Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/04d708-feea-4e96-94a1-f428b9954ab2/1/KhS_N6uZ07tJObzV-NYtUIOXaJM.roa
File: KhS_N6uZ07tJObzV-NYtUIOXaJM.roa (raw, json)
Hash identifier: hBoFJfi0QGO82yGGEJk66pRUksepBWq9z4Iv+GcS8oM=
Subject key identifier: 2A:14:BF:37:AB:99:D3:BB:49:39:BC:D5:F8:D6:2D:50:83:97:68:93
Certificate issuer: /CN=11e5af4c72869209539b1194597b03fa3a4a554a
Certificate serial: 01856D789D37C3AF1299ADB0C9DB32D8B52C
Authority key identifier: 11:E5:AF:4C:72:86:92:09:53:9B:11:94:59:7B:03:FA:3A:4A:55:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EeWvTHKGkglTmxGUWXsD-jpKVUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/04d708-feea-4e96-94a1-f428b9954ab2/1/KhS_N6uZ07tJObzV-NYtUIOXaJM.roa
Signing time: Sun 01 Jan 2023 13:14:59 +0000
ROA not before: Sun 01 Jan 2023 13:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 193.3.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:9d:37:c3:af:12:99:ad:b0:c9:db:32:d8:b5:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11e5af4c72869209539b1194597b03fa3a4a554a
Validity
Not Before: Jan 1 13:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a14bf37ab99d3bb4939bcd5f8d62d5083976893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:87:dd:7c:3c:29:e7:ec:07:60:82:f0:42:a5:
05:01:07:17:42:39:8d:e6:15:8a:e8:2b:4d:77:88:
53:9d:03:4f:98:5b:df:84:cc:af:51:0a:51:4b:cc:
c3:b4:90:be:0b:1a:89:8d:72:a0:15:dd:9e:40:f1:
68:16:05:c7:b8:8e:85:de:4b:72:77:9a:31:09:65:
79:3c:98:54:b0:ad:34:01:32:5a:62:9d:19:b1:88:
cd:00:0a:7d:2e:0a:0a:f8:76:e1:db:16:91:ff:91:
e3:70:89:91:dc:51:78:2b:1e:2d:3a:36:9d:73:8b:
2c:2a:2f:50:c5:e8:91:c9:e1:d1:41:9c:6d:1f:98:
6e:eb:ca:65:88:12:a8:69:0c:0e:5b:8f:56:27:14:
f3:d3:8f:93:3a:26:3c:9d:28:e0:07:89:0e:9b:28:
b8:e3:9a:cf:ba:d0:d4:51:37:19:e9:c0:ef:17:18:
2d:61:7e:ea:b0:62:39:85:07:8e:c0:2e:da:46:9c:
61:96:af:98:cd:4e:54:2f:8f:6d:73:2a:77:0a:d1:
11:0f:95:36:21:c1:e5:e5:42:76:b2:9d:46:21:a9:
49:41:32:03:fa:45:c2:9e:52:a4:1c:ec:fc:33:ba:
ec:86:23:59:5c:6b:ca:6e:f2:09:76:1b:dc:06:a7:
df:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:14:BF:37:AB:99:D3:BB:49:39:BC:D5:F8:D6:2D:50:83:97:68:93
X509v3 Authority Key Identifier:
keyid:11:E5:AF:4C:72:86:92:09:53:9B:11:94:59:7B:03:FA:3A:4A:55:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EeWvTHKGkglTmxGUWXsD-jpKVUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/04d708-feea-4e96-94a1-f428b9954ab2/1/KhS_N6uZ07tJObzV-NYtUIOXaJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/04d708-feea-4e96-94a1-f428b9954ab2/1/EeWvTHKGkglTmxGUWXsD-jpKVUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.160.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:2d:e9:34:61:59:25:ac:9c:e1:cc:17:38:79:8e:38:18:ae:
eb:ca:5b:28:c7:77:62:75:97:76:0c:85:f9:79:af:ca:60:cc:
0f:2c:6f:04:bb:42:88:1e:04:3f:c6:b4:d3:b1:30:1e:d1:00:
f3:91:4d:91:4b:ea:3a:17:90:5d:26:dd:80:f1:e3:ae:61:8f:
d6:9d:87:e1:49:ec:14:91:39:f1:b1:c7:45:59:66:0f:e7:28:
72:0c:e0:8d:88:ee:99:1f:e0:03:3a:2e:d4:2c:df:ec:e3:e9:
04:b2:d6:9d:e1:d4:48:7a:9b:4f:66:50:d3:9e:f1:c1:2d:22:
30:84:75:ba:6f:7e:8d:46:3e:24:64:f7:f8:29:2e:ad:f5:9d:
4b:f3:71:87:40:07:7e:2e:a4:3a:23:a4:92:e5:f2:b3:9e:da:
52:33:9a:3a:e3:9f:a9:98:bf:87:44:2c:8a:a3:df:f3:84:9b:
ff:b7:82:72:96:9e:a2:9a:6c:2b:c1:79:99:d3:31:ec:2c:60:
84:5f:74:ba:c5:a1:97:03:1f:03:41:2b:71:fc:33:c9:ba:67:
bb:c8:c8:5e:54:54:d7:9c:5e:7e:17:d9:c4:80:4e:89:f7:c8:
50:e0:fb:47:d4:c0:4a:42:55:2b:15:c3:da:f5:ca:d0:5a:48:
a4:31:2f:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteJ03w68Sma2wydsy2LUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZTVhZjRjNzI4NjkyMDk1MzliMTE5NDU5N2IwM2ZhM2E0
YTU1NGEwHhcNMjMwMTAxMTMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE0YmYzN2FiOTlkM2JiNDkzOWJjZDVmOGQ2MmQ1MDgzOTc2ODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIfdfDwp5+wHYILwQqUFAQcXQjmN
5hWK6CtNd4hTnQNPmFvfhMyvUQpRS8zDtJC+CxqJjXKgFd2eQPFoFgXHuI6F3kty
d5oxCWV5PJhUsK00ATJaYp0ZsYjNAAp9LgoK+Hbh2xaR/5HjcImR3FF4Kx4tOjad
c4ssKi9QxeiRyeHRQZxtH5hu68pliBKoaQwOW49WJxTz04+TOiY8nSjgB4kOmyi4
45rPutDUUTcZ6cDvFxgtYX7qsGI5hQeOwC7aRpxhlq+YzU5UL49tcyp3CtERD5U2
IcHl5UJ2sp1GIalJQTID+kXCnlKkHOz8M7rshiNZXGvKbvIJdhvcBqffiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoUvzermdO7STm81fjWLVCDl2iTMB8GA1UdIwQY
MBaAFBHlr0xyhpIJU5sRlFl7A/o6SlVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWVXdlRIS0drZ2xUbXhHVVdYc0QtanBLVlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNGQ3MDgtZmVlYS00ZTk2LTk0YTEt
ZjQyOGI5OTU0YWIyLzEvS2hTX042dVowN3RKT2J6Vi1OWXRVSU9YYUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wNGQ3MDgtZmVlYS00ZTk2LTk0YTEtZjQyOGI5OTU0YWIy
LzEvRWVXdlRIS0drZ2xUbXhHVVdYc0QtanBLVlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQOgMA0G
CSqGSIb3DQEBCwUAA4IBAQBuLek0YVklrJzhzBc4eY44GK7rylsox3didZd2DIX5
ea/KYMwPLG8Eu0KIHgQ/xrTTsTAe0QDzkU2RS+o6F5BdJt2A8eOuYY/WnYfhSewU
kTnxscdFWWYP5yhyDOCNiO6ZH+ADOi7ULN/s4+kEstad4dRIeptPZlDTnvHBLSIw
hHW6b36NRj4kZPf4KS6t9Z1L83GHQAd+LqQ6I6SS5fKzntpSM5o645+pmL+HRCyK
o9/zhJv/t4Jylp6immwrwXmZ0zHsLGCEX3S6xaGXAx8DQStx/DPJume7yMheVFTX
nF5+F9nEgE6J98hQ4PtH1MBKQlUrFcPa9crQWkikMS9w
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:26 2025 by rpki-client