Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/KJtw6zAMXop4SV0g5mxG7EKgvSg.roa
File: KJtw6zAMXop4SV0g5mxG7EKgvSg.roa (raw, json)
Hash identifier: somvcpdF0jbe7w2fXbXR5bOnLorgnAuXHrIx7wndQLg=
Subject key identifier: 28:9B:70:EB:30:0C:5E:8A:78:49:5D:20:E6:6C:46:EC:42:A0:BD:28
Certificate issuer: /CN=bd19d4535c7e62b921e859e6557b821f278e716a
Certificate serial: 018C8C15F551E0F6AC64A5B0402DF3A3BEF8
Authority key identifier: BD:19:D4:53:5C:7E:62:B9:21:E8:59:E6:55:7B:82:1F:27:8E:71:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/KJtw6zAMXop4SV0g5mxG7EKgvSg.roa
Signing time: Thu 21 Dec 2023 11:14:58 +0000
ROA not before: Thu 21 Dec 2023 11:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 185.23.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:15:f5:51:e0:f6:ac:64:a5:b0:40:2d:f3:a3:be:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd19d4535c7e62b921e859e6557b821f278e716a
Validity
Not Before: Dec 21 11:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=289b70eb300c5e8a78495d20e66c46ec42a0bd28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:50:82:03:43:75:72:8f:7f:cf:29:93:62:80:
3c:88:e0:52:0a:aa:99:3e:0f:0f:8a:eb:67:60:ee:
c4:31:0d:6e:fd:1a:97:02:69:55:59:db:a8:a4:81:
54:61:90:24:3e:a6:6c:81:2d:a8:2c:08:bc:a3:21:
40:5b:a8:89:cb:f0:5a:1b:26:c2:aa:8f:10:fa:5e:
2c:d9:39:3a:4e:c2:e9:cb:ac:d5:0d:92:49:bb:c5:
c2:a4:09:2c:55:10:84:d8:3a:d7:de:55:e3:b2:f3:
1e:ad:bc:9f:e3:ec:1e:f0:fb:ff:c1:6d:d1:58:e7:
6d:81:df:40:43:12:f5:d5:1b:e8:ad:54:4a:7b:de:
01:1e:97:8e:e6:8e:b2:b2:65:5e:a3:82:3e:4a:18:
bd:08:5c:fa:17:87:a2:f8:f2:0f:16:a4:9b:f0:6e:
6f:9d:64:6d:16:9f:ea:4e:a0:29:d3:87:c0:4c:ac:
6c:04:e9:73:f7:61:fb:a6:99:21:9d:37:f2:8e:85:
67:00:b6:18:9b:ae:5b:6c:10:8d:59:24:63:9e:3d:
a1:94:a9:f9:c5:ef:46:00:90:85:29:89:35:9d:fb:
f0:fb:e8:64:d4:e6:2a:73:9f:65:89:4c:01:c5:43:
a0:fd:04:57:a8:10:b3:b7:a4:58:20:60:f5:cb:2f:
30:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9B:70:EB:30:0C:5E:8A:78:49:5D:20:E6:6C:46:EC:42:A0:BD:28
X509v3 Authority Key Identifier:
keyid:BD:19:D4:53:5C:7E:62:B9:21:E8:59:E6:55:7B:82:1F:27:8E:71:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/KJtw6zAMXop4SV0g5mxG7EKgvSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.6.0/24
Signature Algorithm: sha256WithRSAEncryption
69:9f:d2:ec:88:5b:00:c2:18:50:b6:3d:6b:48:4d:d2:18:5d:
cc:a0:e8:c5:90:99:77:f7:d1:f1:3b:17:7d:0a:ec:07:13:17:
f5:ec:df:50:c0:dd:eb:78:5e:5d:13:8f:bc:ea:5c:74:35:bd:
8c:1e:ff:f4:35:8f:b7:a2:7b:73:f0:17:08:13:9d:0f:e6:42:
58:f4:69:e6:41:8f:44:dd:a7:8e:63:fc:d6:20:5b:ab:26:c3:
2a:9c:32:03:cd:56:57:32:e2:fb:cf:64:7b:13:39:7f:37:e6:
e9:1a:a9:5c:a5:f2:e5:fd:b7:dc:ec:57:30:f0:e4:11:1e:71:
2c:91:4b:63:0c:4c:0d:38:6c:5d:45:65:91:78:4b:92:cc:20:
87:21:76:bc:93:2c:0f:c5:8b:a0:71:4b:57:bc:42:c8:bf:35:
7e:fe:cc:aa:5d:d9:cb:3c:59:99:b5:4b:f0:8a:c9:91:07:7d:
5e:be:fd:01:ad:51:4b:5b:0d:2f:ea:93:87:b8:54:18:e4:9a:
42:d8:4c:1e:76:2a:cd:5b:f9:13:79:12:4c:c3:5d:c7:1f:cf:
39:e1:5e:84:0d:c8:ca:28:da:e0:4f:f8:06:69:4c:69:e3:13:
b0:3e:db:4e:f1:97:0e:78:3b:e9:99:5a:32:10:ea:77:24:de:
df:aa:a8:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyMFfVR4PasZKWwQC3zo774MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMTlkNDUzNWM3ZTYyYjkyMWU4NTllNjU1N2I4MjFmMjc4
ZTcxNmEwHhcNMjMxMjIxMTExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODliNzBlYjMwMGM1ZThhNzg0OTVkMjBlNjZjNDZlYzQyYTBiZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilCCA0N1co9/zymTYoA8iOBSCqqZ
Pg8PiutnYO7EMQ1u/RqXAmlVWduopIFUYZAkPqZsgS2oLAi8oyFAW6iJy/BaGybC
qo8Q+l4s2Tk6TsLpy6zVDZJJu8XCpAksVRCE2DrX3lXjsvMerbyf4+we8Pv/wW3R
WOdtgd9AQxL11RvorVRKe94BHpeO5o6ysmVeo4I+Shi9CFz6F4ei+PIPFqSb8G5v
nWRtFp/qTqAp04fATKxsBOlz92H7ppkhnTfyjoVnALYYm65bbBCNWSRjnj2hlKn5
xe9GAJCFKYk1nfvw++hk1OYqc59liUwBxUOg/QRXqBCzt6RYIGD1yy8wRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCibcOswDF6KeEldIOZsRuxCoL0oMB8GA1UdIwQY
MBaAFL0Z1FNcfmK5IehZ5lV7gh8njnFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlJuVVUxeC1ZcmtoNkZubVZYdUNIeWVPY1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yNTk5ZjktNmY3Ni00ZGI2LWJjYTct
YzEzMzFmNDlmYzA5LzEvS0p0dzZ6QU1Yb3A0U1YwZzVteEc3RUtndlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8yNTk5ZjktNmY3Ni00ZGI2LWJjYTctYzEzMzFmNDlmYzA5
LzEvdlJuVVUxeC1ZcmtoNkZubVZYdUNIeWVPY1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRcGMA0G
CSqGSIb3DQEBCwUAA4IBAQBpn9LsiFsAwhhQtj1rSE3SGF3MoOjFkJl399HxOxd9
CuwHExf17N9QwN3reF5dE4+86lx0Nb2MHv/0NY+3ontz8BcIE50P5kJY9GnmQY9E
3aeOY/zWIFurJsMqnDIDzVZXMuL7z2R7Ezl/N+bpGqlcpfLl/bfc7Fcw8OQRHnEs
kUtjDEwNOGxdRWWReEuSzCCHIXa8kywPxYugcUtXvELIvzV+/syqXdnLPFmZtUvw
ismRB31evv0BrVFLWw0v6pOHuFQY5JpC2EwedirNW/kTeRJMw13HH8854V6EDcjK
KNrgT/gGaUxp4xOwPttO8ZcOeDvpmVoyEOp3JN7fqqhN
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:09 2025 by rpki-client