Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/kIPlgrY4shjCMxxt0I0aCT2rVgc.roa
File: kIPlgrY4shjCMxxt0I0aCT2rVgc.roa (raw, json)
Hash identifier: yst4oGliNcRFHob/4980J30qRvjfCOtiQmb7uSbymAY=
Subject key identifier: 90:83:E5:82:B6:38:B2:18:C2:33:1C:6D:D0:8D:1A:09:3D:AB:56:07
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 018C8B8F8703C9051E22C96B1C0E4EFC8349
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/kIPlgrY4shjCMxxt0I0aCT2rVgc.roa
Signing time: Thu 21 Dec 2023 08:48:08 +0000
ROA not before: Thu 21 Dec 2023 08:48:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 82.206.48.0/21 maxlen: 24
82.206.80.0/21 maxlen: 24
82.206.88.0/21 maxlen: 24
82.206.96.0/21 maxlen: 24
82.206.104.0/21 maxlen: 24
82.206.112.0/21 maxlen: 24
82.206.120.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:8f:87:03:c9:05:1e:22:c9:6b:1c:0e:4e:fc:83:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Dec 21 08:48:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9083e582b638b218c2331c6dd08d1a093dab5607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:82:21:d8:9a:1a:72:e0:94:31:a1:7c:59:65:
cd:09:7d:4b:7c:b5:e6:15:14:29:3f:4b:cf:ba:9b:
e6:dd:e9:1f:73:55:3e:9e:2b:f0:36:c5:4b:23:4e:
dd:6d:41:f2:76:bc:a6:86:b5:aa:69:a8:bc:07:14:
f2:44:5f:14:c4:c5:77:21:d0:84:77:df:f7:92:4e:
42:62:20:ce:d9:b6:58:e5:28:00:d6:20:b9:b5:72:
54:1b:e8:e8:0f:8a:f0:e8:bb:6b:9f:78:4b:ec:d7:
55:9d:5d:3b:5e:49:f6:4e:7b:13:1c:77:de:bb:69:
41:0a:6e:5e:66:2a:d2:5e:b7:ee:1c:6e:94:a9:55:
e6:17:c9:42:ee:46:89:cd:e8:80:17:13:5c:5d:76:
6e:f7:f3:2a:03:ec:78:c0:43:8e:1f:4a:a8:1b:e0:
b4:eb:8c:2f:3d:cc:94:fe:44:40:8b:2c:16:0b:91:
f6:d0:73:83:25:b2:8c:9e:84:27:65:0b:c9:5b:b5:
9b:b1:3f:16:23:f0:1f:e9:59:2f:97:e3:6b:09:f3:
ea:64:d7:eb:f0:58:84:de:11:1b:3f:8e:57:f7:20:
9a:a8:43:91:76:55:33:5a:fe:6a:f9:1a:08:1b:ae:
fe:e4:b5:71:1a:28:65:08:db:ec:6c:06:7a:06:d6:
c9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:83:E5:82:B6:38:B2:18:C2:33:1C:6D:D0:8D:1A:09:3D:AB:56:07
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/kIPlgrY4shjCMxxt0I0aCT2rVgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.48.0/21
82.206.80.0-82.206.127.255
Signature Algorithm: sha256WithRSAEncryption
6b:7a:99:fb:b4:3d:17:6d:05:be:7f:b9:9c:b3:8b:b4:4f:fa:
49:be:4a:91:2f:ae:cc:b5:35:bf:15:77:eb:b3:b3:18:39:b5:
aa:76:e4:c1:6d:e9:59:57:6b:06:d6:5a:d0:71:d5:f4:2b:3a:
81:68:ab:a0:5c:b2:d6:1e:f6:8e:81:d4:5e:62:4c:cc:06:9e:
83:e2:ac:38:e7:a8:47:7c:82:24:ff:31:10:81:05:2a:bc:1f:
1c:d6:b7:68:fa:54:30:3a:02:6e:e0:5a:77:53:b3:c5:8c:93:
4a:91:8c:24:29:94:b9:91:bc:b9:04:03:41:47:94:8e:e6:a3:
e3:4c:9d:06:b7:5e:9c:6b:8e:ad:b8:04:e4:d4:8f:0c:3a:79:
ab:a0:f8:aa:10:32:fb:ab:f4:7b:f5:09:cd:5c:30:b3:f3:ae:
2c:82:1b:e5:67:59:8f:78:5c:cd:7f:8d:88:ea:5a:d9:bf:e3:
e1:57:f3:7a:cc:56:93:9f:a7:9b:2e:1b:5d:80:eb:79:d2:03:
d7:55:fd:2a:3c:e7:32:11:2c:2d:77:84:c1:a3:35:eb:60:f3:
a1:3b:3b:58:3c:e4:d0:10:c4:8b:dc:7e:ac:93:8b:0d:4a:80:
c6:8a:00:86:04:63:e7:de:d9:26:aa:69:db:c4:bf:ee:90:b2:
02:11:1b:55
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYyLj4cDyQUeIslrHA5O/INJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjMxMjIxMDg0ODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDgzZTU4MmI2MzhiMjE4YzIzMzFjNmRkMDhkMWEwOTNkYWI1NjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4Ih2JoacuCUMaF8WWXNCX1LfLXm
FRQpP0vPupvm3ekfc1U+nivwNsVLI07dbUHydrymhrWqaai8BxTyRF8UxMV3IdCE
d9/3kk5CYiDO2bZY5SgA1iC5tXJUG+joD4rw6Ltrn3hL7NdVnV07Xkn2TnsTHHfe
u2lBCm5eZirSXrfuHG6UqVXmF8lC7kaJzeiAFxNcXXZu9/MqA+x4wEOOH0qoG+C0
64wvPcyU/kRAiywWC5H20HODJbKMnoQnZQvJW7WbsT8WI/Af6Vkvl+NrCfPqZNfr
8FiE3hEbP45X9yCaqEORdlUzWv5q+RoIG67+5LVxGihlCNvsbAZ6BtbJSwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJCD5YK2OLIYwjMcbdCNGgk9q1YHMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEva0lQbGdyWTRzaGpDTXh4dDBJMGFDVDJyVmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDUs4wMAwD
BARSzlADBAdSzgAwDQYJKoZIhvcNAQELBQADggEBAGt6mfu0PRdtBb5/uZyzi7RP
+km+SpEvrsy1Nb8Vd+uzsxg5tap25MFt6VlXawbWWtBx1fQrOoFoq6BcstYe9o6B
1F5iTMwGnoPirDjnqEd8giT/MRCBBSq8HxzWt2j6VDA6Am7gWndTs8WMk0qRjCQp
lLmRvLkEA0FHlI7mo+NMnQa3Xpxrjq24BOTUjww6eaug+KoQMvur9Hv1Cc1cMLPz
riyCG+VnWY94XM1/jYjqWtm/4+FX83rMVpOfp5suG12A63nSA9dV/So85zIRLC13
hMGjNetg86E7O1g85NAQxIvcfqyTiw1KgMaKAIYEY+fe2SaqadvEv+6QsgIRG1U=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:09 2025 by rpki-client