Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/KkDmtn2EwYOgZteaPgu0DEHTZKA.roa
File: KkDmtn2EwYOgZteaPgu0DEHTZKA.roa (raw, json)
Hash identifier: 3Y0Bp4a4DbyrAa8YBCiuLlQqxuXZLfeB5JDOwRkG0S4=
Subject key identifier: 2A:40:E6:B6:7D:84:C1:83:A0:66:D7:9A:3E:0B:B4:0C:41:D3:64:A0
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0183E5E1004972CDFECE253D6229A5FC92D1
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/KkDmtn2EwYOgZteaPgu0DEHTZKA.roa
Signing time: Mon 17 Oct 2022 12:17:51 +0000
ROA not before: Mon 17 Oct 2022 12:17:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 176.221.16.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:e1:00:49:72:cd:fe:ce:25:3d:62:29:a5:fc:92:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Oct 17 12:17:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a40e6b67d84c183a066d79a3e0bb40c41d364a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f7:1c:94:72:06:b7:63:e8:44:e5:5b:b6:b3:
4b:1d:4e:8b:6d:8e:f8:46:1e:f9:10:29:e7:bd:9e:
6c:11:77:66:66:93:0c:c9:9f:10:ed:24:ad:b8:e2:
32:17:64:ea:2e:26:ea:0e:dd:0d:d5:4b:2b:e4:c2:
83:cf:17:ca:ac:ef:75:41:ff:77:ba:a3:8b:b7:f7:
c3:92:3d:c4:70:8d:53:b9:a5:ee:a2:0b:36:dd:8c:
f9:25:fd:ff:58:6b:d5:50:74:69:46:6f:e3:5e:88:
d8:ce:30:5b:c6:cf:8e:61:3b:16:1b:b3:13:c0:8a:
5d:a4:cf:ce:a7:54:7b:a9:f2:7b:eb:8b:ca:f3:99:
19:d6:e0:cf:3d:0b:d7:52:fd:c2:fb:da:8c:7b:14:
a8:d8:31:09:f8:84:1e:47:e4:f5:e5:8b:fc:6b:32:
41:64:8d:ec:ef:97:67:9e:31:33:f7:88:79:af:67:
97:52:ac:11:07:c5:66:96:63:dc:c8:18:7e:4d:2b:
ed:e6:2d:e5:69:98:9d:24:1a:cd:b9:fe:53:35:a3:
ee:59:dd:e2:f6:f7:3f:fd:7f:05:ab:b0:0d:87:ad:
76:ae:1b:1e:54:0d:1b:6f:27:39:56:fa:b8:bf:25:
86:b3:d5:a9:0f:47:05:f6:2a:47:d7:52:f0:71:05:
b3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:40:E6:B6:7D:84:C1:83:A0:66:D7:9A:3E:0B:B4:0C:41:D3:64:A0
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/KkDmtn2EwYOgZteaPgu0DEHTZKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.16.0/21
Signature Algorithm: sha256WithRSAEncryption
27:3e:e7:86:4f:9a:e6:3c:1a:e2:c8:9c:b4:2d:ea:e4:06:16:
08:59:65:bd:a1:a5:64:fe:d8:02:1a:2d:9d:40:15:26:e1:2a:
4b:aa:dd:90:05:3f:0e:6d:f3:74:4d:76:02:03:bb:55:eb:a6:
45:09:37:0a:12:25:4a:66:35:a8:0b:ad:f9:02:13:78:d1:64:
17:58:3e:e5:29:e9:ec:2b:a4:c4:ca:01:cf:5f:31:22:10:d5:
64:a8:86:12:06:73:37:a1:e9:b7:10:e8:ca:e2:96:5d:31:f5:
87:c0:fd:cf:fb:1a:38:fb:c4:be:2b:84:11:39:c5:8a:f8:a2:
66:ca:68:4d:1e:d4:59:2a:fd:c7:11:df:d3:46:be:29:e6:56:
d2:16:c2:0f:0d:f8:f8:72:d7:76:3d:b9:d5:fa:19:0e:0e:8f:
08:70:cd:23:0f:79:2d:23:17:2b:86:73:31:ef:87:81:ec:e7:
9f:26:7c:95:aa:ff:37:03:a9:1e:d9:60:e4:29:5e:64:01:26:
3e:42:87:fe:71:e7:3b:b4:38:8f:f0:aa:e7:1a:8a:ea:83:40:
48:23:65:2b:2f:0a:a2:df:ef:38:40:38:81:93:d6:67:e8:f7:
7b:71:49:91:53:f2:a3:aa:97:60:57:19:31:f4:7b:62:71:cf:
23:89:2c:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPl4QBJcs3+ziU9Yiml/JLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjIxMDE3MTIxNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQwZTZiNjdkODRjMTgzYTA2NmQ3OWEzZTBiYjQwYzQxZDM2NGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfcclHIGt2PoROVbtrNLHU6LbY74
Rh75ECnnvZ5sEXdmZpMMyZ8Q7SStuOIyF2TqLibqDt0N1Usr5MKDzxfKrO91Qf93
uqOLt/fDkj3EcI1TuaXuogs23Yz5Jf3/WGvVUHRpRm/jXojYzjBbxs+OYTsWG7MT
wIpdpM/Op1R7qfJ764vK85kZ1uDPPQvXUv3C+9qMexSo2DEJ+IQeR+T15Yv8azJB
ZI3s75dnnjEz94h5r2eXUqwRB8VmlmPcyBh+TSvt5i3laZidJBrNuf5TNaPuWd3i
9vc//X8Fq7ANh612rhseVA0bbyc5Vvq4vyWGs9WpD0cF9ipH11LwcQWzfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpA5rZ9hMGDoGbXmj4LtAxB02SgMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvS2tEbXRuMkV3WU9nWnRlYVBndTBERUhUWktBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsN0QMA0G
CSqGSIb3DQEBCwUAA4IBAQAnPueGT5rmPBriyJy0LerkBhYIWWW9oaVk/tgCGi2d
QBUm4SpLqt2QBT8ObfN0TXYCA7tV66ZFCTcKEiVKZjWoC635AhN40WQXWD7lKens
K6TEygHPXzEiENVkqIYSBnM3oem3EOjK4pZdMfWHwP3P+xo4+8S+K4QROcWK+KJm
ymhNHtRZKv3HEd/TRr4p5lbSFsIPDfj4ctd2PbnV+hkODo8IcM0jD3ktIxcrhnMx
74eB7OefJnyVqv83A6ke2WDkKV5kASY+Qof+cec7tDiP8KrnGorqg0BII2UrLwqi
3+84QDiBk9Zn6Pd7cUmRU/KjqpdgVxkx9Hticc8jiSws
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:14 2025 by rpki-client