Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/KqoZm30WFeQUTiLll0Ft7wbnPi8.roa
File: KqoZm30WFeQUTiLll0Ft7wbnPi8.roa (raw, json)
Hash identifier: +rn7Go7PONBWfVmJQM1Ov2kO10NygBf4eerQRU1aB5M=
Subject key identifier: 2A:AA:19:9B:7D:16:15:E4:14:4E:22:E5:97:41:6D:EF:06:E7:3E:2F
Certificate issuer: /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial: 018423C0879FB7FB43F6E3639591B33694BF
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/KqoZm30WFeQUTiLll0Ft7wbnPi8.roa
Signing time: Sat 29 Oct 2022 12:38:50 +0000
ROA not before: Sat 29 Oct 2022 12:38:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47285
IP address blocks: 185.105.236.0/24 maxlen: 24
185.105.238.0/24 maxlen: 24
45.139.8.0/24 maxlen: 24
194.180.209.0/24 maxlen: 24
2a12:2600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:23:c0:87:9f:b7:fb:43:f6:e3:63:95:91:b3:36:94:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Validity
Not Before: Oct 29 12:38:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2aaa199b7d1615e4144e22e597416def06e73e2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2b:d3:c4:8a:04:4d:37:0b:ac:d6:2f:60:1c:
5c:22:2d:e0:82:96:8c:3d:14:30:2b:66:3d:01:0f:
33:b1:23:8a:7c:38:d3:c6:53:93:b3:38:5d:db:89:
e3:e9:10:5a:3c:3d:79:87:42:9d:23:6a:9c:30:63:
14:78:f8:9c:a1:c8:d6:e3:75:09:eb:08:90:68:47:
dd:ad:ae:3d:17:13:4a:15:55:62:1b:9e:8e:6d:4a:
94:ad:50:aa:e0:84:30:e9:15:c5:54:7b:aa:f2:e5:
05:79:87:9b:13:9d:f7:39:29:f8:57:5e:26:06:b1:
80:18:dc:aa:7d:2a:f4:80:2d:e1:a9:93:e3:96:89:
5c:35:88:ea:c7:e3:c1:89:8d:ea:63:c6:dd:64:0c:
10:0d:b1:aa:fa:90:5c:44:8c:6f:c8:65:56:8c:82:
c7:00:8b:fd:f0:56:18:68:28:b7:91:4b:c8:ae:ad:
0c:c4:27:e2:34:d1:8e:67:fa:b6:5c:42:8f:2c:91:
8c:e8:35:48:50:53:7b:ab:3d:2f:c5:1a:e0:2d:99:
c1:1b:94:94:b8:ec:f0:15:8f:9e:f3:a3:c7:6c:62:
81:96:cd:c0:90:cf:15:b2:f1:9f:3b:e3:4f:a2:74:
88:63:4f:5a:92:19:dd:da:ce:b0:71:e9:24:8d:69:
01:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:AA:19:9B:7D:16:15:E4:14:4E:22:E5:97:41:6D:EF:06:E7:3E:2F
X509v3 Authority Key Identifier:
keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/KqoZm30WFeQUTiLll0Ft7wbnPi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.8.0/24
185.105.236.0/24
185.105.238.0/24
194.180.209.0/24
IPv6:
2a12:2600::/29
Signature Algorithm: sha256WithRSAEncryption
59:5a:94:70:d9:4b:6c:ac:6f:94:57:61:d7:d8:85:20:61:9d:
c4:df:63:23:c5:7b:86:c5:13:10:79:b4:93:ab:75:4d:4c:e1:
9b:97:3e:9f:29:2f:f9:5f:27:e3:5d:07:00:3a:2a:e4:3d:50:
0d:f7:f0:92:48:f1:32:65:75:95:ff:c6:8f:3a:ba:98:72:79:
d6:45:eb:32:da:ff:13:f7:6e:1b:ef:ad:69:df:44:88:9d:ed:
da:87:31:e3:27:a6:aa:3a:3f:79:dc:5c:95:75:30:13:3f:f0:
47:c9:88:94:6d:b9:28:6a:6a:f6:1d:0b:ed:30:d5:83:01:a2:
e6:33:21:37:8b:73:b7:e7:69:07:b0:df:12:7c:9e:65:ef:e9:
18:64:8e:50:aa:ea:0d:3d:c8:36:17:af:1e:77:d5:43:d6:d5:
1b:4e:0e:5e:d6:1f:eb:2c:91:b5:19:23:51:90:4b:07:11:78:
fc:a0:e2:72:90:e1:bd:cb:e2:66:a7:05:5d:5a:b7:30:10:d8:
55:ba:df:25:ae:7d:4a:f3:a5:3a:bc:da:9d:72:84:9c:40:0a:
0f:24:b1:11:e3:33:40:11:e6:1d:f5:c3:45:b6:be:af:86:f2:
91:2e:02:6f:23:bb:76:00:44:89:7f:48:f0:5f:e4:67:29:ff:
87:fe:a7:0b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYQjwIeft/tD9uNjlZGzNpS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjIxMDI5MTIzODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWFhMTk5YjdkMTYxNWU0MTQ0ZTIyZTU5NzQxNmRlZjA2ZTczZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSvTxIoETTcLrNYvYBxcIi3ggpaM
PRQwK2Y9AQ8zsSOKfDjTxlOTszhd24nj6RBaPD15h0KdI2qcMGMUePicocjW43UJ
6wiQaEfdra49FxNKFVViG56ObUqUrVCq4IQw6RXFVHuq8uUFeYebE533OSn4V14m
BrGAGNyqfSr0gC3hqZPjlolcNYjqx+PBiY3qY8bdZAwQDbGq+pBcRIxvyGVWjILH
AIv98FYYaCi3kUvIrq0MxCfiNNGOZ/q2XEKPLJGM6DVIUFN7qz0vxRrgLZnBG5SU
uOzwFY+e86PHbGKBls3AkM8VsvGfO+NPonSIY09akhnd2s6wcekkjWkBWQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCqqGZt9FhXkFE4i5ZdBbe8G5z4vMB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEvS3FvWm0zMFdGZVFVVGlMbGwwRnQ3d2JuUGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYtMzhjYjZlNDE2ZjNh
LzEveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALYsIAwQA
uWnsAwQAuWnuAwQAwrTRMA0EAgACMAcDBQMqEiYAMA0GCSqGSIb3DQEBCwUAA4IB
AQBZWpRw2UtsrG+UV2HX2IUgYZ3E32MjxXuGxRMQebSTq3VNTOGblz6fKS/5Xyfj
XQcAOirkPVAN9/CSSPEyZXWV/8aPOrqYcnnWResy2v8T924b761p30SIne3ahzHj
J6aqOj953FyVdTATP/BHyYiUbbkoamr2HQvtMNWDAaLmMyE3i3O352kHsN8SfJ5l
7+kYZI5QquoNPcg2F68ed9VD1tUbTg5e1h/rLJG1GSNRkEsHEXj8oOJykOG9y+Jm
pwVdWrcwENhVut8lrn1K86U6vNqdcoScQAoPJLER4zNAEeYd9cNFtr6vhvKRLgJv
I7t2AESJf0jwX+RnKf+H/qcL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:14 2023 by rpki-client on console-ams.rpki-client.org