Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/KKRC0wEn8YQgdksjk8IkO0Q0kEU.roa
File: KKRC0wEn8YQgdksjk8IkO0Q0kEU.roa (raw, json)
Hash identifier: e1y5s0E5+TsVvwx1VEDkf/nUu31T4lJXud9OIfCDSwc=
Subject key identifier: 28:A4:42:D3:01:27:F1:84:20:76:4B:23:93:C2:24:3B:44:34:90:45
Certificate issuer: /CN=d09da99a73ba7202418f73718932dc8d7c153e32
Certificate serial: 09EE35F4
Authority key identifier: D0:9D:A9:9A:73:BA:72:02:41:8F:73:71:89:32:DC:8D:7C:15:3E:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0J2pmnO6cgJBj3NxiTLcjXwVPjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/KKRC0wEn8YQgdksjk8IkO0Q0kEU.roa
Signing time: Sat 01 Jan 2022 06:57:44 +0000
ROA not before: Sat 01 Jan 2022 06:57:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198185
IP address blocks: 130.255.8.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166606324 (0x9ee35f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d09da99a73ba7202418f73718932dc8d7c153e32
Validity
Not Before: Jan 1 06:57:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28a442d30127f18420764b2393c2243b44349045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a0:24:51:bd:95:de:ee:2e:f8:e0:dc:f5:a0:
6f:04:d9:a7:7e:07:9d:45:93:21:31:28:21:73:a5:
78:95:a4:fc:1c:83:61:ac:10:cb:e6:83:74:61:ea:
3d:12:d8:d8:49:a3:06:4a:64:9f:22:a7:85:85:b1:
c1:10:a4:6e:4b:12:8e:30:43:3f:bd:b2:0a:2d:a6:
16:ea:fb:fd:c4:6c:78:b4:50:12:7c:c5:ba:ba:7c:
a5:a1:20:17:eb:9e:4e:4e:5b:ee:18:36:ba:04:68:
b7:37:20:9c:91:8c:fa:60:cc:c7:ba:78:10:e3:94:
84:c8:97:7c:95:3b:07:2e:a0:b2:d6:95:d6:72:53:
4f:31:8e:41:ce:8f:50:36:c5:4c:0a:66:d9:28:85:
aa:9e:86:d8:a2:c0:04:3e:44:bf:d1:08:53:af:13:
5e:c6:33:18:0a:70:99:2f:22:d6:88:27:ef:70:75:
2e:05:02:c5:64:92:50:f9:2d:98:2a:95:e3:2e:7d:
96:fa:fb:0f:1f:0f:57:3e:01:bc:80:49:58:7a:c1:
52:3a:47:f1:64:a8:55:05:7a:1e:d0:6e:be:ae:60:
f5:ec:f8:4e:35:fa:2d:50:2e:0a:fe:d2:6b:29:ef:
5a:98:30:dd:55:94:0b:61:b5:d5:4e:99:b7:13:61:
ef:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A4:42:D3:01:27:F1:84:20:76:4B:23:93:C2:24:3B:44:34:90:45
X509v3 Authority Key Identifier:
keyid:D0:9D:A9:9A:73:BA:72:02:41:8F:73:71:89:32:DC:8D:7C:15:3E:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0J2pmnO6cgJBj3NxiTLcjXwVPjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/KKRC0wEn8YQgdksjk8IkO0Q0kEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/0J2pmnO6cgJBj3NxiTLcjXwVPjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.8.0/21
Signature Algorithm: sha256WithRSAEncryption
bb:92:46:28:a6:17:99:14:0c:4e:90:aa:55:7e:01:99:42:05:
ab:3e:7b:50:77:2e:f7:f5:b3:3e:c2:a0:10:00:17:23:17:ee:
54:9c:e4:51:45:e7:6c:4b:23:b8:b5:05:6f:44:c1:9b:81:50:
56:58:5f:22:7d:76:04:21:77:aa:4f:f0:64:8a:1c:32:dd:77:
9f:e8:34:85:3b:de:16:8d:1e:44:74:19:45:f9:a6:cb:88:d5:
4f:22:d3:ee:96:95:ef:9a:44:0b:2c:41:0f:44:cd:c5:58:1b:
d3:9e:30:00:39:db:51:ab:9e:49:d9:39:e6:2f:3c:11:c5:c1:
c1:09:09:98:81:05:43:9a:33:e8:98:64:a4:3e:3c:68:52:78:
4b:a8:97:e0:a7:93:9c:a2:01:4a:bc:43:bb:a6:ab:9e:ca:26:
a7:16:60:3f:23:92:51:b1:56:59:68:18:b1:4e:01:49:dc:21:
a0:fc:ec:f3:15:a0:de:78:85:15:6c:50:2c:1b:50:f0:b4:a3:
4b:dd:c9:07:c0:14:36:2f:3f:78:32:f6:e3:d5:e5:4e:14:c6:
30:a0:f4:fa:97:3e:8f:1d:a7:37:d3:e0:1b:88:4e:50:61:7e:
b4:f6:71:7f:4e:5f:03:12:51:7a:9c:3f:4c:ea:3f:ad:fa:c7:
c9:68:76:4f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECe419DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDlkYTk5YTczYmE3MjAyNDE4ZjczNzE4OTMyZGM4ZDdjMTUzZTMyMB4XDTIyMDEw
MTA2NTc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhhNDQyZDMwMTI3
ZjE4NDIwNzY0YjIzOTNjMjI0M2I0NDM0OTA0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJigJFG9ld7uLvjg3PWgbwTZp34HnUWTITEoIXOleJWk/ByD
YawQy+aDdGHqPRLY2EmjBkpknyKnhYWxwRCkbksSjjBDP72yCi2mFur7/cRseLRQ
EnzFurp8paEgF+ueTk5b7hg2ugRotzcgnJGM+mDMx7p4EOOUhMiXfJU7By6gstaV
1nJTTzGOQc6PUDbFTApm2SiFqp6G2KLABD5Ev9EIU68TXsYzGApwmS8i1ogn73B1
LgUCxWSSUPktmCqV4y59lvr7Dx8PVz4BvIBJWHrBUjpH8WSoVQV6HtBuvq5g9ez4
TjX6LVAuCv7SaynvWpgw3VWUC2G11U6ZtxNh718CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQopELTASfxhCB2SyOTwiQ7RDSQRTAfBgNVHSMEGDAWgBTQnamac7pyAkGP
c3GJMtyNfBU+MjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBKMnBtbk82Y2dKQmozTnhpVExjalh3VlBqSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvOGEyY2VkLTg3YWUtNDFlYS1iM2IwLWRjZWJmNjE5N2UwZS8x
L0tLUkMwd0VuOFlRZ2Rrc2prOElrTzBRMGtFVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
OGEyY2VkLTg3YWUtNDFlYS1iM2IwLWRjZWJmNjE5N2UwZS8xLzBKMnBtbk82Y2dK
QmozTnhpVExjalh3VlBqSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA4L/CDANBgkqhkiG9w0BAQsFAAOC
AQEAu5JGKKYXmRQMTpCqVX4BmUIFqz57UHcu9/WzPsKgEAAXIxfuVJzkUUXnbEsj
uLUFb0TBm4FQVlhfIn12BCF3qk/wZIocMt13n+g0hTveFo0eRHQZRfmmy4jVTyLT
7paV75pECyxBD0TNxVgb054wADnbUaueSdk55i88EcXBwQkJmIEFQ5oz6JhkpD48
aFJ4S6iX4KeTnKIBSrxDu6arnsompxZgPyOSUbFWWWgYsU4BSdwhoPzs8xWg3niF
FWxQLBtQ8LSjS93JB8AUNi8/eDL249XlThTGMKD0+pc+jx2nN9PgG4hOUGF+tPZx
f05fAxJRepw/TOo/rfrHyWh2Tw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:43 2025 by rpki-client