Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/KHLfKLKGgk0Tl3Q4o3eVswYhPlk.roa
File: KHLfKLKGgk0Tl3Q4o3eVswYhPlk.roa (raw, json)
Hash identifier: heS1qnF811bGCJX4CrOZ2RSj0XjxwJeMIAObmlm2QeA=
Subject key identifier: 28:72:DF:28:B2:86:82:4D:13:97:74:38:A3:77:95:B3:06:21:3E:59
Certificate issuer: /CN=8bdea2d4ab1380f0a3b7fe7d4fa7828e1c943558
Certificate serial: 0709E410
Authority key identifier: 8B:DE:A2:D4:AB:13:80:F0:A3:B7:FE:7D:4F:A7:82:8E:1C:94:35:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i96i1KsTgPCjt_59T6eCjhyUNVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/KHLfKLKGgk0Tl3Q4o3eVswYhPlk.roa
Signing time: Sat 01 Jan 2022 15:01:13 +0000
ROA not before: Sat 01 Jan 2022 15:01:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43824
IP address blocks: 185.252.102.0/24 maxlen: 24
185.252.101.0/24 maxlen: 24
185.252.100.0/24 maxlen: 24
185.252.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118088720 (0x709e410)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdea2d4ab1380f0a3b7fe7d4fa7828e1c943558
Validity
Not Before: Jan 1 15:01:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2872df28b286824d13977438a37795b306213e59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:4f:18:bc:cd:ed:8a:ac:10:6e:d3:70:9b:a1:
54:41:33:6f:7b:6e:6c:92:b2:cf:09:53:46:58:02:
de:07:6c:40:eb:32:87:0d:f2:f9:3e:ff:0a:76:f4:
03:cb:d9:1f:37:3c:aa:db:c0:35:ab:c5:db:9b:af:
9c:cb:4e:0c:5a:39:56:0c:65:26:96:39:59:28:34:
bd:c6:f4:2c:7b:dc:c0:b8:b3:93:1f:5b:81:fe:24:
6a:d2:12:68:30:48:ca:d0:c8:d2:e6:d4:2d:61:f1:
8f:23:89:66:f4:fd:8d:ff:cf:70:72:00:51:be:db:
68:9a:bf:72:55:02:94:ae:8f:eb:03:03:6f:73:58:
f7:2e:65:64:e2:fc:4f:1a:1e:01:16:27:1f:b2:c2:
45:43:90:c2:db:bd:6f:ed:94:a3:3d:86:51:64:41:
89:3f:df:63:f5:5d:5c:54:c3:55:78:0f:29:ac:87:
2d:8d:28:f6:db:dd:3e:fb:a4:ed:b9:8a:28:eb:5b:
18:15:6e:31:92:2e:4e:2c:6a:67:7c:0f:f8:cf:1b:
02:cf:fa:4c:4d:fd:4c:18:54:f0:b9:73:61:4d:5b:
66:d5:74:05:43:00:bf:0e:c2:03:ce:9b:23:92:36:
9c:d4:b6:64:7f:0d:a6:98:7f:ae:f6:16:59:8e:ea:
29:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:72:DF:28:B2:86:82:4D:13:97:74:38:A3:77:95:B3:06:21:3E:59
X509v3 Authority Key Identifier:
keyid:8B:DE:A2:D4:AB:13:80:F0:A3:B7:FE:7D:4F:A7:82:8E:1C:94:35:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i96i1KsTgPCjt_59T6eCjhyUNVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/KHLfKLKGgk0Tl3Q4o3eVswYhPlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/i96i1KsTgPCjt_59T6eCjhyUNVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.100.0/22
Signature Algorithm: sha256WithRSAEncryption
58:bd:e1:60:88:a1:01:b1:bc:20:d7:6d:7a:dc:d5:01:cb:0c:
03:d0:f6:79:43:04:41:c0:75:42:51:bc:0f:5d:0a:8f:e5:86:
7d:37:3c:cc:3a:ce:68:c1:b3:cc:76:93:06:de:ee:f2:2d:a4:
a7:14:4c:54:f8:b8:74:d1:e5:8a:8a:ab:be:99:95:55:b7:ab:
55:51:d3:bc:d7:d4:0b:93:2d:42:31:b6:9c:e5:23:f1:2a:b9:
83:ed:b2:65:2d:3a:3e:64:1e:3b:15:4d:cd:71:f1:42:8f:06:
5a:77:32:7e:0c:30:ce:0c:27:ca:9a:89:83:ab:52:d4:6b:c2:
6b:34:e5:93:66:1f:a8:fe:1b:95:01:32:b6:88:18:c8:fd:2c:
d1:bf:45:7a:66:cb:85:77:56:b0:6b:21:8f:03:f4:ea:cf:4b:
c7:c2:8b:77:f2:8d:27:05:39:65:04:55:35:20:40:e6:69:c9:
3a:ac:67:cc:8f:2a:74:62:65:04:9c:00:52:41:15:6c:bf:bb:
2a:0b:3f:ee:b5:1e:00:6c:28:08:58:19:97:04:2a:b7:80:ff:
1e:39:f1:ff:6b:a7:1b:2c:79:8a:1f:44:f2:a6:54:60:94:66:
98:79:fd:ed:31:ed:83:2e:25:d4:2f:39:7e:89:90:66:dd:c4:
9d:33:ac:de
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBwnkEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmRlYTJkNGFiMTM4MGYwYTNiN2ZlN2Q0ZmE3ODI4ZTFjOTQzNTU4MB4XDTIyMDEw
MTE1MDExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjg3MmRmMjhiMjg2
ODI0ZDEzOTc3NDM4YTM3Nzk1YjMwNjIxM2U1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOVPGLzN7YqsEG7TcJuhVEEzb3tubJKyzwlTRlgC3gdsQOsy
hw3y+T7/Cnb0A8vZHzc8qtvANavF25uvnMtODFo5VgxlJpY5WSg0vcb0LHvcwLiz
kx9bgf4katISaDBIytDI0ubULWHxjyOJZvT9jf/PcHIAUb7baJq/clUClK6P6wMD
b3NY9y5lZOL8TxoeARYnH7LCRUOQwtu9b+2Uoz2GUWRBiT/fY/VdXFTDVXgPKayH
LY0o9tvdPvuk7bmKKOtbGBVuMZIuTixqZ3wP+M8bAs/6TE39TBhU8LlzYU1bZtV0
BUMAvw7CA86bI5I2nNS2ZH8Npph/rvYWWY7qKX0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQoct8osoaCTROXdDijd5WzBiE+WTAfBgNVHSMEGDAWgBSL3qLUqxOA8KO3
/n1Pp4KOHJQ1WDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k5NmkxS3NUZ1BDanRfNTlUNmVDamh5VU5WZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDYvYzY3ZDkwLWQzMDQtNDgxYi04YTY0LTFlMzI2ZGViYTRkMC8x
L0tITGZLTEtHZ2swVGwzUTRvM2VWc3dZaFBsay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYv
YzY3ZDkwLWQzMDQtNDgxYi04YTY0LTFlMzI2ZGViYTRkMC8xL2k5NmkxS3NUZ1BD
anRfNTlUNmVDamh5VU5WZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn8ZDANBgkqhkiG9w0BAQsFAAOC
AQEAWL3hYIihAbG8INdtetzVAcsMA9D2eUMEQcB1QlG8D10Kj+WGfTc8zDrOaMGz
zHaTBt7u8i2kpxRMVPi4dNHlioqrvpmVVberVVHTvNfUC5MtQjG2nOUj8Sq5g+2y
ZS06PmQeOxVNzXHxQo8GWncyfgwwzgwnypqJg6tS1GvCazTlk2YfqP4blQEytogY
yP0s0b9FembLhXdWsGshjwP06s9Lx8KLd/KNJwU5ZQRVNSBA5mnJOqxnzI8qdGJl
BJwAUkEVbL+7Kgs/7rUeAGwoCFgZlwQqt4D/Hjnx/2unGyx5ih9E8qZUYJRmmHn9
7THtgy4l1C85fomQZt3EnTOs3g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:40 2023 by rpki-client on console-fra.rpki-client.org