Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/KMAFSw0ZRsdFuTw8jflFRZRU-rA.roa
File: KMAFSw0ZRsdFuTw8jflFRZRU-rA.roa (raw, json)
Hash identifier: P398tnYrq/JRs3XBQGJSF05dSI9FuHNWtmIrsIc2i1o=
Subject key identifier: 28:C0:05:4B:0D:19:46:C7:45:B9:3C:3C:8D:F9:45:45:94:54:FA:B0
Certificate issuer: /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial: 0184FC4A0603D7DBCB557819039AECB329E0
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/KMAFSw0ZRsdFuTw8jflFRZRU-rA.roa
Signing time: Sat 10 Dec 2022 13:47:00 +0000
ROA not before: Sat 10 Dec 2022 13:47:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62257
IP address blocks: 194.147.150.0/24 maxlen: 24
194.147.170.0/24 maxlen: 24
194.36.175.0/24 maxlen: 24
45.139.9.0/24 maxlen: 24
194.180.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:fc:4a:06:03:d7:db:cb:55:78:19:03:9a:ec:b3:29:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Validity
Not Before: Dec 10 13:47:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28c0054b0d1946c745b93c3c8df945459454fab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:11:64:88:c1:ea:e6:9f:12:0c:1f:22:5d:3a:
00:8d:fc:d6:da:39:7c:1c:70:95:85:23:51:65:ba:
6c:23:e7:99:66:cd:21:9d:c8:65:f3:66:66:a0:fd:
59:b4:bc:e8:da:a0:81:12:a3:d4:15:9a:e5:12:82:
9d:70:60:90:9a:6c:8c:a4:d7:52:ce:22:9e:d6:6c:
b7:d8:1c:e1:d5:f0:04:fd:57:87:ef:90:b8:5a:10:
89:bb:52:17:78:bb:aa:11:5a:02:fc:f6:7a:d1:76:
5e:42:f0:1d:48:97:99:3e:85:34:ef:3b:e7:7b:0a:
df:53:94:13:51:b7:be:fc:94:e8:55:68:28:0f:e1:
6f:67:46:12:f4:c0:62:ee:b0:32:f5:1a:22:1c:2e:
6b:08:bf:28:97:f5:6b:78:e8:e0:41:c4:d3:f5:3e:
b1:59:54:43:f7:be:88:2d:5e:05:37:81:0c:76:f0:
10:68:85:68:7d:f7:a0:bd:05:a8:ae:2f:35:f9:cb:
3a:ae:48:5d:72:b8:a7:33:b2:c7:32:81:63:1b:8f:
5b:ca:ac:f0:51:34:a1:ce:9f:e5:0e:79:a6:f4:ce:
8d:49:b6:12:d0:13:02:c5:9a:36:85:36:19:ce:f3:
58:68:3c:bf:64:2e:a0:df:db:60:5e:79:6f:ee:c5:
cf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C0:05:4B:0D:19:46:C7:45:B9:3C:3C:8D:F9:45:45:94:54:FA:B0
X509v3 Authority Key Identifier:
keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/KMAFSw0ZRsdFuTw8jflFRZRU-rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.9.0/24
194.36.175.0/24
194.147.150.0/24
194.147.170.0/24
194.180.208.0/24
Signature Algorithm: sha256WithRSAEncryption
21:97:ef:bc:c0:8d:15:d5:4a:41:a8:9e:f7:ce:49:5f:10:e7:
ac:95:d8:fc:11:ab:66:9e:4a:9f:1c:0c:16:d2:0b:54:4c:8d:
46:cd:7a:66:0d:27:69:86:67:bf:21:21:c1:b2:2b:5b:1b:25:
a1:d1:a2:32:49:5a:9c:ab:6e:32:34:44:92:be:e7:92:80:32:
55:9c:3f:9c:dd:14:9c:39:bb:b3:fe:58:72:07:a0:bb:f4:e9:
56:c7:30:eb:cc:ee:6b:93:84:b2:c1:3d:1a:fe:c7:7e:6e:65:
6c:ef:c0:a7:ec:32:37:61:25:4f:e5:8c:21:48:f1:c9:51:7d:
01:9e:24:d0:af:f1:0f:1d:91:80:e9:ec:48:a1:ad:68:04:c1:
86:4c:8e:80:f9:20:33:02:b4:b7:03:24:a0:98:fb:d9:38:13:
c7:ae:21:18:7f:f6:fa:56:f7:9c:d9:5e:86:61:c6:2c:98:ca:
e6:19:d8:7c:bf:4b:55:1e:d2:c9:e9:1e:f0:03:a2:51:80:d8:
78:dd:eb:38:fd:f6:41:99:21:62:16:0f:12:3e:36:b1:07:91:
39:91:bb:6a:28:20:a6:5b:61:09:70:2c:34:19:43:ab:21:08:
22:4d:e5:af:5d:b3:83:51:74:ef:67:d0:49:6b:90:c8:a2:57:
6b:17:4d:3e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYT8SgYD19vLVXgZA5rssyngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjIxMjEwMTM0NzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGMwMDU0YjBkMTk0NmM3NDViOTNjM2M4ZGY5NDU0NTk0NTRmYWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRFkiMHq5p8SDB8iXToAjfzW2jl8
HHCVhSNRZbpsI+eZZs0hnchl82ZmoP1ZtLzo2qCBEqPUFZrlEoKdcGCQmmyMpNdS
ziKe1my32Bzh1fAE/VeH75C4WhCJu1IXeLuqEVoC/PZ60XZeQvAdSJeZPoU07zvn
ewrfU5QTUbe+/JToVWgoD+FvZ0YS9MBi7rAy9RoiHC5rCL8ol/VreOjgQcTT9T6x
WVRD976ILV4FN4EMdvAQaIVoffegvQWori81+cs6rkhdcrinM7LHMoFjG49byqzw
UTShzp/lDnmm9M6NSbYS0BMCxZo2hTYZzvNYaDy/ZC6g39tgXnlv7sXPHwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCjABUsNGUbHRbk8PI35RUWUVPqwMB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEvS01BRlN3MFpSc2RGdVR3OGpmbEZSWlJVLXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYtMzhjYjZlNDE2ZjNh
LzEveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYsJAwQA
wiSvAwQAwpOWAwQAwpOqAwQAwrTQMA0GCSqGSIb3DQEBCwUAA4IBAQAhl++8wI0V
1UpBqJ73zklfEOesldj8EatmnkqfHAwW0gtUTI1GzXpmDSdphme/ISHBsitbGyWh
0aIySVqcq24yNESSvueSgDJVnD+c3RScObuz/lhyB6C79OlWxzDrzO5rk4SywT0a
/sd+bmVs78Cn7DI3YSVP5YwhSPHJUX0BniTQr/EPHZGA6exIoa1oBMGGTI6A+SAz
ArS3AySgmPvZOBPHriEYf/b6Vvec2V6GYcYsmMrmGdh8v0tVHtLJ6R7wA6JRgNh4
3es4/fZBmSFiFg8SPjaxB5E5kbtqKCCmW2EJcCw0GUOrIQgiTeWvXbODUXTvZ9BJ
a5DIoldrF00+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:20 2023 by rpki-client on console-fra.rpki-client.org