Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c7935-2eda-43ac-8d0f-799525be7215/1/KMQ59Njwgq2ZS6xtjoe83uKTnaw.roa
File: KMQ59Njwgq2ZS6xtjoe83uKTnaw.roa (raw, json)
Hash identifier: ewpUzfeeTypQoxTgInFhownf9x0pgOb5N5rgxTdDuoQ=
Subject key identifier: 28:C4:39:F4:D8:F0:82:AD:99:4B:AC:6D:8E:87:BC:DE:E2:93:9D:AC
Certificate issuer: /CN=3014b8c7f509e10051b0cd29fd8d69f285508d87
Certificate serial: 01856ECB607930F26B11275B200674AE6E08
Authority key identifier: 30:14:B8:C7:F5:09:E1:00:51:B0:CD:29:FD:8D:69:F2:85:50:8D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBS4x_UJ4QBRsM0p_Y1p8oVQjYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c7935-2eda-43ac-8d0f-799525be7215/1/KMQ59Njwgq2ZS6xtjoe83uKTnaw.roa
Signing time: Sun 01 Jan 2023 19:25:00 +0000
ROA not before: Sun 01 Jan 2023 19:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42547
IP address blocks: 193.106.100.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:60:79:30:f2:6b:11:27:5b:20:06:74:ae:6e:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3014b8c7f509e10051b0cd29fd8d69f285508d87
Validity
Not Before: Jan 1 19:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28c439f4d8f082ad994bac6d8e87bcdee2939dac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a6:a3:64:1d:70:c0:f8:19:01:92:83:03:72:
d7:8a:9c:e1:ea:37:6b:92:e3:44:55:ed:35:c8:73:
ee:b8:26:d8:be:2c:24:ff:5e:ef:99:1a:7f:25:50:
c1:0a:f9:c1:bb:3e:ba:8e:43:46:d1:5a:a6:5d:ba:
e3:b7:f4:96:56:49:cb:8f:07:1b:af:5d:fe:34:1d:
c2:8d:ce:d1:87:1a:a2:ca:09:ec:ea:7f:6c:87:b8:
ea:2c:a3:6c:82:9f:2c:0b:3a:d0:e1:65:ee:6c:d9:
66:0a:ad:90:f7:58:04:2a:a2:26:66:12:8e:83:dd:
4c:6a:81:d5:4f:2a:c5:11:83:bf:5d:1f:97:49:63:
a0:63:b5:af:c9:51:8a:58:00:9d:4e:af:e4:6a:0e:
eb:a0:19:67:b7:c5:34:99:ab:83:e5:0d:2b:d6:dd:
de:bf:58:55:7f:ba:e2:b7:98:5a:c1:a3:e5:16:2e:
97:12:24:94:9a:00:39:0c:27:08:b9:86:1e:d4:f7:
ad:38:6e:f0:05:91:69:fb:20:dd:4c:12:b2:5f:f0:
e9:7a:d5:ce:14:cc:71:e4:bf:ad:3c:2d:87:b0:2a:
a7:f2:58:1e:f7:21:2e:50:4c:3d:46:1f:f2:0c:71:
a3:5b:1c:7c:9b:a7:1a:65:07:86:75:dd:f3:a6:12:
79:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C4:39:F4:D8:F0:82:AD:99:4B:AC:6D:8E:87:BC:DE:E2:93:9D:AC
X509v3 Authority Key Identifier:
keyid:30:14:B8:C7:F5:09:E1:00:51:B0:CD:29:FD:8D:69:F2:85:50:8D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBS4x_UJ4QBRsM0p_Y1p8oVQjYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c7935-2eda-43ac-8d0f-799525be7215/1/KMQ59Njwgq2ZS6xtjoe83uKTnaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c7935-2eda-43ac-8d0f-799525be7215/1/MBS4x_UJ4QBRsM0p_Y1p8oVQjYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.106.100.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:92:d5:13:c4:0d:64:e3:36:b5:df:ff:d6:28:86:1d:dd:04:
05:9f:96:e5:41:20:29:65:71:b3:9a:68:ad:eb:22:b0:3e:19:
70:56:92:bc:10:14:c2:1b:89:c0:8a:7c:ca:37:df:26:a8:c7:
1a:46:70:84:f0:38:14:f1:82:66:c2:38:92:2a:e2:f9:ef:97:
16:c5:6d:ff:a8:f7:07:33:e3:0f:03:08:61:58:30:58:47:03:
83:d5:c1:92:4a:e4:02:29:fe:45:bb:31:66:e2:80:78:23:eb:
6d:2d:ab:41:83:7f:50:3b:fb:da:4b:60:dd:57:78:39:5e:40:
de:42:56:24:b5:72:d8:b6:d9:ed:4b:d2:e6:24:6d:4e:f3:a7:
e7:69:63:25:e9:ee:f2:24:83:59:c6:7c:98:7c:b8:f6:2f:7c:
7b:41:0d:ed:75:4c:4b:78:76:dc:47:fd:59:55:48:e0:42:cc:
23:91:44:0b:f0:7e:a9:e7:8e:d0:09:ee:a4:63:9f:70:25:61:
24:2c:34:00:4d:98:1d:f4:cd:2a:1e:16:46:eb:62:47:4b:6b:
0d:f9:b1:da:8c:fd:bd:18:86:27:81:be:e4:02:11:a0:4c:35:
2d:7d:8e:4e:c9:45:cf:40:38:bf:26:e5:14:ba:53:b9:06:a0:
25:b7:96:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy2B5MPJrESdbIAZ0rm4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTRiOGM3ZjUwOWUxMDA1MWIwY2QyOWZkOGQ2OWYyODU1
MDhkODcwHhcNMjMwMTAxMTkyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM0MzlmNGQ4ZjA4MmFkOTk0YmFjNmQ4ZTg3YmNkZWUyOTM5ZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKajZB1wwPgZAZKDA3LXipzh6jdr
kuNEVe01yHPuuCbYviwk/17vmRp/JVDBCvnBuz66jkNG0VqmXbrjt/SWVknLjwcb
r13+NB3Cjc7Rhxqiygns6n9sh7jqLKNsgp8sCzrQ4WXubNlmCq2Q91gEKqImZhKO
g91MaoHVTyrFEYO/XR+XSWOgY7WvyVGKWACdTq/kag7roBlnt8U0mauD5Q0r1t3e
v1hVf7rit5hawaPlFi6XEiSUmgA5DCcIuYYe1PetOG7wBZFp+yDdTBKyX/DpetXO
FMxx5L+tPC2HsCqn8lge9yEuUEw9Rh/yDHGjWxx8m6caZQeGdd3zphJ53QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjEOfTY8IKtmUusbY6HvN7ik52sMB8GA1UdIwQY
MBaAFDAUuMf1CeEAUbDNKf2NafKFUI2HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJTNHhfVUo0UUJSc00wcF9ZMXA4b1ZRalljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84Yzc5MzUtMmVkYS00M2FjLThkMGYt
Nzk5NTI1YmU3MjE1LzEvS01RNTlOandncTJaUzZ4dGpvZTgzdUtUbmF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84Yzc5MzUtMmVkYS00M2FjLThkMGYtNzk5NTI1YmU3MjE1
LzEvTUJTNHhfVUo0UUJSc00wcF9ZMXA4b1ZRalljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWpkMA0G
CSqGSIb3DQEBCwUAA4IBAQC2ktUTxA1k4za13//WKIYd3QQFn5blQSApZXGzmmit
6yKwPhlwVpK8EBTCG4nAinzKN98mqMcaRnCE8DgU8YJmwjiSKuL575cWxW3/qPcH
M+MPAwhhWDBYRwOD1cGSSuQCKf5FuzFm4oB4I+ttLatBg39QO/vaS2DdV3g5XkDe
QlYktXLYttntS9LmJG1O86fnaWMl6e7yJINZxnyYfLj2L3x7QQ3tdUxLeHbcR/1Z
VUjgQswjkUQL8H6p547QCe6kY59wJWEkLDQATZgd9M0qHhZG62JHS2sN+bHajP29
GIYngb7kAhGgTDUtfY5OyUXPQDi/JuUUulO5BqAlt5aj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:17 2025 by rpki-client