Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KCQxWh6NTJmEZekt6HtfldkBOR4.roa
File: KCQxWh6NTJmEZekt6HtfldkBOR4.roa (raw, json)
Hash identifier: iFYTTkA0tp4Jsgf8JwWLqJNuavDJJOvCk2Qr8+IOVxo=
Subject key identifier: 28:24:31:5A:1E:8D:4C:99:84:65:E9:2D:E8:7B:5F:95:D9:01:39:1E
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 05475884
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KCQxWh6NTJmEZekt6HtfldkBOR4.roa
Signing time: Fri 20 May 2022 07:59:29 +0000
ROA not before: Fri 20 May 2022 07:59:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25211
IP address blocks: 85.239.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88561796 (0x5475884)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: May 20 07:59:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2824315a1e8d4c998465e92de87b5f95d901391e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3c:6e:dc:60:6c:3b:64:5b:ca:2a:d3:60:cd:
1b:44:e3:3c:69:79:3e:1b:96:d4:03:13:aa:1e:7c:
11:fb:e9:4a:bc:51:c7:4d:db:02:11:87:bf:51:f5:
01:6d:c6:cd:57:f1:57:6d:62:c6:e1:33:11:01:3f:
79:94:dc:33:70:ae:3b:65:a2:60:fe:27:fd:d4:74:
74:cd:8e:52:41:fe:0c:2e:11:70:8b:6d:c1:f2:5d:
08:b3:fd:79:ba:60:c0:c4:2f:ca:98:37:b5:b4:6a:
b2:29:70:ef:ad:0e:e9:b3:c3:16:40:fc:8a:37:6a:
99:fc:6c:f8:14:88:66:64:9c:47:70:69:eb:10:e3:
0c:5c:ba:bf:30:e8:9d:99:d5:b2:12:b0:e9:ed:67:
14:f6:9e:4d:0a:1f:7c:13:fb:34:bf:27:41:2e:07:
dd:84:ec:0b:f7:b1:b7:1d:2a:a9:47:91:a1:ad:ae:
09:86:35:cb:6d:cb:11:cb:b9:ff:2f:ff:1c:28:80:
b1:9e:a6:6d:cb:b3:d7:6b:42:cc:ce:08:78:cb:cd:
83:47:3b:76:60:07:7d:e5:ea:e3:cc:2f:d6:a7:b5:
d9:06:21:83:8c:4e:82:4c:93:72:1a:c5:39:46:64:
06:91:b1:65:4c:99:29:de:1d:d7:5c:3a:54:f8:c2:
4e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:24:31:5A:1E:8D:4C:99:84:65:E9:2D:E8:7B:5F:95:D9:01:39:1E
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KCQxWh6NTJmEZekt6HtfldkBOR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.150.0/24
Signature Algorithm: sha256WithRSAEncryption
39:bd:6c:ba:36:71:45:e5:88:88:66:7c:94:65:b6:cb:40:eb:
f6:5b:8e:ef:d8:df:86:6e:68:ac:9d:31:29:bb:b6:c0:40:de:
0b:57:2c:ad:2b:e4:02:53:00:75:0a:9a:41:7c:ab:7b:e0:d2:
d8:6e:a0:60:78:2c:06:60:d4:b1:b3:cc:32:57:27:28:97:f3:
ff:93:d3:66:24:40:ba:db:15:10:59:75:e7:6b:33:22:8c:d5:
63:64:00:b2:d4:dd:21:26:ea:b8:23:0b:17:90:38:9a:58:f3:
21:1e:5b:1c:0c:ce:58:f0:9e:b2:58:71:6d:c6:c5:fe:85:72:
fc:b1:a1:71:51:f9:78:2e:80:67:06:b2:a0:96:7f:4d:50:c7:
44:be:34:44:44:6e:1e:4e:f0:dd:01:56:40:34:e1:e7:86:e3:
7c:cf:63:6d:74:68:a9:83:22:32:ad:54:17:cc:b0:dd:8e:90:
90:90:e9:5f:5b:bf:7c:c3:43:d8:1f:d8:77:95:f7:04:03:d6:
5e:26:50:86:d4:7e:e4:b3:c7:c8:55:4b:a0:34:40:5b:da:7c:
a8:7b:f8:2c:98:4f:6e:1d:db:bb:5f:8f:35:6b:7a:19:94:04:
e7:bd:7b:82:18:55:28:4a:99:6a:c7:5d:36:2a:ea:78:9c:3d:
17:82:eb:6a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBUdYhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWQyZGFmZjFjNWJiNjFhMGFjOGIzY2FlYWQ0YjhhMWZhMjg0ZDBmMB4XDTIyMDUy
MDA3NTkyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjgyNDMxNWExZThk
NGM5OTg0NjVlOTJkZTg3YjVmOTVkOTAxMzkxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJo8btxgbDtkW8oq02DNG0TjPGl5PhuW1AMTqh58EfvpSrxR
x03bAhGHv1H1AW3GzVfxV21ixuEzEQE/eZTcM3CuO2WiYP4n/dR0dM2OUkH+DC4R
cIttwfJdCLP9ebpgwMQvypg3tbRqsilw760O6bPDFkD8ijdqmfxs+BSIZmScR3Bp
6xDjDFy6vzDonZnVshKw6e1nFPaeTQoffBP7NL8nQS4H3YTsC/extx0qqUeRoa2u
CYY1y23LEcu5/y//HCiAsZ6mbcuz12tCzM4IeMvNg0c7dmAHfeXq48wv1qe12QYh
g4xOgkyTchrFOUZkBpGxZUyZKd4d11w6VPjCTucCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQoJDFaHo1MmYRl6S3oe1+V2QE5HjAfBgNVHSMEGDAWgBQp0tr/HFu2GgrI
s8rq1Lih+ihNDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tkTGFfeHhidGhvS3lMUEs2dFM0b2Zvb1RROC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8x
L0tDUXhXaDZOVEptRVpla3Q2SHRmbGRrQk9SNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8xL0tkTGFfeHhidGhv
S3lMUEs2dFM0b2Zvb1RROC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXvljANBgkqhkiG9w0BAQsFAAOC
AQEAOb1sujZxReWIiGZ8lGW2y0Dr9luO79jfhm5orJ0xKbu2wEDeC1csrSvkAlMA
dQqaQXyre+DS2G6gYHgsBmDUsbPMMlcnKJfz/5PTZiRAutsVEFl152szIozVY2QA
stTdISbquCMLF5A4mljzIR5bHAzOWPCeslhxbcbF/oVy/LGhcVH5eC6AZwayoJZ/
TVDHRL40RERuHk7w3QFWQDTh54bjfM9jbXRoqYMiMq1UF8yw3Y6QkJDpX1u/fMND
2B/Yd5X3BAPWXiZQhtR+5LPHyFVLoDRAW9p8qHv4LJhPbh3bu1+PNWt6GZQE5717
ghhVKEqZasddNirqeJw9F4Lrag==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:35 2025 by rpki-client