Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/ef3608-acd4-45e1-9d32-c3bb847600cd/1/kJqgR5OEuTmw7Cc2XAPOJ10JfzQ.roa
File: kJqgR5OEuTmw7Cc2XAPOJ10JfzQ.roa (raw, json)
Hash identifier: 2hnQ4VghwzSommNFVH9XtHRrKoriK7Wl4k6yHygw2Zs=
Subject key identifier: 90:9A:A0:47:93:84:B9:39:B0:EC:27:36:5C:03:CE:27:5D:09:7F:34
Certificate issuer: /CN=2f593b254a9c3fac81652502f1c43c2201c16a85
Certificate serial: 0185777A00D3EA81AA72ED11E599B358E929
Authority key identifier: 2F:59:3B:25:4A:9C:3F:AC:81:65:25:02:F1:C4:3C:22:01:C1:6A:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1k7JUqcP6yBZSUC8cQ8IgHBaoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/ef3608-acd4-45e1-9d32-c3bb847600cd/1/kJqgR5OEuTmw7Cc2XAPOJ10JfzQ.roa
Signing time: Tue 03 Jan 2023 11:52:42 +0000
ROA not before: Tue 03 Jan 2023 11:52:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42830
IP address blocks: 176.105.128.0/20 maxlen: 20
91.193.160.0/22 maxlen: 22
185.212.164.0/22 maxlen: 22
2a0b:78c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:7a:00:d3:ea:81:aa:72:ed:11:e5:99:b3:58:e9:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f593b254a9c3fac81652502f1c43c2201c16a85
Validity
Not Before: Jan 3 11:52:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=909aa0479384b939b0ec27365c03ce275d097f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:79:07:f5:89:58:ee:d6:60:7a:4e:85:87:5e:
47:09:40:d8:f0:c2:65:68:f8:e9:02:03:bf:1f:04:
28:46:56:97:60:b1:f3:7a:bb:2f:a8:f1:1b:99:ca:
fb:73:1e:68:f2:92:d2:9f:ff:94:3d:ae:0a:64:2f:
2d:ea:6b:06:7f:e3:73:19:4b:28:2e:8b:cc:63:62:
d9:c0:36:bf:1a:d5:74:29:fd:71:7e:1e:4d:55:9a:
fc:7a:af:b7:e0:bf:37:8a:20:69:ea:e7:1e:1e:3d:
8f:99:f5:67:ce:46:f5:fd:3b:85:49:75:57:31:9f:
4e:f8:32:69:9a:83:90:23:fb:95:0c:ad:14:a6:82:
d5:c2:1d:6c:e6:c8:fe:7a:05:5b:64:6c:f7:8e:3a:
d1:67:c5:a7:f1:8a:c6:df:d9:59:35:20:35:f3:dd:
c6:56:56:4b:95:0a:d5:86:f3:ad:d9:b0:ae:45:0d:
aa:b0:b1:f4:b8:c7:45:c9:d3:af:26:68:d5:90:d4:
b9:77:03:4e:c4:5e:2d:79:5e:fb:f6:d1:cc:01:cd:
0c:92:9a:36:bb:0f:a8:d9:be:f6:8f:8c:ac:dc:65:
eb:7f:8b:66:9c:ee:af:6c:02:8c:57:cf:29:a6:0f:
b5:ce:79:db:82:db:f7:08:c1:c2:c2:93:e4:26:dd:
28:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:9A:A0:47:93:84:B9:39:B0:EC:27:36:5C:03:CE:27:5D:09:7F:34
X509v3 Authority Key Identifier:
keyid:2F:59:3B:25:4A:9C:3F:AC:81:65:25:02:F1:C4:3C:22:01:C1:6A:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1k7JUqcP6yBZSUC8cQ8IgHBaoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/ef3608-acd4-45e1-9d32-c3bb847600cd/1/kJqgR5OEuTmw7Cc2XAPOJ10JfzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/ef3608-acd4-45e1-9d32-c3bb847600cd/1/L1k7JUqcP6yBZSUC8cQ8IgHBaoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.160.0/22
176.105.128.0/20
185.212.164.0/22
IPv6:
2a0b:78c0::/32
Signature Algorithm: sha256WithRSAEncryption
4d:4e:ce:b5:c4:88:c8:d3:68:22:57:33:94:29:d2:37:65:6a:
ad:67:9f:13:22:cd:52:1d:57:cf:b5:9a:06:ff:37:28:0b:4d:
4a:2c:89:e3:99:4b:a4:cd:fb:5c:7c:c9:72:49:79:83:53:75:
93:7a:aa:01:9b:e9:94:49:24:4c:9c:fc:17:a5:85:22:c0:f8:
90:ec:db:e6:c4:06:95:32:a3:e5:f8:8e:55:07:c6:b4:1e:d4:
cf:75:c2:10:e7:93:02:f9:2c:97:0c:de:64:61:80:34:ef:da:
0a:76:7f:7d:e9:bb:fe:55:05:c6:85:1f:4f:0a:ba:e1:4b:f0:
8c:91:22:fd:f1:47:d4:cf:f9:02:83:07:ba:f1:0d:fa:76:d8:
97:b0:6d:c7:ce:70:8b:03:a3:40:7f:f8:26:33:c0:2e:a9:87:
a9:71:0a:80:23:e5:44:6d:9e:93:61:fb:a6:a8:ab:b3:76:9d:
c3:d1:1b:e8:8b:cb:7e:e8:74:0f:28:ef:c9:d4:a1:3c:23:ee:
f1:84:8f:6c:16:bd:84:cc:f5:52:65:90:9f:5b:09:5c:4f:07:
e1:e2:7f:89:62:0a:d7:0c:4b:61:da:e4:ce:b2:18:27:23:3f:
ec:26:ae:4d:d8:6e:bd:2f:3a:ab:25:4f:a0:2e:4b:1d:ae:76:
86:71:d2:fe
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYV3egDT6oGqcu0R5ZmzWOkpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNTkzYjI1NGE5YzNmYWM4MTY1MjUwMmYxYzQzYzIyMDFj
MTZhODUwHhcNMjMwMTAzMTE1MjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDlhYTA0NzkzODRiOTM5YjBlYzI3MzY1YzAzY2UyNzVkMDk3ZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinkH9YlY7tZgek6Fh15HCUDY8MJl
aPjpAgO/HwQoRlaXYLHzersvqPEbmcr7cx5o8pLSn/+UPa4KZC8t6msGf+NzGUso
LovMY2LZwDa/GtV0Kf1xfh5NVZr8eq+34L83iiBp6uceHj2PmfVnzkb1/TuFSXVX
MZ9O+DJpmoOQI/uVDK0UpoLVwh1s5sj+egVbZGz3jjrRZ8Wn8YrG39lZNSA1893G
VlZLlQrVhvOt2bCuRQ2qsLH0uMdFydOvJmjVkNS5dwNOxF4teV779tHMAc0Mkpo2
uw+o2b72j4ys3GXrf4tmnO6vbAKMV88ppg+1znnbgtv3CMHCwpPkJt0oKQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJCaoEeThLk5sOwnNlwDziddCX80MB8GA1UdIwQY
MBaAFC9ZOyVKnD+sgWUlAvHEPCIBwWqFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDFrN0pVcWNQNnlCWlNVQzhjUThJZ0hCYW9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lZjM2MDgtYWNkNC00NWUxLTlkMzIt
YzNiYjg0NzYwMGNkLzEva0pxZ1I1T0V1VG13N0NjMlhBUE9KMTBKZnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9lZjM2MDgtYWNkNC00NWUxLTlkMzItYzNiYjg0NzYwMGNk
LzEvTDFrN0pVcWNQNnlCWlNVQzhjUThJZ0hCYW9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW8GgAwQE
sGmAAwQCudSkMA0EAgACMAcDBQAqC3jAMA0GCSqGSIb3DQEBCwUAA4IBAQBNTs61
xIjI02giVzOUKdI3ZWqtZ58TIs1SHVfPtZoG/zcoC01KLInjmUukzftcfMlySXmD
U3WTeqoBm+mUSSRMnPwXpYUiwPiQ7NvmxAaVMqPl+I5VB8a0HtTPdcIQ55MC+SyX
DN5kYYA079oKdn996bv+VQXGhR9PCrrhS/CMkSL98UfUz/kCgwe68Q36dtiXsG3H
znCLA6NAf/gmM8AuqYepcQqAI+VEbZ6TYfumqKuzdp3D0Rvoi8t+6HQPKO/J1KE8
I+7xhI9sFr2EzPVSZZCfWwlcTwfh4n+JYgrXDEth2uTOshgnIz/sJq5N2G69Lzqr
JU+gLksdrnaGcdL+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:56 2025 by rpki-client