Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/440132-eb5a-46df-a229-c68a68e8a234/1/KFoCFnAVI3u1Oo_gidx07mTX5QA.roa
File: KFoCFnAVI3u1Oo_gidx07mTX5QA.roa (raw, json)
Hash identifier: XiNRUryBWJSdq+hbj0FDvdCfjbXLFSbYSVfRZot0gA0=
Subject key identifier: 28:5A:02:16:70:15:23:7B:B5:3A:8F:E0:89:DC:74:EE:64:D7:E5:00
Certificate issuer: /CN=b8c5155db7f9859e084c2ee9bf96e8689209d3d5
Certificate serial: 018570DE34A5CD3A751A23834BE79D068017
Authority key identifier: B8:C5:15:5D:B7:F9:85:9E:08:4C:2E:E9:BF:96:E8:68:92:09:D3:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uMUVXbf5hZ4ITC7pv5boaJIJ09U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/440132-eb5a-46df-a229-c68a68e8a234/1/KFoCFnAVI3u1Oo_gidx07mTX5QA.roa
Signing time: Mon 02 Jan 2023 05:04:48 +0000
ROA not before: Mon 02 Jan 2023 05:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51224
IP address blocks: 91.216.216.0/24 maxlen: 32
2001:67c:254::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:34:a5:cd:3a:75:1a:23:83:4b:e7:9d:06:80:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8c5155db7f9859e084c2ee9bf96e8689209d3d5
Validity
Not Before: Jan 2 05:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=285a02167015237bb53a8fe089dc74ee64d7e500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:92:fa:9a:7d:1a:97:e6:5e:fa:cf:fb:4c:50:
92:d9:bd:4b:d8:29:a6:6e:09:2c:23:ad:fb:06:f9:
a8:e5:69:d0:92:45:79:ee:b9:19:cd:a0:a5:16:f9:
3b:ac:fa:1a:85:57:ee:c4:71:b0:75:f9:eb:67:3f:
79:cf:48:bc:1b:96:bf:26:ba:b2:df:6e:67:41:b5:
d3:8c:2c:b3:95:94:f9:d6:4a:5d:e4:2e:e6:fc:87:
f5:02:d6:80:f5:fc:ce:82:93:03:27:82:61:2b:ac:
df:42:58:80:b6:d5:de:49:4e:f7:04:c4:27:dc:ae:
87:bd:b3:1a:e3:ee:5e:76:b3:3e:44:04:9f:f8:ee:
db:05:e4:8a:7b:d0:9d:77:a8:73:22:56:9e:8f:97:
dd:ff:9f:36:2a:9f:40:09:4e:ba:d0:c8:4f:65:ab:
cb:08:a5:c2:de:d0:69:8d:c7:9a:e3:08:1c:9e:6f:
b1:59:44:d1:ab:5c:9c:18:8b:40:9c:67:bf:52:9e:
dd:06:88:c6:bb:c2:f1:43:c9:5f:c1:0c:f0:87:11:
25:a0:5b:1c:31:f4:97:3e:1d:93:2c:b0:6d:18:6d:
68:22:b1:a3:17:28:44:69:64:0e:d0:c8:6b:52:d1:
c3:58:56:86:97:9b:4e:dc:e4:eb:eb:53:97:15:08:
ae:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:5A:02:16:70:15:23:7B:B5:3A:8F:E0:89:DC:74:EE:64:D7:E5:00
X509v3 Authority Key Identifier:
keyid:B8:C5:15:5D:B7:F9:85:9E:08:4C:2E:E9:BF:96:E8:68:92:09:D3:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uMUVXbf5hZ4ITC7pv5boaJIJ09U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/440132-eb5a-46df-a229-c68a68e8a234/1/KFoCFnAVI3u1Oo_gidx07mTX5QA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/440132-eb5a-46df-a229-c68a68e8a234/1/uMUVXbf5hZ4ITC7pv5boaJIJ09U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.216.0/24
IPv6:
2001:67c:254::/48
Signature Algorithm: sha256WithRSAEncryption
b4:fb:3a:9f:50:0b:1d:37:cd:f6:1f:e5:e1:7e:0c:6e:42:dd:
9f:07:5b:e3:27:b7:2f:40:1a:2b:b6:22:4a:71:13:e3:96:e6:
5b:86:98:97:ad:84:0e:2a:ba:76:bd:aa:c7:3b:52:e0:ed:70:
4a:4f:ff:fd:0e:79:1b:74:ba:03:27:49:77:9c:88:96:81:40:
df:41:32:f8:a8:b4:26:cf:08:97:99:70:a1:ae:63:e9:a2:ee:
b1:81:36:6c:60:46:f2:44:1f:3e:79:c6:7e:66:ad:f4:d4:50:
e9:f3:c2:6a:a6:fc:3e:04:fb:8f:20:66:21:62:21:c2:0a:99:
f3:69:8f:99:f0:e6:7b:89:bd:0a:f5:96:a6:a8:e8:de:1f:90:
75:28:0b:db:9c:cc:89:31:3b:32:28:0c:9c:7a:cc:2c:38:fa:
69:d2:99:4e:d5:b0:61:6d:66:1a:ff:fc:21:80:55:c4:f0:4b:
28:e2:6d:f4:a5:a8:c3:73:cf:78:d1:f9:9f:ac:ec:db:7d:09:
e6:c0:9b:59:2a:7f:15:93:df:1a:93:39:54:c5:38:46:4e:9b:
0a:24:1a:58:5a:77:4f:0f:bb:ef:d6:14:d4:c8:d2:93:0f:a2:
54:c1:2f:bb:0e:c8:a7:25:ab:b4:5a:8c:ff:2b:ea:ec:d3:6f:
fa:7a:c0:bd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVw3jSlzTp1GiODS+edBoAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4YzUxNTVkYjdmOTg1OWUwODRjMmVlOWJmOTZlODY4OTIw
OWQzZDUwHhcNMjMwMTAyMDUwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODVhMDIxNjcwMTUyMzdiYjUzYThmZTA4OWRjNzRlZTY0ZDdlNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJL6mn0al+Ze+s/7TFCS2b1L2Cmm
bgksI637Bvmo5WnQkkV57rkZzaClFvk7rPoahVfuxHGwdfnrZz95z0i8G5a/Jrqy
325nQbXTjCyzlZT51kpd5C7m/If1AtaA9fzOgpMDJ4JhK6zfQliAttXeSU73BMQn
3K6HvbMa4+5edrM+RASf+O7bBeSKe9Cdd6hzIlaej5fd/582Kp9ACU660MhPZavL
CKXC3tBpjcea4wgcnm+xWUTRq1ycGItAnGe/Up7dBojGu8LxQ8lfwQzwhxEloFsc
MfSXPh2TLLBtGG1oIrGjFyhEaWQO0MhrUtHDWFaGl5tO3OTr61OXFQiu7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFChaAhZwFSN7tTqP4IncdO5k1+UAMB8GA1UdIwQY
MBaAFLjFFV23+YWeCEwu6b+W6GiSCdPVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU1VVlhiZjVoWjRJVEM3cHY1Ym9hSklKMDlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC80NDAxMzItZWI1YS00NmRmLWEyMjkt
YzY4YTY4ZThhMjM0LzEvS0ZvQ0ZuQVZJM3UxT29fZ2lkeDA3bVRYNVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC80NDAxMzItZWI1YS00NmRmLWEyMjktYzY4YTY4ZThhMjM0
LzEvdU1VVlhiZjVoWjRJVEM3cHY1Ym9hSklKMDlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9jYMA8E
AgACMAkDBwAgAQZ8AlQwDQYJKoZIhvcNAQELBQADggEBALT7Op9QCx03zfYf5eF+
DG5C3Z8HW+Mnty9AGiu2IkpxE+OW5luGmJethA4quna9qsc7UuDtcEpP//0OeRt0
ugMnSXeciJaBQN9BMviotCbPCJeZcKGuY+mi7rGBNmxgRvJEHz55xn5mrfTUUOnz
wmqm/D4E+48gZiFiIcIKmfNpj5nw5nuJvQr1lqao6N4fkHUoC9uczIkxOzIoDJx6
zCw4+mnSmU7VsGFtZhr//CGAVcTwSyjibfSlqMNzz3jR+Z+s7Nt9CebAm1kqfxWT
3xqTOVTFOEZOmwokGlhad08Pu+/WFNTI0pMPolTBL7sOyKclq7RajP8r6uzTb/p6
wL0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:51 2025 by rpki-client