Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kcRok_oxNkGWyuRVtn-OGBUQww0.roa
File: kcRok_oxNkGWyuRVtn-OGBUQww0.roa (raw, json)
Hash identifier: La4RCFVRWN0ycx5771LsBqL5uOYtdEQBElwXlgC2jzk=
Subject key identifier: 91:C4:68:93:FA:31:36:41:96:CA:E4:55:B6:7F:8E:18:15:10:C3:0D
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 43AD1C22
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kcRok_oxNkGWyuRVtn-OGBUQww0.roa
Signing time: Tue 19 Apr 2022 11:33:06 +0000
ROA not before: Tue 19 Apr 2022 11:33:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57630
IP address blocks: 194.71.0.0/23 maxlen: 23
192.71.0.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
193.234.116.0/22 maxlen: 22
193.181.34.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.103.95.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
193.234.144.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
194.132.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1135418402 (0x43ad1c22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 19 11:33:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91c46893fa31364196cae455b67f8e181510c30d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:31:4d:bc:8f:3b:7d:23:7e:59:06:ab:a7:cd:
28:6c:1a:b5:3d:62:4e:fd:c9:2f:28:0d:0f:d0:b3:
a5:0b:51:08:b0:ca:d8:3e:34:b9:f2:f6:0b:25:b4:
8b:10:40:12:f3:d4:a3:30:dd:b5:55:ed:65:d7:9e:
d6:a4:14:f8:13:89:5c:e4:17:1e:b0:f2:3c:db:1e:
05:54:4b:06:ef:f9:1a:ed:bf:6f:93:8c:ae:43:0a:
72:1a:42:21:75:51:d9:5d:e4:af:6e:e8:a7:c2:81:
06:d8:85:78:16:a8:2f:30:4c:22:19:4c:16:cd:5b:
27:75:45:72:d6:4b:66:da:be:f8:6a:b7:c0:ae:5e:
1a:c1:e2:88:80:ca:36:9e:2e:5e:64:6a:23:84:b7:
01:c2:2d:a1:10:f2:91:b4:e7:60:f1:21:49:33:f5:
63:77:86:77:2c:19:9e:f6:d8:59:a5:8b:93:4c:b9:
77:2a:00:15:7a:1d:e2:f9:85:d9:29:b8:63:5d:39:
cf:39:79:04:f7:cd:b3:51:ba:eb:eb:e1:a6:52:a1:
c4:13:47:69:7c:8b:8e:d7:76:5d:53:43:df:a8:3d:
54:53:ca:77:6c:27:e7:1e:8a:85:aa:9c:e8:55:a2:
8f:2c:4b:b4:6e:6d:5b:65:85:d0:11:bf:33:44:59:
d8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C4:68:93:FA:31:36:41:96:CA:E4:55:B6:7F:8E:18:15:10:C3:0D
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kcRok_oxNkGWyuRVtn-OGBUQww0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.134.0/23
193.181.34.0/24
193.234.3.0/24
193.234.116.0/22
193.234.144.0/24
194.14.57.0/24
194.71.0.0/23
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.164.0/24
194.132.166.0/24
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
44:0a:d2:6f:e9:01:f1:fa:c2:65:24:24:69:fd:ce:d4:77:48:
f9:d1:78:1d:c5:7d:bc:72:ef:f0:8e:de:bc:99:ea:25:25:e5:
6b:72:2c:ad:be:2c:c0:c7:ab:8d:47:30:11:2e:2b:f7:cc:52:
b1:7b:08:c3:48:63:bf:18:e3:52:ac:5b:2a:38:1b:a2:d3:2e:
9f:9c:23:cb:f4:f3:c5:33:5b:da:7b:78:b4:c5:19:04:85:14:
73:b1:1c:79:66:c4:27:0a:09:92:2c:53:c4:7a:73:9e:5c:f5:
7d:49:b3:d5:c4:f2:73:65:0f:38:01:40:54:ba:42:5b:47:dd:
af:cc:37:ec:7e:75:d1:bd:d1:b0:15:a5:ba:af:bc:b6:d2:6e:
39:9d:48:b4:cc:75:9a:cf:90:8e:bc:66:97:c6:54:b8:c5:c7:
ce:f9:53:3b:5d:0c:95:9a:de:26:3f:64:3d:56:6a:5b:f5:95:
5d:6b:96:f5:19:d4:db:bf:f2:10:b7:27:d4:aa:79:45:36:43:
86:21:4d:8a:89:21:18:fd:48:42:8d:e1:b9:10:cf:af:28:4e:
07:e4:a1:ec:83:d8:75:90:b4:9a:d4:1d:bb:a3:da:3f:df:b9:
e2:0a:6e:23:65:1b:5e:7f:ec:ae:fe:88:4d:74:4a:c3:94:56:
ec:a4:cc:05
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIEQ60cIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDQx
OTExMzMwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFjNDY4OTNmYTMx
MzY0MTk2Y2FlNDU1YjY3ZjhlMTgxNTEwYzMwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMoxTbyPO30jflkGq6fNKGwatT1iTv3JLygND9CzpQtRCLDK
2D40ufL2CyW0ixBAEvPUozDdtVXtZdee1qQU+BOJXOQXHrDyPNseBVRLBu/5Gu2/
b5OMrkMKchpCIXVR2V3kr27op8KBBtiFeBaoLzBMIhlMFs1bJ3VFctZLZtq++Gq3
wK5eGsHiiIDKNp4uXmRqI4S3AcItoRDykbTnYPEhSTP1Y3eGdywZnvbYWaWLk0y5
dyoAFXod4vmF2Sm4Y105zzl5BPfNs1G66+vhplKhxBNHaXyLjtd2XVND36g9VFPK
d2wn5x6Khaqc6FWijyxLtG5tW2WF0BG/M0RZ2OkCAwEAAaOCAl0wggJZMB0GA1Ud
DgQWBBSRxGiT+jE2QZbK5FW2f44YFRDDDTAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L2tjUm9rX294TmtHV3l1UlZ0bi1PR0JVUXd3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBz
BggrBgEFBQcBBwEB/wRkMGIwYAQCAAEwWgMEAMBHAAMEAcClhgMEAMG1IgMEAMHq
AwMEAsHqdAMEAMHqkAMEAMIOOQMEAcJHAAMEAcJnEAMEAMJnXwMEAMJnkQMEAMJn
xQMEAMKEpAMEAMKEpgMEAMKEujANBgkqhkiG9w0BAQsFAAOCAQEARArSb+kB8frC
ZSQkaf3O1HdI+dF4HcV9vHLv8I7evJnqJSXla3Isrb4swMerjUcwES4r98xSsXsI
w0hjvxjjUqxbKjgbotMun5wjy/TzxTNb2nt4tMUZBIUUc7EceWbEJwoJkixTxHpz
nlz1fUmz1cTyc2UPOAFAVLpCW0fdr8w37H510b3RsBWluq+8ttJuOZ1ItMx1ms+Q
jrxml8ZUuMXHzvlTO10MlZreJj9kPVZqW/WVXWuW9RnU27/yELcn1Kp5RTZDhiFN
iokhGP1IQo3huRDPryhOB+Sh7IPYdZC0mtQdu6PaP9+54gpuI2UbXn/srv6ITXRK
w5RW7KTMBQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org