Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/KAJrCNVeKHRhU97S7VcnebtLIjA.roa
File: KAJrCNVeKHRhU97S7VcnebtLIjA.roa (raw, json)
Hash identifier: QaDKB7m70CqI9ZGqfXa6lJsV90TvGgibmoldHWFkahk=
Subject key identifier: 28:02:6B:08:D5:5E:28:74:61:53:DE:D2:ED:57:27:79:BB:4B:22:30
Certificate issuer: /CN=5975d519de239cf164cb94a6660c2530ceaef254
Certificate serial: 018A50EDED056428AB6B81F556CE2581F788
Authority key identifier: 59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/KAJrCNVeKHRhU97S7VcnebtLIjA.roa
Signing time: Fri 01 Sep 2023 13:28:04 +0000
ROA not before: Fri 01 Sep 2023 13:28:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25211
IP address blocks: 85.11.163.0/24 maxlen: 24
85.11.161.0/24 maxlen: 24
85.11.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:ed:ed:05:64:28:ab:6b:81:f5:56:ce:25:81:f7:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5975d519de239cf164cb94a6660c2530ceaef254
Validity
Not Before: Sep 1 13:28:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28026b08d55e28746153ded2ed572779bb4b2230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:33:b9:c0:24:ee:d1:b5:f7:db:eb:29:49:a9:
13:76:7a:44:0b:0b:67:6b:1c:e2:2f:90:80:13:66:
2b:a0:14:7a:38:93:c5:d0:f5:53:db:6e:7e:e1:5f:
eb:fe:ea:48:d9:aa:9e:6d:b1:7d:e1:7f:66:03:fc:
5e:58:84:ea:18:eb:b4:59:78:ec:ba:c6:61:b4:51:
12:6c:d0:1c:eb:14:38:59:aa:e5:28:1e:60:67:bf:
0b:bc:a0:b8:39:d0:74:56:c3:40:f0:33:1d:e9:c9:
f3:dc:c2:fd:90:0d:88:06:e3:c9:6c:38:b0:7e:01:
07:8f:92:33:f4:84:cc:55:01:56:fd:7b:69:93:4c:
be:21:7e:76:f4:2c:5e:94:68:bd:28:5b:82:70:51:
56:db:36:99:97:4e:56:0f:24:bc:20:53:2f:5e:b3:
1e:0c:b1:d2:3e:0a:8b:37:30:76:18:54:a8:a0:23:
05:28:2e:77:65:cf:f7:db:a6:32:00:70:d5:85:78:
12:5f:50:5b:a3:7b:17:0b:1a:b3:ff:7e:b5:97:76:
97:f6:f3:b6:c7:d9:4c:0c:5d:26:c0:2e:a6:9c:ca:
1e:ca:10:d5:bf:9f:e2:35:8d:d4:95:1a:74:86:6b:
20:8e:ad:8e:26:76:db:29:c8:93:f8:70:0c:f1:79:
38:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:02:6B:08:D5:5E:28:74:61:53:DE:D2:ED:57:27:79:BB:4B:22:30
X509v3 Authority Key Identifier:
keyid:59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/KAJrCNVeKHRhU97S7VcnebtLIjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.11.161.0/24
85.11.163.0/24
85.11.167.0/24
Signature Algorithm: sha256WithRSAEncryption
17:ad:50:7c:34:61:64:0d:2a:95:55:3a:59:f2:09:9d:3c:38:
52:06:55:79:06:1a:14:d3:ec:b9:f6:ef:dc:00:cf:27:fd:ce:
ff:3c:41:39:f8:88:a2:0c:f5:db:68:f9:a5:29:c6:aa:b3:dc:
5a:ae:30:41:a4:71:2d:08:a3:aa:4f:8d:5f:13:08:1a:33:49:
54:c6:44:d5:49:e9:43:c3:db:2f:97:28:98:4d:83:b4:57:c8:
1c:bb:a2:4d:fc:0f:a6:28:42:1e:bb:3a:b0:a9:f4:7a:f6:d1:
69:41:2e:55:43:d5:f9:1c:3e:50:9a:78:f9:e8:2c:91:b7:f4:
b2:95:19:0f:07:72:4a:7d:29:39:d1:8a:98:24:3e:b7:b0:49:
79:9b:d4:3d:ac:b9:9b:07:5e:ba:d9:e2:28:d9:30:42:6c:e7:
75:74:81:88:a0:57:bb:3f:a0:e4:a0:f8:46:36:1d:1b:71:ed:
7f:26:eb:a8:a0:39:c6:8e:31:9e:bf:24:85:a1:31:88:70:51:
b6:6a:c0:5b:77:22:45:30:c8:7b:53:8e:10:f5:3d:bf:99:4f:
c1:ac:67:7d:9e:ed:be:5b:a7:71:91:42:3b:c7:98:28:af:fb:
65:94:03:ca:9c:e9:19:c8:7a:ab:a9:65:35:e3:7c:78:b8:18:
c9:97:d6:79
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpQ7e0FZCira4H1Vs4lgfeIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzVkNTE5ZGUyMzljZjE2NGNiOTRhNjY2MGMyNTMwY2Vh
ZWYyNTQwHhcNMjMwOTAxMTMyODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODAyNmIwOGQ1NWUyODc0NjE1M2RlZDJlZDU3Mjc3OWJiNGIyMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjO5wCTu0bX32+spSakTdnpECwtn
axziL5CAE2YroBR6OJPF0PVT225+4V/r/upI2aqebbF94X9mA/xeWITqGOu0WXjs
usZhtFESbNAc6xQ4WarlKB5gZ78LvKC4OdB0VsNA8DMd6cnz3ML9kA2IBuPJbDiw
fgEHj5Iz9ITMVQFW/Xtpk0y+IX529CxelGi9KFuCcFFW2zaZl05WDyS8IFMvXrMe
DLHSPgqLNzB2GFSooCMFKC53Zc/326YyAHDVhXgSX1Bbo3sXCxqz/361l3aX9vO2
x9lMDF0mwC6mnMoeyhDVv5/iNY3UlRp0hmsgjq2OJnbbKciT+HAM8Xk4bQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCgCawjVXih0YVPe0u1XJ3m7SyIwMB8GA1UdIwQY
MBaAFFl11RneI5zxZMuUpmYMJTDOrvJUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUt
MmNjNjc1NzI2OTc1LzEvS0FKckNOVmVLSFJoVTk3UzdWY25lYnRMSWpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUtMmNjNjc1NzI2OTc1
LzEvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVQuhAwQA
VQujAwQAVQunMA0GCSqGSIb3DQEBCwUAA4IBAQAXrVB8NGFkDSqVVTpZ8gmdPDhS
BlV5BhoU0+y59u/cAM8n/c7/PEE5+IiiDPXbaPmlKcaqs9xarjBBpHEtCKOqT41f
EwgaM0lUxkTVSelDw9svlyiYTYO0V8gcu6JN/A+mKEIeuzqwqfR69tFpQS5VQ9X5
HD5Qmnj56CyRt/SylRkPB3JKfSk50YqYJD63sEl5m9Q9rLmbB1662eIo2TBCbOd1
dIGIoFe7P6DkoPhGNh0bce1/JuuooDnGjjGevySFoTGIcFG2asBbdyJFMMh7U44Q
9T2/mU/BrGd9nu2+W6dxkUI7x5gor/tllAPKnOkZyHqrqWU143x4uBjJl9Z5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:57 2025 by rpki-client