Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/KvVQj_bQ8WCUMShKfOFq_B0_dxg.roa
File: KvVQj_bQ8WCUMShKfOFq_B0_dxg.roa (raw, json)
Hash identifier: TjM3s/W9L7bmtzvNp5ghayq+FqEgy6ZoAPHXWHOMLPo=
Subject key identifier: 2A:F5:50:8F:F6:D0:F1:60:94:31:28:4A:7C:E1:6A:FC:1D:3F:77:18
Certificate issuer: /CN=3e3d1c21a77a0b0f7f0ce6633e13e0c57bedb08b
Certificate serial: 03DF30D1
Authority key identifier: 3E:3D:1C:21:A7:7A:0B:0F:7F:0C:E6:63:3E:13:E0:C5:7B:ED:B0:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pj0cIad6Cw9_DOZjPhPgxXvtsIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/KvVQj_bQ8WCUMShKfOFq_B0_dxg.roa
Signing time: Sat 01 Jan 2022 05:55:15 +0000
ROA not before: Sat 01 Jan 2022 05:55:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48712
IP address blocks: 195.130.197.0/24 maxlen: 24
194.28.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64958673 (0x3df30d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e3d1c21a77a0b0f7f0ce6633e13e0c57bedb08b
Validity
Not Before: Jan 1 05:55:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2af5508ff6d0f1609431284a7ce16afc1d3f7718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0b:d2:d8:25:86:70:95:83:07:3f:c5:ce:0d:
31:eb:2e:d4:35:03:19:8f:34:fe:86:9b:ab:b2:bd:
b9:a1:13:12:08:5c:64:a5:fc:e9:ee:d5:d1:3e:6b:
17:fa:39:74:24:d6:33:e1:39:90:b0:3b:6b:fa:58:
14:cd:f0:12:0a:94:cd:1f:72:97:70:76:9b:ea:e1:
c9:34:4c:77:21:5e:46:53:39:e8:62:5e:0f:10:c1:
35:86:15:58:58:25:c9:5c:8b:2a:b2:be:90:d0:fc:
79:a3:32:bb:b5:0e:b8:06:68:41:ce:ab:cc:fb:36:
57:de:ee:dd:94:80:d5:7e:5f:78:72:92:b3:f7:76:
57:61:87:8b:ba:3c:54:d6:38:61:12:c5:f7:77:27:
1c:76:33:80:45:a4:71:04:47:dd:0d:dc:55:28:21:
a5:16:e4:1a:19:cc:fe:2e:16:0b:10:0e:98:cf:f4:
6b:71:2e:67:f9:ab:e3:77:82:63:d2:57:7c:90:cc:
26:19:d7:af:6b:33:2c:b8:54:ad:3b:0d:ff:e6:6e:
df:06:db:bb:85:09:30:6e:71:bb:02:8c:c3:e3:03:
92:71:40:fe:d9:d9:50:40:b1:ad:60:00:dc:94:22:
1f:d1:6e:fd:2b:34:6f:28:4b:85:c4:c7:48:95:40:
3f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F5:50:8F:F6:D0:F1:60:94:31:28:4A:7C:E1:6A:FC:1D:3F:77:18
X509v3 Authority Key Identifier:
keyid:3E:3D:1C:21:A7:7A:0B:0F:7F:0C:E6:63:3E:13:E0:C5:7B:ED:B0:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pj0cIad6Cw9_DOZjPhPgxXvtsIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/KvVQj_bQ8WCUMShKfOFq_B0_dxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/Pj0cIad6Cw9_DOZjPhPgxXvtsIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.32.0/22
195.130.197.0/24
Signature Algorithm: sha256WithRSAEncryption
55:09:2b:f1:f7:9b:b0:2b:b2:d3:07:f0:c1:c2:a1:47:db:b2:
91:87:7e:21:ee:c4:7d:fe:06:7f:fb:05:66:e0:02:9a:9e:f0:
cd:a6:48:7f:4b:4e:d0:96:7b:fd:f4:db:cc:af:db:45:b1:1d:
e9:82:23:f7:eb:dc:e4:90:82:83:4a:80:91:c9:e8:22:81:f1:
a9:9a:b8:f7:b1:7a:90:a0:62:68:f8:95:e3:30:7e:3a:8c:82:
e5:92:2d:a9:2d:dd:8c:d8:93:0c:52:1e:94:25:53:00:f3:15:
e9:53:74:53:14:a7:2b:96:3a:d4:ad:79:b3:7c:b7:37:70:36:
0a:4a:e5:6d:d3:0b:8b:9b:d5:33:40:c7:a2:b2:b0:e7:e0:f4:
f1:21:f4:49:ee:48:79:25:f9:b8:46:ec:07:cc:47:0e:98:7a:
b7:dd:e1:7c:6e:79:aa:33:a5:79:48:ac:0d:b3:01:d9:75:00:
ed:52:e7:e0:8c:15:c3:0e:35:12:07:06:29:32:7d:4f:b9:9d:
fe:a2:64:9e:16:2d:e9:9c:10:93:19:fe:87:8e:d4:34:2a:5a:
6e:6f:81:9f:f2:8d:db:c1:50:6a:7b:67:0b:96:88:ed:1a:4a:
d7:77:b4:bc:13:ca:d7:a2:11:80:78:6c:d9:98:fc:ce:05:ad:
2d:1d:49:ac
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA98w0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZTNkMWMyMWE3N2EwYjBmN2YwY2U2NjMzZTEzZTBjNTdiZWRiMDhiMB4XDTIyMDEw
MTA1NTUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFmNTUwOGZmNmQw
ZjE2MDk0MzEyODRhN2NlMTZhZmMxZDNmNzcxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJoL0tglhnCVgwc/xc4NMesu1DUDGY80/oabq7K9uaETEghc
ZKX86e7V0T5rF/o5dCTWM+E5kLA7a/pYFM3wEgqUzR9yl3B2m+rhyTRMdyFeRlM5
6GJeDxDBNYYVWFglyVyLKrK+kND8eaMyu7UOuAZoQc6rzPs2V97u3ZSA1X5feHKS
s/d2V2GHi7o8VNY4YRLF93cnHHYzgEWkcQRH3Q3cVSghpRbkGhnM/i4WCxAOmM/0
a3EuZ/mr43eCY9JXfJDMJhnXr2szLLhUrTsN/+Zu3wbbu4UJMG5xuwKMw+MDknFA
/tnZUECxrWAA3JQiH9Fu/Ss0byhLhcTHSJVAP8kCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQq9VCP9tDxYJQxKEp84Wr8HT93GDAfBgNVHSMEGDAWgBQ+PRwhp3oLD38M
5mM+E+DFe+2wizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BqMGNJYWQ2Q3c5X0RPWmpQaFBneFh2dHNJcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvMGU5ZTAwLTQ2ZTYtNDg2My05MzIwLTA5OGYyNTk4ZTVlMy8x
L0t2VlFqX2JROFdDVU1TaEtmT0ZxX0IwX2R4Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
MGU5ZTAwLTQ2ZTYtNDg2My05MzIwLTA5OGYyNTk4ZTVlMy8xL1BqMGNJYWQ2Q3c5
X0RPWmpQaFBneFh2dHNJcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAsIcIAMEAMOCxTANBgkqhkiG9w0B
AQsFAAOCAQEAVQkr8febsCuy0wfwwcKhR9uykYd+Ie7Eff4Gf/sFZuACmp7wzaZI
f0tO0JZ7/fTbzK/bRbEd6YIj9+vc5JCCg0qAkcnoIoHxqZq497F6kKBiaPiV4zB+
OoyC5ZItqS3djNiTDFIelCVTAPMV6VN0UxSnK5Y61K15s3y3N3A2CkrlbdMLi5vV
M0DHorKw5+D08SH0Se5IeSX5uEbsB8xHDph6t93hfG55qjOleUisDbMB2XUA7VLn
4IwVww41EgcGKTJ9T7md/qJknhYt6ZwQkxn+h47UNCpabm+Bn/KN28FQantnC5aI
7RpK13e0vBPK16IRgHhs2Zj8zgWtLR1JrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:43 2024 by rpki-client on console-fra.rpki-client.org