Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/knoptd9f-ajME8D75i-cfN3xnTM.roa
File: knoptd9f-ajME8D75i-cfN3xnTM.roa (raw, json)
Hash identifier: 0jBa+zhZ6y7mk3I7Bwp0x+l/nkHnipDxsXAXFUob9jM=
Subject key identifier: 92:7A:29:B5:DF:5F:F9:A8:CC:13:C0:FB:E6:2F:9C:7C:DD:F1:9D:33
Certificate issuer: /CN=b4e882f7171af6dcdccc9cd79f98dec6757fe189
Certificate serial: 0C567CF7
Authority key identifier: B4:E8:82:F7:17:1A:F6:DC:DC:CC:9C:D7:9F:98:DE:C6:75:7F:E1:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/knoptd9f-ajME8D75i-cfN3xnTM.roa
Signing time: Sat 01 Jan 2022 15:55:33 +0000
ROA not before: Sat 01 Jan 2022 15:55:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39931
IP address blocks: 185.172.12.0/22 maxlen: 22
77.245.128.0/20 maxlen: 20
77.245.136.0/23 maxlen: 23
77.245.136.0/22 maxlen: 22
2a00:4fc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 206994679 (0xc567cf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e882f7171af6dcdccc9cd79f98dec6757fe189
Validity
Not Before: Jan 1 15:55:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=927a29b5df5ff9a8cc13c0fbe62f9c7cddf19d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:da:12:51:7f:4c:88:6f:b7:ca:c6:6f:58:59:
c4:4a:74:e0:ca:9f:eb:75:ee:c2:50:63:62:39:01:
1d:c7:f9:f2:68:6f:d9:6f:23:81:66:07:d2:6c:4e:
5e:04:31:e3:b9:bc:a8:88:d0:39:7f:1c:b1:88:20:
cb:70:f9:c6:e0:03:5f:a6:72:d6:57:f2:5a:69:11:
45:7c:e5:5c:cb:74:7b:f5:71:84:35:c2:72:9e:cd:
71:41:db:e1:98:6d:53:7c:df:02:89:0e:2f:d8:2e:
89:a5:ed:71:da:b7:a1:4b:84:87:61:c1:73:58:01:
0c:1c:a2:70:af:3f:d0:7f:0d:48:57:55:34:a6:ac:
02:f2:7e:80:d5:7f:19:74:d0:e4:c2:f4:fc:0e:e4:
b6:5d:b3:b7:6a:c9:ef:77:4a:90:7d:cd:31:f6:ba:
02:b6:98:4a:cc:c9:56:ef:e1:bc:a6:df:12:04:2c:
25:86:8f:4a:33:b1:3b:de:22:79:90:9b:b0:3f:61:
33:1f:24:88:3c:97:a2:ff:cd:10:de:2c:5c:6f:b2:
83:d4:a6:4e:f9:37:ff:39:69:0d:c8:93:61:ba:ac:
e5:96:a5:1f:50:02:c3:c5:95:50:75:a1:b1:bd:6f:
ff:32:4b:16:dd:6a:6d:29:1c:f7:cf:00:95:3a:21:
38:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7A:29:B5:DF:5F:F9:A8:CC:13:C0:FB:E6:2F:9C:7C:DD:F1:9D:33
X509v3 Authority Key Identifier:
keyid:B4:E8:82:F7:17:1A:F6:DC:DC:CC:9C:D7:9F:98:DE:C6:75:7F:E1:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/knoptd9f-ajME8D75i-cfN3xnTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.128.0/20
185.172.12.0/22
IPv6:
2a00:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
27:7b:1c:a8:83:a5:d6:c4:16:0b:54:b9:3f:8c:58:a6:fe:13:
84:61:76:fb:b1:f3:b8:7e:d1:e1:09:10:e1:81:11:43:c5:90:
63:7f:d0:e8:36:32:be:f1:7b:c6:8b:ef:22:ba:65:ab:ee:52:
c8:75:ed:6d:bd:5c:0e:ae:c0:46:3b:d0:27:29:3c:1d:d5:a6:
0b:2d:21:51:66:89:bc:43:cd:b0:c4:ec:1b:6b:5b:b9:28:57:
fb:5f:91:03:78:e8:97:61:07:f4:f6:66:0f:63:3a:35:1e:e8:
ce:59:b9:21:e5:c0:62:6b:f5:10:c9:94:06:24:b5:a5:7f:b0:
7d:4a:aa:b9:ab:b2:88:8f:cd:db:6f:f8:b6:a7:5b:cc:fb:1d:
13:96:df:8e:a4:f6:01:3e:26:90:a3:b3:ac:83:a3:b2:f1:f6:
ce:c8:77:88:c9:93:08:e1:cd:b0:3a:54:dd:ac:4b:15:65:49:
72:c7:28:fe:ec:7c:46:27:0f:86:12:78:24:96:f6:5b:51:3b:
56:57:8a:be:93:ec:17:b6:72:e8:a1:20:80:21:33:8c:7f:ed:
f3:0f:23:b6:d0:bc:05:43:6c:36:d3:39:71:ad:82:80:15:65:
98:5e:2f:21:6a:90:68:1d:cb:73:99:5c:1b:dc:40:07:34:38:
93:7b:e3:93
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDFZ89zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGU4ODJmNzE3MWFmNmRjZGNjYzljZDc5Zjk4ZGVjNjc1N2ZlMTg5MB4XDTIyMDEw
MTE1NTUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTI3YTI5YjVkZjVm
ZjlhOGNjMTNjMGZiZTYyZjljN2NkZGYxOWQzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAObaElF/TIhvt8rGb1hZxEp04Mqf63XuwlBjYjkBHcf58mhv
2W8jgWYH0mxOXgQx47m8qIjQOX8csYggy3D5xuADX6Zy1lfyWmkRRXzlXMt0e/Vx
hDXCcp7NcUHb4ZhtU3zfAokOL9guiaXtcdq3oUuEh2HBc1gBDByicK8/0H8NSFdV
NKasAvJ+gNV/GXTQ5ML0/A7ktl2zt2rJ73dKkH3NMfa6AraYSszJVu/hvKbfEgQs
JYaPSjOxO94ieZCbsD9hMx8kiDyXov/NEN4sXG+yg9SmTvk3/zlpDciTYbqs5Zal
H1ACw8WVUHWhsb1v/zJLFt1qbSkc988AlTohOJMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSSeim131/5qMwTwPvmL5x83fGdMzAfBgNVHSMEGDAWgBS06IL3Fxr23NzM
nNefmN7GdX/hiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RPaUM5eGNhOXR6Y3pKelhuNWpleG5WXzRZay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvNWY1YmM4LWU1ZjMtNDIxZC05ZmEwLWZlZmU4ZTM0MDA2Yy8x
L2tub3B0ZDlmLWFqTUU4RDc1aS1jZk4zeG5UTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
NWY1YmM4LWU1ZjMtNDIxZC05ZmEwLWZlZmU4ZTM0MDA2Yy8xL3RPaUM5eGNhOXR6
Y3pKelhuNWpleG5WXzRZay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBE31gAMEArmsDDANBAIAAjAHAwUA
KgBPwDANBgkqhkiG9w0BAQsFAAOCAQEAJ3scqIOl1sQWC1S5P4xYpv4ThGF2+7Hz
uH7R4QkQ4YERQ8WQY3/Q6DYyvvF7xovvIrplq+5SyHXtbb1cDq7ARjvQJyk8HdWm
Cy0hUWaJvEPNsMTsG2tbuShX+1+RA3jol2EH9PZmD2M6NR7ozlm5IeXAYmv1EMmU
BiS1pX+wfUqquauyiI/N22/4tqdbzPsdE5bfjqT2AT4mkKOzrIOjsvH2zsh3iMmT
COHNsDpU3axLFWVJcsco/ux8RicPhhJ4JJb2W1E7VleKvpPsF7Zy6KEggCEzjH/t
8w8jttC8BUNsNtM5ca2CgBVlmF4vIWqQaB3Lc5lcG9xABzQ4k3vjkw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:45 2025 by rpki-client