Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/Kmk4OLcM5TgUoYTw_5sAj713lx4.roa
File: Kmk4OLcM5TgUoYTw_5sAj713lx4.roa (raw, json)
Hash identifier: hzJkn8/k3nZqHYldJi5xpe+EXQ8ddfZHsl53HuQ4Qtg=
Subject key identifier: 2A:69:38:38:B7:0C:E5:38:14:A1:84:F0:FF:9B:00:8F:BD:77:97:1E
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 0181DBFAEB37802834D5C93566E3D9705D6D
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/Kmk4OLcM5TgUoYTw_5sAj713lx4.roa
Signing time: Fri 08 Jul 2022 04:04:23 +0000
ROA not before: Fri 08 Jul 2022 04:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 83.147.61.0/24 maxlen: 24
83.147.4.0/22 maxlen: 24
83.147.8.0/24 maxlen: 24
83.147.15.0/24 maxlen: 24
83.147.29.0/24 maxlen: 24
83.147.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:db:fa:eb:37:80:28:34:d5:c9:35:66:e3:d9:70:5d:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Jul 8 04:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a693838b70ce53814a184f0ff9b008fbd77971e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:17:98:9c:0e:26:a4:e3:b6:5a:07:57:80:4c:
0e:0b:96:aa:a2:47:69:0a:2d:bb:cf:30:3b:95:81:
7c:33:61:41:66:ff:d3:89:44:d1:a0:a8:4a:f6:6a:
8c:12:3d:45:99:2e:b3:d1:a0:cf:32:5e:a9:e0:ac:
13:54:46:c5:26:fe:ef:15:bf:61:24:74:c4:33:21:
89:d6:9b:4a:91:c5:67:9e:cb:59:5e:80:c0:1e:67:
f4:b8:77:02:f4:57:da:09:0c:83:aa:c9:27:ba:bf:
7f:4a:6b:74:88:65:69:98:08:51:da:29:79:1f:0e:
c1:ce:ab:24:ad:29:15:b6:37:ed:cd:38:e8:f3:ec:
6e:48:42:63:3f:e7:e0:a7:41:b1:41:8d:38:26:29:
48:e9:7f:17:a3:20:42:8a:c4:82:0b:1c:e0:b6:14:
7f:e9:7f:61:38:5d:15:05:e4:b7:9b:e8:ad:ab:56:
5f:7f:6d:58:4e:16:b8:94:ca:5e:23:db:c7:b3:b6:
8a:0b:70:bf:8a:b6:a1:76:08:66:1d:72:84:06:37:
5c:11:e6:7a:bd:e7:a9:eb:58:b0:1a:a9:98:b5:45:
fd:3d:32:e9:78:06:94:87:d2:49:17:c6:ad:a4:58:
d1:6a:a8:8c:50:3a:5a:f8:7e:38:2a:43:1d:62:ce:
f9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:69:38:38:B7:0C:E5:38:14:A1:84:F0:FF:9B:00:8F:BD:77:97:1E
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/Kmk4OLcM5TgUoYTw_5sAj713lx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.4.0-83.147.8.255
83.147.15.0/24
83.147.28.0/23
83.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:77:d2:64:bd:9f:6f:00:c9:f1:b6:6f:4e:27:d4:23:91:42:
62:a3:5e:2e:6a:00:21:d6:d2:ff:d9:a8:b7:69:a3:93:04:28:
90:cd:1b:51:89:9f:60:f5:55:ed:90:44:85:0a:a9:af:ba:27:
8e:4f:76:2a:81:1d:9d:ce:9d:6e:c1:29:c9:bc:be:76:6b:c6:
b8:cd:7d:f6:0b:08:8f:46:d3:5c:5a:90:8e:16:39:7e:6f:d7:
35:ce:47:ec:4b:be:42:d2:c0:9f:61:eb:77:32:e1:20:3e:34:
79:3c:f9:f1:f9:b3:74:cc:fd:33:6a:e4:f7:d6:e8:96:1f:68:
ab:de:5a:65:f2:9b:b7:c2:80:41:c3:e3:24:07:50:60:64:6f:
b4:4c:5b:28:19:88:da:a0:ff:f9:59:5d:84:b4:90:21:2a:b0:
38:ec:31:d9:b7:05:e6:e3:58:0a:8c:58:27:a1:59:ff:44:79:
a8:35:df:16:a6:88:a2:9e:43:a5:f2:c7:65:a3:fc:f1:9e:81:
86:3d:02:73:98:a3:0a:43:3b:4b:16:05:84:99:99:c1:67:ab:
ca:7d:34:00:8c:77:84:7d:38:09:a6:30:7b:25:af:95:fc:2e:
e8:7d:92:13:b3:19:e6:63:5d:90:64:77:85:c4:97:d2:1c:3e:
84:5d:14:45
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYHb+us3gCg01ck1ZuPZcF1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjIwNzA4MDQwNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTY5MzgzOGI3MGNlNTM4MTRhMTg0ZjBmZjliMDA4ZmJkNzc5NzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBeYnA4mpOO2WgdXgEwOC5aqokdp
Ci27zzA7lYF8M2FBZv/TiUTRoKhK9mqMEj1FmS6z0aDPMl6p4KwTVEbFJv7vFb9h
JHTEMyGJ1ptKkcVnnstZXoDAHmf0uHcC9FfaCQyDqsknur9/Smt0iGVpmAhR2il5
Hw7BzqskrSkVtjftzTjo8+xuSEJjP+fgp0GxQY04JilI6X8XoyBCisSCCxzgthR/
6X9hOF0VBeS3m+itq1Zff21YTha4lMpeI9vHs7aKC3C/irahdghmHXKEBjdcEeZ6
veep61iwGqmYtUX9PTLpeAaUh9JJF8atpFjRaqiMUDpa+H44KkMdYs75PQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCppODi3DOU4FKGE8P+bAI+9d5ceMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvS21rNE9MY001VGdVb1lUd181c0FqNzEzbHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAJTkwQD
BABTkwgDBABTkw8DBAFTkxwDBABTkz0wDQYJKoZIhvcNAQELBQADggEBAIt30mS9
n28AyfG2b04n1CORQmKjXi5qACHW0v/ZqLdpo5MEKJDNG1GJn2D1Ve2QRIUKqa+6
J45PdiqBHZ3OnW7BKcm8vnZrxrjNffYLCI9G01xakI4WOX5v1zXOR+xLvkLSwJ9h
63cy4SA+NHk8+fH5s3TM/TNq5PfW6JYfaKveWmXym7fCgEHD4yQHUGBkb7RMWygZ
iNqg//lZXYS0kCEqsDjsMdm3BebjWAqMWCehWf9Eeag13xamiKKeQ6Xyx2Wj/PGe
gYY9AnOYowpDO0sWBYSZmcFnq8p9NACMd4R9OAmmMHslr5X8Luh9khOzGeZjXZBk
d4XEl9IcPoRdFEU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:50 2024 by rpki-client on console-fra.rpki-client.org