Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/k0cp6_XUsODeU6yNLpbS9kqgBpc.roa
File: k0cp6_XUsODeU6yNLpbS9kqgBpc.roa (raw, json)
Hash identifier: EjaK1nkv0cYYzy0rpsBvLgXnSfntAyoTpf/ZL+NEGDg=
Subject key identifier: 93:47:29:EB:F5:D4:B0:E0:DE:53:AC:8D:2E:96:D2:F6:4A:A0:06:97
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 0D5D861B
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/k0cp6_XUsODeU6yNLpbS9kqgBpc.roa
Signing time: Sat 02 Apr 2022 11:27:02 +0000
ROA not before: Sat 02 Apr 2022 11:27:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6848
IP address blocks: 195.162.192.0/19 maxlen: 19
78.29.192.0/18 maxlen: 18
213.132.128.0/19 maxlen: 19
81.82.0.0/15 maxlen: 15
195.16.0.0/19 maxlen: 19
46.253.160.0/20 maxlen: 20
141.134.0.0/15 maxlen: 15
62.205.64.0/18 maxlen: 18
185.30.52.0/22 maxlen: 22
178.116.0.0/14 maxlen: 14
78.20.0.0/14 maxlen: 14
5.23.128.0/17 maxlen: 17
188.95.146.0/23 maxlen: 23
212.88.224.0/19 maxlen: 19
85.28.64.0/18 maxlen: 18
84.192.0.0/13 maxlen: 13
83.217.128.0/19 maxlen: 19
213.214.32.0/19 maxlen: 19
213.251.64.0/18 maxlen: 18
213.224.0.0/16 maxlen: 16
217.168.120.0/21 maxlen: 21
212.123.0.0/19 maxlen: 19
82.143.64.0/18 maxlen: 18
94.224.0.0/14 maxlen: 14
213.118.0.0/15 maxlen: 15
81.164.0.0/15 maxlen: 15
195.130.128.0/19 maxlen: 19
188.44.64.0/19 maxlen: 19
185.248.41.0/24 maxlen: 24
185.248.40.0/22 maxlen: 22
2a02:1800::/24 maxlen: 24
2a02:1800:101::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 224232987 (0xd5d861b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: Apr 2 11:27:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=934729ebf5d4b0e0de53ac8d2e96d2f64aa00697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e8:7a:71:c3:35:a0:cd:ec:31:7f:d5:32:74:
48:66:90:8a:03:f1:05:8f:d8:73:65:95:15:40:24:
e0:54:d3:d1:a0:c3:18:98:7f:a0:41:ec:33:ce:5b:
bb:7a:28:16:4c:79:85:af:3a:c8:9d:cc:58:05:52:
b5:49:3b:44:82:11:42:2b:c3:ac:e3:05:d5:9b:d6:
3d:6f:e5:e2:79:5e:71:da:b2:9d:b7:be:0e:69:0e:
70:d3:fe:76:9f:dc:89:d4:ae:1e:a7:f1:d9:bb:ff:
0b:a6:03:b8:ab:0b:e8:14:6f:9b:4d:0f:4d:c3:66:
45:c6:e2:68:20:17:07:df:2a:df:06:a8:e3:bb:43:
2b:89:b5:ee:f0:40:fe:85:5b:64:72:e7:62:43:8c:
d3:e5:f0:96:f7:ad:2d:71:d0:66:04:65:99:ba:da:
26:3b:c9:55:1e:af:a5:c2:01:bc:58:04:79:c8:01:
a4:27:10:af:c2:96:60:36:f4:fd:5a:0d:be:f9:9f:
92:bd:d7:cb:56:fc:92:be:0a:d9:19:8c:3c:3c:af:
01:2b:3c:18:61:d6:e5:da:37:6e:2c:c2:80:fe:3c:
51:00:6b:a4:ce:94:8c:7d:65:42:d4:d8:45:03:f6:
72:99:fe:7d:2c:2c:e9:d7:8e:6c:fe:5b:41:87:d9:
fd:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:47:29:EB:F5:D4:B0:E0:DE:53:AC:8D:2E:96:D2:F6:4A:A0:06:97
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/k0cp6_XUsODeU6yNLpbS9kqgBpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.128.0/17
46.253.160.0/20
62.205.64.0/18
78.20.0.0/14
78.29.192.0/18
81.82.0.0/15
81.164.0.0/15
82.143.64.0/18
83.217.128.0/19
84.192.0.0/13
85.28.64.0/18
94.224.0.0/14
141.134.0.0/15
178.116.0.0/14
185.30.52.0/22
185.248.40.0/22
188.44.64.0/19
188.95.146.0/23
195.16.0.0/19
195.130.128.0/19
195.162.192.0/19
212.88.224.0/19
212.123.0.0/19
213.118.0.0/15
213.132.128.0/19
213.214.32.0/19
213.224.0.0/16
213.251.64.0/18
217.168.120.0/21
IPv6:
2a02:1800::/24
Signature Algorithm: sha256WithRSAEncryption
50:56:82:25:3f:a0:7c:d9:19:2e:e3:a7:95:68:7f:e5:26:14:
f4:f9:42:00:3a:f6:4b:8a:0e:78:59:9f:3b:39:a0:c7:6d:1f:
d9:de:c0:3b:96:7f:e6:88:32:d2:fe:b8:43:d2:1e:c2:27:1d:
07:e5:23:ea:26:41:01:ad:12:d1:b7:e1:f9:68:75:a4:b4:ad:
f1:f3:23:33:f8:ed:fd:18:67:83:03:cb:ea:06:91:d1:c9:49:
ed:d4:aa:d8:ac:25:ca:84:57:10:55:e9:98:6a:d6:34:f9:84:
f7:2d:cb:38:59:00:ca:09:d3:b5:d7:a0:6a:9e:c3:eb:7e:af:
87:9e:38:15:17:0f:26:de:5c:52:62:a7:e1:e9:88:bc:aa:42:
e2:fc:0d:ad:db:48:36:98:5e:96:04:33:51:36:20:40:dc:76:
6c:71:35:17:11:fe:f0:56:80:d3:9a:1f:70:b3:ff:de:f3:fe:
8d:b0:4c:81:d7:c5:42:a1:b4:16:4c:cc:5f:3d:33:6a:75:5a:
cb:83:13:ff:06:ea:ab:c4:d8:00:4e:63:a3:af:46:36:ab:f3:
a2:5f:c8:07:62:aa:b6:09:0f:bd:11:71:8d:16:7c:93:d5:ab:
fc:e6:e3:b4:e2:2e:6a:ea:02:9c:a3:d9:25:97:83:da:b9:3c:
e0:30:6d:9e
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIEDV2GGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTlkZjdkYzBlZDUxOGYxZWM2OTk3NGNmOThjZWNhYWRhMWE4NjgwMB4XDTIyMDQw
MjExMjcwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTM0NzI5ZWJmNWQ0
YjBlMGRlNTNhYzhkMmU5NmQyZjY0YWEwMDY5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/oenHDNaDN7DF/1TJ0SGaQigPxBY/Yc2WVFUAk4FTT0aDD
GJh/oEHsM85bu3ooFkx5ha86yJ3MWAVStUk7RIIRQivDrOMF1ZvWPW/l4nlecdqy
nbe+DmkOcNP+dp/cidSuHqfx2bv/C6YDuKsL6BRvm00PTcNmRcbiaCAXB98q3wao
47tDK4m17vBA/oVbZHLnYkOM0+XwlvetLXHQZgRlmbraJjvJVR6vpcIBvFgEecgB
pCcQr8KWYDb0/VoNvvmfkr3Xy1b8kr4K2RmMPDyvASs8GGHW5do3bizCgP48UQBr
pM6UjH1lQtTYRQP2cpn+fSws6deObP5bQYfZ/WUCAwEAAaOCArswggK3MB0GA1Ud
DgQWBBSTRynr9dSw4N5TrI0ultL2SqAGlzAfBgNVHSMEGDAWgBSZnffcDtUY8exp
l0z5jOyq2hqGgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21aMzMzQTdWR1BIc2FaZE0tWXpzcXRvYWhvQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvYmE4OGYyLTIxNWYtNGY4OS1hM2FmLTEzOGI3ODdkZTNlMy8x
L2swY3A2X1hVc09EZVU2eU5McGJTOWtxZ0JwYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
YmE4OGYyLTIxNWYtNGY4OS1hM2FmLTEzOGI3ODdkZTNlMy8xL21aMzMzQTdWR1BI
c2FaZE0tWXpzcXRvYWhvQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
0AYIKwYBBQUHAQcBAf8EgcAwgb0wgawEAgABMIGlAwQHBReAAwQELv2gAwQGPs1A
AwMCThQDBAZOHcADAwFRUgMDAVGkAwQGUo9AAwQFU9mAAwMDVMADBAZVHEADAwJe
4AMDAY2GAwMCsnQDBAK5HjQDBAK5+CgDBAW8LEADBAG8X5IDBAXDEAADBAXDgoAD
BAXDosADBAXUWOADBAXUewADAwHVdgMEBdWEgAMEBdXWIAMDANXgAwQG1ftAAwQD
2ah4MAwEAgACMAYDBAAqAhgwDQYJKoZIhvcNAQELBQADggEBAFBWgiU/oHzZGS7j
p5Vof+UmFPT5QgA69kuKDnhZnzs5oMdtH9newDuWf+aIMtL+uEPSHsInHQflI+om
QQGtEtG34flodaS0rfHzIzP47f0YZ4MDy+oGkdHJSe3UqtisJcqEVxBV6Zhq1jT5
hPctyzhZAMoJ07XXoGqew+t+r4eeOBUXDybeXFJip+HpiLyqQuL8Da3bSDaYXpYE
M1E2IEDcdmxxNRcR/vBWgNOaH3Cz/97z/o2wTIHXxUKhtBZMzF89M2p1WsuDE/8G
6qvE2ABOY6OvRjar86JfyAdiqrYJD70RcY0WfJPVq/zm47TiLmrqApyj2SWXg9q5
POAwbZ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:33 2024 by rpki-client on console-fra.rpki-client.org