Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/2d238e-b31c-4ea0-98cc-c4febc3d6e52/1/KFJvPiLC-3dXtKQPWWQW1i3GzYg.roa
File: KFJvPiLC-3dXtKQPWWQW1i3GzYg.roa (raw, json)
Hash identifier: mXgZ5ctKi15n+yskibpvnEyoJrCavrGFh5HFsoO/+fk=
Subject key identifier: 28:52:6F:3E:22:C2:FB:77:57:B4:A4:0F:59:64:16:D6:2D:C6:CD:88
Certificate issuer: /CN=2b0e6a7bdb11c4ffd77718081510c91431178cdb
Certificate serial: 01856D38619036FA16E3FD2D98BF058E62BB
Authority key identifier: 2B:0E:6A:7B:DB:11:C4:FF:D7:77:18:08:15:10:C9:14:31:17:8C:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kw5qe9sRxP_XdxgIFRDJFDEXjNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/2d238e-b31c-4ea0-98cc-c4febc3d6e52/1/KFJvPiLC-3dXtKQPWWQW1i3GzYg.roa
Signing time: Sun 01 Jan 2023 12:04:49 +0000
ROA not before: Sun 01 Jan 2023 12:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8943
IP address blocks: 85.119.80.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:61:90:36:fa:16:e3:fd:2d:98:bf:05:8e:62:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0e6a7bdb11c4ffd77718081510c91431178cdb
Validity
Not Before: Jan 1 12:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28526f3e22c2fb7757b4a40f596416d62dc6cd88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a3:5f:a4:84:2d:5d:77:75:4a:7c:04:75:49:
c9:0a:f0:fa:48:ce:d8:fa:4d:ed:2d:aa:00:2e:f3:
51:1a:cf:7a:15:77:b2:ac:e2:f7:47:3d:52:c9:5a:
94:77:30:42:7a:4f:f4:3b:72:d2:e8:a6:bf:2c:89:
03:f8:a4:8e:b2:fc:8c:14:59:33:69:5c:29:a0:c6:
ea:19:a2:ff:9c:a8:5b:4a:3f:d9:3c:19:83:96:89:
ed:d3:19:e7:ee:ea:15:d1:a9:a6:e2:31:43:4f:45:
56:be:7b:4a:b9:ee:bb:94:31:67:2d:ec:a8:ac:db:
e1:78:15:00:0e:88:10:18:dc:5d:97:84:7a:b8:6a:
3c:27:bd:22:98:74:48:55:83:4b:fc:97:46:84:3c:
91:24:40:0d:98:23:3a:ad:6a:49:c0:23:89:a5:5e:
5c:6b:8d:59:c2:33:4d:08:b8:41:64:2a:17:9c:86:
05:bd:36:c9:7e:fb:ea:d0:e7:07:d1:10:e3:cc:a5:
00:ae:4c:4e:66:ae:62:b6:8e:0a:23:e2:99:a9:d4:
1c:88:fe:a7:67:e8:d5:15:4e:c9:c7:a6:7b:3c:c9:
01:0a:ff:37:84:67:bd:4f:34:d9:7b:ed:4c:2d:8b:
54:8e:b6:5b:e6:38:03:8e:ee:32:8a:58:56:63:e8:
9c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:52:6F:3E:22:C2:FB:77:57:B4:A4:0F:59:64:16:D6:2D:C6:CD:88
X509v3 Authority Key Identifier:
keyid:2B:0E:6A:7B:DB:11:C4:FF:D7:77:18:08:15:10:C9:14:31:17:8C:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kw5qe9sRxP_XdxgIFRDJFDEXjNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2d238e-b31c-4ea0-98cc-c4febc3d6e52/1/KFJvPiLC-3dXtKQPWWQW1i3GzYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2d238e-b31c-4ea0-98cc-c4febc3d6e52/1/Kw5qe9sRxP_XdxgIFRDJFDEXjNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.80.0/21
Signature Algorithm: sha256WithRSAEncryption
d0:84:d1:0e:f0:82:7d:ed:f9:e8:82:97:b0:e3:6b:b7:bb:7b:
f2:73:6d:53:6e:84:05:98:07:06:37:aa:9c:1d:f4:31:50:59:
04:a9:05:e9:59:d6:49:dc:14:95:ae:f1:85:89:e2:c7:aa:85:
01:66:76:df:46:23:77:ba:75:19:12:cf:69:94:e6:b4:0c:21:
cd:64:af:85:01:5f:9b:48:15:2f:84:d8:3e:6a:22:2c:94:1b:
cc:27:7f:dc:b4:02:b3:96:25:fc:83:15:a0:e8:57:8a:a5:d1:
aa:96:08:e7:74:5f:96:6e:1c:e2:d2:e7:f3:0e:2f:fa:88:80:
3b:b2:9b:37:45:6f:51:98:85:ae:65:d3:05:2d:48:7c:85:92:
12:91:5d:f0:9f:c7:03:b5:8e:20:00:a2:07:b6:99:3b:3c:28:
29:0c:da:f1:5f:f6:92:6b:b0:4f:5b:31:d4:e3:40:73:a8:3b:
3c:27:c7:b9:59:f6:66:e9:d4:2b:89:88:68:80:14:13:39:f0:
bc:97:bc:cd:50:df:ad:0b:5f:ef:f3:29:78:77:b5:40:a3:a8:
b5:2e:07:f2:c8:24:4b:bf:6f:e7:6d:dc:f6:30:37:80:50:81:
5a:86:70:d7:9f:49:9d:46:82:e0:48:df:c8:1b:15:3e:d9:8b:
6e:7d:d1:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOGGQNvoW4/0tmL8FjmK7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMGU2YTdiZGIxMWM0ZmZkNzc3MTgwODE1MTBjOTE0MzEx
NzhjZGIwHhcNMjMwMTAxMTIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODUyNmYzZTIyYzJmYjc3NTdiNGE0MGY1OTY0MTZkNjJkYzZjZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaNfpIQtXXd1SnwEdUnJCvD6SM7Y
+k3tLaoALvNRGs96FXeyrOL3Rz1SyVqUdzBCek/0O3LS6Ka/LIkD+KSOsvyMFFkz
aVwpoMbqGaL/nKhbSj/ZPBmDlont0xnn7uoV0amm4jFDT0VWvntKue67lDFnLeyo
rNvheBUADogQGNxdl4R6uGo8J70imHRIVYNL/JdGhDyRJEANmCM6rWpJwCOJpV5c
a41ZwjNNCLhBZCoXnIYFvTbJfvvq0OcH0RDjzKUArkxOZq5ito4KI+KZqdQciP6n
Z+jVFU7Jx6Z7PMkBCv83hGe9TzTZe+1MLYtUjrZb5jgDju4yilhWY+iccQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChSbz4iwvt3V7SkD1lkFtYtxs2IMB8GA1UdIwQY
MBaAFCsOanvbEcT/13cYCBUQyRQxF4zbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3c1cWU5c1J4UF9YZHhnSUZSREpGREVYak5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yZDIzOGUtYjMxYy00ZWEwLTk4Y2Mt
YzRmZWJjM2Q2ZTUyLzEvS0ZKdlBpTEMtM2RYdEtRUFdXUVcxaTNHellnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yZDIzOGUtYjMxYy00ZWEwLTk4Y2MtYzRmZWJjM2Q2ZTUy
LzEvS3c1cWU5c1J4UF9YZHhnSUZSREpGREVYak5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVXdQMA0G
CSqGSIb3DQEBCwUAA4IBAQDQhNEO8IJ97fnogpew42u3u3vyc21TboQFmAcGN6qc
HfQxUFkEqQXpWdZJ3BSVrvGFieLHqoUBZnbfRiN3unUZEs9plOa0DCHNZK+FAV+b
SBUvhNg+aiIslBvMJ3/ctAKzliX8gxWg6FeKpdGqlgjndF+Wbhzi0ufzDi/6iIA7
sps3RW9RmIWuZdMFLUh8hZISkV3wn8cDtY4gAKIHtpk7PCgpDNrxX/aSa7BPWzHU
40BzqDs8J8e5WfZm6dQriYhogBQTOfC8l7zNUN+tC1/v8yl4d7VAo6i1LgfyyCRL
v2/nbdz2MDeAUIFahnDXn0mdRoLgSN/IGxU+2YtufdGB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:32 2025 by rpki-client