Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/KQRW8GWofSZKPKPSFFLuMTu_MoA.roa
File: KQRW8GWofSZKPKPSFFLuMTu_MoA.roa (raw, json)
Hash identifier: vPDFVSWSNHWNUoPGa49/wnl854YH0XFJUkduU7O5w40=
Subject key identifier: 29:04:56:F0:65:A8:7D:26:4A:3C:A3:D2:14:52:EE:31:3B:BF:32:80
Certificate issuer: /CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Certificate serial: 01847ABB4594E9D2D0FD3096FA7E9FBFC91C
Authority key identifier: 4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/KQRW8GWofSZKPKPSFFLuMTu_MoA.roa
Signing time: Tue 15 Nov 2022 10:00:04 +0000
ROA not before: Tue 15 Nov 2022 10:00:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16276
IP address blocks: 198.49.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:bb:45:94:e9:d2:d0:fd:30:96:fa:7e:9f:bf:c9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Validity
Not Before: Nov 15 10:00:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=290456f065a87d264a3ca3d21452ee313bbf3280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2c:59:d6:0e:ed:53:ac:a5:6b:03:8a:e6:5a:
2c:14:42:d8:b5:94:13:57:09:d4:e8:fe:15:e5:2f:
f0:a7:4c:63:b9:ea:d8:24:6e:85:07:f9:ce:69:f8:
9a:54:81:46:e1:a5:38:07:04:c7:a7:87:60:6f:4a:
0d:8c:cd:e3:d3:28:aa:21:90:a4:7f:08:e3:cc:76:
67:12:72:1c:1a:6c:64:de:30:0f:ee:1c:72:de:83:
88:cd:91:e2:00:57:b1:c0:82:f4:9a:3f:5e:d8:0d:
88:d4:30:35:93:71:4d:ed:18:e6:df:e7:aa:10:7e:
cc:97:d8:59:54:81:9a:86:8b:72:39:6e:75:97:77:
b5:af:af:c7:51:d3:cd:6f:89:05:bd:0b:66:40:f4:
e6:10:0d:86:80:c2:48:1c:d3:b7:d9:e1:2f:c6:b5:
4e:44:d5:2f:08:56:c9:b4:ef:74:b4:0b:3d:16:e8:
94:04:2b:4c:4e:be:56:23:a8:13:12:77:ce:3c:1a:
7d:32:33:8f:16:54:f6:82:81:de:8a:71:4f:d2:01:
44:7c:5c:98:c8:e2:f9:69:fb:ef:b1:89:8a:d6:08:
e9:23:53:1f:a6:54:7d:36:f0:02:a4:b0:cd:59:b2:
b1:8f:6c:6c:e4:f3:96:16:d8:b8:e9:a3:40:f2:0b:
69:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:04:56:F0:65:A8:7D:26:4A:3C:A3:D2:14:52:EE:31:3B:BF:32:80
X509v3 Authority Key Identifier:
keyid:4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/KQRW8GWofSZKPKPSFFLuMTu_MoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.49.103.0/24
Signature Algorithm: sha256WithRSAEncryption
57:60:6f:a4:51:d8:9a:42:8c:76:8b:f4:4e:82:56:9e:8b:68:
46:fa:88:b1:b5:a0:1f:ae:f2:92:ad:3a:d5:d7:4c:51:63:d2:
f0:d1:47:e0:ed:52:24:a2:ac:29:ae:3e:36:98:e9:14:42:9c:
0e:24:7c:3c:ff:c8:ad:31:41:86:0f:1d:ec:6e:7b:b0:89:4f:
d8:28:b5:85:ed:14:3f:07:58:52:bf:f4:9f:84:ea:8b:0b:a3:
81:ec:8d:87:ce:76:94:e3:17:68:8c:46:f3:a9:8a:8a:ef:1c:
b4:08:4b:78:52:bf:ee:fe:62:c3:d4:15:e9:89:7c:06:5b:16:
cc:6e:c9:1a:4d:f0:44:15:e8:e8:08:4a:f1:7d:0b:35:d3:c2:
47:ba:8a:65:b3:ee:fe:9c:67:3d:e0:cf:ff:ed:17:61:8a:b5:
d5:58:6f:b8:fd:91:91:07:a0:87:66:ba:9c:50:2c:1d:0c:52:
ca:75:0a:48:8e:a3:de:71:e5:20:bf:f4:6c:52:05:df:87:06:
ae:c2:eb:16:47:79:3b:c9:18:92:cb:07:af:28:56:5a:84:0d:
cf:a2:dd:b9:e4:af:50:ca:26:cd:69:ec:33:1b:4f:d0:18:eb:
54:c0:67:52:3b:8d:61:2c:21:66:82:0b:04:f0:61:a2:80:02:
b1:a7:13:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR6u0WU6dLQ/TCW+n6fv8kcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTEzMTc3NWIzMjYwYjExYTE2MjQwZDFkOGU3Njg5MWQ3
ZjM3MzIwHhcNMjIxMTE1MTAwMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTA0NTZmMDY1YTg3ZDI2NGEzY2EzZDIxNDUyZWUzMTNiYmYzMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnixZ1g7tU6ylawOK5losFELYtZQT
VwnU6P4V5S/wp0xjuerYJG6FB/nOafiaVIFG4aU4BwTHp4dgb0oNjM3j0yiqIZCk
fwjjzHZnEnIcGmxk3jAP7hxy3oOIzZHiAFexwIL0mj9e2A2I1DA1k3FN7Rjm3+eq
EH7Ml9hZVIGahotyOW51l3e1r6/HUdPNb4kFvQtmQPTmEA2GgMJIHNO32eEvxrVO
RNUvCFbJtO90tAs9FuiUBCtMTr5WI6gTEnfOPBp9MjOPFlT2goHeinFP0gFEfFyY
yOL5afvvsYmK1gjpI1MfplR9NvACpLDNWbKxj2xs5POWFti46aNA8gtp1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkEVvBlqH0mSjyj0hRS7jE7vzKAMB8GA1UdIwQY
MBaAFE+RMXdbMmCxGhYkDR2OdokdfzcyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMt
YWI2M2Q0NWY0YjZhLzEvS1FSVzhHV29mU1pLUEtQU0ZGTHVNVHVfTW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMtYWI2M2Q0NWY0YjZh
LzEvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAxjFnMA0G
CSqGSIb3DQEBCwUAA4IBAQBXYG+kUdiaQox2i/ROglaei2hG+oixtaAfrvKSrTrV
10xRY9Lw0Ufg7VIkoqwprj42mOkUQpwOJHw8/8itMUGGDx3sbnuwiU/YKLWF7RQ/
B1hSv/SfhOqLC6OB7I2HznaU4xdojEbzqYqK7xy0CEt4Ur/u/mLD1BXpiXwGWxbM
bskaTfBEFejoCErxfQs108JHuopls+7+nGc94M//7RdhirXVWG+4/ZGRB6CHZrqc
UCwdDFLKdQpIjqPeceUgv/RsUgXfhwauwusWR3k7yRiSywevKFZahA3Pot255K9Q
yibNaewzG0/QGOtUwGdSO41hLCFmggsE8GGigAKxpxMY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:34 2025 by rpki-client