Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Km81B6wEvu31XipiP1Mhm5RA29U.roa
File: Km81B6wEvu31XipiP1Mhm5RA29U.roa (raw, json)
Hash identifier: a8v/nGGe6UlxtECnJt1JZM5ov0jmBulIeSF/t5zroE0=
Subject key identifier: 2A:6F:35:07:AC:04:BE:ED:F5:5E:2A:62:3F:53:21:9B:94:40:DB:D5
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018571DE8254C3FA0BBAFF7E30CCE8869699
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Km81B6wEvu31XipiP1Mhm5RA29U.roa
Signing time: Mon 02 Jan 2023 09:44:45 +0000
ROA not before: Mon 02 Jan 2023 09:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 185.243.4.0/24 maxlen: 24
185.243.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:82:54:c3:fa:0b:ba:ff:7e:30:cc:e8:86:96:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 2 09:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a6f3507ac04beedf55e2a623f53219b9440dbd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bb:ef:c0:af:9d:49:6c:00:78:96:e4:04:72:
ea:83:6c:fe:1a:cf:97:62:a5:80:13:60:d9:2a:94:
43:4e:4d:67:f9:30:76:a9:81:98:8c:d8:13:c0:89:
cc:6e:da:ed:23:d7:ed:c8:50:d1:95:10:94:73:1a:
41:48:cf:48:ee:b5:a1:f3:f9:22:f5:a5:40:49:b2:
23:de:dc:c2:1c:31:d5:96:0c:c0:47:fd:6f:65:b3:
a9:38:ca:f0:04:7e:e6:a5:82:2b:ca:f6:68:78:97:
91:97:ec:3a:ea:69:e2:43:40:46:5e:08:46:68:dd:
b3:5c:d2:48:89:87:30:6b:11:95:4a:1e:3e:1d:f9:
59:e2:c2:c3:e9:20:4d:57:04:ed:0d:f7:7d:20:d6:
b7:73:72:95:89:08:32:90:e3:5c:c6:34:1c:d0:f3:
37:ca:ae:76:0f:53:37:ca:c9:83:78:f7:4a:e4:d2:
af:68:e8:5e:69:42:87:05:fd:f5:37:b9:82:f7:14:
87:ed:1f:9f:d0:0e:82:45:a6:af:85:4c:15:73:f6:
02:51:d4:4d:11:ff:fa:f2:d9:c2:18:47:fa:9d:a6:
a1:4a:bd:ea:b2:08:09:d6:ea:93:5a:06:b0:6a:1b:
de:d7:15:22:4d:46:61:7c:e7:0d:a1:95:ce:9e:58:
31:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:6F:35:07:AC:04:BE:ED:F5:5E:2A:62:3F:53:21:9B:94:40:DB:D5
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Km81B6wEvu31XipiP1Mhm5RA29U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.4.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:45:b9:c6:4c:34:42:8a:0b:51:2c:73:ff:6e:df:39:f1:ec:
13:30:5a:f4:b4:4e:5d:4e:8f:56:0c:35:ed:ef:04:92:9f:bc:
5e:ee:11:8e:4b:f3:47:3a:b1:63:a0:37:6b:67:09:4c:1b:77:
b9:18:4e:70:3b:a0:3d:a6:50:6d:eb:ea:1b:6d:2d:7e:41:54:
e6:d9:30:05:f9:0f:ae:0c:8a:ae:35:e7:9e:d8:55:4d:f7:f6:
4d:49:c6:11:3a:04:5f:2c:bc:b1:de:9f:81:23:79:48:a9:ad:
2c:0a:c4:e5:f4:6b:a6:1e:4b:b0:44:76:44:8a:f2:96:a8:65:
ac:7a:98:1b:8b:96:22:66:f3:fb:d9:a9:cc:39:e3:d5:80:d2:
b5:3d:12:30:db:a7:f5:81:d5:c4:bb:8f:7b:05:d0:35:b7:c6:
d4:3b:01:1e:73:58:24:b6:4e:29:77:ab:0e:e7:8a:3a:de:b9:
26:a2:4c:df:33:d5:65:20:70:f3:8c:06:5d:af:e4:f8:6f:53:
9c:b8:4e:ae:b2:52:fe:d0:a4:71:96:2e:d5:b7:62:0c:6f:c9:
72:dd:1c:25:c6:7a:b5:18:71:9d:58:5d:e3:0a:19:59:47:3e:
1b:aa:bb:86:d4:eb:89:69:b3:1b:f3:a9:af:c9:f5:82:3e:c8:
f8:e4:bf:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx3oJUw/oLuv9+MMzohpaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMwMTAyMDk0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTZmMzUwN2FjMDRiZWVkZjU1ZTJhNjIzZjUzMjE5Yjk0NDBkYmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbvvwK+dSWwAeJbkBHLqg2z+Gs+X
YqWAE2DZKpRDTk1n+TB2qYGYjNgTwInMbtrtI9ftyFDRlRCUcxpBSM9I7rWh8/ki
9aVASbIj3tzCHDHVlgzAR/1vZbOpOMrwBH7mpYIryvZoeJeRl+w66mniQ0BGXghG
aN2zXNJIiYcwaxGVSh4+HflZ4sLD6SBNVwTtDfd9INa3c3KViQgykONcxjQc0PM3
yq52D1M3ysmDePdK5NKvaOheaUKHBf31N7mC9xSH7R+f0A6CRaavhUwVc/YCUdRN
Ef/68tnCGEf6naahSr3qsggJ1uqTWgawahve1xUiTUZhfOcNoZXOnlgxJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpvNQesBL7t9V4qYj9TIZuUQNvVMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvS204MUI2d0V2dTMxWGlwaVAxTWhtNVJBMjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufMEMA0G
CSqGSIb3DQEBCwUAA4IBAQBNRbnGTDRCigtRLHP/bt858ewTMFr0tE5dTo9WDDXt
7wSSn7xe7hGOS/NHOrFjoDdrZwlMG3e5GE5wO6A9plBt6+obbS1+QVTm2TAF+Q+u
DIquNeee2FVN9/ZNScYROgRfLLyx3p+BI3lIqa0sCsTl9GumHkuwRHZEivKWqGWs
epgbi5YiZvP72anMOePVgNK1PRIw26f1gdXEu497BdA1t8bUOwEec1gktk4pd6sO
54o63rkmokzfM9VlIHDzjAZdr+T4b1OcuE6uslL+0KRxli7Vt2IMb8ly3Rwlxnq1
GHGdWF3jChlZRz4bqruG1OuJabMb86mvyfWCPsj45L+1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:54 2025 by rpki-client