Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KoeZnoZJkzcNnrSG-PAWPOJuAl8.roa
File: KoeZnoZJkzcNnrSG-PAWPOJuAl8.roa (raw, json)
Hash identifier: mGuUK3Nec7cg8H6JQocc0+5qwG6eplJBCvejOy2tBCk=
Subject key identifier: 2A:87:99:9E:86:49:93:37:0D:9E:B4:86:F8:F0:16:3C:E2:6E:02:5F
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01847553E6AE0EBB6F3CC16CD211A4C04C94
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KoeZnoZJkzcNnrSG-PAWPOJuAl8.roa
Signing time: Mon 14 Nov 2022 08:49:03 +0000
ROA not before: Mon 14 Nov 2022 08:49:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 109.203.160.0/22 maxlen: 24
37.49.144.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:53:e6:ae:0e:bb:6f:3c:c1:6c:d2:11:a4:c0:4c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 14 08:49:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a87999e864993370d9eb486f8f0163ce26e025f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a7:12:33:c9:72:f9:80:c9:fa:01:dc:43:8f:
1b:4e:dc:bf:fa:22:8f:e0:c7:c9:6c:b3:ab:55:7c:
ec:2e:31:16:e7:45:fd:4b:62:d5:ce:08:95:5b:55:
64:0e:c1:34:7b:c3:b8:48:4f:a2:31:48:62:c2:e5:
c1:f9:e0:5f:61:1d:b0:23:52:62:3f:65:97:c9:4a:
b3:72:8b:e4:23:80:39:74:c7:55:4c:9a:9b:bd:11:
2d:b3:52:3f:f3:d7:d5:71:64:96:2b:69:4f:82:b3:
9c:07:c2:c3:6b:6a:c2:7c:81:0f:e3:95:79:ea:ce:
dc:2a:20:74:5e:0e:df:bc:d9:2a:ad:98:19:cb:8f:
1f:d8:a4:b3:72:43:e8:55:89:74:f1:84:68:ea:14:
72:3e:e9:77:ef:c3:ec:3d:eb:f2:b8:26:40:9a:38:
c0:3e:fc:5a:97:15:11:51:6f:6b:59:00:8b:b1:7a:
4a:49:75:35:ce:51:a5:d0:4c:39:f5:6b:48:45:3f:
79:7b:3e:6a:20:f3:6a:6d:01:b4:48:c6:3f:d4:f5:
f2:1c:60:05:73:7f:40:45:3f:5d:b7:34:c7:2d:62:
7a:67:d7:1a:b4:61:d2:62:01:5b:ae:45:11:c6:42:
63:1b:a8:2e:e1:d3:54:a7:20:02:f5:6b:db:cb:58:
a2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:87:99:9E:86:49:93:37:0D:9E:B4:86:F8:F0:16:3C:E2:6E:02:5F
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/KoeZnoZJkzcNnrSG-PAWPOJuAl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/22
109.203.160.0/22
Signature Algorithm: sha256WithRSAEncryption
42:bb:f7:c3:66:91:5e:a3:89:48:4b:27:1f:db:91:35:c3:67:
6a:59:0b:37:78:99:25:b8:be:21:73:3f:a1:a6:25:91:15:98:
d4:1d:f2:3a:2f:ca:6a:2f:89:b1:8b:db:a8:53:2e:e5:a3:fa:
ed:d9:f4:c1:96:a9:77:1f:24:92:de:a8:f7:6d:a5:1a:bf:1e:
17:9c:61:6a:80:d8:0d:b6:c3:46:13:e4:41:b1:6f:03:43:81:
25:72:d9:86:52:ea:74:ae:3a:5c:ee:19:00:76:bb:cb:aa:50:
ee:20:99:ee:e5:0a:8d:f4:25:57:59:fa:09:26:af:49:63:7c:
cb:00:95:d2:be:50:cf:55:ea:e5:87:0f:7b:08:bf:37:bb:85:
82:67:b8:2e:f6:4d:65:00:2b:30:6a:77:6a:37:58:2a:7b:62:
d3:e4:ab:e7:19:f8:31:f1:2b:42:3d:b3:f8:5a:b2:8d:48:90:
c8:8b:36:7f:d3:dc:5f:c4:aa:0a:ab:ea:2b:77:ac:d2:3c:03:
9f:c6:28:79:7a:91:c8:52:1f:c4:ef:88:c1:0b:fb:da:e6:0b:
9a:8a:69:42:d9:c2:f2:12:4d:86:54:a5:04:a7:f6:cc:c2:4e:
d4:e6:3c:23:3f:b4:9d:54:57:2f:d2:b6:ff:ac:29:07:a7:e5:
8e:fd:d0:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYR1U+auDrtvPMFs0hGkwEyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMTE0MDg0OTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTg3OTk5ZTg2NDk5MzM3MGQ5ZWI0ODZmOGYwMTYzY2UyNmUwMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqcSM8ly+YDJ+gHcQ48bTty/+iKP
4MfJbLOrVXzsLjEW50X9S2LVzgiVW1VkDsE0e8O4SE+iMUhiwuXB+eBfYR2wI1Ji
P2WXyUqzcovkI4A5dMdVTJqbvREts1I/89fVcWSWK2lPgrOcB8LDa2rCfIEP45V5
6s7cKiB0Xg7fvNkqrZgZy48f2KSzckPoVYl08YRo6hRyPul378PsPevyuCZAmjjA
PvxalxURUW9rWQCLsXpKSXU1zlGl0Ew59WtIRT95ez5qIPNqbQG0SMY/1PXyHGAF
c39ART9dtzTHLWJ6Z9catGHSYgFbrkURxkJjG6gu4dNUpyAC9Wvby1iiGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCqHmZ6GSZM3DZ60hvjwFjzibgJfMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvS29lWm5vWkpremNObnJTRy1QQVdQT0p1QWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJTGQAwQC
bcugMA0GCSqGSIb3DQEBCwUAA4IBAQBCu/fDZpFeo4lISycf25E1w2dqWQs3eJkl
uL4hcz+hpiWRFZjUHfI6L8pqL4mxi9uoUy7lo/rt2fTBlql3HySS3qj3baUavx4X
nGFqgNgNtsNGE+RBsW8DQ4ElctmGUup0rjpc7hkAdrvLqlDuIJnu5QqN9CVXWfoJ
Jq9JY3zLAJXSvlDPVerlhw97CL83u4WCZ7gu9k1lACswandqN1gqe2LT5KvnGfgx
8StCPbP4WrKNSJDIizZ/09xfxKoKq+ord6zSPAOfxih5epHIUh/E74jBC/va5gua
imlC2cLyEk2GVKUEp/bMwk7U5jwjP7SdVFcv0rb/rCkHp+WO/dCe
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:31 2025 by rpki-client