Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/kpDARp6NYsi1Z62q_XxAayPUVmw.roa
File: kpDARp6NYsi1Z62q_XxAayPUVmw.roa (raw, json)
Hash identifier: qjR0B3NK2u7II35BoSPNIjMxXp6Ctkr1DNkcOKzwPyo=
Subject key identifier: 92:90:C0:46:9E:8D:62:C8:B5:67:AD:AA:FD:7C:40:6B:23:D4:56:6C
Certificate issuer: /CN=b9df156ee18b6958d4306b6311b4a086763eff62
Certificate serial: 0186EF3EFA2B149A793D5B3BCC17BEA8B498
Authority key identifier: B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/kpDARp6NYsi1Z62q_XxAayPUVmw.roa
Signing time: Fri 17 Mar 2023 11:05:27 +0000
ROA not before: Fri 17 Mar 2023 11:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12779
IP address blocks: 86.105.14.0/24 maxlen: 24
91.245.234.0/24 maxlen: 24
2a0c:79c0:4::/48 maxlen: 48
2a0c:79c0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:3e:fa:2b:14:9a:79:3d:5b:3b:cc:17:be:a8:b4:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9df156ee18b6958d4306b6311b4a086763eff62
Validity
Not Before: Mar 17 11:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9290c0469e8d62c8b567adaafd7c406b23d4566c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ff:6b:14:db:d6:1f:17:bc:ba:da:ca:05:d2:
f3:c2:d7:4e:35:2a:b4:6c:95:a5:93:28:94:4c:d5:
42:86:4b:80:8f:22:13:53:0b:ca:47:79:67:5a:62:
f7:19:14:a7:7d:f1:f6:bd:8c:ae:a8:de:19:b6:10:
2e:77:5d:eb:4d:00:f4:13:1c:5d:81:11:ca:89:64:
82:ce:ff:f6:e9:d0:a2:a4:42:2c:2d:15:92:44:2f:
b5:28:2e:ec:b4:c0:51:30:4c:0e:78:e9:f8:27:61:
c8:16:72:2a:7e:b9:91:cf:da:f1:19:d7:a7:41:2a:
c1:78:14:e0:35:de:a5:40:48:81:ea:26:79:51:01:
4c:1d:e7:f0:27:5a:c9:dc:0a:3f:a7:f2:aa:b8:c7:
ec:59:67:9d:c4:ec:c0:52:9e:e2:0a:d8:b4:7c:f1:
71:f1:a7:b6:e0:a7:b1:eb:c7:96:a5:8c:36:fe:f9:
b2:23:96:e0:db:78:35:0b:ea:2a:52:88:ae:59:a2:
ee:8c:61:5a:ef:3c:67:19:0d:e2:18:5a:fc:31:11:
21:aa:02:14:84:80:13:2c:c7:98:fa:d5:34:52:d3:
78:f1:f6:8a:1b:97:5c:d6:b2:e7:a0:2b:7c:12:07:
b4:81:a6:b9:4e:21:a9:e4:53:1d:21:29:76:20:38:
1e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:90:C0:46:9E:8D:62:C8:B5:67:AD:AA:FD:7C:40:6B:23:D4:56:6C
X509v3 Authority Key Identifier:
keyid:B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/kpDARp6NYsi1Z62q_XxAayPUVmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/ud8VbuGLaVjUMGtjEbSghnY-_2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.14.0/24
91.245.234.0/24
IPv6:
2a0c:79c0:2::/48
2a0c:79c0:4::/48
Signature Algorithm: sha256WithRSAEncryption
52:c9:b0:0e:84:3d:c7:19:a3:7c:db:9f:21:d1:63:7c:c2:33:
03:76:a0:b0:ab:c5:82:2b:82:48:d1:7b:6c:e8:36:60:32:d5:
07:3b:aa:b5:8e:f3:af:7c:c8:18:85:45:88:a6:f3:de:de:f9:
a1:9c:3b:ec:6a:da:39:24:bd:8c:ed:5e:6f:18:d0:2c:ae:b1:
10:37:60:a3:be:2a:3e:b8:9b:e1:3d:14:ff:1c:1d:22:20:fa:
96:66:b6:9c:b3:6d:e4:5c:a1:46:76:25:15:a6:8f:03:e5:e7:
8e:31:86:a7:d0:d7:d1:a4:73:e5:3a:71:1c:2f:ba:f5:7b:40:
29:53:5c:25:b7:a5:9b:e3:cc:c9:a1:09:2d:2a:8e:c2:76:27:
93:f0:4b:df:eb:0f:cf:a7:9f:42:ee:af:ba:de:c7:b5:c5:6b:
1f:3e:86:0f:ae:07:38:59:a5:33:e6:da:50:2c:35:45:40:c5:
a3:b7:fa:6c:58:c7:2f:42:95:40:45:d9:f7:49:e5:c7:5b:71:
97:2c:17:20:78:0e:d5:93:7a:eb:03:33:86:dc:1e:2b:b9:89:
f8:71:18:d7:ff:12:20:b3:be:dc:0e:87:f0:25:94:7f:7f:9f:
8d:4f:3b:21:b1:20:a5:7f:8f:02:24:d7:b2:86:78:91:3d:39:
cc:27:05:93
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYbvPvorFJp5PVs7zBe+qLSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZGYxNTZlZTE4YjY5NThkNDMwNmI2MzExYjRhMDg2NzYz
ZWZmNjIwHhcNMjMwMzE3MTEwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjkwYzA0NjllOGQ2MmM4YjU2N2FkYWFmZDdjNDA2YjIzZDQ1NjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf9rFNvWHxe8utrKBdLzwtdONSq0
bJWlkyiUTNVChkuAjyITUwvKR3lnWmL3GRSnffH2vYyuqN4ZthAud13rTQD0Exxd
gRHKiWSCzv/26dCipEIsLRWSRC+1KC7stMBRMEwOeOn4J2HIFnIqfrmRz9rxGden
QSrBeBTgNd6lQEiB6iZ5UQFMHefwJ1rJ3Ao/p/KquMfsWWedxOzAUp7iCti0fPFx
8ae24Kex68eWpYw2/vmyI5bg23g1C+oqUoiuWaLujGFa7zxnGQ3iGFr8MREhqgIU
hIATLMeY+tU0UtN48faKG5dc1rLnoCt8Ege0gaa5TiGp5FMdISl2IDgepwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJKQwEaejWLItWetqv18QGsj1FZsMB8GA1UdIwQY
MBaAFLnfFW7hi2lY1DBrYxG0oIZ2Pv9iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYt
NzJhNGIzYTliYjQ0LzEva3BEQVJwNk5Zc2kxWjYycV9YeEFheVBVVm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYtNzJhNGIzYTliYjQ0
LzEvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAVmkOAwQA
W/XqMBgEAgACMBIDBwAqDHnAAAIDBwAqDHnAAAQwDQYJKoZIhvcNAQELBQADggEB
AFLJsA6EPccZo3zbnyHRY3zCMwN2oLCrxYIrgkjRe2zoNmAy1Qc7qrWO8698yBiF
RYim897e+aGcO+xq2jkkvYztXm8Y0CyusRA3YKO+Kj64m+E9FP8cHSIg+pZmtpyz
beRcoUZ2JRWmjwPl544xhqfQ19Gkc+U6cRwvuvV7QClTXCW3pZvjzMmhCS0qjsJ2
J5PwS9/rD8+nn0Lur7rex7XFax8+hg+uBzhZpTPm2lAsNUVAxaO3+mxYxy9ClUBF
2fdJ5cdbcZcsFyB4DtWTeusDM4bcHiu5ifhxGNf/EiCzvtwOh/AllH9/n41POyGx
IKV/jwIk17KGeJE9OcwnBZM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:49 2025 by rpki-client