Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/k805bz_dbImzv-ColBUEkToB0bw.roa
File: k805bz_dbImzv-ColBUEkToB0bw.roa (raw, json)
Hash identifier: Khks4lfQJ64r9X82YFqo/cWt4CjSvXPVzxOf4lvBUsE=
Subject key identifier: 93:CD:39:6F:3F:DD:6C:89:B3:BF:E0:A8:94:15:04:91:3A:01:D1:BC
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 50E5141E
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/k805bz_dbImzv-ColBUEkToB0bw.roa
Signing time: Sat 01 Jan 2022 16:01:58 +0000
ROA not before: Sat 01 Jan 2022 16:01:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204783
IP address blocks: 212.243.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1357190174 (0x50e5141e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 16:01:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93cd396f3fdd6c89b3bfe0a8941504913a01d1bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b3:49:32:18:36:8c:c9:2a:77:d5:80:27:dc:
6a:5c:d7:c7:fa:87:c7:e6:dd:2d:05:cd:60:b8:8d:
30:60:2b:da:9e:84:0f:cc:a3:2b:19:6c:07:ac:27:
c2:b7:37:b0:63:d7:aa:62:5f:09:0c:8b:93:eb:68:
99:0c:cf:5f:a8:e0:85:b1:1c:9d:d9:b9:06:13:c4:
ef:90:ad:d0:f3:2b:40:ad:61:27:5c:c1:be:bc:ab:
50:58:76:8b:35:60:61:7f:7b:ce:9f:fc:16:22:6e:
df:4a:2e:86:b7:c7:9d:93:9e:1c:d3:19:87:b6:e5:
5c:73:00:76:0d:bc:52:c0:20:24:ee:a2:3d:5d:78:
d6:03:0d:c9:f0:4d:db:b8:30:f7:97:1d:ee:bb:03:
7a:f0:26:36:48:15:5c:fb:7c:19:d7:dd:ed:c2:14:
58:b3:a1:79:27:9a:6e:fb:be:49:d1:ea:03:69:8f:
ee:4f:59:59:50:1b:8d:dd:3c:ed:ec:ed:8c:69:d7:
45:40:82:8e:73:07:14:50:a0:a2:c6:02:89:62:c7:
47:1a:3e:59:f3:d1:6c:95:91:60:4a:d4:49:da:74:
02:47:ed:f1:aa:41:85:17:cd:2f:7f:9f:72:01:22:
5a:2d:a2:bc:eb:f5:32:1e:c1:b2:2d:74:b1:30:a9:
6d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:CD:39:6F:3F:DD:6C:89:B3:BF:E0:A8:94:15:04:91:3A:01:D1:BC
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/k805bz_dbImzv-ColBUEkToB0bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.243.115.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:d0:31:7a:70:4c:95:af:75:05:1a:3f:5d:cf:f5:06:bb:9e:
80:38:d3:a8:09:96:5b:dc:ef:ba:ff:0c:3f:e6:a2:b1:3d:fc:
cf:db:7b:5d:e5:b3:c3:17:1a:91:d1:c9:82:6c:e6:39:7c:97:
7c:5e:9d:6b:cc:7c:5d:be:85:76:24:73:be:08:be:1b:24:e1:
b8:ae:ec:94:58:25:59:96:76:3d:bb:f4:65:95:f9:80:7d:d7:
25:dc:89:ce:03:52:67:64:15:88:4c:8a:6c:bc:ef:14:82:0f:
d9:bd:fb:ab:8c:19:6b:e2:27:3c:15:b4:9e:f7:4f:ed:95:f5:
1b:24:eb:59:57:34:bd:34:f7:af:68:63:b9:0f:b3:26:e3:65:
8c:ad:5a:d4:24:f2:e4:b4:89:ed:61:f9:b1:27:b8:7e:74:a5:
f2:c6:d5:6c:d9:ba:66:7b:88:b3:53:95:82:26:46:3c:3c:a5:
9b:06:aa:ff:ba:7d:18:40:0a:0f:95:64:ce:7f:09:62:f9:41:
91:07:50:c0:72:cd:da:6b:9f:0c:06:56:8e:51:34:2a:84:bb:
4b:cf:c5:aa:ae:fc:e5:6f:9c:8f:51:38:7a:46:50:f1:b5:96:
0f:09:55:bf:53:8e:ff:a5:a9:56:ab:71:dc:40:2a:67:79:be:
1d:ae:7f:63
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEUOUUHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjYzZjNkYjE1MmUwNTVhYzE0NWJkYmI0MjllMDE4NjU0MjA0YzhkMB4XDTIyMDEw
MTE2MDE1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTNjZDM5NmYzZmRk
NmM4OWIzYmZlMGE4OTQxNTA0OTEzYTAxZDFiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmzSTIYNozJKnfVgCfcalzXx/qHx+bdLQXNYLiNMGAr2p6E
D8yjKxlsB6wnwrc3sGPXqmJfCQyLk+tomQzPX6jghbEcndm5BhPE75Ct0PMrQK1h
J1zBvryrUFh2izVgYX97zp/8FiJu30ouhrfHnZOeHNMZh7blXHMAdg28UsAgJO6i
PV141gMNyfBN27gw95cd7rsDevAmNkgVXPt8Gdfd7cIUWLOheSeabvu+SdHqA2mP
7k9ZWVAbjd087eztjGnXRUCCjnMHFFCgosYCiWLHRxo+WfPRbJWRYErUSdp0Akft
8apBhRfNL3+fcgEiWi2ivOv1Mh7Bsi10sTCpbUsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSTzTlvP91sibO/4KiUFQSROgHRvDAfBgNVHSMEGDAWgBQmY/PbFS4FWsFF
vbtCngGGVCBMjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ptUHoyeFV1QlZyQlJiMjdRcDRCaGxRZ1RJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8x
L2s4MDViel9kYkltenYtQ29sQlVFa1RvQjBidy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8xL0ptUHoyeFV1QlZy
QlJiMjdRcDRCaGxRZ1RJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANTzczANBgkqhkiG9w0BAQsFAAOC
AQEACtAxenBMla91BRo/Xc/1BruegDjTqAmWW9zvuv8MP+aisT38z9t7XeWzwxca
kdHJgmzmOXyXfF6da8x8Xb6FdiRzvgi+GyThuK7slFglWZZ2Pbv0ZZX5gH3XJdyJ
zgNSZ2QViEyKbLzvFIIP2b37q4wZa+InPBW0nvdP7ZX1GyTrWVc0vTT3r2hjuQ+z
JuNljK1a1CTy5LSJ7WH5sSe4fnSl8sbVbNm6ZnuIs1OVgiZGPDylmwaq/7p9GEAK
D5Vkzn8JYvlBkQdQwHLN2mufDAZWjlE0KoS7S8/Fqq785W+cj1E4ekZQ8bWWDwlV
v1OO/6WpVqtx3EAqZ3m+Ha5/Yw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:12:56 2025 by rpki-client