Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/kWSIvPo-dnK8oPdCq6aj4kYYTJQ.roa
File: kWSIvPo-dnK8oPdCq6aj4kYYTJQ.roa (raw, json)
Hash identifier: 4srnDEH/hSxTx8onCshv2CIKUg+j3bftODRF4x9zQoE=
Subject key identifier: 91:64:88:BC:FA:3E:76:72:BC:A0:F7:42:AB:A6:A3:E2:46:18:4C:94
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018570F0CB9D205AE0ACA2DC988DA1C92E31
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/kWSIvPo-dnK8oPdCq6aj4kYYTJQ.roa
Signing time: Mon 02 Jan 2023 05:25:06 +0000
ROA not before: Mon 02 Jan 2023 05:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209388
IP address blocks: 82.177.131.0/24 maxlen: 24
88.220.164.0/24 maxlen: 24
82.177.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:cb:9d:20:5a:e0:ac:a2:dc:98:8d:a1:c9:2e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 2 05:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=916488bcfa3e7672bca0f742aba6a3e246184c94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1c:aa:e5:71:1c:54:1d:90:0d:5e:a6:2b:97:
c9:8c:ac:b6:64:44:44:4d:db:51:fb:e3:7a:11:1a:
73:26:c5:39:84:12:62:00:c5:2b:6f:f6:4d:81:9b:
cc:c5:41:a2:33:a8:6d:e2:5e:23:08:b8:db:77:cb:
90:f3:6a:3a:ec:2a:37:96:dd:c6:29:2e:f2:69:02:
49:7b:8a:ad:09:41:6a:e0:53:28:ec:e3:7b:33:25:
2d:5e:d9:10:43:ec:b8:14:7f:fd:a2:57:57:15:6d:
84:16:62:58:ee:a2:e1:52:2e:3b:88:bb:3b:69:a0:
db:50:fc:1c:36:d1:cf:c0:7e:e1:8a:b0:0b:62:18:
21:5e:25:74:fb:a6:8f:f8:71:18:31:f2:a2:a1:a8:
bf:ba:e7:4a:82:f5:0c:6d:ae:79:db:f0:4e:e0:cb:
73:a3:84:e2:70:f0:cd:46:67:48:8c:c9:15:0a:f9:
52:41:82:dc:56:fa:1d:66:5a:b5:d1:bd:f7:0b:fd:
1d:d3:d0:c8:c2:02:9e:e0:e3:69:0b:cd:ca:53:74:
bb:83:35:0c:da:4d:b4:d2:8e:3d:3a:21:17:b6:b6:
72:98:c8:88:d7:30:32:3e:f0:9f:31:ca:a6:f3:4b:
fd:29:78:a0:29:b0:89:d1:1b:ab:50:6b:06:6b:c9:
a2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:64:88:BC:FA:3E:76:72:BC:A0:F7:42:AB:A6:A3:E2:46:18:4C:94
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/kWSIvPo-dnK8oPdCq6aj4kYYTJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.177.101.0/24
82.177.131.0/24
88.220.164.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:cc:88:a7:85:b9:bf:bd:44:4d:3f:6e:ec:e3:cb:56:2f:62:
fa:73:73:e5:2b:db:bc:48:35:c4:4a:6e:15:d1:03:90:db:84:
3c:89:f2:37:1c:38:9b:62:cc:2f:15:1c:fe:c5:58:03:ff:39:
4a:02:51:1a:89:0c:ff:81:1f:d2:b7:2c:b0:ac:b1:a1:43:cd:
1d:ed:ae:7f:de:fc:7c:63:30:62:af:6b:e8:79:eb:3f:15:69:
7c:38:07:7e:e3:ae:da:46:f9:d2:e9:c1:16:5b:c8:92:00:1c:
36:ef:ed:4f:db:9d:56:35:23:d9:cc:90:13:08:3f:a8:17:7e:
18:60:21:50:a5:15:7b:cf:1f:99:99:29:a3:36:e1:bd:fa:62:
47:c0:c4:7d:33:bb:e0:a6:7c:61:21:ba:39:5b:a3:0d:8c:41:
cb:69:40:42:d6:85:20:fc:92:3e:33:bb:fd:7b:15:0f:62:db:
52:3d:4c:ac:a5:84:d3:bd:81:0c:15:0d:c6:4e:83:87:7f:72:
ec:cf:70:fe:41:1a:b1:cc:89:ab:da:ba:2d:a3:7f:78:1d:1f:
a3:4e:9a:f7:53:2c:04:62:36:f2:44:21:52:78:69:df:88:fc:
8b:d8:dc:91:25:fe:e9:07:2b:cb:e6:66:0c:73:67:6a:ea:97:
2a:4a:6c:cf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw8MudIFrgrKLcmI2hyS4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMTAyMDUyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTY0ODhiY2ZhM2U3NjcyYmNhMGY3NDJhYmE2YTNlMjQ2MTg0Yzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhyq5XEcVB2QDV6mK5fJjKy2ZERE
TdtR++N6ERpzJsU5hBJiAMUrb/ZNgZvMxUGiM6ht4l4jCLjbd8uQ82o67Co3lt3G
KS7yaQJJe4qtCUFq4FMo7ON7MyUtXtkQQ+y4FH/9oldXFW2EFmJY7qLhUi47iLs7
aaDbUPwcNtHPwH7hirALYhghXiV0+6aP+HEYMfKioai/uudKgvUMba552/BO4Mtz
o4TicPDNRmdIjMkVCvlSQYLcVvodZlq10b33C/0d09DIwgKe4ONpC83KU3S7gzUM
2k200o49OiEXtrZymMiI1zAyPvCfMcqm80v9KXigKbCJ0RurUGsGa8miJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJFkiLz6PnZyvKD3Qqumo+JGGEyUMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEva1dTSXZQby1kbks4b1BkQ3E2YWo0a1lZVEpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUrFlAwQA
UrGDAwQAWNykMA0GCSqGSIb3DQEBCwUAA4IBAQBrzIinhbm/vURNP27s48tWL2L6
c3PlK9u8SDXESm4V0QOQ24Q8ifI3HDibYswvFRz+xVgD/zlKAlEaiQz/gR/Styyw
rLGhQ80d7a5/3vx8YzBir2voees/FWl8OAd+467aRvnS6cEWW8iSABw27+1P251W
NSPZzJATCD+oF34YYCFQpRV7zx+ZmSmjNuG9+mJHwMR9M7vgpnxhIbo5W6MNjEHL
aUBC1oUg/JI+M7v9exUPYttSPUyspYTTvYEMFQ3GToOHf3Lsz3D+QRqxzImr2rot
o394HR+jTpr3UywEYjbyRCFSeGnfiPyL2NyRJf7pByvL5mYMc2dq6pcqSmzP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:23 2025 by rpki-client