Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/KvTOzMlY9TEvU9wfpvPBt7eRyYI.roa
File: KvTOzMlY9TEvU9wfpvPBt7eRyYI.roa (raw, json)
Hash identifier: eaj8MwsFHpjU3rlQYshMgEIHk80A3tl3UinYMr+q4vE=
Subject key identifier: 2A:F4:CE:CC:C9:58:F5:31:2F:53:DC:1F:A6:F3:C1:B7:B7:91:C9:82
Certificate issuer: /CN=7cfc92b0a75b89ad2e3c57f7cba0e478684219ce
Certificate serial: 305D2155
Authority key identifier: 7C:FC:92:B0:A7:5B:89:AD:2E:3C:57:F7:CB:A0:E4:78:68:42:19:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fPySsKdbia0uPFf3y6DkeGhCGc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/KvTOzMlY9TEvU9wfpvPBt7eRyYI.roa
Signing time: Sat 01 Jan 2022 04:59:08 +0000
ROA not before: Sat 01 Jan 2022 04:59:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201966
IP address blocks: 185.92.217.0/24 maxlen: 24
185.92.216.0/24 maxlen: 24
185.92.219.0/24 maxlen: 24
185.92.218.0/24 maxlen: 24
94.229.83.0/24 maxlen: 24
94.229.84.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 811409749 (0x305d2155)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cfc92b0a75b89ad2e3c57f7cba0e478684219ce
Validity
Not Before: Jan 1 04:59:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2af4ceccc958f5312f53dc1fa6f3c1b7b791c982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:43:96:45:5d:e4:6b:ff:91:35:c9:0a:1c:73:
a9:00:09:24:f4:54:aa:d6:c9:fd:94:30:ea:b3:4f:
88:79:c1:1a:f5:d0:0a:88:5e:42:0d:ac:1d:71:9e:
70:aa:ba:ec:60:2e:99:9a:13:c8:a2:4d:60:87:46:
fb:97:7c:2d:68:7e:35:2e:28:43:45:96:d9:96:40:
e0:81:89:0e:7a:d6:99:b2:80:2d:64:bc:66:17:24:
38:5b:a6:ad:10:e2:2f:eb:02:92:28:6b:74:e6:ce:
61:73:ca:17:5c:88:06:3c:a4:a0:ec:96:ec:30:40:
96:70:85:b8:21:09:a6:89:52:e6:47:4c:9f:7e:8d:
93:a0:da:fa:16:66:66:40:92:b2:1f:44:db:49:e2:
da:e2:ef:78:05:48:a7:51:46:67:71:ce:b9:8e:0b:
67:08:3d:80:b1:7d:2b:ba:53:83:b8:6d:9f:29:b4:
69:71:0e:6b:70:74:ff:29:f7:f6:0a:12:53:08:a7:
43:69:cd:d1:71:84:29:a2:76:65:93:2f:9f:51:57:
6b:29:0b:39:03:f4:fc:3d:52:0f:aa:99:e6:c9:7a:
67:2d:06:9e:8c:77:08:1a:70:77:32:65:cc:8e:80:
2b:06:34:6c:df:56:a4:b6:ee:0a:b8:f7:ca:c5:67:
11:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F4:CE:CC:C9:58:F5:31:2F:53:DC:1F:A6:F3:C1:B7:B7:91:C9:82
X509v3 Authority Key Identifier:
keyid:7C:FC:92:B0:A7:5B:89:AD:2E:3C:57:F7:CB:A0:E4:78:68:42:19:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fPySsKdbia0uPFf3y6DkeGhCGc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/KvTOzMlY9TEvU9wfpvPBt7eRyYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/fPySsKdbia0uPFf3y6DkeGhCGc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.229.83.0-94.229.85.255
185.92.216.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:0a:bb:18:7b:b4:bd:0b:76:cb:dd:bd:af:c5:c9:86:15:d6:
98:65:ab:b7:a9:4d:37:01:d7:5f:ad:9c:6f:68:7e:dd:e2:84:
32:f7:86:52:28:0a:ed:b0:30:58:57:90:7b:d5:bf:b1:00:1f:
62:23:34:b8:9a:7f:bb:22:29:61:89:6f:ca:72:66:9b:99:83:
ed:08:d0:42:7c:c2:4b:15:87:10:1d:36:e8:35:c0:b2:71:85:
0d:ae:0f:dd:95:a2:e0:a9:89:03:ed:f4:09:45:93:42:1b:c4:
6e:ff:bd:52:54:bb:95:1b:15:6b:bc:10:55:3f:ac:47:ae:44:
34:4d:aa:59:89:bf:a1:af:02:fc:48:23:51:84:4f:24:d4:77:
ad:b8:6a:f2:f3:40:05:bd:1c:62:51:93:db:c5:e4:e4:71:dd:
19:00:48:6b:2b:3d:9b:5a:02:0b:da:4b:1a:57:d6:8f:6a:1b:
c6:5d:1f:b7:3e:16:a6:83:b7:47:1f:2b:6b:3a:a3:54:5a:15:
50:0f:d0:9b:53:80:9a:49:fa:a3:39:9f:ac:82:73:b8:86:54:
3c:24:e1:95:5b:03:1d:74:3c:63:6d:1a:2b:d7:d4:a2:5b:4b:
5a:be:96:d1:40:eb:4e:a8:12:65:80:91:a5:6d:e6:c7:72:ae:
f5:e5:05:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEMF0hVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2ZjOTJiMGE3NWI4OWFkMmUzYzU3ZjdjYmEwZTQ3ODY4NDIxOWNlMB4XDTIyMDEw
MTA0NTkwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFmNGNlY2NjOTU4
ZjUzMTJmNTNkYzFmYTZmM2MxYjdiNzkxYzk4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKBDlkVd5Gv/kTXJChxzqQAJJPRUqtbJ/ZQw6rNPiHnBGvXQ
CoheQg2sHXGecKq67GAumZoTyKJNYIdG+5d8LWh+NS4oQ0WW2ZZA4IGJDnrWmbKA
LWS8ZhckOFumrRDiL+sCkihrdObOYXPKF1yIBjykoOyW7DBAlnCFuCEJpolS5kdM
n36Nk6Da+hZmZkCSsh9E20ni2uLveAVIp1FGZ3HOuY4LZwg9gLF9K7pTg7htnym0
aXEOa3B0/yn39goSUwinQ2nN0XGEKaJ2ZZMvn1FXaykLOQP0/D1SD6qZ5sl6Zy0G
nox3CBpwdzJlzI6AKwY0bN9WpLbuCrj3ysVnEbcCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQq9M7MyVj1MS9T3B+m88G3t5HJgjAfBgNVHSMEGDAWgBR8/JKwp1uJrS48
V/fLoOR4aEIZzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZQeVNzS2RiaWEwdVBGZjN5NkRrZUdoQ0djNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvMTc3NmNiLTFjNzgtNGRjYy1iNDNiLTM2ZDdiNGY4NGU1Yy8x
L0t2VE96TWxZOVRFdlU5d2ZwdlBCdDdlUnlZSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
MTc3NmNiLTFjNzgtNGRjYy1iNDNiLTM2ZDdiNGY4NGU1Yy8xL2ZQeVNzS2RiaWEw
dVBGZjN5NkRrZUdoQ0djNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQAXuVTAwQBXuVUAwQCuVzYMA0G
CSqGSIb3DQEBCwUAA4IBAQCjCrsYe7S9C3bL3b2vxcmGFdaYZau3qU03AddfrZxv
aH7d4oQy94ZSKArtsDBYV5B71b+xAB9iIzS4mn+7IilhiW/KcmabmYPtCNBCfMJL
FYcQHTboNcCycYUNrg/dlaLgqYkD7fQJRZNCG8Ru/71SVLuVGxVrvBBVP6xHrkQ0
TapZib+hrwL8SCNRhE8k1HetuGry80AFvRxiUZPbxeTkcd0ZAEhrKz2bWgIL2ksa
V9aPahvGXR+3Phamg7dHHytrOqNUWhVQD9CbU4CaSfqjOZ+sgnO4hlQ8JOGVWwMd
dDxjbRor19SiW0tavpbRQOtOqBJlgJGlbebHcq715QV8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:14 2024 by rpki-client on console-fra.rpki-client.org