Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/kjxI-IzVvEGBFMmFC9ORt4x7LUo.roa
File: kjxI-IzVvEGBFMmFC9ORt4x7LUo.roa (raw, json)
Hash identifier: VjwHLc7wRd3mu0ARePDvP+v+IoaCVG7e0UE/texiUFE=
Subject key identifier: 92:3C:48:F8:8C:D5:BC:41:81:14:C9:85:0B:D3:91:B7:8C:7B:2D:4A
Certificate issuer: /CN=82e5fbc3ea525a78c630c4da864ba9a60e199bff
Certificate serial: 018573FDD1AF0EAACFA34233AC436473A1D0
Authority key identifier: 82:E5:FB:C3:EA:52:5A:78:C6:30:C4:DA:86:4B:A9:A6:0E:19:9B:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/guX7w-pSWnjGMMTahkuppg4Zm_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/kjxI-IzVvEGBFMmFC9ORt4x7LUo.roa
Signing time: Mon 02 Jan 2023 19:38:12 +0000
ROA not before: Mon 02 Jan 2023 19:38:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12565
IP address blocks: 91.211.164.0/24 maxlen: 24
91.211.164.0/22 maxlen: 22
91.211.166.0/24 maxlen: 24
91.211.165.0/24 maxlen: 24
91.211.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:fd:d1:af:0e:aa:cf:a3:42:33:ac:43:64:73:a1:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82e5fbc3ea525a78c630c4da864ba9a60e199bff
Validity
Not Before: Jan 2 19:38:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=923c48f88cd5bc418114c9850bd391b78c7b2d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a9:67:14:cb:64:ec:db:7b:08:d6:a4:73:c7:
76:87:04:17:2b:4f:b0:e6:b7:1d:a2:a3:65:96:6d:
5d:41:16:3d:f9:d4:a0:5f:52:52:21:09:80:b4:64:
8c:62:4f:22:18:8a:99:f8:7c:d4:3f:82:07:ea:1c:
12:ca:4a:24:83:f2:ed:ec:c9:a2:b1:88:1a:23:a9:
17:d1:2c:35:35:30:b9:eb:43:08:af:d4:7c:72:d6:
d5:86:cd:e3:89:b3:9c:a6:c0:c4:f7:2c:c4:60:2e:
2a:3a:de:3f:c6:22:bb:d5:23:47:48:0f:e3:66:4e:
34:93:9c:d1:6f:3d:0d:96:fd:11:5e:60:29:3d:00:
b7:a4:af:06:42:e7:0c:a9:f3:9c:e5:71:a1:d9:65:
bf:9e:c6:c2:c9:6c:0b:45:68:34:d8:9f:8e:cb:a8:
29:24:29:00:d0:9d:cb:99:8b:e1:67:0a:ba:8b:8e:
2a:b1:d5:d5:b6:ac:07:2e:6c:bb:0b:1d:61:33:98:
6d:3b:de:ef:94:a7:dc:c1:61:60:c1:93:2d:37:fb:
b5:34:02:27:2e:70:49:37:64:ce:cc:b1:c1:21:b0:
7e:ed:ee:1c:85:0a:32:99:ca:ae:8a:05:5c:46:14:
30:cf:d5:f4:c2:a9:4a:e4:ef:60:b5:29:d1:27:78:
c4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:3C:48:F8:8C:D5:BC:41:81:14:C9:85:0B:D3:91:B7:8C:7B:2D:4A
X509v3 Authority Key Identifier:
keyid:82:E5:FB:C3:EA:52:5A:78:C6:30:C4:DA:86:4B:A9:A6:0E:19:9B:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/guX7w-pSWnjGMMTahkuppg4Zm_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/kjxI-IzVvEGBFMmFC9ORt4x7LUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/2ece26-1781-455e-80b3-93dd6507488e/1/guX7w-pSWnjGMMTahkuppg4Zm_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.164.0/22
Signature Algorithm: sha256WithRSAEncryption
19:0b:54:df:a0:3c:1c:9f:db:d0:c1:6d:19:7c:64:23:9e:39:
f4:66:37:d2:65:2b:d0:68:42:52:30:4e:95:43:37:fc:83:7d:
3e:b9:f4:83:7b:af:85:7e:0a:98:be:ff:d2:bf:a6:aa:0e:54:
08:af:5c:62:d5:ba:f4:f2:3f:ad:56:a2:52:fd:cc:4d:b2:d8:
c6:76:df:b0:03:88:da:5b:45:d1:0a:fe:b3:fc:b2:fc:08:67:
9f:d5:16:04:9d:0f:e3:23:a8:5d:db:ff:03:42:4e:25:2b:f8:
c6:f2:a4:9f:f6:c6:0b:99:c2:9a:32:fd:68:1f:f2:68:67:da:
73:8a:c8:04:c3:08:23:49:b7:d4:3d:2b:4f:1c:f9:5f:c2:08:
f0:50:3c:10:53:0e:4d:98:a0:b0:4f:f4:29:63:b5:d9:8f:a9:
c7:91:8c:e2:3d:37:89:41:ac:ae:d1:11:ec:f8:e7:3c:be:39:
15:e3:ce:9c:38:c1:7a:ae:e5:96:26:b8:3c:5f:ea:ca:df:1d:
5c:de:49:8e:8e:b3:73:f0:18:38:a9:cf:57:29:bf:1e:83:af:
a2:00:75:f8:cc:d2:c0:76:d6:b9:ab:eb:fa:a5:51:c5:35:1f:
d6:3d:61:a6:35:ec:59:9b:68:07:d0:7e:8e:a6:26:1e:09:df:
ac:c5:17:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVz/dGvDqrPo0IzrENkc6HQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZTVmYmMzZWE1MjVhNzhjNjMwYzRkYTg2NGJhOWE2MGUx
OTliZmYwHhcNMjMwMTAyMTkzODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjNjNDhmODhjZDViYzQxODExNGM5ODUwYmQzOTFiNzhjN2IyZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKlnFMtk7Nt7CNakc8d2hwQXK0+w
5rcdoqNllm1dQRY9+dSgX1JSIQmAtGSMYk8iGIqZ+HzUP4IH6hwSykokg/Lt7Mmi
sYgaI6kX0Sw1NTC560MIr9R8ctbVhs3jibOcpsDE9yzEYC4qOt4/xiK71SNHSA/j
Zk40k5zRbz0Nlv0RXmApPQC3pK8GQucMqfOc5XGh2WW/nsbCyWwLRWg02J+Oy6gp
JCkA0J3LmYvhZwq6i44qsdXVtqwHLmy7Cx1hM5htO97vlKfcwWFgwZMtN/u1NAIn
LnBJN2TOzLHBIbB+7e4chQoymcquigVcRhQwz9X0wqlK5O9gtSnRJ3jEjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJI8SPiM1bxBgRTJhQvTkbeMey1KMB8GA1UdIwQY
MBaAFILl+8PqUlp4xjDE2oZLqaYOGZv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3VYN3ctcFNXbmpHTU1UYWhrdXBwZzRabV84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8yZWNlMjYtMTc4MS00NTVlLTgwYjMt
OTNkZDY1MDc0ODhlLzEva2p4SS1JelZ2RUdCRk1tRkM5T1J0NHg3TFVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8yZWNlMjYtMTc4MS00NTVlLTgwYjMtOTNkZDY1MDc0ODhl
LzEvZ3VYN3ctcFNXbmpHTU1UYWhrdXBwZzRabV84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9OkMA0G
CSqGSIb3DQEBCwUAA4IBAQAZC1TfoDwcn9vQwW0ZfGQjnjn0ZjfSZSvQaEJSME6V
Qzf8g30+ufSDe6+FfgqYvv/Sv6aqDlQIr1xi1br08j+tVqJS/cxNstjGdt+wA4ja
W0XRCv6z/LL8CGef1RYEnQ/jI6hd2/8DQk4lK/jG8qSf9sYLmcKaMv1oH/JoZ9pz
isgEwwgjSbfUPStPHPlfwgjwUDwQUw5NmKCwT/QpY7XZj6nHkYziPTeJQayu0RHs
+Oc8vjkV486cOMF6ruWWJrg8X+rK3x1c3kmOjrNz8Bg4qc9XKb8eg6+iAHX4zNLA
dta5q+v6pVHFNR/WPWGmNexZm2gH0H6OpiYeCd+sxRcB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:36 2025 by rpki-client