Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/KAWaeD6SmgSbxt8RWXacvFFPC1o.roa
File: KAWaeD6SmgSbxt8RWXacvFFPC1o.roa (raw, json)
Hash identifier: vjRLNA+uK/Hei5zbOG8TJerBnVlAKFOc/AwAWX4cBkA=
Subject key identifier: 28:05:9A:78:3E:92:9A:04:9B:C6:DF:11:59:76:9C:BC:51:4F:0B:5A
Certificate issuer: /CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5
Certificate serial: 01856F66F555558A831B9016FA97099E748B
Authority key identifier: 41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/KAWaeD6SmgSbxt8RWXacvFFPC1o.roa
Signing time: Sun 01 Jan 2023 22:14:56 +0000
ROA not before: Sun 01 Jan 2023 22:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 195.128.162.0/24 maxlen: 24
195.128.178.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:f5:55:55:8a:83:1b:90:16:fa:97:09:9e:74:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5
Validity
Not Before: Jan 1 22:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28059a783e929a049bc6df1159769cbc514f0b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ad:1d:5a:64:0c:e8:02:07:11:32:70:9c:59:
6c:2d:16:fa:b8:ee:76:26:f2:91:83:5f:7c:88:a6:
28:2f:d3:cd:52:01:2f:a5:ca:57:36:a9:ab:2f:a5:
6f:30:58:81:d3:b2:1d:33:49:6b:29:66:8b:74:5f:
70:89:2d:db:07:8b:22:a7:ae:67:4d:9e:c4:d8:25:
35:b2:7c:13:2f:0e:87:bc:2a:46:4c:44:4f:69:b8:
fc:2a:28:2c:40:c4:a9:e1:56:ee:3d:85:72:7c:f9:
8a:67:a2:58:a3:02:61:ba:bf:c6:fb:1e:f1:dd:41:
62:9f:c2:cd:3b:20:5b:c7:3c:26:73:2a:af:a2:53:
b4:0d:c0:b7:db:19:e4:6b:53:e6:2e:ae:c7:41:05:
a8:28:6b:a0:a3:7b:42:68:79:86:77:f9:96:67:01:
c5:42:81:9f:0f:ad:41:5f:fe:c8:7d:af:28:f6:93:
84:e9:9a:7c:12:90:11:69:76:26:2e:a3:a3:78:29:
f7:45:02:68:97:0c:e7:35:97:76:2b:86:a4:78:cd:
9f:dc:06:15:af:a2:e8:d6:ce:77:63:58:d6:01:38:
53:90:ad:2f:fc:ce:32:d6:e0:56:1a:3f:82:ed:1e:
5e:53:bf:dc:27:b0:26:95:43:63:dd:00:d9:76:af:
0d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:05:9A:78:3E:92:9A:04:9B:C6:DF:11:59:76:9C:BC:51:4F:0B:5A
X509v3 Authority Key Identifier:
keyid:41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/KAWaeD6SmgSbxt8RWXacvFFPC1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/QZYjDljezAy8-xX1aqZN7dHzifU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.162.0/24
195.128.178.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:cd:a0:58:c5:8c:04:8e:8b:8a:5f:02:25:9a:03:ed:17:6e:
c3:1d:76:e6:a0:df:a2:ce:dc:f0:18:c6:39:a6:c1:76:49:97:
9e:dc:a4:7b:78:44:62:b2:5b:61:7d:ea:66:8d:0e:43:c2:b2:
c3:df:7f:f9:5f:bf:aa:e6:2e:91:29:c2:be:7d:e1:42:78:c8:
27:4e:2d:1f:1d:cc:6f:9b:aa:5d:44:b3:b1:1e:d7:1d:f8:25:
3a:62:50:25:f7:c3:65:c3:e1:0f:97:25:df:23:55:bf:32:41:
a3:48:8a:fb:30:30:e2:4c:c1:a4:01:1a:2c:c7:ea:0f:14:56:
54:06:a5:99:9f:79:e9:2f:b6:37:79:d5:9c:42:ae:f3:8b:4b:
48:ad:a4:82:cf:95:e9:c8:4c:8c:eb:96:81:fa:80:be:67:14:
dd:a4:48:a9:17:9c:a3:cb:2c:ba:7f:86:b1:3c:1a:37:d5:0a:
93:dc:4e:41:39:95:b1:22:9d:6f:e3:0d:77:ab:63:51:a5:3d:
3e:60:6a:ba:86:ce:02:5b:56:77:f1:fe:0e:f6:99:bb:34:9e:
53:41:16:6d:28:00:5d:b8:13:01:92:b4:ae:07:64:eb:c5:fb:
d6:d9:30:47:b0:52:6b:10:4b:c2:c1:a1:fa:bf:6e:f7:96:22:
53:35:39:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvZvVVVYqDG5AW+pcJnnSLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxOTYyMzBlNThkZWNjMGNiY2ZiMTVmNTZhYTY0ZGVkZDFm
Mzg5ZjUwHhcNMjMwMTAxMjIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODA1OWE3ODNlOTI5YTA0OWJjNmRmMTE1OTc2OWNiYzUxNGYwYjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq0dWmQM6AIHETJwnFlsLRb6uO52
JvKRg198iKYoL9PNUgEvpcpXNqmrL6VvMFiB07IdM0lrKWaLdF9wiS3bB4sip65n
TZ7E2CU1snwTLw6HvCpGTERPabj8KigsQMSp4VbuPYVyfPmKZ6JYowJhur/G+x7x
3UFin8LNOyBbxzwmcyqvolO0DcC32xnka1PmLq7HQQWoKGugo3tCaHmGd/mWZwHF
QoGfD61BX/7Ifa8o9pOE6Zp8EpARaXYmLqOjeCn3RQJolwznNZd2K4akeM2f3AYV
r6Lo1s53Y1jWAThTkK0v/M4y1uBWGj+C7R5eU7/cJ7AmlUNj3QDZdq8NYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCgFmng+kpoEm8bfEVl2nLxRTwtaMB8GA1UdIwQY
MBaAFEGWIw5Y3swMvPsV9WqmTe3R84n1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQt
MmJlZmZmZDU3ZmI3LzEvS0FXYWVENlNtZ1NieHQ4UldYYWN2RkZQQzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQtMmJlZmZmZDU3ZmI3
LzEvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4CiAwQA
w4CyMA0GCSqGSIb3DQEBCwUAA4IBAQANzaBYxYwEjouKXwIlmgPtF27DHXbmoN+i
ztzwGMY5psF2SZee3KR7eERislthfepmjQ5DwrLD33/5X7+q5i6RKcK+feFCeMgn
Ti0fHcxvm6pdRLOxHtcd+CU6YlAl98Nlw+EPlyXfI1W/MkGjSIr7MDDiTMGkARos
x+oPFFZUBqWZn3npL7Y3edWcQq7zi0tIraSCz5XpyEyM65aB+oC+ZxTdpEipF5yj
yyy6f4axPBo31QqT3E5BOZWxIp1v4w13q2NRpT0+YGq6hs4CW1Z38f4O9pm7NJ5T
QRZtKABduBMBkrSuB2TrxfvW2TBHsFJrEEvCwaH6v273liJTNTme
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:08 2025 by rpki-client