Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/KA4Rr2cdv59nRLK6KvdIMNns11c.roa
File: KA4Rr2cdv59nRLK6KvdIMNns11c.roa (raw, json)
Hash identifier: heO66UXdJ0vkIrWRtL31SOOGDH1E87tTc7mu3VGjEW8=
Subject key identifier: 28:0E:11:AF:67:1D:BF:9F:67:44:B2:BA:2A:F7:48:30:D9:EC:D7:57
Certificate issuer: /CN=f6ada20bd98babdf74c3d56cd78ada66ed87a148
Certificate serial: 018AF443B1B825484B80DF8B20CB60BF6E49
Authority key identifier: F6:AD:A2:0B:D9:8B:AB:DF:74:C3:D5:6C:D7:8A:DA:66:ED:87:A1:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q2iC9mLq990w9Vs14raZu2HoUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/KA4Rr2cdv59nRLK6KvdIMNns11c.roa
Signing time: Tue 03 Oct 2023 06:39:51 +0000
ROA not before: Tue 03 Oct 2023 06:39:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60880
IP address blocks: 192.83.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:43:b1:b8:25:48:4b:80:df:8b:20:cb:60:bf:6e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6ada20bd98babdf74c3d56cd78ada66ed87a148
Validity
Not Before: Oct 3 06:39:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=280e11af671dbf9f6744b2ba2af74830d9ecd757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:34:fd:ba:cc:48:0e:4b:ab:da:95:ff:cc:f2:
29:01:c7:94:ff:d3:00:7e:9a:7c:69:3d:40:11:14:
31:6c:a9:99:22:61:37:41:9d:3f:e0:44:20:b3:62:
5b:cb:bf:cd:e5:32:49:68:44:58:45:db:ba:a5:c8:
80:13:4a:14:ec:48:ee:94:cc:8e:40:74:dc:9c:10:
7c:71:f3:55:3a:d4:4a:47:9f:cd:fb:53:4c:3f:99:
1b:52:83:5d:7c:2e:59:17:15:ba:e7:bc:d7:d4:9b:
1a:7f:ba:47:65:8e:2e:58:7c:e6:8b:33:ab:fa:ca:
66:b7:50:a1:1f:48:81:b3:d1:09:f1:56:0d:29:77:
b2:25:31:75:c4:cd:1b:1b:66:01:d2:04:82:d7:91:
dd:91:15:9f:0e:f9:17:00:6f:1c:74:13:b0:b7:75:
74:8c:2a:25:22:3f:c9:bc:dd:09:f1:8e:de:99:45:
36:b9:7e:c7:b3:66:66:5a:7c:f1:26:35:40:31:a7:
f7:aa:30:a4:bf:0b:93:e7:ae:3c:25:c4:e6:5f:9e:
c5:7c:30:c4:dd:78:33:7a:09:c9:9e:f0:96:da:8a:
e5:53:0e:27:21:01:bd:bc:92:dd:e1:f3:3b:15:f3:
bf:52:a5:c4:85:6d:2f:2f:de:45:89:53:fe:ad:ca:
e1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:0E:11:AF:67:1D:BF:9F:67:44:B2:BA:2A:F7:48:30:D9:EC:D7:57
X509v3 Authority Key Identifier:
keyid:F6:AD:A2:0B:D9:8B:AB:DF:74:C3:D5:6C:D7:8A:DA:66:ED:87:A1:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q2iC9mLq990w9Vs14raZu2HoUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/KA4Rr2cdv59nRLK6KvdIMNns11c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/9q2iC9mLq990w9Vs14raZu2HoUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.83.120.0/24
Signature Algorithm: sha256WithRSAEncryption
37:60:e5:79:2c:26:7a:18:8f:cc:4b:84:76:d8:36:95:fd:05:
f2:d3:8a:66:44:8e:a4:28:77:02:6b:6c:99:73:ec:fc:c7:c4:
7c:0e:30:84:de:89:fb:db:7e:ba:fc:b4:73:ac:83:36:9a:36:
75:a6:3e:ca:03:4c:b2:e1:f9:3e:d4:64:c0:58:5b:ce:66:e4:
65:c0:28:8e:e5:cd:0b:7e:c3:00:da:ea:99:68:a7:27:90:31:
c8:84:da:b7:e4:34:7a:68:63:27:79:bd:6c:cd:07:38:91:67:
e6:63:de:6b:38:b2:e4:ee:8b:a8:e8:3e:b1:1d:67:3e:7b:4a:
a5:08:31:2a:70:84:1e:51:4f:84:61:ef:fc:0f:b5:7d:09:fa:
5c:d1:21:64:94:d2:6e:5d:87:83:1a:0e:46:68:41:52:0e:61:
29:95:4f:de:fa:71:a7:0a:d3:9d:e7:6f:59:18:c7:dc:7e:bd:
1e:af:3c:3c:16:0c:4f:b5:5c:bc:85:04:14:ac:cb:64:ed:c6:
18:86:dd:b9:b0:66:49:8f:53:d6:12:4e:d6:56:9a:a6:53:65:
b8:83:8e:98:c1:0c:e7:b4:32:a7:f4:50:e3:ca:db:28:60:f2:
5b:7c:77:95:2a:a4:70:b2:d9:93:a3:2f:68:18:50:ab:32:05:
4d:0f:0e:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr0Q7G4JUhLgN+LIMtgv25JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWRhMjBiZDk4YmFiZGY3NGMzZDU2Y2Q3OGFkYTY2ZWQ4
N2ExNDgwHhcNMjMxMDAzMDYzOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODBlMTFhZjY3MWRiZjlmNjc0NGIyYmEyYWY3NDgzMGQ5ZWNkNzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTT9usxIDkur2pX/zPIpAceU/9MA
fpp8aT1AERQxbKmZImE3QZ0/4EQgs2Jby7/N5TJJaERYRdu6pciAE0oU7EjulMyO
QHTcnBB8cfNVOtRKR5/N+1NMP5kbUoNdfC5ZFxW657zX1Jsaf7pHZY4uWHzmizOr
+spmt1ChH0iBs9EJ8VYNKXeyJTF1xM0bG2YB0gSC15HdkRWfDvkXAG8cdBOwt3V0
jColIj/JvN0J8Y7emUU2uX7Hs2ZmWnzxJjVAMaf3qjCkvwuT5648JcTmX57FfDDE
3XgzegnJnvCW2orlUw4nIQG9vJLd4fM7FfO/UqXEhW0vL95FiVP+rcrhIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgOEa9nHb+fZ0Syuir3SDDZ7NdXMB8GA1UdIwQY
MBaAFPatogvZi6vfdMPVbNeK2mbth6FIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXEyaUM5bUxxOTkwdzlWczE0cmFadTJIb1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80ZDU0YjYtZTAzYy00MzEwLTliMzkt
OWRiMTdhNWRlNDYzLzEvS0E0UnIyY2R2NTluUkxLNkt2ZElNTm5zMTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80ZDU0YjYtZTAzYy00MzEwLTliMzktOWRiMTdhNWRlNDYz
LzEvOXEyaUM5bUxxOTkwdzlWczE0cmFadTJIb1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwFN4MA0G
CSqGSIb3DQEBCwUAA4IBAQA3YOV5LCZ6GI/MS4R22DaV/QXy04pmRI6kKHcCa2yZ
c+z8x8R8DjCE3on72366/LRzrIM2mjZ1pj7KA0yy4fk+1GTAWFvOZuRlwCiO5c0L
fsMA2uqZaKcnkDHIhNq35DR6aGMneb1szQc4kWfmY95rOLLk7ouo6D6xHWc+e0ql
CDEqcIQeUU+EYe/8D7V9Cfpc0SFklNJuXYeDGg5GaEFSDmEplU/e+nGnCtOd529Z
GMfcfr0erzw8FgxPtVy8hQQUrMtk7cYYht25sGZJj1PWEk7WVpqmU2W4g46YwQzn
tDKn9FDjytsoYPJbfHeVKqRwstmToy9oGFCrMgVNDw4p
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:19 2025 by rpki-client