Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/KOqyzF8uvpudRDmmOaw--GfyDPQ.roa
File: KOqyzF8uvpudRDmmOaw--GfyDPQ.roa (raw, json)
Hash identifier: GyCTcLJ/LX56//z9za18w3hWDCGRrh9URpqNqp/PV98=
Subject key identifier: 28:EA:B2:CC:5F:2E:BE:9B:9D:44:39:A6:39:AC:3E:F8:67:F2:0C:F4
Certificate issuer: /CN=5b6fa6690997412e716616c81e4f7c0875ffd976
Certificate serial: 01857315D1D4606D4CB78AF74F30A2380102
Authority key identifier: 5B:6F:A6:69:09:97:41:2E:71:66:16:C8:1E:4F:7C:08:75:FF:D9:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2-maQmXQS5xZhbIHk98CHX_2XY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/KOqyzF8uvpudRDmmOaw--GfyDPQ.roa
Signing time: Mon 02 Jan 2023 15:24:47 +0000
ROA not before: Mon 02 Jan 2023 15:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33916
IP address blocks: 195.242.192.0/22 maxlen: 22
45.133.164.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:d1:d4:60:6d:4c:b7:8a:f7:4f:30:a2:38:01:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b6fa6690997412e716616c81e4f7c0875ffd976
Validity
Not Before: Jan 2 15:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28eab2cc5f2ebe9b9d4439a639ac3ef867f20cf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:08:bb:5b:55:2b:c6:49:d1:6a:6c:bd:2b:60:
eb:bc:29:ef:4f:53:42:b3:03:d3:01:2d:0a:c0:8f:
a7:62:70:c5:11:b7:42:a5:b9:b1:7b:96:7d:ea:65:
88:8c:fd:fa:3b:1b:bd:e5:b2:51:b7:1d:05:2d:54:
17:41:cf:04:65:7f:8b:1a:76:07:53:dd:80:1d:4d:
c4:74:3a:93:8a:f9:ae:7c:9a:c4:4c:84:08:91:0d:
70:ba:18:fa:d5:d2:83:79:93:80:37:d5:1b:47:a8:
7a:32:3b:1c:b5:0d:e2:17:1c:9f:f4:a0:55:75:fb:
3d:84:26:c6:e2:46:ed:40:2f:c4:5c:7b:e4:ac:c0:
d5:4a:8c:ab:6d:e8:ce:38:93:ea:1f:27:a5:b8:02:
d2:fe:d4:7a:f0:ec:4d:84:94:72:3a:c4:39:50:63:
41:89:00:fd:e3:27:41:63:2b:cc:59:22:4d:0c:b7:
9a:c5:44:3c:a1:38:22:4d:3f:85:ca:14:52:85:13:
30:05:e2:63:44:36:4c:0a:9f:1d:a0:61:a9:e1:9d:
30:75:8f:f4:49:fa:7a:1f:1d:84:a3:7e:11:35:5f:
04:62:b9:2b:25:d9:d6:38:7b:62:35:a0:6c:5c:3d:
88:20:f8:f8:80:cc:86:be:0a:5e:92:6a:dd:d8:41:
27:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:EA:B2:CC:5F:2E:BE:9B:9D:44:39:A6:39:AC:3E:F8:67:F2:0C:F4
X509v3 Authority Key Identifier:
keyid:5B:6F:A6:69:09:97:41:2E:71:66:16:C8:1E:4F:7C:08:75:FF:D9:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2-maQmXQS5xZhbIHk98CHX_2XY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/KOqyzF8uvpudRDmmOaw--GfyDPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/294c4e-5a2b-4bee-bc57-12ad146655ce/1/W2-maQmXQS5xZhbIHk98CHX_2XY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.164.0/22
195.242.192.0/22
Signature Algorithm: sha256WithRSAEncryption
81:05:17:11:35:c6:ca:72:3a:a2:a3:4a:ad:f1:1c:40:70:96:
35:38:f7:6b:11:94:bb:c8:79:ac:37:af:c1:37:7a:a6:d8:3f:
06:45:5d:40:db:51:80:4d:4b:39:2b:c8:20:e1:6e:07:0b:2d:
e3:01:c7:17:e0:89:5c:2d:2d:68:3b:ce:7c:e4:18:e1:05:fe:
72:d8:73:c4:61:b8:c9:18:96:80:22:ed:00:8f:e0:5c:44:7f:
ae:e8:69:3f:ab:b4:a4:fb:62:9b:4a:5c:2e:fa:50:79:ed:bd:
49:2d:4f:d3:ac:86:74:b1:78:68:cf:c8:c5:9b:2d:4e:ad:4e:
86:ce:cb:2c:60:cb:23:11:9d:50:5d:15:36:83:30:c8:c2:14:
3f:1f:5f:ec:4b:12:d1:9d:07:12:e4:19:7b:8d:cf:1d:ac:d3:
7a:04:4c:ad:b5:29:21:2b:9e:37:c6:49:a3:21:89:00:2f:76:
6a:e8:88:80:4f:d7:78:7f:52:d7:27:3e:6c:77:81:3b:1f:96:
5a:b6:d0:2c:f6:1d:02:ec:5a:74:03:70:72:3d:27:fd:8b:47:
d0:8d:c1:63:ef:65:93:79:6c:67:ff:fc:98:97:2c:87:fd:d5:
4a:27:32:1a:6e:c4:4c:1c:63:e6:7e:83:67:b7:c5:41:2e:27:
87:f4:37:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzFdHUYG1Mt4r3TzCiOAECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNmZhNjY5MDk5NzQxMmU3MTY2MTZjODFlNGY3YzA4NzVm
ZmQ5NzYwHhcNMjMwMTAyMTUyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGVhYjJjYzVmMmViZTliOWQ0NDM5YTYzOWFjM2VmODY3ZjIwY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgi7W1UrxknRamy9K2DrvCnvT1NC
swPTAS0KwI+nYnDFEbdCpbmxe5Z96mWIjP36Oxu95bJRtx0FLVQXQc8EZX+LGnYH
U92AHU3EdDqTivmufJrETIQIkQ1wuhj61dKDeZOAN9UbR6h6MjsctQ3iFxyf9KBV
dfs9hCbG4kbtQC/EXHvkrMDVSoyrbejOOJPqHyeluALS/tR68OxNhJRyOsQ5UGNB
iQD94ydBYyvMWSJNDLeaxUQ8oTgiTT+FyhRShRMwBeJjRDZMCp8doGGp4Z0wdY/0
Sfp6Hx2Eo34RNV8EYrkrJdnWOHtiNaBsXD2IIPj4gMyGvgpekmrd2EEnxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCjqssxfLr6bnUQ5pjmsPvhn8gz0MB8GA1UdIwQY
MBaAFFtvpmkJl0EucWYWyB5PfAh1/9l2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzItbWFRbVhRUzV4WmhiSUhrOThDSFhfMlhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8yOTRjNGUtNWEyYi00YmVlLWJjNTct
MTJhZDE0NjY1NWNlLzEvS09xeXpGOHV2cHVkUkRtbU9hdy0tR2Z5RFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8yOTRjNGUtNWEyYi00YmVlLWJjNTctMTJhZDE0NjY1NWNl
LzEvVzItbWFRbVhRUzV4WmhiSUhrOThDSFhfMlhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYWkAwQC
w/LAMA0GCSqGSIb3DQEBCwUAA4IBAQCBBRcRNcbKcjqio0qt8RxAcJY1OPdrEZS7
yHmsN6/BN3qm2D8GRV1A21GATUs5K8gg4W4HCy3jAccX4IlcLS1oO8585BjhBf5y
2HPEYbjJGJaAIu0Aj+BcRH+u6Gk/q7Sk+2KbSlwu+lB57b1JLU/TrIZ0sXhoz8jF
my1OrU6GzsssYMsjEZ1QXRU2gzDIwhQ/H1/sSxLRnQcS5Bl7jc8drNN6BEyttSkh
K543xkmjIYkAL3Zq6IiAT9d4f1LXJz5sd4E7H5ZattAs9h0C7Fp0A3ByPSf9i0fQ
jcFj72WTeWxn//yYlyyH/dVKJzIabsRMHGPmfoNnt8VBLieH9Dcb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:05 2025 by rpki-client