Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/khynxyEqr7cVvlRysQfQij4AFsk.roa
File: khynxyEqr7cVvlRysQfQij4AFsk.roa (raw, json)
Hash identifier: Q/drdfrIhHvMTzujRdaYOqmCUr5+RNyrnteb+xfFFyA=
Subject key identifier: 92:1C:A7:C7:21:2A:AF:B7:15:BE:54:72:B1:07:D0:8A:3E:00:16:C9
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018570F0BAF2AEBC3EC57DA0E56816DC701D
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/khynxyEqr7cVvlRysQfQij4AFsk.roa
Signing time: Mon 02 Jan 2023 05:25:02 +0000
ROA not before: Mon 02 Jan 2023 05:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200539
IP address blocks: 195.136.52.0/22 maxlen: 22
195.136.56.0/21 maxlen: 21
195.136.100.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:ba:f2:ae:bc:3e:c5:7d:a0:e5:68:16:dc:70:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 2 05:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=921ca7c7212aafb715be5472b107d08a3e0016c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e5:51:f5:f9:ed:a8:dc:91:8e:91:99:a1:9d:
e7:6d:d4:08:64:48:8e:80:7a:c0:7f:92:6f:01:6a:
f1:b0:e7:4e:4b:e9:89:3a:3c:a3:46:a5:30:8e:ec:
a2:09:5f:2b:13:ef:25:f4:f6:69:fb:4b:58:d0:ac:
15:88:c0:9d:38:89:fe:e3:02:1a:7d:7a:4f:f5:83:
99:12:2a:db:a7:51:99:f6:32:09:1a:06:45:bf:9c:
e9:65:91:8f:54:10:9e:b8:95:37:d5:4b:6f:b6:a1:
b0:49:69:1e:54:b5:a1:99:6e:f1:e4:57:d9:31:c5:
34:ff:92:82:f2:1e:67:5f:f7:dc:b6:b7:51:5b:f4:
75:d9:9a:fa:97:16:f4:5a:a8:a6:0a:37:d6:ea:55:
7c:bb:2f:37:8b:b6:b3:26:fa:79:39:50:ce:ec:f7:
0d:4f:c7:2d:06:28:d1:3e:05:a6:e2:6e:a4:08:02:
a6:cc:19:57:7e:29:76:dc:2f:6b:c4:d2:5b:a6:35:
95:1e:70:92:81:24:b3:52:f6:9c:eb:d2:0f:bf:b8:
62:f2:6b:1f:87:6a:2b:89:ea:af:ff:04:66:1c:d5:
3f:de:d3:d2:94:6d:eb:f8:1f:05:9d:d8:0c:04:43:
89:9c:59:12:91:25:22:0a:ea:f6:31:00:12:92:b0:
55:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1C:A7:C7:21:2A:AF:B7:15:BE:54:72:B1:07:D0:8A:3E:00:16:C9
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/khynxyEqr7cVvlRysQfQij4AFsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.52.0-195.136.63.255
195.136.100.0/22
Signature Algorithm: sha256WithRSAEncryption
35:1c:3f:6d:3f:79:f7:d9:ce:0d:df:8c:9a:a9:1f:6e:9a:6d:
62:eb:71:49:36:e1:d5:2f:36:3b:9f:7d:95:61:7c:7a:85:57:
9d:83:23:19:c7:0b:e1:eb:d6:cb:33:96:3f:89:3d:e4:fe:f3:
bc:ec:2e:76:0c:28:c1:da:1c:79:56:6b:9f:99:e1:e5:49:61:
de:7f:fe:e5:47:d0:6b:c5:82:46:01:d3:13:c6:30:e4:59:71:
9c:c7:93:42:7b:a7:fb:fd:e6:47:2e:c5:2e:f8:20:8b:55:9c:
fb:5e:f2:8b:14:f9:03:ff:31:d0:56:e6:29:f8:f2:1d:fc:24:
e7:7b:a4:83:f0:6d:1d:e5:62:55:2f:7c:09:d8:e7:61:0c:24:
74:be:16:9c:a2:10:d2:fe:78:0e:ba:4c:a2:a3:25:f3:da:f2:
ae:68:46:b3:58:a2:4f:15:8b:1e:77:47:22:93:97:c9:b8:b7:
2f:8d:33:3f:f1:36:83:a4:33:70:ac:65:b3:29:80:ed:3e:13:
86:11:4d:c6:ad:ce:a2:62:a9:e5:9f:03:f6:9f:af:30:e1:be:
8c:eb:04:bf:1d:d3:bc:15:e1:2f:6e:57:01:a3:2a:3e:47:19:
30:6c:be:8b:08:2a:c9:80:be:4e:63:fc:89:45:06:4f:ac:df:
38:4b:54:6b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVw8Lryrrw+xX2g5WgW3HAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMTAyMDUyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjFjYTdjNzIxMmFhZmI3MTViZTU0NzJiMTA3ZDA4YTNlMDAxNmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeVR9fntqNyRjpGZoZ3nbdQIZEiO
gHrAf5JvAWrxsOdOS+mJOjyjRqUwjuyiCV8rE+8l9PZp+0tY0KwViMCdOIn+4wIa
fXpP9YOZEirbp1GZ9jIJGgZFv5zpZZGPVBCeuJU31UtvtqGwSWkeVLWhmW7x5FfZ
McU0/5KC8h5nX/fctrdRW/R12Zr6lxb0WqimCjfW6lV8uy83i7azJvp5OVDO7PcN
T8ctBijRPgWm4m6kCAKmzBlXfil23C9rxNJbpjWVHnCSgSSzUvac69IPv7hi8msf
h2orieqv/wRmHNU/3tPSlG3r+B8FndgMBEOJnFkSkSUiCur2MQASkrBVLQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJIcp8chKq+3Fb5UcrEH0Io+ABbJMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEva2h5bnh5RXFyN2NWdmxSeXNRZlFpajRBRnNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBALDiDQD
BAbDiAADBALDiGQwDQYJKoZIhvcNAQELBQADggEBADUcP20/effZzg3fjJqpH26a
bWLrcUk24dUvNjuffZVhfHqFV52DIxnHC+Hr1sszlj+JPeT+87zsLnYMKMHaHHlW
a5+Z4eVJYd5//uVH0GvFgkYB0xPGMORZcZzHk0J7p/v95kcuxS74IItVnPte8osU
+QP/MdBW5in48h38JOd7pIPwbR3lYlUvfAnY52EMJHS+FpyiENL+eA66TKKjJfPa
8q5oRrNYok8Vix53RyKTl8m4ty+NMz/xNoOkM3CsZbMpgO0+E4YRTcatzqJiqeWf
A/afrzDhvozrBL8d07wV4S9uVwGjKj5HGTBsvosIKsmAvk5j/IlFBk+s3zhLVGs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:28 2025 by rpki-client