Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/KodXDEZo3X8gkO7fOaA-GXTYwIw.roa
File: KodXDEZo3X8gkO7fOaA-GXTYwIw.roa (raw, json)
Hash identifier: lhtrXfkl6ZphQjhp8UK582cmjH3WmTcGgCFmBEZobOw=
Subject key identifier: 2A:87:57:0C:46:68:DD:7F:20:90:EE:DF:39:A0:3E:19:74:D8:C0:8C
Certificate issuer: /CN=a4b666cb0e5496116eb7ae6714d9055309ba69ac
Certificate serial: 057773CE
Authority key identifier: A4:B6:66:CB:0E:54:96:11:6E:B7:AE:67:14:D9:05:53:09:BA:69:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLZmyw5UlhFut65nFNkFUwm6aaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/KodXDEZo3X8gkO7fOaA-GXTYwIw.roa
Signing time: Sat 01 Jan 2022 14:07:00 +0000
ROA not before: Sat 01 Jan 2022 14:07:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48685
IP address blocks: 94.142.152.0/21 maxlen: 21
185.25.252.0/22 maxlen: 22
176.10.32.0/21 maxlen: 21
185.169.188.0/22 maxlen: 22
185.169.188.0/23 maxlen: 23
176.57.224.0/20 maxlen: 20
2a06:a100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91714510 (0x57773ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b666cb0e5496116eb7ae6714d9055309ba69ac
Validity
Not Before: Jan 1 14:07:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a87570c4668dd7f2090eedf39a03e1974d8c08c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ac:26:a8:fe:b6:a9:a3:6a:ad:e3:64:75:85:
4f:88:e3:dd:79:83:48:c0:4c:0d:45:13:6e:ab:60:
b8:1b:8c:c7:c1:5b:0e:ea:92:b1:a4:70:a0:5c:d0:
5b:4c:55:04:79:64:e1:aa:a0:69:e9:2d:18:68:05:
43:1d:fe:69:12:83:db:91:c9:e4:5b:7e:a3:4a:2a:
4d:d6:ab:30:7d:5d:43:5d:f2:42:ac:7c:42:8b:d4:
99:ae:f5:69:44:96:31:74:ac:e8:3c:b2:d2:42:4f:
91:24:48:87:da:8f:b3:61:c8:1d:4e:92:1a:c0:f0:
84:4e:b6:92:1a:6d:aa:ca:24:dd:78:bd:8e:4c:c7:
d8:f7:84:56:f1:b1:ec:84:e9:b8:4e:62:f4:b7:c9:
6f:34:af:d5:42:31:3a:12:42:ab:7c:46:27:18:c4:
68:24:a8:31:f9:1c:79:3c:db:e0:23:72:78:b4:f8:
64:aa:fb:09:eb:58:f6:1c:a8:49:f4:39:4c:3b:be:
0c:db:e3:66:99:90:18:02:4b:25:5f:fd:a3:0d:1e:
f2:72:0d:c8:ac:c9:7f:4c:7d:5c:32:f0:dd:7d:4f:
ac:48:de:8b:d7:45:5e:b1:bc:13:cc:e5:f5:db:09:
41:0a:dc:36:40:67:91:bf:f0:90:80:53:a8:18:d2:
4b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:87:57:0C:46:68:DD:7F:20:90:EE:DF:39:A0:3E:19:74:D8:C0:8C
X509v3 Authority Key Identifier:
keyid:A4:B6:66:CB:0E:54:96:11:6E:B7:AE:67:14:D9:05:53:09:BA:69:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLZmyw5UlhFut65nFNkFUwm6aaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/KodXDEZo3X8gkO7fOaA-GXTYwIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/pLZmyw5UlhFut65nFNkFUwm6aaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.152.0/21
176.10.32.0/21
176.57.224.0/20
185.25.252.0/22
185.169.188.0/22
IPv6:
2a06:a100::/29
Signature Algorithm: sha256WithRSAEncryption
61:23:80:b0:0b:05:94:73:62:e6:e6:56:c0:7a:61:f9:5e:45:
c2:8e:c7:b3:77:6d:d4:56:41:07:a3:f8:cb:e2:76:74:b3:22:
c8:d4:8c:37:70:7f:65:4d:21:57:2c:2f:d9:58:85:7d:00:9c:
63:68:30:07:2d:10:b8:e7:3e:8c:3a:8c:f5:29:37:d1:19:c6:
79:d3:d3:30:4f:1a:4f:e7:6d:fe:2e:fe:2b:48:7a:dc:db:f7:
4f:38:25:78:dc:cf:4d:74:12:86:a8:e0:2b:e2:38:a3:ab:c8:
56:96:b2:fe:28:76:df:51:70:bb:8b:d0:39:d8:8e:4b:18:af:
24:3f:b8:4f:9e:f3:ba:f0:50:f1:54:4f:42:46:b7:9d:f7:3e:
61:e9:7d:1f:00:df:7d:8b:8e:9d:19:a9:23:a5:0c:03:94:8e:
85:90:28:eb:5e:67:55:39:36:81:13:0c:3d:a6:7e:89:f5:0f:
f0:0a:0b:7c:47:64:9f:da:98:ed:eb:5b:76:f6:8f:b7:f0:90:
71:cc:56:7c:c6:65:49:cd:e1:d7:f2:71:3d:65:c0:39:47:5e:
7d:55:4b:e4:93:d0:fc:c6:23:66:62:07:43:46:5c:f5:c4:6d:
bf:c7:bc:94:0c:11:c2:4d:c9:97:13:21:6e:0b:c4:c9:92:54:
0e:da:79:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBXdzzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NGI2NjZjYjBlNTQ5NjExNmViN2FlNjcxNGQ5MDU1MzA5YmE2OWFjMB4XDTIyMDEw
MTE0MDcwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE4NzU3MGM0NjY4
ZGQ3ZjIwOTBlZWRmMzlhMDNlMTk3NGQ4YzA4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6sJqj+tqmjaq3jZHWFT4jj3XmDSMBMDUUTbqtguBuMx8Fb
DuqSsaRwoFzQW0xVBHlk4aqgaektGGgFQx3+aRKD25HJ5Ft+o0oqTdarMH1dQ13y
Qqx8QovUma71aUSWMXSs6Dyy0kJPkSRIh9qPs2HIHU6SGsDwhE62khptqsok3Xi9
jkzH2PeEVvGx7ITpuE5i9LfJbzSv1UIxOhJCq3xGJxjEaCSoMfkceTzb4CNyeLT4
ZKr7CetY9hyoSfQ5TDu+DNvjZpmQGAJLJV/9ow0e8nINyKzJf0x9XDLw3X1PrEje
i9dFXrG8E8zl9dsJQQrcNkBnkb/wkIBTqBjSS6kCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQqh1cMRmjdfyCQ7t85oD4ZdNjAjDAfBgNVHSMEGDAWgBSktmbLDlSWEW63
rmcU2QVTCbpprDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BMWm15dzVVbGhGdXQ2NW5GTmtGVXdtNmFhdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvZjc0MjgwLWNjNmQtNDFjMS04NThhLWI1MzY4MzMwYmFmMi8x
L0tvZFhERVpvM1g4Z2tPN2ZPYUEtR1hUWXdJdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
Zjc0MjgwLWNjNmQtNDFjMS04NThhLWI1MzY4MzMwYmFmMi8xL3BMWm15dzVVbGhG
dXQ2NW5GTmtGVXdtNmFhdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEA16OmAMEA7AKIAMEBLA54AMEArkZ
/AMEArmpvDANBAIAAjAHAwUDKgahADANBgkqhkiG9w0BAQsFAAOCAQEAYSOAsAsF
lHNi5uZWwHph+V5Fwo7Hs3dt1FZBB6P4y+J2dLMiyNSMN3B/ZU0hVywv2ViFfQCc
Y2gwBy0QuOc+jDqM9Sk30RnGedPTME8aT+dt/i7+K0h63Nv3TzgleNzPTXQShqjg
K+I4o6vIVpay/ih231Fwu4vQOdiOSxivJD+4T57zuvBQ8VRPQka3nfc+Yel9HwDf
fYuOnRmpI6UMA5SOhZAo615nVTk2gRMMPaZ+ifUP8AoLfEdkn9qY7etbdvaPt/CQ
ccxWfMZlSc3h1/JxPWXAOUdefVVL5JPQ/MYjZmIHQ0Zc9cRtv8e8lAwRwk3JlxMh
bgvEyZJUDtp5Pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:55 2024 by rpki-client on console-fra.rpki-client.org