Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/kgcSFru_LyWxPJkC8xti54OCbLg.roa
File: kgcSFru_LyWxPJkC8xti54OCbLg.roa (raw, json)
Hash identifier: yq0lS6cCNBXQbpulTCv/QlcOEpAbhDKrHhNvw7Pv8PQ=
Subject key identifier: 92:07:12:16:BB:BF:2F:25:B1:3C:99:02:F3:1B:62:E7:83:82:6C:B8
Certificate issuer: /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial: 0185A5D8C35EB48A7DE5D591C630B7FC6756
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/kgcSFru_LyWxPJkC8xti54OCbLg.roa
Signing time: Thu 12 Jan 2023 11:58:44 +0000
ROA not before: Thu 12 Jan 2023 11:58:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14178
IP address blocks: 185.70.112.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:d8:c3:5e:b4:8a:7d:e5:d5:91:c6:30:b7:fc:67:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
Validity
Not Before: Jan 12 11:58:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92071216bbbf2f25b13c9902f31b62e783826cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5d:6f:a8:77:31:57:a3:6d:49:9a:b9:9f:9e:
e0:0f:9a:e4:c0:c0:5f:9a:21:38:1d:d2:f5:0e:80:
cf:eb:ac:da:b5:eb:fb:c4:57:1f:66:80:b6:b1:fe:
a6:51:8d:19:3c:17:1c:df:a2:88:44:46:f2:1a:a9:
05:8f:bd:06:47:d7:cb:74:68:b4:9b:7b:28:45:8c:
00:86:74:3d:df:37:85:f9:01:01:41:39:b1:90:78:
05:5d:01:b4:15:19:f4:40:e2:8f:f5:8b:a5:00:cc:
db:36:d7:c1:47:9c:46:f6:3a:a3:f6:dd:b6:3d:9b:
32:ed:23:fa:46:d7:29:e0:e6:9f:46:64:2d:9c:2e:
39:ff:b8:52:3c:c1:ce:4d:7d:cf:8a:87:0f:97:b2:
07:3f:2f:b9:cb:32:99:53:74:10:81:3f:d9:c8:df:
9f:82:9f:27:67:63:03:f6:48:26:57:d7:30:94:a7:
c2:12:23:0d:93:c4:c7:ef:50:59:4a:41:c0:90:36:
51:49:3c:93:8e:02:fc:55:4a:f7:b0:39:4a:00:ab:
84:e6:a3:32:77:d2:b9:7f:b9:9e:c5:e8:a4:89:98:
df:d2:d0:7c:d2:1c:ed:2a:c1:04:7a:dc:2f:bf:17:
30:3b:e3:5c:bb:3a:c4:fd:4c:d7:a7:0f:e3:08:63:
98:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:07:12:16:BB:BF:2F:25:B1:3C:99:02:F3:1B:62:E7:83:82:6C:B8
X509v3 Authority Key Identifier:
keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/kgcSFru_LyWxPJkC8xti54OCbLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.112.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:bf:b8:63:b2:69:f6:16:7c:50:15:ef:09:ea:75:72:9e:8c:
b7:dd:c5:3b:03:1f:2d:5b:e4:5e:9d:a1:27:11:4c:a6:26:23:
40:f5:87:d2:b5:f1:a5:aa:38:7c:44:3f:6e:c1:50:04:7e:60:
9c:74:38:68:41:05:d5:30:2f:98:4c:75:9b:2d:be:2f:de:f5:
12:2b:9b:52:70:ef:36:06:88:b2:15:d5:dd:56:c2:12:51:85:
2a:49:50:ef:37:9e:19:d6:55:b1:b0:92:24:92:ff:20:71:c0:
c9:9d:d5:1c:df:6a:bd:a0:63:51:4e:ba:be:ad:c8:df:41:72:
54:cb:70:52:a1:3a:88:57:b8:1d:ac:ff:65:1b:d7:40:74:1f:
cf:83:a5:31:91:f3:ef:12:f2:c0:28:de:f5:c7:23:df:e1:37:
d1:7e:1b:45:08:d3:1c:84:64:47:f3:21:f2:88:bc:a0:7d:af:
17:a8:74:85:ab:c3:22:a5:2f:e8:0f:b4:e1:a8:47:e5:42:c0:
d5:32:e2:db:64:e7:39:a9:7c:a0:63:ed:45:1c:65:f1:c4:50:
ca:71:c7:eb:ce:50:d0:63:b6:fc:b2:e9:5c:5a:64:ea:15:70:
e3:12:f8:d1:0a:ce:94:b1:c8:7b:6b:84:16:47:d7:6f:8c:b7:
8c:75:2c:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWl2MNetIp95dWRxjC3/GdWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjMwMTEyMTE1ODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjA3MTIxNmJiYmYyZjI1YjEzYzk5MDJmMzFiNjJlNzgzODI2Y2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvl1vqHcxV6NtSZq5n57gD5rkwMBf
miE4HdL1DoDP66zatev7xFcfZoC2sf6mUY0ZPBcc36KIREbyGqkFj70GR9fLdGi0
m3soRYwAhnQ93zeF+QEBQTmxkHgFXQG0FRn0QOKP9YulAMzbNtfBR5xG9jqj9t22
PZsy7SP6Rtcp4OafRmQtnC45/7hSPMHOTX3PiocPl7IHPy+5yzKZU3QQgT/ZyN+f
gp8nZ2MD9kgmV9cwlKfCEiMNk8TH71BZSkHAkDZRSTyTjgL8VUr3sDlKAKuE5qMy
d9K5f7mexeikiZjf0tB80hztKsEEetwvvxcwO+NcuzrE/UzXpw/jCGOYwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIHEha7vy8lsTyZAvMbYueDgmy4MB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEva2djU0ZydV9MeVd4UEprQzh4dGk1NE9DYkxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUZwMA0G
CSqGSIb3DQEBCwUAA4IBAQBrv7hjsmn2FnxQFe8J6nVynoy33cU7Ax8tW+RenaEn
EUymJiNA9YfStfGlqjh8RD9uwVAEfmCcdDhoQQXVMC+YTHWbLb4v3vUSK5tScO82
BoiyFdXdVsISUYUqSVDvN54Z1lWxsJIkkv8gccDJndUc32q9oGNRTrq+rcjfQXJU
y3BSoTqIV7gdrP9lG9dAdB/Pg6UxkfPvEvLAKN71xyPf4TfRfhtFCNMchGRH8yHy
iLygfa8XqHSFq8MipS/oD7ThqEflQsDVMuLbZOc5qXygY+1FHGXxxFDKccfrzlDQ
Y7b8sulcWmTqFXDjEvjRCs6Usch7a4QWR9dvjLeMdSza
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:39 2025 by rpki-client