0:6C:E8:55:B6:2D:9B:68:8C:D8:C5:35:D5:F4:94:CD:39:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oL_QbOhVti2baIzYxTXV9JTNOTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/kNuWROTk1aCbRHnjUq8_OIGCUcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/03316d-04e0-4660-a63e-671839200604/1/oL_QbOhVti2baIzYxTXV9JTNOTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.240.128.0/19
83.216.32.0/19
176.126.39.0/24
178.157.4.0/22
185.44.52.0/22
185.69.244.0/22
193.9.252.0/23
IPv6:
2a04:9540::/29
2a07:1740::/29
Signature Algorithm: sha256WithRSAEncryption
7a:55:07:ec:94:34:9e:17:b6:83:a6:5c:aa:37:df:2b:3b:59:
d1:88:19:50:e5:41:e5:c7:58:63:c3:9c:75:08:30:1f:79:42:
30:18:ef:6b:3f:df:d3:c6:1c:3c:08:a9:4b:89:8d:89:5a:5a:
4a:b4:28:41:e3:c4:9a:e5:36:b5:d7:81:48:65:52:f5:e9:36:
cb:1e:79:e7:68:2b:75:59:3b:e7:cb:bc:b0:9f:7d:92:f7:28:
27:5d:64:70:0c:c1:a6:9d:d3:88:10:ab:af:3c:ac:b3:7f:b9:
5c:06:d7:41:bb:e3:39:09:e3:c9:e3:82:ea:ee:cf:83:94:02:
30:b6:9b:e5:27:82:3c:65:1e:17:16:ef:86:e3:d0:4c:85:1e:
5b:d4:3b:46:b4:dc:67:2c:8d:32:c9:49:a6:44:67:ca:a7:ea:
f3:8e:15:c6:42:fa:94:4d:27:0e:0d:c6:8f:ca:92:f8:92:69:
ad:a5:28:ad:34:f4:94:c1:3a:45:92:38:6b:38:2d:85:78:d6:
f8:8a:35:52:df:77:7f:9d:d8:ac:2c:83:01:f1:66:6c:d6:31:
b5:9c:fd:6c:fe:82:be:c7:52:a5:e0:cb:9d:72:1f:56:79:be:
a7:77:59:99:66:59:2c:0e:ca:81:27:fd:5a:79:c9:25:79:cc:
2d:bf:e8:2d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEDIDW2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MGJmZDA2Y2U4NTViNjJkOWI2ODhjZDhjNTM1ZDVmNDk0Y2QzOTMyMB4XDTIyMDQx
MjA3NDIwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTBkYjk2NDRlNGU0
ZDVhMDliNDQ3OWUzNTJhZjNmMzg4MTgyNTFjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSC7ehCOw5rDSwcZwJcrrgckBVXB9ltOttbs1yiZQ031B8S
AzHbxeHJ5yLqxx+5qD5kyarfppPgYxYR4IQiVb8majqvM4HX4Drc5Qv21vVK6DMg
egPsmtLcm1RrE4y166ZcvoonbaCNM/dulDMW7CXsN4plsfo/dee/fSwIS/mAp0MC
6/r6/6rjhfq8Mklk4uVCKKSPjV9iBO3zEbOeRYTxcaHfyVWqNOv25irBcFjj3b5Y
CH9mTzRZF/88ftd9Fe/V7JTVnLE4i492A2+UU3BEjsWZswMMANoHqUneyDnIL6I4
n47+FRd/aS9qs/U2uPQrs8N7TbXAvL1+9HKRQJUCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBSQ25ZE5OTVoJtEeeNSrz84gYJRzDAfBgNVHSMEGDAWgBSgv9Bs6FW2LZto
jNjFNdX0lM05MjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29MX1FiT2hWdGkyYmFJell4VFhWOUpUTk9USS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvMDMzMTZkLTA0ZTAtNDY2MC1hNjNlLTY3MTgzOTIwMDYwNC8x
L2tOdVdST1RrMWFDYlJIbmpVcThfT0lHQ1Vjdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
MDMzMTZkLTA0ZTAtNDY2MC1hNjNlLTY3MTgzOTIwMDYwNC8xL29MX1FiT2hWdGky
YmFJell4VFhWOUpUTk9USS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwMAQCAAEwKgMEBT7wgAMEBVPYIAMEALB+JwMEArKd
BAMEArksNAMEArlF9AMEAcEJ/DAUBAIAAjAOAwUDKgSVQAMFAyoHF0AwDQYJKoZI
hvcNAQELBQADggEBAHpVB+yUNJ4XtoOmXKo33ys7WdGIGVDlQeXHWGPDnHUIMB95
QjAY72s/39PGHDwIqUuJjYlaWkq0KEHjxJrlNrXXgUhlUvXpNsseeedoK3VZO+fL
vLCffZL3KCddZHAMwaad04gQq688rLN/uVwG10G74zkJ48njguruz4OUAjC2m+Un
gjxlHhcW74bj0EyFHlvUO0a03GcsjTLJSaZEZ8qn6vOOFcZC+pRNJw4Nxo/KkviS
aa2lKK009JTBOkWSOGs4LYV41viKNVLfd3+d2KwsgwHxZmzWMbWc/Wz+gr7HUqXg
y51yH1Z5vqd3WZlmWSwOyoEn/Vp5ySV5zC2/6C0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:41 2024 by rpki-client on console-ams.rpki-client.org