Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/KsLBU5rhjSRjsiiVVDx1Kw-7o20.roa
File: KsLBU5rhjSRjsiiVVDx1Kw-7o20.roa (raw, json)
Hash identifier: P96fDpQ5IXLDwACERHuYyyuzLDQWCxXjXvBF1Mz7dhQ=
Subject key identifier: 2A:C2:C1:53:9A:E1:8D:24:63:B2:28:95:54:3C:75:2B:0F:BB:A3:6D
Certificate issuer: /CN=5799b327dd6cda1ad37bc1c224a454b02dea2afc
Certificate serial: 018530B942DC1CDA45EFFE2B4FA03472E4F2
Authority key identifier: 57:99:B3:27:DD:6C:DA:1A:D3:7B:C1:C2:24:A4:54:B0:2D:EA:2A:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5mzJ91s2hrTe8HCJKRUsC3qKvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/KsLBU5rhjSRjsiiVVDx1Kw-7o20.roa
Signing time: Tue 20 Dec 2022 18:08:45 +0000
ROA not before: Tue 20 Dec 2022 18:08:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14593
IP address blocks: 145.224.64.0/21 maxlen: 24
176.116.124.0/23 maxlen: 24
145.224.64.0/18 maxlen: 24
145.224.72.0/21 maxlen: 24
145.224.80.0/21 maxlen: 24
145.224.88.0/22 maxlen: 24
188.92.248.0/21 maxlen: 24
145.224.94.0/23 maxlen: 24
145.224.96.0/21 maxlen: 24
145.224.92.0/23 maxlen: 24
188.95.144.0/23 maxlen: 24
216.128.0.0/19 maxlen: 24
169.155.224.0/19 maxlen: 24
217.65.136.0/22 maxlen: 24
217.65.136.0/21 maxlen: 24
162.43.192.0/22 maxlen: 24
91.102.180.0/22 maxlen: 24
145.224.108.0/22 maxlen: 24
145.224.124.0/22 maxlen: 24
209.198.128.0/19 maxlen: 24
2a0d:3340::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:b9:42:dc:1c:da:45:ef:fe:2b:4f:a0:34:72:e4:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5799b327dd6cda1ad37bc1c224a454b02dea2afc
Validity
Not Before: Dec 20 18:08:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ac2c1539ae18d2463b22895543c752b0fbba36d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fb:7e:63:0e:24:79:f7:94:56:74:1b:ba:5d:
46:a0:e8:09:5f:5e:b3:c0:5a:6b:27:97:02:19:83:
23:11:78:c0:91:b2:a8:09:94:a8:c4:61:cd:c8:fe:
02:ec:c1:2b:f4:ce:5e:84:a6:d0:7f:4e:4e:b8:34:
c6:41:7b:37:3b:64:b8:8d:b1:77:5b:e8:ba:67:77:
ef:01:f4:09:9c:06:b8:94:26:a2:e9:b4:a0:45:0f:
9e:9a:c0:50:a7:2d:c8:f2:cf:a1:49:06:f6:52:6e:
88:c9:2d:ce:73:0c:73:59:f8:b1:fe:05:f6:e7:3b:
46:c5:37:37:1a:28:04:4c:62:7c:83:cc:02:39:15:
1d:a4:91:a4:b4:87:4a:49:d8:4a:81:62:95:ef:1d:
57:ba:4c:50:87:f3:3d:da:46:4a:66:f8:3d:dd:dc:
a5:3c:30:8b:00:3e:e6:78:24:a0:f3:e6:f5:b6:da:
a7:4c:3b:84:62:f1:33:3a:a8:c4:d1:22:f0:49:b5:
57:7b:63:69:fd:4b:9b:e7:62:ec:c3:7a:4f:0a:50:
73:14:2d:79:2c:a8:3f:d8:57:37:33:1c:20:58:ab:
88:55:2a:2e:67:f2:19:c9:cf:18:7b:89:bd:33:3f:
11:d4:d8:3d:6f:0c:81:09:f4:c8:62:d8:4d:e1:9d:
9a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C2:C1:53:9A:E1:8D:24:63:B2:28:95:54:3C:75:2B:0F:BB:A3:6D
X509v3 Authority Key Identifier:
keyid:57:99:B3:27:DD:6C:DA:1A:D3:7B:C1:C2:24:A4:54:B0:2D:EA:2A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5mzJ91s2hrTe8HCJKRUsC3qKvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/KsLBU5rhjSRjsiiVVDx1Kw-7o20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/V5mzJ91s2hrTe8HCJKRUsC3qKvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.180.0/22
145.224.64.0/18
162.43.192.0/22
169.155.224.0/19
176.116.124.0/23
188.92.248.0/21
188.95.144.0/23
209.198.128.0/19
216.128.0.0/19
217.65.136.0/21
IPv6:
2a0d:3340::/29
Signature Algorithm: sha256WithRSAEncryption
4c:56:9a:16:dc:21:ad:eb:0c:f8:2f:4d:24:b7:1b:fe:01:99:
10:14:e2:3e:73:60:e3:b0:10:21:23:6e:da:57:4d:20:52:34:
7c:56:ca:5b:63:a1:ac:37:4d:6b:88:51:5c:3c:e7:f1:ee:5b:
07:7a:e4:21:ec:52:62:31:8a:24:48:f2:b1:7b:f2:d1:6e:9b:
fd:3f:6f:2e:f1:4d:3a:c8:da:08:0c:8b:cb:09:57:1e:54:cc:
1f:8d:a1:88:e3:54:86:a5:ae:a9:dd:13:b2:d9:06:34:4f:fa:
d9:3a:e1:2b:a0:f8:79:22:a1:34:8a:a9:b5:29:97:74:7d:2d:
ea:67:28:89:2d:46:b9:9f:ee:db:7a:3f:81:9d:68:74:60:d6:
6d:c4:91:d9:85:71:1c:ff:67:14:6a:14:7f:76:41:7d:54:3c:
ee:00:ca:d8:fe:01:29:93:a3:ec:2f:76:dc:5e:3d:66:86:01:
b3:ae:12:33:ec:7a:41:64:2a:c1:e6:e1:16:9d:c4:86:dc:25:
1e:04:d1:47:90:b9:42:e7:88:86:66:32:b2:fa:8e:71:77:93:
33:46:6a:d7:b0:8f:32:c7:6d:db:86:cb:2e:e7:a5:36:86:cf:
25:26:ec:bf:19:25:ed:bb:3c:f8:8c:fe:88:a0:0e:ee:75:0a:
b7:dd:fa:f6
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYUwuULcHNpF7/4rT6A0cuTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTliMzI3ZGQ2Y2RhMWFkMzdiYzFjMjI0YTQ1NGIwMmRl
YTJhZmMwHhcNMjIxMjIwMTgwODQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWMyYzE1MzlhZTE4ZDI0NjNiMjI4OTU1NDNjNzUyYjBmYmJhMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvt+Yw4kefeUVnQbul1GoOgJX16z
wFprJ5cCGYMjEXjAkbKoCZSoxGHNyP4C7MEr9M5ehKbQf05OuDTGQXs3O2S4jbF3
W+i6Z3fvAfQJnAa4lCai6bSgRQ+emsBQpy3I8s+hSQb2Um6IyS3OcwxzWfix/gX2
5ztGxTc3GigETGJ8g8wCORUdpJGktIdKSdhKgWKV7x1XukxQh/M92kZKZvg93dyl
PDCLAD7meCSg8+b1ttqnTDuEYvEzOqjE0SLwSbVXe2Np/Uub52Lsw3pPClBzFC15
LKg/2Fc3MxwgWKuIVSouZ/IZyc8Ye4m9Mz8R1Ng9bwyBCfTIYthN4Z2aIQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFCrCwVOa4Y0kY7IolVQ8dSsPu6NtMB8GA1UdIwQY
MBaAFFeZsyfdbNoa03vBwiSkVLAt6ir8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVteko5MXMyaHJUZThIQ0pLUlVzQzNxS3Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84YzJhZTktMGE3Ny00OWViLWFkM2Et
ZWExNTBlNzYzOGNlLzEvS3NMQlU1cmhqU1Jqc2lpVlZEeDFLdy03bzIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84YzJhZTktMGE3Ny00OWViLWFkM2EtZWExNTBlNzYzOGNl
LzEvVjVteko5MXMyaHJUZThIQ0pLUlVzQzNxS3Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCW2a0AwQG
keBAAwQCoivAAwQFqZvgAwQBsHR8AwQDvFz4AwQBvF+QAwQF0caAAwQF2IAAAwQD
2UGIMA0EAgACMAcDBQMqDTNAMA0GCSqGSIb3DQEBCwUAA4IBAQBMVpoW3CGt6wz4
L00ktxv+AZkQFOI+c2DjsBAhI27aV00gUjR8VspbY6GsN01riFFcPOfx7lsHeuQh
7FJiMYokSPKxe/LRbpv9P28u8U06yNoIDIvLCVceVMwfjaGI41SGpa6p3ROy2QY0
T/rZOuEroPh5IqE0iqm1KZd0fS3qZyiJLUa5n+7bej+BnWh0YNZtxJHZhXEc/2cU
ahR/dkF9VDzuAMrY/gEpk6PsL3bcXj1mhgGzrhIz7HpBZCrB5uEWncSG3CUeBNFH
kLlC54iGZjKy+o5xd5MzRmrXsI8yx23bhssu56U2hs8lJuy/GSXtuzz4jP6IoA7u
dQq33fr2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:46 2024 by rpki-client on console-fra.rpki-client.org