Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/dbef17-9bb8-46bc-9343-cadf0ca1dd0d/1/KbQ0IKC80S9TUnYS_20zXHQS3nA.roa
File: KbQ0IKC80S9TUnYS_20zXHQS3nA.roa (raw, json)
Hash identifier: Em+EyIIbqWNmBV0FTrDpFkOxfuRF3B0npr9wGDiYTo0=
Subject key identifier: 29:B4:34:20:A0:BC:D1:2F:53:52:76:12:FF:6D:33:5C:74:12:DE:70
Certificate issuer: /CN=de286d03a373bd689ef04610a1c8ad8473ebddad
Certificate serial: 023FB6EE
Authority key identifier: DE:28:6D:03:A3:73:BD:68:9E:F0:46:10:A1:C8:AD:84:73:EB:DD:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ihtA6NzvWie8EYQocithHPr3a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/dbef17-9bb8-46bc-9343-cadf0ca1dd0d/1/KbQ0IKC80S9TUnYS_20zXHQS3nA.roa
Signing time: Sat 01 Jan 2022 12:01:58 +0000
ROA not before: Sat 01 Jan 2022 12:01:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201679
IP address blocks: 185.64.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37730030 (0x23fb6ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de286d03a373bd689ef04610a1c8ad8473ebddad
Validity
Not Before: Jan 1 12:01:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29b43420a0bcd12f53527612ff6d335c7412de70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:01:2d:ef:a4:9f:19:aa:48:60:67:5d:f8:52:
b9:85:fa:2c:0c:b4:1c:36:87:0b:6e:5a:db:73:c3:
0a:28:d2:39:88:42:77:bf:23:a3:bc:f2:c2:fb:68:
5a:86:e8:d0:7a:69:35:fc:a6:a0:0d:95:9e:3b:a3:
71:5e:4b:bb:24:82:f6:45:3c:1e:64:02:7c:6d:70:
15:ac:24:75:e2:08:55:27:15:3c:8f:c8:40:6d:4e:
63:51:dd:9f:54:c0:d2:92:04:88:be:eb:cd:d1:a6:
d9:1a:f5:c6:8e:50:11:01:66:03:1f:c0:fb:2d:71:
22:8a:e1:a3:22:65:b7:c2:5a:2d:0c:74:1c:06:b5:
0a:6b:21:db:87:dc:c6:c4:59:38:6f:10:2d:d6:94:
c4:cd:08:1d:f4:2f:29:ce:56:b8:79:6f:e7:34:bb:
00:bc:54:3f:e5:5c:91:2d:40:2e:0d:f7:09:ba:ae:
b1:b9:32:f3:2c:a5:ff:53:32:26:35:0f:94:80:f7:
d7:21:83:14:0f:01:7f:20:24:7b:0e:b5:8d:d6:1d:
f5:4a:a9:88:0b:af:d3:7c:29:b7:ee:a0:9f:e4:c4:
2b:89:a1:b8:eb:5f:96:93:90:79:32:b9:90:51:fc:
16:38:d8:e4:57:ce:ab:14:68:dc:6b:88:7d:fd:ee:
ad:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B4:34:20:A0:BC:D1:2F:53:52:76:12:FF:6D:33:5C:74:12:DE:70
X509v3 Authority Key Identifier:
keyid:DE:28:6D:03:A3:73:BD:68:9E:F0:46:10:A1:C8:AD:84:73:EB:DD:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ihtA6NzvWie8EYQocithHPr3a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/dbef17-9bb8-46bc-9343-cadf0ca1dd0d/1/KbQ0IKC80S9TUnYS_20zXHQS3nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/dbef17-9bb8-46bc-9343-cadf0ca1dd0d/1/3ihtA6NzvWie8EYQocithHPr3a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.132.0/22
Signature Algorithm: sha256WithRSAEncryption
25:0b:ef:de:9a:64:d0:3c:83:46:ea:1c:49:08:26:8d:5a:02:
33:a7:0a:ea:0b:c8:06:97:f7:04:af:1c:74:d5:75:6d:2a:19:
66:62:91:08:cb:77:45:02:6d:8a:3d:6e:83:ea:d0:31:94:97:
12:6e:8d:b3:04:6d:de:1a:21:9f:18:ce:0e:c5:88:46:3a:71:
27:5a:a3:e7:7e:52:26:18:d9:1b:3a:2b:46:09:dc:d0:55:60:
39:fc:a5:cd:d5:bd:a5:62:90:95:6b:58:60:36:61:36:03:c5:
2e:63:1a:73:d7:17:ad:70:5c:f3:ab:90:0c:44:45:c7:23:d0:
bc:0c:55:75:69:dc:b8:5a:31:1e:8f:e8:c8:cc:6a:ee:4e:5a:
e6:40:84:4d:20:7b:22:32:3b:01:e1:76:92:88:12:97:11:ff:
f6:bc:af:26:7b:07:14:35:95:13:e8:0f:1d:c4:d7:95:bb:ef:
0f:88:23:89:ca:25:16:64:a4:04:59:d5:49:e2:1b:7e:dd:42:
3c:87:d1:3e:4f:35:83:d3:06:bc:5d:d3:b5:c6:0e:fb:57:94:
e6:0e:de:7a:16:2b:61:fc:5f:71:27:b9:cb:6f:e2:5a:45:43:
db:b5:9a:20:ba:69:cf:34:f8:b6:4f:5d:dd:6d:da:49:a8:2c:
59:28:ce:65
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAj+27jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTI4NmQwM2EzNzNiZDY4OWVmMDQ2MTBhMWM4YWQ4NDczZWJkZGFkMB4XDTIyMDEw
MTEyMDE1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjliNDM0MjBhMGJj
ZDEyZjUzNTI3NjEyZmY2ZDMzNWM3NDEyZGU3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOsBLe+knxmqSGBnXfhSuYX6LAy0HDaHC25a23PDCijSOYhC
d78jo7zywvtoWobo0HppNfymoA2VnjujcV5LuySC9kU8HmQCfG1wFawkdeIIVScV
PI/IQG1OY1Hdn1TA0pIEiL7rzdGm2Rr1xo5QEQFmAx/A+y1xIorhoyJlt8JaLQx0
HAa1Cmsh24fcxsRZOG8QLdaUxM0IHfQvKc5WuHlv5zS7ALxUP+VckS1ALg33Cbqu
sbky8yyl/1MyJjUPlID31yGDFA8BfyAkew61jdYd9UqpiAuv03wpt+6gn+TEK4mh
uOtflpOQeTK5kFH8FjjY5FfOqxRo3GuIff3urRUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQptDQgoLzRL1NSdhL/bTNcdBLecDAfBgNVHSMEGDAWgBTeKG0Do3O9aJ7w
RhChyK2Ec+vdrTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNpaHRBNk56dldpZThFWVFvY2l0aEhQcjNhMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvZGJlZjE3LTliYjgtNDZiYy05MzQzLWNhZGYwY2ExZGQwZC8x
L0tiUTBJS0M4MFM5VFVuWVNfMjB6WEhRUzNuQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
ZGJlZjE3LTliYjgtNDZiYy05MzQzLWNhZGYwY2ExZGQwZC8xLzNpaHRBNk56dldp
ZThFWVFvY2l0aEhQcjNhMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlAhDANBgkqhkiG9w0BAQsFAAOC
AQEAJQvv3ppk0DyDRuocSQgmjVoCM6cK6gvIBpf3BK8cdNV1bSoZZmKRCMt3RQJt
ij1ug+rQMZSXEm6NswRt3hohnxjODsWIRjpxJ1qj535SJhjZGzorRgnc0FVgOfyl
zdW9pWKQlWtYYDZhNgPFLmMac9cXrXBc86uQDERFxyPQvAxVdWncuFoxHo/oyMxq
7k5a5kCETSB7IjI7AeF2kogSlxH/9ryvJnsHFDWVE+gPHcTXlbvvD4gjicolFmSk
BFnVSeIbft1CPIfRPk81g9MGvF3TtcYO+1eU5g7eehYrYfxfcSe5y2/iWkVD27Wa
ILppzzT4tk9d3W3aSagsWSjOZQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:41 2023 by rpki-client on console-fra.rpki-client.org