Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/c31033-e7ae-4ab1-af49-29618387ba26/1/KIWR2J1mcHs1TNko_n_RW0Er00s.roa
File: KIWR2J1mcHs1TNko_n_RW0Er00s.roa (raw, json)
Hash identifier: XaUaIRCF+KiYXuXfu/NQmv4NkVXhpyOOLfXFDTcgdvY=
Subject key identifier: 28:85:91:D8:9D:66:70:7B:35:4C:D9:28:FE:7F:D1:5B:41:2B:D3:4B
Certificate issuer: /CN=41f73670ac161f4b56679c49da8b489b60bf0b16
Certificate serial: 04BBBA0E
Authority key identifier: 41:F7:36:70:AC:16:1F:4B:56:67:9C:49:DA:8B:48:9B:60:BF:0B:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qfc2cKwWH0tWZ5xJ2otIm2C_CxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/c31033-e7ae-4ab1-af49-29618387ba26/1/KIWR2J1mcHs1TNko_n_RW0Er00s.roa
Signing time: Sat 01 Jan 2022 07:54:04 +0000
ROA not before: Sat 01 Jan 2022 07:54:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58580
IP address blocks: 185.254.56.0/22 maxlen: 22
185.254.56.0/23 maxlen: 23
185.254.56.0/24 maxlen: 24
185.254.57.0/24 maxlen: 24
185.254.58.0/24 maxlen: 24
185.254.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79411726 (0x4bbba0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f73670ac161f4b56679c49da8b489b60bf0b16
Validity
Not Before: Jan 1 07:54:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=288591d89d66707b354cd928fe7fd15b412bd34b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0b:21:5e:a3:8d:93:b2:42:4b:e7:08:f4:36:
7b:bd:ce:23:d5:99:28:38:18:e2:9e:56:f1:f6:50:
4f:9f:4d:f3:10:cd:1b:d2:6a:4f:7d:5a:17:d0:4c:
33:fb:60:b3:73:7d:80:ff:5b:ff:c9:fb:f1:57:d4:
fe:94:5c:f3:57:7a:b0:78:64:03:ed:1c:bb:2e:b1:
71:b1:f4:cf:7e:b7:9f:3f:0a:70:54:11:67:f2:d7:
95:48:2e:61:27:53:c0:19:21:a4:f9:d8:85:f5:f2:
ec:d1:94:f0:8b:03:88:d1:70:9a:f6:df:1f:5b:92:
63:ea:eb:2b:c5:a3:6c:f2:1d:d2:96:c3:af:92:71:
36:2d:f2:03:ba:b7:f5:7a:33:cb:7c:af:8c:29:89:
63:41:22:3e:84:81:d2:ce:02:dd:f1:5b:24:c0:22:
9e:8e:1d:5e:31:1f:77:46:fd:bd:e1:13:ba:03:db:
c7:f5:08:9c:88:51:5b:21:af:ea:9a:04:fb:c5:cc:
9a:ee:57:ef:58:db:29:58:7a:2c:f1:8a:a1:69:8f:
1f:8a:45:3d:c1:16:56:43:35:82:ea:5c:19:85:fe:
62:72:e1:5d:25:b7:68:97:01:ec:0d:58:34:ee:b2:
da:75:3d:c4:3d:03:90:cc:53:b4:9b:75:61:11:83:
a0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:85:91:D8:9D:66:70:7B:35:4C:D9:28:FE:7F:D1:5B:41:2B:D3:4B
X509v3 Authority Key Identifier:
keyid:41:F7:36:70:AC:16:1F:4B:56:67:9C:49:DA:8B:48:9B:60:BF:0B:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qfc2cKwWH0tWZ5xJ2otIm2C_CxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c31033-e7ae-4ab1-af49-29618387ba26/1/KIWR2J1mcHs1TNko_n_RW0Er00s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c31033-e7ae-4ab1-af49-29618387ba26/1/Qfc2cKwWH0tWZ5xJ2otIm2C_CxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.56.0/22
Signature Algorithm: sha256WithRSAEncryption
05:8b:4a:36:fe:e7:dc:a7:17:61:42:2d:fd:03:12:8b:4e:2a:
0a:b0:b3:10:3b:8f:98:75:41:6b:b5:6b:77:5a:ac:b6:f2:bc:
1c:dd:2b:19:ae:18:e3:21:42:e7:61:c5:f1:c2:79:36:ac:d1:
95:b3:13:2e:81:85:67:5b:59:b0:e9:6b:ee:aa:10:18:3f:93:
cc:01:17:ef:05:0c:9b:c9:a4:61:18:df:8f:9a:9f:ce:04:0f:
06:89:f1:ab:c4:aa:94:3c:35:c4:7e:f6:00:48:d9:90:8b:8d:
ed:94:43:c7:2c:b8:27:68:73:63:eb:71:7b:6e:51:4c:89:75:
c3:b6:75:e2:6e:7e:e6:c2:6c:32:9e:d0:58:18:5b:d6:7c:2a:
7c:b3:f4:f8:66:c1:7b:84:23:4e:6f:94:64:12:19:29:db:6a:
61:76:6d:04:29:b9:65:33:6c:ab:3f:8a:9d:84:18:50:91:34:
2b:21:74:e1:9b:1a:13:b6:f7:6f:85:6f:ee:07:69:bf:d3:cd:
62:95:87:26:83:78:96:10:12:d6:44:f3:fb:bf:80:2b:54:b9:
ff:f2:71:8b:4c:b5:99:32:23:7d:01:ba:43:29:7e:65:71:d3:
ce:6d:e5:3f:c5:d8:01:92:66:40:8b:e9:9f:c7:06:82:2f:d4:
cc:06:0e:6a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBLu6DjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWY3MzY3MGFjMTYxZjRiNTY2NzljNDlkYThiNDg5YjYwYmYwYjE2MB4XDTIyMDEw
MTA3NTQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjg4NTkxZDg5ZDY2
NzA3YjM1NGNkOTI4ZmU3ZmQxNWI0MTJiZDM0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKcLIV6jjZOyQkvnCPQ2e73OI9WZKDgY4p5W8fZQT59N8xDN
G9JqT31aF9BMM/tgs3N9gP9b/8n78VfU/pRc81d6sHhkA+0cuy6xcbH0z363nz8K
cFQRZ/LXlUguYSdTwBkhpPnYhfXy7NGU8IsDiNFwmvbfH1uSY+rrK8WjbPId0pbD
r5JxNi3yA7q39Xozy3yvjCmJY0EiPoSB0s4C3fFbJMAino4dXjEfd0b9veETugPb
x/UInIhRWyGv6poE+8XMmu5X71jbKVh6LPGKoWmPH4pFPcEWVkM1gupcGYX+YnLh
XSW3aJcB7A1YNO6y2nU9xD0DkMxTtJt1YRGDoP8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQohZHYnWZwezVM2Sj+f9FbQSvTSzAfBgNVHSMEGDAWgBRB9zZwrBYfS1Zn
nEnai0ibYL8LFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FmYzJjS3dXSDB0V1o1eEoyb3RJbTJDX0N4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvYzMxMDMzLWU3YWUtNGFiMS1hZjQ5LTI5NjE4Mzg3YmEyNi8x
L0tJV1IySjFtY0hzMVROa29fbl9SVzBFcjAwcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
YzMxMDMzLWU3YWUtNGFiMS1hZjQ5LTI5NjE4Mzg3YmEyNi8xL1FmYzJjS3dXSDB0
V1o1eEoyb3RJbTJDX0N4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn+ODANBgkqhkiG9w0BAQsFAAOC
AQEABYtKNv7n3KcXYUIt/QMSi04qCrCzEDuPmHVBa7Vrd1qstvK8HN0rGa4Y4yFC
52HF8cJ5NqzRlbMTLoGFZ1tZsOlr7qoQGD+TzAEX7wUMm8mkYRjfj5qfzgQPBonx
q8SqlDw1xH72AEjZkIuN7ZRDxyy4J2hzY+txe25RTIl1w7Z14m5+5sJsMp7QWBhb
1nwqfLP0+GbBe4QjTm+UZBIZKdtqYXZtBCm5ZTNsqz+KnYQYUJE0KyF04ZsaE7b3
b4Vv7gdpv9PNYpWHJoN4lhAS1kTz+7+AK1S5//Jxi0y1mTIjfQG6Qyl+ZXHTzm3l
P8XYAZJmQIvpn8cGgi/UzAYOag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org