Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/pKJGP887nicDmCKs3ST7L2YzEQw.roa
File: pKJGP887nicDmCKs3ST7L2YzEQw.roa (raw, json)
Hash identifier: 8DqZYacVnkHpIwpYgLImiTSk1kKBZ1eo/5T//NxMNx8=
Subject key identifier: A4:A2:46:3F:CF:3B:9E:27:03:98:22:AC:DD:24:FB:2F:66:33:11:0C
Certificate issuer: /CN=0d0874b333e35df14fd970e189581da093bc8093
Certificate serial: 01830D18D721D22B88AA11A9E1C31301A243
Authority key identifier: 0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/pKJGP887nicDmCKs3ST7L2YzEQw.roa
Signing time: Mon 05 Sep 2022 10:01:15 +0000
ROA not before: Mon 05 Sep 2022 10:01:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199496
IP address blocks: 185.13.76.0/22 maxlen: 32
95.129.248.0/21 maxlen: 32
185.65.156.0/22 maxlen: 32
185.249.76.0/22 maxlen: 32
185.235.220.0/22 maxlen: 32
2a00:83e0::/32 maxlen: 64
2a02:f4c0::/29 maxlen: 64
2a09:d00::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0d:18:d7:21:d2:2b:88:aa:11:a9:e1:c3:13:01:a2:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d0874b333e35df14fd970e189581da093bc8093
Validity
Not Before: Sep 5 10:01:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a4a2463fcf3b9e27039822acdd24fb2f6633110c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:27:84:39:a1:3b:9a:84:c7:09:e6:df:42:60:
7c:d1:12:71:b0:0d:b7:b7:83:a1:80:19:dd:79:bc:
43:ac:dd:2b:00:81:87:e5:f8:5d:b4:b7:4b:3b:bc:
b1:db:49:1e:d1:e8:c7:38:bf:95:ab:68:05:7c:30:
59:1f:cf:67:81:91:c3:b0:5c:f8:8f:ad:a3:8e:db:
98:16:c8:a9:81:c8:49:44:58:47:c8:69:07:5c:ca:
c0:26:d5:00:06:74:31:40:50:b0:fb:59:05:36:d1:
32:19:ec:51:13:dc:53:b6:72:b3:2b:26:83:3a:f0:
66:38:c8:2b:6a:9c:d8:ba:8b:8c:e1:3a:4a:89:aa:
b6:1a:02:e2:b0:ea:e5:81:ea:3c:27:29:21:4c:06:
57:f0:29:bd:3d:4c:b6:28:7e:13:77:31:61:f9:ad:
2f:0a:df:66:ae:14:b0:05:9b:cb:8a:b0:2a:f7:0f:
00:e8:12:4d:49:98:f3:fd:38:24:51:25:c6:69:79:
95:75:78:dc:b0:12:f8:6e:ac:01:fd:d2:a7:a0:16:
97:fd:b8:40:16:3c:84:35:aa:4e:79:3f:28:62:19:
d1:ca:09:d0:8d:e8:65:5d:76:40:bd:df:a3:41:ef:
d9:c2:5c:bc:74:4f:ce:d0:d6:b6:af:8c:c6:51:62:
c3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:A2:46:3F:CF:3B:9E:27:03:98:22:AC:DD:24:FB:2F:66:33:11:0C
X509v3 Authority Key Identifier:
keyid:0D:08:74:B3:33:E3:5D:F1:4F:D9:70:E1:89:58:1D:A0:93:BC:80:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQh0szPjXfFP2XDhiVgdoJO8gJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/pKJGP887nicDmCKs3ST7L2YzEQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/b039bc-213b-457c-96ae-3181db911a13/1/DQh0szPjXfFP2XDhiVgdoJO8gJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.248.0/21
185.13.76.0/22
185.65.156.0/22
185.235.220.0/22
185.249.76.0/22
IPv6:
2a00:83e0::/32
2a02:f4c0::/29
2a09:d00::/29
Signature Algorithm: sha256WithRSAEncryption
9c:2f:54:e4:06:9b:06:fe:65:0a:1b:a5:78:64:37:70:c7:4d:
09:16:c2:f2:46:c6:f2:71:65:bd:c3:2d:83:e8:df:c0:e6:fe:
f8:c2:2c:b8:f9:ca:d5:94:fa:95:51:a7:34:b7:bf:ee:22:17:
57:75:84:68:a9:4b:62:91:0c:96:89:53:80:ed:9d:29:f5:c0:
59:e4:15:a0:5d:16:b0:d4:1c:0b:38:92:1f:f3:2e:8c:a6:0d:
66:fb:b6:70:45:f3:80:cf:56:91:bf:2b:33:87:c5:c1:c4:f7:
ed:1f:19:f2:78:eb:d1:67:ce:d0:f8:05:94:07:81:39:f1:23:
f5:34:da:78:a9:1d:ca:f7:ad:7a:db:14:bf:8e:dd:cb:86:a3:
01:fa:15:db:be:0c:c3:9f:27:11:a0:59:d6:5e:c4:2b:e3:b3:
71:01:f8:04:33:a2:ed:88:d4:56:55:67:7e:5a:47:0f:9a:85:
82:b0:d1:2c:ec:f1:7a:89:a1:f5:02:56:cc:a1:a4:f3:81:10:
32:75:f0:81:cc:06:ac:95:a1:aa:f0:65:84:bd:80:ad:e1:fe:
b9:a5:66:06:ea:7e:b3:ab:67:13:03:94:92:aa:41:7f:64:df:
db:b5:94:2d:d1:62:9e:7b:85:37:be:a4:82:c4:e5:eb:a1:57:
7e:3f:13:4d
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYMNGNch0iuIqhGp4cMTAaJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMDg3NGIzMzNlMzVkZjE0ZmQ5NzBlMTg5NTgxZGEwOTNi
YzgwOTMwHhcNMjIwOTA1MTAwMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGEyNDYzZmNmM2I5ZTI3MDM5ODIyYWNkZDI0ZmIyZjY2MzMxMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyeEOaE7moTHCebfQmB80RJxsA23
t4OhgBndebxDrN0rAIGH5fhdtLdLO7yx20ke0ejHOL+Vq2gFfDBZH89ngZHDsFz4
j62jjtuYFsipgchJRFhHyGkHXMrAJtUABnQxQFCw+1kFNtEyGexRE9xTtnKzKyaD
OvBmOMgrapzYuouM4TpKiaq2GgLisOrlgeo8JykhTAZX8Cm9PUy2KH4TdzFh+a0v
Ct9mrhSwBZvLirAq9w8A6BJNSZjz/TgkUSXGaXmVdXjcsBL4bqwB/dKnoBaX/bhA
FjyENapOeT8oYhnRygnQjehlXXZAvd+jQe/Zwly8dE/O0Na2r4zGUWLDPwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFKSiRj/PO54nA5girN0k+y9mMxEMMB8GA1UdIwQY
MBaAFA0IdLMz413xT9lw4YlYHaCTvICTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUt
MzE4MWRiOTExYTEzLzEvcEtKR1A4ODduaWNEbUNLczNTVDdMMll6RVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9iMDM5YmMtMjEzYi00NTdjLTk2YWUtMzE4MWRiOTExYTEz
LzEvRFFoMHN6UGpYZkZQMlhEaGlWZ2RvSk84Z0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQDX4H4AwQC
uQ1MAwQCuUGcAwQCuevcAwQCuflMMBsEAgACMBUDBQAqAIPgAwUDKgL0wAMFAyoJ
DQAwDQYJKoZIhvcNAQELBQADggEBAJwvVOQGmwb+ZQobpXhkN3DHTQkWwvJGxvJx
Zb3DLYPo38Dm/vjCLLj5ytWU+pVRpzS3v+4iF1d1hGipS2KRDJaJU4DtnSn1wFnk
FaBdFrDUHAs4kh/zLoymDWb7tnBF84DPVpG/KzOHxcHE9+0fGfJ469FnztD4BZQH
gTnxI/U02nipHcr3rXrbFL+O3cuGowH6Fdu+DMOfJxGgWdZexCvjs3EB+AQzou2I
1FZVZ35aRw+ahYKw0Szs8XqJofUCVsyhpPOBEDJ18IHMBqyVoarwZYS9gK3h/rml
ZgbqfrOrZxMDlJKqQX9k39u1lC3RYp57hTe+pILE5euhV34/E00=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:28 2023 by rpki-client on console.sobornost.net