Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/KrT8LYAQRUqk5JARfVzJ89NvbHg.roa
File: KrT8LYAQRUqk5JARfVzJ89NvbHg.roa (raw, json)
Hash identifier: 54p2JXJ/Qd95+CtYLO9Dek4xLfGWrRqbBC6D6AHK8I8=
Subject key identifier: 2A:B4:FC:2D:80:10:45:4A:A4:E4:90:11:7D:5C:C9:F3:D3:6F:6C:78
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 36317BC0
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/KrT8LYAQRUqk5JARfVzJ89NvbHg.roa
Signing time: Sat 01 Jan 2022 06:00:20 +0000
ROA not before: Sat 01 Jan 2022 06:00:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200088
IP address blocks: 94.228.122.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 909212608 (0x36317bc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Jan 1 06:00:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ab4fc2d8010454aa4e490117d5cc9f3d36f6c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a3:34:6f:ca:7f:d1:28:01:c1:97:7b:8a:31:
bc:9f:60:9d:0a:35:4b:3e:53:88:ac:65:8f:c0:6b:
40:00:6f:e2:de:81:6e:c0:b5:c2:5d:ec:bc:e7:ad:
7a:2d:17:e6:b8:2a:1a:34:90:c0:39:12:fe:c9:12:
9b:f5:8e:bd:c9:5f:c1:70:29:90:2f:a4:32:e0:e7:
0b:6b:31:7b:ba:ad:7a:1d:59:2b:45:9a:e8:9f:77:
83:60:ad:e6:9b:64:9e:7b:51:ab:22:f4:cd:e2:91:
8e:19:7e:4a:78:8f:b5:19:d1:03:84:4d:36:1c:14:
b7:9d:18:30:25:f1:f1:45:99:48:7b:c3:db:84:51:
74:1b:b2:ee:a7:6c:de:47:6d:0a:71:93:16:02:4d:
54:31:52:47:da:ec:9f:f8:6e:cb:33:bd:ca:8f:47:
77:d5:21:ef:7d:f4:4d:c7:cb:0b:48:85:f3:5f:62:
1d:2e:61:79:14:e8:54:bf:98:e7:38:18:36:0f:ec:
3f:d8:e2:5d:94:2b:29:9a:bd:a2:cb:f4:be:5b:09:
48:b6:93:f3:b3:5e:31:3e:00:bf:9e:d1:b2:44:75:
2e:88:f8:06:34:83:3e:4b:01:7b:35:ee:b3:da:ef:
e1:01:fe:58:05:f8:3b:d5:a6:08:8f:15:3d:eb:a5:
e1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B4:FC:2D:80:10:45:4A:A4:E4:90:11:7D:5C:C9:F3:D3:6F:6C:78
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/KrT8LYAQRUqk5JARfVzJ89NvbHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.249.50.0/24
94.228.122.0/24
185.104.112.0/24
217.25.95.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
41:d9:67:d8:e3:9a:5a:24:42:be:0e:be:3b:61:0e:90:7a:6f:
e0:c8:36:fa:85:55:c0:df:14:0c:40:44:4f:28:48:ba:45:d9:
76:50:68:90:01:67:15:8f:a4:be:36:be:bf:1b:c3:75:29:0c:
84:e5:60:32:7e:08:9c:2e:e4:2e:a4:15:90:c1:58:d3:da:77:
65:03:81:f3:fe:01:80:18:8e:10:2b:b8:0c:50:5d:07:6a:3a:
e5:4a:a4:d3:4f:7f:d2:57:13:be:b7:4e:32:c8:f0:53:bd:fe:
e7:0a:83:0b:94:5a:de:3d:ba:7b:d2:52:1f:ba:59:e2:97:4d:
20:7a:78:d5:04:6f:a1:fb:e5:83:73:8c:14:18:cc:79:37:26:
bb:ed:2e:d0:b6:4c:35:65:8c:bf:1b:8a:92:3b:d7:cf:15:47:
6f:da:ac:20:eb:46:ac:33:15:5e:f6:2d:d2:10:aa:cf:62:7d:
12:45:07:86:38:2c:dd:dd:63:08:6d:ae:15:87:3e:30:d6:fa:
88:34:8c:c9:70:0c:a8:32:65:0f:e0:f2:33:87:a6:c0:b5:64:
64:94:45:ac:2a:f9:21:31:96:e9:9a:d8:57:18:43:d7:2a:61:
9f:65:24:59:57:3e:4e:aa:65:89:b0:19:d4:0a:ef:95:6c:4b:
25:89:ab:f4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIENjF7wDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTYwYjJiMWM4MjlkODg5MzZiMWFkYWVlYzk3ZmRkMWI0MGQ0MWU1MB4XDTIyMDEw
MTA2MDAyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFiNGZjMmQ4MDEw
NDU0YWE0ZTQ5MDExN2Q1Y2M5ZjNkMzZmNmM3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyjNG/Kf9EoAcGXe4oxvJ9gnQo1Sz5TiKxlj8BrQABv4t6B
bsC1wl3svOetei0X5rgqGjSQwDkS/skSm/WOvclfwXApkC+kMuDnC2sxe7qteh1Z
K0Wa6J93g2Ct5ptknntRqyL0zeKRjhl+SniPtRnRA4RNNhwUt50YMCXx8UWZSHvD
24RRdBuy7qds3kdtCnGTFgJNVDFSR9rsn/huyzO9yo9Hd9Uh7330TcfLC0iF819i
HS5heRToVL+Y5zgYNg/sP9jiXZQrKZq9osv0vlsJSLaT87NeMT4Av57RskR1Loj4
BjSDPksBezXus9rv4QH+WAX4O9WmCI8VPeul4WMCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQqtPwtgBBFSqTkkBF9XMnz029seDAfBgNVHSMEGDAWgBQhYLKxyCnYiTax
ra7sl/3RtA1B5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lXQ3lzY2dwMklrMnNhMnU3SmY5MGJRTlFlVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvZGIxZTIwLWRjMzYtNDg4ZC05MWExLTNkZjdmYWYzNTM1ZC8x
L0tyVDhMWUFRUlVxazVKQVJmVnpKODlOdmJIZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
ZGIxZTIwLWRjMzYtNDg4ZC05MWExLTNkZjdmYWYzNTM1ZC8xL0lXQ3lzY2dwMklr
MnNhMnU3SmY5MGJRTlFlVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEAFf5MgMEAF7kegMEALlocAMEANkZ
XzAPBAIAAjAJAwcAKgNvAAAIMA0GCSqGSIb3DQEBCwUAA4IBAQBB2WfY45paJEK+
Dr47YQ6Qem/gyDb6hVXA3xQMQERPKEi6Rdl2UGiQAWcVj6S+Nr6/G8N1KQyE5WAy
fgicLuQupBWQwVjT2ndlA4Hz/gGAGI4QK7gMUF0HajrlSqTTT3/SVxO+t04yyPBT
vf7nCoMLlFrePbp70lIfulnil00genjVBG+h++WDc4wUGMx5Nya77S7Qtkw1ZYy/
G4qSO9fPFUdv2qwg60asMxVe9i3SEKrPYn0SRQeGOCzd3WMIba4Vhz4w1vqINIzJ
cAyoMmUP4PIzh6bAtWRklEWsKvkhMZbpmthXGEPXKmGfZSRZVz5OqmWJsBnUCu+V
bEsliav0
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:40 2023 by rpki-client on console-ams.rpki-client.org