Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/3_KR24tK8XR-Gm2DGt9QZmoJtrY.roa
File: 3_KR24tK8XR-Gm2DGt9QZmoJtrY.roa (raw, json)
Hash identifier: WLyoszFTiqRCamWnCy7+xxs17wF8YUoEB9ybFiw+Qxo=
Subject key identifier: DF:F2:91:DB:8B:4A:F1:74:7E:1A:6D:83:1A:DF:50:66:6A:09:B6:B6
Certificate issuer: /CN=f4ac99d77a7a1c84dd47f43bb72051aa73b1aad6
Certificate serial: 022556A5
Authority key identifier: F4:AC:99:D7:7A:7A:1C:84:DD:47:F4:3B:B7:20:51:AA:73:B1:AA:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9KyZ13p6HITdR_Q7tyBRqnOxqtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/3_KR24tK8XR-Gm2DGt9QZmoJtrY.roa
Signing time: Sat 01 Jan 2022 08:54:31 +0000
ROA not before: Sat 01 Jan 2022 08:54:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203015
IP address blocks: 91.213.103.0/24 maxlen: 24
194.50.33.0/24 maxlen: 24
193.23.178.0/24 maxlen: 24
193.23.177.0/24 maxlen: 24
193.23.176.0/24 maxlen: 24
2a0c:82c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36001445 (0x22556a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4ac99d77a7a1c84dd47f43bb72051aa73b1aad6
Validity
Not Before: Jan 1 08:54:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dff291db8b4af1747e1a6d831adf50666a09b6b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4e:f3:1c:ed:da:40:a0:46:f7:91:21:17:58:
a3:bd:45:80:6e:62:3f:20:67:77:83:f4:16:4a:0a:
0e:c8:cc:cc:18:04:c6:be:c1:dd:e4:06:62:a3:e2:
dd:f0:3c:62:fc:e8:77:c9:03:18:a5:56:d2:62:68:
4c:ca:f9:0c:10:18:4c:c0:d4:7e:f6:cf:7c:ed:c2:
7c:6b:b5:77:a1:91:e5:9e:63:90:8b:e8:ef:73:a2:
10:c0:e0:80:a4:8d:1d:45:6f:64:ce:e0:d5:61:90:
ea:53:48:d2:3a:0a:b5:84:4c:00:cf:b6:1b:fb:c5:
3e:ca:ae:7a:71:bd:8d:14:69:16:c8:47:b3:e6:1b:
7b:5b:18:b8:55:29:0f:fa:8e:b6:a0:8b:71:f9:f2:
c0:7f:e4:f2:d6:f5:ce:9d:56:16:e1:ff:09:ab:66:
32:dc:f5:55:e7:fd:77:7e:1b:f3:fb:29:60:60:1a:
d1:44:0f:8b:d8:ce:33:56:42:87:71:64:97:12:af:
5a:1b:16:dd:91:8a:8d:a2:94:b6:a4:31:fc:ae:ea:
d2:79:66:62:a3:7f:9d:68:5e:2e:02:35:a7:c2:cc:
8a:f3:d1:23:bd:ad:52:b5:fc:30:6d:a4:84:a0:c6:
76:05:9f:28:ab:c9:17:a0:48:69:09:d6:3b:dc:a1:
e2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F2:91:DB:8B:4A:F1:74:7E:1A:6D:83:1A:DF:50:66:6A:09:B6:B6
X509v3 Authority Key Identifier:
keyid:F4:AC:99:D7:7A:7A:1C:84:DD:47:F4:3B:B7:20:51:AA:73:B1:AA:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9KyZ13p6HITdR_Q7tyBRqnOxqtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/3_KR24tK8XR-Gm2DGt9QZmoJtrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/9KyZ13p6HITdR_Q7tyBRqnOxqtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.103.0/24
193.23.176.0-193.23.178.255
194.50.33.0/24
IPv6:
2a0c:82c0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:65:a3:e9:d2:12:e7:92:74:b4:7a:86:dd:b7:69:b7:e3:f3:
c2:39:ad:78:74:3f:bc:50:30:cd:9a:93:aa:e9:35:c6:9e:01:
3f:26:11:bc:74:ae:71:4d:11:e2:88:ff:74:90:4d:92:f1:4d:
1a:e1:0f:fb:db:b8:1b:37:f1:5f:5d:1b:c8:ce:7b:35:4a:04:
3f:da:13:8a:f6:30:db:75:5c:48:ba:ce:49:2b:48:20:4f:44:
cc:7c:f9:0a:d5:55:25:87:03:2e:c2:e1:b4:55:a9:6c:0f:58:
b5:a9:00:f7:02:75:0b:b7:bc:4d:45:54:aa:8a:f9:aa:c7:a6:
52:ef:c1:10:44:95:d1:fe:96:2a:58:16:75:18:f1:46:4a:3e:
a6:a1:4f:a7:80:6d:f0:34:9e:cd:bf:f3:a0:64:cf:a4:f7:b5:
39:1d:42:2e:bc:ee:66:ac:a2:43:96:74:41:15:12:e2:02:52:
4b:56:9a:70:36:14:51:9a:b2:09:ef:88:5f:db:32:96:01:26:
fc:d0:89:1c:80:ea:d7:cc:40:24:86:7e:3c:ab:1b:11:3e:17:
ac:a8:02:71:92:d0:b3:61:dd:be:e1:6e:d6:b2:4b:72:c3:12:
ff:02:62:d4:eb:bf:ed:a1:75:f7:99:63:62:61:57:0b:e1:da:
d9:7f:d3:5a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEAiVWpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGFjOTlkNzdhN2ExYzg0ZGQ0N2Y0M2JiNzIwNTFhYTczYjFhYWQ2MB4XDTIyMDEw
MTA4NTQzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZmMjkxZGI4YjRh
ZjE3NDdlMWE2ZDgzMWFkZjUwNjY2YTA5YjZiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVO8xzt2kCgRveRIRdYo71FgG5iPyBnd4P0FkoKDsjMzBgE
xr7B3eQGYqPi3fA8Yvzod8kDGKVW0mJoTMr5DBAYTMDUfvbPfO3CfGu1d6GR5Z5j
kIvo73OiEMDggKSNHUVvZM7g1WGQ6lNI0joKtYRMAM+2G/vFPsquenG9jRRpFshH
s+Ybe1sYuFUpD/qOtqCLcfnywH/k8tb1zp1WFuH/CatmMtz1Vef9d34b8/spYGAa
0UQPi9jOM1ZCh3FklxKvWhsW3ZGKjaKUtqQx/K7q0nlmYqN/nWheLgI1p8LMivPR
I72tUrX8MG2khKDGdgWfKKvJF6BIaQnWO9yh4l8CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBTf8pHbi0rxdH4abYMa31Bmagm2tjAfBgNVHSMEGDAWgBT0rJnXenochN1H
9Du3IFGqc7Gq1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlLeVoxM3A2SElUZFJfUTd0eUJScW5PeHF0WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvYTc2NDQ1LTE5OGEtNGY4NS1iYmY4LTY2Y2NhODFlNmMwNy8x
LzNfS1IyNHRLOFhSLUdtMkRHdDlRWm1vSnRyWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
YTc2NDQ1LTE5OGEtNGY4NS1iYmY4LTY2Y2NhODFlNmMwNy8xLzlLeVoxM3A2SElU
ZFJfUTd0eUJScW5PeHF0WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEAFvVZzAMAwQEwRewAwQAwReyAwQA
wjIhMA0EAgACMAcDBQMqDILAMA0GCSqGSIb3DQEBCwUAA4IBAQAqZaPp0hLnknS0
eobdt2m34/PCOa14dD+8UDDNmpOq6TXGngE/JhG8dK5xTRHiiP90kE2S8U0a4Q/7
27gbN/FfXRvIzns1SgQ/2hOK9jDbdVxIus5JK0ggT0TMfPkK1VUlhwMuwuG0Vals
D1i1qQD3AnULt7xNRVSqivmqx6ZS78EQRJXR/pYqWBZ1GPFGSj6moU+ngG3wNJ7N
v/OgZM+k97U5HUIuvO5mrKJDlnRBFRLiAlJLVppwNhRRmrIJ74hf2zKWASb80Ikc
gOrXzEAkhn48qxsRPhesqAJxktCzYd2+4W7WsktywxL/AmLU67/toXX3mWNiYVcL
4drZf9Na
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:29 2023 by rpki-client on console-fra.rpki-client.org