Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/1-KolETM_iVN0BYnAudM1fkUQ-UU.roa
File: 1-KolETM_iVN0BYnAudM1fkUQ-UU.roa (raw, json)
Hash identifier: jNAgH7GBBUDlMQuAsPhINGyqI8qR8X0pwRdmRjP9oEE=
Subject key identifier: F8:AA:25:11:33:3F:89:53:74:05:89:C0:B9:D3:35:7E:45:10:F9:45
Certificate issuer: /CN=73635ae36f2df4f68d3e572a313e1a18aa20b757
Certificate serial: 14418C08
Authority key identifier: 73:63:5A:E3:6F:2D:F4:F6:8D:3E:57:2A:31:3E:1A:18:AA:20:B7:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c2Na428t9PaNPlcqMT4aGKogt1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/1-KolETM_iVN0BYnAudM1fkUQ-UU.roa
Signing time: Tue 15 Feb 2022 17:32:26 +0000
ROA not before: Tue 15 Feb 2022 17:32:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49278
IP address blocks: 158.112.71.0/24 maxlen: 24
158.112.66.0/23 maxlen: 23
158.112.64.0/18 maxlen: 18
158.112.84.0/22 maxlen: 22
158.112.88.0/24 maxlen: 24
158.112.93.0/24 maxlen: 24
158.112.96.0/21 maxlen: 21
158.112.0.0/18 maxlen: 18
158.112.0.0/16 maxlen: 16
158.112.20.0/22 maxlen: 22
158.112.24.0/21 maxlen: 21
158.112.32.0/22 maxlen: 22
144.84.0.0/18 maxlen: 18
158.112.164.0/23 maxlen: 23
144.84.0.0/16 maxlen: 16
158.112.192.0/18 maxlen: 18
158.112.208.0/23 maxlen: 23
158.112.128.0/18 maxlen: 18
144.84.128.0/18 maxlen: 18
185.155.24.0/23 maxlen: 23
158.112.255.0/24 maxlen: 24
185.155.26.0/23 maxlen: 23
144.84.192.0/18 maxlen: 18
2a02:27b8:1112::/48 maxlen: 48
2a02:27ba:4000::/34 maxlen: 34
2a02:27b8:2003::/48 maxlen: 48
2a02:27b8:1::/48 maxlen: 48
2a02:27b8:2004::/48 maxlen: 48
2a02:27b8:2002::/48 maxlen: 48
2a02:27b8:1111::/48 maxlen: 48
2a02:27b8:2000::/48 maxlen: 48
2a02:27b8:4000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 339840008 (0x14418c08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73635ae36f2df4f68d3e572a313e1a18aa20b757
Validity
Not Before: Feb 15 17:32:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8aa2511333f8953740589c0b9d3357e4510f945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c1:3f:ee:47:4f:ed:0a:29:4e:ff:1a:8c:c8:
07:70:e3:4c:81:a4:e0:a4:d7:6f:12:8f:61:4a:e6:
34:07:a3:34:0b:31:10:84:04:77:ec:eb:a2:6a:91:
5f:60:2e:4b:53:40:79:40:55:09:a4:fa:d0:be:5e:
0f:1d:49:92:b9:b7:a9:6c:d8:17:0e:c0:d8:8b:b6:
00:29:5e:7b:86:1c:f9:52:6d:47:0f:30:6c:c3:4a:
07:a5:cf:7b:47:1f:cf:29:ab:2c:1b:69:84:51:85:
1b:42:b9:e9:a4:22:22:3f:8d:d0:94:ec:c5:7e:17:
bd:a2:e6:d5:d1:fd:d0:b0:de:79:78:97:17:20:8f:
21:e2:88:91:cc:2f:b1:8c:7f:00:e1:25:c0:b7:71:
b4:27:7d:09:d6:1e:1b:0e:5c:24:86:10:cb:e8:53:
c1:6c:dc:1e:36:36:72:13:d3:e1:e3:d9:69:b6:99:
26:b9:08:d4:8b:08:a7:77:5e:20:33:02:ec:b7:e9:
6d:54:c3:3a:4b:c7:32:55:cf:14:74:aa:a9:ce:1a:
44:62:a3:c7:d0:ba:b6:a9:5b:ad:19:06:b2:a9:48:
8a:af:a4:a7:79:82:ef:4e:8a:f5:cf:01:dc:3a:7a:
3f:52:98:ad:0d:78:d3:26:51:0c:15:71:9a:14:bf:
ad:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AA:25:11:33:3F:89:53:74:05:89:C0:B9:D3:35:7E:45:10:F9:45
X509v3 Authority Key Identifier:
keyid:73:63:5A:E3:6F:2D:F4:F6:8D:3E:57:2A:31:3E:1A:18:AA:20:B7:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2Na428t9PaNPlcqMT4aGKogt1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/1-KolETM_iVN0BYnAudM1fkUQ-UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/c2Na428t9PaNPlcqMT4aGKogt1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.84.0.0/16
158.112.0.0/16
185.155.24.0/22
IPv6:
2a02:27b8:1::/48
2a02:27b8:1111::-2a02:27b8:1112:ffff:ffff:ffff:ffff:ffff
2a02:27b8:2000::/48
2a02:27b8:2002::-2a02:27b8:2004:ffff:ffff:ffff:ffff:ffff
2a02:27b8:4000::/48
2a02:27ba:4000::/34
Signature Algorithm: sha256WithRSAEncryption
97:5b:e4:0c:27:b9:06:28:3b:8f:02:1a:a3:3c:ff:26:47:bd:
8f:f5:c4:24:bc:ec:7f:66:2c:c2:13:f3:dc:20:59:32:c3:56:
16:5d:fa:e8:63:57:20:bd:9c:d7:16:f8:09:9f:e3:ee:3d:25:
85:d2:00:02:4b:26:5b:21:7c:b3:67:bb:78:7f:c0:bf:4d:68:
95:b9:d3:1f:11:47:61:1e:c3:65:1a:f4:9b:1d:df:c5:8c:19:
96:d4:b0:aa:fe:6a:cf:0f:d3:ec:f4:80:96:b7:ee:e1:da:fe:
81:97:cc:96:86:09:d2:d2:5c:69:d1:e0:df:e9:ae:e5:0c:ea:
4d:f9:42:9e:3a:ce:be:c4:c1:b4:a1:be:d0:67:ca:3b:bf:bc:
06:a7:ed:cd:89:68:d3:32:7f:a3:d5:3b:c7:de:58:15:b7:7b:
4b:97:23:0d:b0:91:a6:24:a8:ad:6d:52:56:7b:ce:e5:a7:50:
6c:76:c1:5c:2f:56:63:a2:70:2c:3d:45:f4:6a:cc:43:a9:21:
28:5a:93:38:0e:f2:98:9b:5c:9d:ed:35:bd:79:39:0d:eb:ec:
ba:b5:6a:b6:63:5d:7c:37:2c:bf:68:66:0e:d6:30:e4:fd:6d:
46:5e:1a:d9:20:c5:25:a8:1f:03:ff:d2:22:9a:29:80:c1:3a:
3b:92:f1:14
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIEFEGMCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MzYzNWFlMzZmMmRmNGY2OGQzZTU3MmEzMTNlMWExOGFhMjBiNzU3MB4XDTIyMDIx
NTE3MzIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjhhYTI1MTEzMzNm
ODk1Mzc0MDU4OWMwYjlkMzM1N2U0NTEwZjk0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJnBP+5HT+0KKU7/GozIB3DjTIGk4KTXbxKPYUrmNAejNAsx
EIQEd+zromqRX2AuS1NAeUBVCaT60L5eDx1Jkrm3qWzYFw7A2Iu2AClee4Yc+VJt
Rw8wbMNKB6XPe0cfzymrLBtphFGFG0K56aQiIj+N0JTsxX4XvaLm1dH90LDeeXiX
FyCPIeKIkcwvsYx/AOElwLdxtCd9CdYeGw5cJIYQy+hTwWzcHjY2chPT4ePZabaZ
JrkI1IsIp3deIDMC7LfpbVTDOkvHMlXPFHSqqc4aRGKjx9C6tqlbrRkGsqlIiq+k
p3mC706K9c8B3Dp6P1KYrQ140yZRDBVxmhS/rWMCAwEAAaOCAmcwggJjMB0GA1Ud
DgQWBBT4qiURMz+JU3QFicC50zV+RRD5RTAfBgNVHSMEGDAWgBRzY1rjby309o0+
VyoxPhoYqiC3VzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2MyTmE0Mjh0OVBhTlBsY3FNVDRhR0tvZ3QxYy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvYzBkMjgxLWQ0MGQtNDBlMC05M2VhLTViYWUzNzVjZjg1YS8x
LzEtS29sRVRNX2lWTjBCWW5BdWRNMWZrVVEtVVUucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Zm
L2MwZDI4MS1kNDBkLTQwZTAtOTNlYS01YmFlMzc1Y2Y4NWEvMS9jMk5hNDI4dDlQ
YU5QbGNxTVQ0YUdLb2d0MWMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
fAYIKwYBBQUHAQcBAf8EbTBrMBYEAgABMBADAwCQVAMDAJ5wAwQCuZsYMFEEAgAC
MEsDBwAqAie4AAEwEgMHACoCJ7gREQMHACoCJ7gREgMHACoCJ7ggADASAwcBKgIn
uCACAwcAKgInuCAEAwcAKgInuEAAAwYGKgInukAwDQYJKoZIhvcNAQELBQADggEB
AJdb5AwnuQYoO48CGqM8/yZHvY/1xCS87H9mLMIT89wgWTLDVhZd+uhjVyC9nNcW
+Amf4+49JYXSAAJLJlshfLNnu3h/wL9NaJW50x8RR2Eew2Ua9Jsd38WMGZbUsKr+
as8P0+z0gJa37uHa/oGXzJaGCdLSXGnR4N/pruUM6k35Qp46zr7EwbShvtBnyju/
vAan7c2JaNMyf6PVO8feWBW3e0uXIw2wkaYkqK1tUlZ7zuWnUGx2wVwvVmOicCw9
RfRqzEOpIShakzgO8pibXJ3tNb15OQ3r7Lq1arZjXXw3LL9oZg7WMOT9bUZeGtkg
xSWoHwP/0iKaKYDBOjuS8RQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:56 2023 by rpki-client on console-ams.rpki-client.org