Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/2c7b2e-242a-4336-b0fb-fcf0f1594d2f/1/KaWom-BMw3jPFxkiKvoLVdM4Z20.roa
File: KaWom-BMw3jPFxkiKvoLVdM4Z20.roa (raw, json)
Hash identifier: RMua2spkjkA7Djdqi1zZKzjuz+81hDQjc/FEBchReUo=
Subject key identifier: 29:A5:A8:9B:E0:4C:C3:78:CF:17:19:22:2A:FA:0B:55:D3:38:67:6D
Certificate issuer: /CN=83124d0411a20fd2bb546970ea80116ef276dbab
Certificate serial: 01856ED4B572C20792AABBF1E4D4FFD521AB
Authority key identifier: 83:12:4D:04:11:A2:0F:D2:BB:54:69:70:EA:80:11:6E:F2:76:DB:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gxJNBBGiD9K7VGlw6oARbvJ226s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/2c7b2e-242a-4336-b0fb-fcf0f1594d2f/1/KaWom-BMw3jPFxkiKvoLVdM4Z20.roa
Signing time: Sun 01 Jan 2023 19:35:11 +0000
ROA not before: Sun 01 Jan 2023 19:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8839
IP address blocks: 213.225.160.0/19 maxlen: 19
212.95.64.0/19 maxlen: 19
2001:810::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:b5:72:c2:07:92:aa:bb:f1:e4:d4:ff:d5:21:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83124d0411a20fd2bb546970ea80116ef276dbab
Validity
Not Before: Jan 1 19:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29a5a89be04cc378cf1719222afa0b55d338676d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:da:91:d4:3d:f1:6a:5e:ba:37:2d:26:e4:d3:
19:e2:cb:eb:0d:05:7f:8f:2d:24:ae:86:d8:7e:24:
4a:63:83:fd:8a:87:b8:f8:1a:d0:a3:46:66:bf:7e:
97:b3:0b:7b:90:a9:46:8c:88:2e:ce:e7:33:50:43:
c4:d2:9b:5a:d2:e5:39:6b:ee:28:a4:11:e0:c6:a8:
19:49:52:9e:ff:e7:4c:37:2c:3f:ff:3e:a2:4d:7e:
c7:be:97:40:28:da:5b:14:62:c0:54:f6:35:68:26:
fb:04:77:14:ab:d9:37:5c:ad:f7:04:9f:e0:05:49:
72:a1:4d:9b:e9:29:d2:59:af:d4:63:7e:9d:31:86:
e7:ff:26:3c:f6:18:a3:e0:17:3a:f3:45:cc:24:0e:
02:22:f6:f0:17:6a:14:20:0c:9a:47:12:0c:af:ba:
01:d6:30:2c:a8:f7:86:ae:3d:36:56:3e:af:bd:bc:
30:4a:ab:2a:9a:db:73:ca:c1:cf:7f:c2:31:7a:02:
1e:ef:60:5b:e4:5f:0c:2b:b1:36:c4:d4:3a:24:a5:
d7:6f:4e:58:95:19:13:eb:72:3a:ba:69:45:6b:dd:
68:69:bf:c9:63:1c:26:16:09:ce:4a:14:fa:5b:ac:
9a:5a:fb:c9:7d:20:dc:41:3d:25:ad:16:31:c4:5f:
b4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A5:A8:9B:E0:4C:C3:78:CF:17:19:22:2A:FA:0B:55:D3:38:67:6D
X509v3 Authority Key Identifier:
keyid:83:12:4D:04:11:A2:0F:D2:BB:54:69:70:EA:80:11:6E:F2:76:DB:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gxJNBBGiD9K7VGlw6oARbvJ226s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2c7b2e-242a-4336-b0fb-fcf0f1594d2f/1/KaWom-BMw3jPFxkiKvoLVdM4Z20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2c7b2e-242a-4336-b0fb-fcf0f1594d2f/1/gxJNBBGiD9K7VGlw6oARbvJ226s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.95.64.0/19
213.225.160.0/19
IPv6:
2001:810::/32
Signature Algorithm: sha256WithRSAEncryption
52:24:1f:38:13:58:7e:78:95:2a:46:a2:a9:52:8c:62:06:63:
74:1c:06:12:00:9d:87:68:ea:b3:94:a7:7e:5b:af:bc:0e:2f:
24:c2:86:e9:9b:cd:df:87:c0:a1:c7:c9:5e:0e:85:55:f7:e0:
d0:4e:a8:8e:1f:c5:33:97:3c:65:58:ed:2b:07:74:1f:d3:ec:
6b:85:c0:97:ec:ac:6a:b4:fa:97:8b:4a:2f:50:90:b9:ef:0d:
57:20:b7:3b:e6:d4:73:9a:dc:9e:d7:45:b5:b2:3e:f4:b7:6d:
d3:a9:40:87:d5:70:63:bf:57:48:73:99:64:d8:74:03:bf:53:
10:22:07:0d:8a:45:af:30:f7:7c:81:0c:bc:b7:08:5f:62:fc:
33:00:66:0e:19:eb:8f:e2:11:05:cd:42:c0:e6:0d:7a:fb:a5:
37:f9:31:1a:23:14:e6:85:ba:80:f1:02:98:bc:ce:1f:b2:f8:
7d:56:48:d2:0b:e9:50:dd:87:9e:a5:cb:63:f6:59:96:e1:a0:
29:a4:f7:e7:1f:03:a9:c3:15:eb:66:63:bd:d4:fc:81:b5:e9:
f7:6f:65:53:c5:11:b1:d2:46:22:55:25:ee:2e:76:f5:7c:98:
d1:14:4d:ee:74:a8:c4:63:84:e8:97:29:6a:65:1d:e5:96:33:
f5:da:0a:d1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVu1LVywgeSqrvx5NT/1SGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMTI0ZDA0MTFhMjBmZDJiYjU0Njk3MGVhODAxMTZlZjI3
NmRiYWIwHhcNMjMwMTAxMTkzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE1YTg5YmUwNGNjMzc4Y2YxNzE5MjIyYWZhMGI1NWQzMzg2NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdqR1D3xal66Ny0m5NMZ4svrDQV/
jy0krobYfiRKY4P9ioe4+BrQo0Zmv36Xswt7kKlGjIguzuczUEPE0pta0uU5a+4o
pBHgxqgZSVKe/+dMNyw//z6iTX7HvpdAKNpbFGLAVPY1aCb7BHcUq9k3XK33BJ/g
BUlyoU2b6SnSWa/UY36dMYbn/yY89hij4Bc680XMJA4CIvbwF2oUIAyaRxIMr7oB
1jAsqPeGrj02Vj6vvbwwSqsqmttzysHPf8IxegIe72Bb5F8MK7E2xNQ6JKXXb05Y
lRkT63I6umlFa91oab/JYxwmFgnOShT6W6yaWvvJfSDcQT0lrRYxxF+0MwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCmlqJvgTMN4zxcZIir6C1XTOGdtMB8GA1UdIwQY
MBaAFIMSTQQRog/Su1RpcOqAEW7ydturMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3hKTkJCR2lEOUs3VkdsdzZvQVJidkoyMjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yYzdiMmUtMjQyYS00MzM2LWIwZmIt
ZmNmMGYxNTk0ZDJmLzEvS2FXb20tQk13M2pQRnhraUt2b0xWZE00WjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yYzdiMmUtMjQyYS00MzM2LWIwZmItZmNmMGYxNTk0ZDJm
LzEvZ3hKTkJCR2lEOUs3VkdsdzZvQVJidkoyMjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQF1F9AAwQF
1eGgMA0EAgACMAcDBQAgAQgQMA0GCSqGSIb3DQEBCwUAA4IBAQBSJB84E1h+eJUq
RqKpUoxiBmN0HAYSAJ2HaOqzlKd+W6+8Di8kwobpm83fh8Chx8leDoVV9+DQTqiO
H8UzlzxlWO0rB3Qf0+xrhcCX7KxqtPqXi0ovUJC57w1XILc75tRzmtye10W1sj70
t23TqUCH1XBjv1dIc5lk2HQDv1MQIgcNikWvMPd8gQy8twhfYvwzAGYOGeuP4hEF
zULA5g16+6U3+TEaIxTmhbqA8QKYvM4fsvh9VkjSC+lQ3Yeepctj9lmW4aAppPfn
HwOpwxXrZmO91PyBten3b2VTxRGx0kYiVSXuLnb1fJjRFE3udKjEY4TolylqZR3l
ljP12grR
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:36 2025 by rpki-client