Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/KbFt21C0agtSLRphLI9Mecyqvw4.roa
File: KbFt21C0agtSLRphLI9Mecyqvw4.roa (raw, json)
Hash identifier: Y30HWDhBeqcWqFt6gKiN4tvy+gcEp5FRU2LnvqXxoV8=
Subject key identifier: 29:B1:6D:DB:50:B4:6A:0B:52:2D:1A:61:2C:8F:4C:79:CC:AA:BF:0E
Certificate issuer: /CN=b945085995f3cb7c7dbd05e41774da624b1af2e9
Certificate serial: 01856CF86FA2AE877A2400F4AFD41ED59A88
Authority key identifier: B9:45:08:59:95:F3:CB:7C:7D:BD:05:E4:17:74:DA:62:4B:1A:F2:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUUIWZXzy3x9vQXkF3TaYksa8uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/KbFt21C0agtSLRphLI9Mecyqvw4.roa
Signing time: Sun 01 Jan 2023 10:54:58 +0000
ROA not before: Sun 01 Jan 2023 10:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207425
IP address blocks: 193.105.121.0/24 maxlen: 27
193.105.96.0/24 maxlen: 24
193.105.102.0/24 maxlen: 27
193.105.117.0/24 maxlen: 27
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:6f:a2:ae:87:7a:24:00:f4:af:d4:1e:d5:9a:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b945085995f3cb7c7dbd05e41774da624b1af2e9
Validity
Not Before: Jan 1 10:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29b16ddb50b46a0b522d1a612c8f4c79ccaabf0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3f:70:f8:93:58:18:cf:42:f8:3b:ee:b0:7b:
40:31:09:04:3e:34:01:e5:44:f8:36:5f:01:bb:54:
ae:f2:a2:bd:84:71:08:47:51:e1:7b:2f:24:b4:c7:
ba:8b:9a:54:69:02:a2:f0:2c:9f:93:47:26:d5:9f:
13:e1:d4:97:d3:a6:a9:f7:bd:7a:b5:76:dd:d2:0c:
71:66:99:ee:11:47:8c:7f:a3:21:80:64:f6:c1:88:
c8:56:4c:22:10:56:c4:df:75:90:9f:b1:e0:6c:06:
7e:a5:d0:5f:e6:5c:dd:15:63:42:c8:cd:c8:ef:4a:
10:66:99:92:6a:8e:41:c1:c0:6b:70:0c:5b:9a:8b:
d2:e8:72:8f:03:12:b6:f4:7b:d6:c2:7a:ca:83:9f:
00:57:85:4b:e9:8f:57:45:ff:d1:fc:72:db:0d:21:
e3:bd:9d:e0:51:bc:cc:4c:e7:89:b0:8e:f5:e6:14:
53:45:7b:bf:55:3c:3a:0e:de:ba:80:50:2e:91:34:
2e:6d:54:ef:2a:64:26:48:c8:81:dc:1b:99:67:96:
3f:a8:17:b6:11:05:a2:10:7c:00:c7:74:06:98:36:
b2:3d:6a:77:68:12:0f:95:73:c3:23:bc:44:b2:ca:
40:e7:28:ed:b6:02:45:18:31:76:1f:6b:3b:04:8b:
27:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B1:6D:DB:50:B4:6A:0B:52:2D:1A:61:2C:8F:4C:79:CC:AA:BF:0E
X509v3 Authority Key Identifier:
keyid:B9:45:08:59:95:F3:CB:7C:7D:BD:05:E4:17:74:DA:62:4B:1A:F2:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUUIWZXzy3x9vQXkF3TaYksa8uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/KbFt21C0agtSLRphLI9Mecyqvw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/uUUIWZXzy3x9vQXkF3TaYksa8uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.96.0/24
193.105.102.0/24
193.105.117.0/24
193.105.121.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:a9:8d:4b:80:02:41:89:90:7f:6b:cb:d6:38:50:e4:c8:de:
73:d3:b4:34:89:79:cb:64:c5:d3:d0:4d:95:eb:2d:7d:16:44:
33:b7:87:db:be:f4:8d:61:ea:ab:2d:f0:35:d0:60:e0:d2:32:
75:eb:57:b8:2c:93:f5:ea:74:55:56:1e:b1:09:92:6c:18:c0:
d3:49:a5:a4:b2:db:16:0c:3c:d4:52:13:9d:66:fb:ed:7b:c7:
a0:cf:cb:4a:d5:72:da:2a:52:c5:90:17:c2:7c:df:d7:0e:79:
ef:08:25:a6:93:17:64:a5:8c:dd:08:bd:c6:38:ab:7f:9c:ca:
55:df:bf:d1:2a:d7:9a:32:ca:1f:fc:fd:70:21:54:5f:d0:63:
3d:72:d4:0e:d0:31:3c:33:fe:51:09:2b:3b:bf:30:77:aa:bb:
c7:52:b6:19:49:9c:94:6b:ec:9b:23:c1:1d:89:9d:45:69:e9:
6f:04:e1:36:c4:95:15:bd:37:51:77:b9:a4:51:4b:0a:76:19:
5e:3f:da:9c:2e:9e:f6:be:a2:f0:5c:e7:a0:52:13:c1:91:f4:
ba:d4:55:28:fa:9a:73:df:86:2f:55:b7:60:34:92:3a:1a:6c:
56:12:f8:2b:40:f0:60:6c:f8:3f:5a:be:e3:65:8d:2e:5a:70:
55:96:6c:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVs+G+irod6JAD0r9Qe1ZqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDUwODU5OTVmM2NiN2M3ZGJkMDVlNDE3NzRkYTYyNGIx
YWYyZTkwHhcNMjMwMTAxMTA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWIxNmRkYjUwYjQ2YTBiNTIyZDFhNjEyYzhmNGM3OWNjYWFiZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj9w+JNYGM9C+DvusHtAMQkEPjQB
5UT4Nl8Bu1Su8qK9hHEIR1Hhey8ktMe6i5pUaQKi8Cyfk0cm1Z8T4dSX06ap9716
tXbd0gxxZpnuEUeMf6MhgGT2wYjIVkwiEFbE33WQn7HgbAZ+pdBf5lzdFWNCyM3I
70oQZpmSao5BwcBrcAxbmovS6HKPAxK29HvWwnrKg58AV4VL6Y9XRf/R/HLbDSHj
vZ3gUbzMTOeJsI715hRTRXu/VTw6Dt66gFAukTQubVTvKmQmSMiB3BuZZ5Y/qBe2
EQWiEHwAx3QGmDayPWp3aBIPlXPDI7xEsspA5yjttgJFGDF2H2s7BIsnBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCmxbdtQtGoLUi0aYSyPTHnMqr8OMB8GA1UdIwQY
MBaAFLlFCFmV88t8fb0F5Bd02mJLGvLpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVVSVdaWHp5M3g5dlFYa0YzVGFZa3NhOHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8wNTdhNjktZTY4ZS00MDA0LTg2MjUt
OTE3N2IxNGVlNjMzLzEvS2JGdDIxQzBhZ3RTTFJwaExJOU1lY3lxdnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8wNTdhNjktZTY4ZS00MDA0LTg2MjUtOTE3N2IxNGVlNjMz
LzEvdVVVSVdaWHp5M3g5dlFYa0YzVGFZa3NhOHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwWlgAwQA
wWlmAwQAwWl1AwQAwWl5MA0GCSqGSIb3DQEBCwUAA4IBAQDBqY1LgAJBiZB/a8vW
OFDkyN5z07Q0iXnLZMXT0E2V6y19FkQzt4fbvvSNYeqrLfA10GDg0jJ161e4LJP1
6nRVVh6xCZJsGMDTSaWkstsWDDzUUhOdZvvte8egz8tK1XLaKlLFkBfCfN/XDnnv
CCWmkxdkpYzdCL3GOKt/nMpV37/RKteaMsof/P1wIVRf0GM9ctQO0DE8M/5RCSs7
vzB3qrvHUrYZSZyUa+ybI8EdiZ1FaelvBOE2xJUVvTdRd7mkUUsKdhleP9qcLp72
vqLwXOegUhPBkfS61FUo+ppz34YvVbdgNJI6GmxWEvgrQPBgbPg/Wr7jZY0uWnBV
lmzw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:50 2025 by rpki-client