Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/KTKv9ujoKZsk-UhU0JNXuztHu4o.roa
File: KTKv9ujoKZsk-UhU0JNXuztHu4o.roa (raw, json)
Hash identifier: 43axqHyKZ8P4OmUnuF/I4Wztjj5AltWvPTdn69CB1F0=
Subject key identifier: 29:32:AF:F6:E8:E8:29:9B:24:F9:48:54:D0:93:57:BB:3B:47:BB:8A
Certificate issuer: /CN=d8a3cacdf8f33514be3abdc52c50ec864675e955
Certificate serial: 01856F0B740F99BA61E0A6967C802950873D
Authority key identifier: D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/KTKv9ujoKZsk-UhU0JNXuztHu4o.roa
Signing time: Sun 01 Jan 2023 20:34:59 +0000
ROA not before: Sun 01 Jan 2023 20:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15380
IP address blocks: 193.0.231.0/24 maxlen: 24
2001:678:a20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:74:0f:99:ba:61:e0:a6:96:7c:80:29:50:87:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a3cacdf8f33514be3abdc52c50ec864675e955
Validity
Not Before: Jan 1 20:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2932aff6e8e8299b24f94854d09357bb3b47bb8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:94:66:d6:e8:87:5f:c3:08:13:02:2d:2c:10:
34:81:37:b0:45:99:2c:32:51:57:ca:22:ad:ab:d9:
84:fb:9c:3e:ad:43:78:bb:86:7d:45:65:61:ab:29:
6f:d7:39:8c:5b:f6:2d:69:09:08:07:24:bd:92:aa:
82:b8:7d:83:30:0b:67:79:ea:8a:bc:db:74:26:4d:
4f:86:2d:33:2b:50:72:a1:7f:77:e7:5f:67:01:5d:
fa:4a:5a:64:f3:63:22:c1:12:25:2f:c9:72:22:0f:
f1:09:06:03:e6:77:e9:f2:da:06:0e:2d:3f:42:56:
ce:2e:a5:3f:ff:4d:e9:c5:8a:b6:f9:2c:27:db:84:
85:2b:33:a4:69:a6:f6:52:be:e5:f4:6d:f4:cf:b0:
19:4c:ca:38:df:f9:17:cd:eb:45:7c:0d:ed:18:0b:
b0:17:e0:f9:16:b7:3e:c5:d7:28:14:d1:20:29:43:
52:1b:c5:5b:b0:a4:c8:4a:5e:4c:43:8d:5c:c6:62:
21:49:43:51:9e:04:bd:1f:01:f4:6b:28:88:8b:67:
a7:ee:7b:eb:2e:72:a0:6b:54:48:ad:9f:69:54:87:
7e:f6:7e:20:58:92:7f:05:28:4a:9c:d9:25:b6:8b:
f4:d7:51:42:bd:ad:f9:9a:b3:35:22:91:0f:50:a7:
72:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:32:AF:F6:E8:E8:29:9B:24:F9:48:54:D0:93:57:BB:3B:47:BB:8A
X509v3 Authority Key Identifier:
keyid:D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/KTKv9ujoKZsk-UhU0JNXuztHu4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.231.0/24
IPv6:
2001:678:a20::/48
Signature Algorithm: sha256WithRSAEncryption
1a:d2:12:8d:95:35:e9:d7:b2:04:dc:74:8a:3e:72:eb:a2:e2:
6d:cd:49:3d:44:de:36:ea:dd:91:ed:12:7b:2c:64:91:c1:ab:
a4:1f:9d:45:58:35:a6:cd:9f:3d:21:07:e5:fe:92:8e:24:e9:
7e:19:49:44:1f:1b:14:5d:75:9a:f8:d2:bb:30:b2:81:34:1a:
d9:78:78:dd:d0:47:19:b5:44:e5:98:7f:0b:f6:6e:ab:db:b2:
ad:d4:97:5a:77:4c:4d:b4:1b:18:ba:9c:d6:38:82:61:76:35:
6f:f6:d9:73:ee:fe:ce:56:aa:cf:a3:e3:21:d0:17:3a:95:7c:
5b:38:b2:3d:58:2e:b4:0e:73:64:6b:36:4c:a8:d5:0e:4b:ed:
48:5e:83:ad:8c:6d:6d:4b:f3:1f:c7:e6:55:b1:3a:64:cc:dd:
aa:72:89:00:6b:35:ee:89:79:c3:10:8b:a2:e9:ea:ed:74:5c:
c5:4a:67:67:cc:29:64:a0:2f:93:4d:4d:92:be:88:21:05:0c:
75:59:b2:d1:36:2c:07:19:0c:ab:71:9a:c0:4c:f6:ea:f5:be:
c3:cc:84:5b:92:56:2e:d6:7a:8d:2d:0a:6f:85:f2:87:f9:ea:
bb:1b:72:5e:eb:d4:9c:04:73:fa:98:65:30:c9:e6:55:d1:8b:
18:9c:4c:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvC3QPmbph4KaWfIApUIc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTNjYWNkZjhmMzM1MTRiZTNhYmRjNTJjNTBlYzg2NDY3
NWU5NTUwHhcNMjMwMTAxMjAzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTMyYWZmNmU4ZTgyOTliMjRmOTQ4NTRkMDkzNTdiYjNiNDdiYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45Rm1uiHX8MIEwItLBA0gTewRZks
MlFXyiKtq9mE+5w+rUN4u4Z9RWVhqylv1zmMW/YtaQkIByS9kqqCuH2DMAtneeqK
vNt0Jk1Phi0zK1ByoX93519nAV36Slpk82MiwRIlL8lyIg/xCQYD5nfp8toGDi0/
QlbOLqU//03pxYq2+Swn24SFKzOkaab2Ur7l9G30z7AZTMo43/kXzetFfA3tGAuw
F+D5Frc+xdcoFNEgKUNSG8VbsKTISl5MQ41cxmIhSUNRngS9HwH0ayiIi2en7nvr
LnKga1RIrZ9pVId+9n4gWJJ/BShKnNkltov011FCva35mrM1IpEPUKdyQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCkyr/bo6CmbJPlIVNCTV7s7R7uKMB8GA1UdIwQY
MBaAFNijys348zUUvjq9xSxQ7IZGdelVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEt
Yjc5MWI5ODlhZjI5LzEvS1RLdjl1am9LWnNrLVVoVTBKTlh1enRIdTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEtYjc5MWI5ODlhZjI5
LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwQDnMA8E
AgACMAkDBwAgAQZ4CiAwDQYJKoZIhvcNAQELBQADggEBABrSEo2VNenXsgTcdIo+
cuui4m3NST1E3jbq3ZHtEnssZJHBq6QfnUVYNabNnz0hB+X+ko4k6X4ZSUQfGxRd
dZr40rswsoE0Gtl4eN3QRxm1ROWYfwv2bqvbsq3Ul1p3TE20Gxi6nNY4gmF2NW/2
2XPu/s5Wqs+j4yHQFzqVfFs4sj1YLrQOc2RrNkyo1Q5L7Uheg62MbW1L8x/H5lWx
OmTM3apyiQBrNe6JecMQi6Lp6u10XMVKZ2fMKWSgL5NNTZK+iCEFDHVZstE2LAcZ
DKtxmsBM9ur1vsPMhFuSVi7Weo0tCm+F8of56rsbcl7r1JwEc/qYZTDJ5lXRixic
TLw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:35 2025 by rpki-client