Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/KDRKWOmG-9meDWTzfGaev2ZCXqg.roa
File: KDRKWOmG-9meDWTzfGaev2ZCXqg.roa (raw, json)
Hash identifier: qtAuRg1Tf3J458PyEizCjnuEbSJcpme5AQm7mmlWmAc=
Subject key identifier: 28:34:4A:58:E9:86:FB:D9:9E:0D:64:F3:7C:66:9E:BF:66:42:5E:A8
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 0184E6FA662ACECFC144B4F27600A1B33741
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/KDRKWOmG-9meDWTzfGaev2ZCXqg.roa
Signing time: Tue 06 Dec 2022 10:28:00 +0000
ROA not before: Tue 06 Dec 2022 10:28:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200895
IP address blocks: 2a12:3fc2:e100::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e6:fa:66:2a:ce:cf:c1:44:b4:f2:76:00:a1:b3:37:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Dec 6 10:28:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28344a58e986fbd99e0d64f37c669ebf66425ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:41:a1:16:9e:95:f5:fc:b0:9d:32:80:42:f1:
0b:3e:92:81:87:7e:e8:79:a2:72:a3:29:c3:dc:8a:
be:00:3e:29:7d:76:80:4a:f8:da:27:c2:40:cd:fc:
7e:6c:29:ac:c2:75:15:c9:8c:4e:d8:33:dd:bb:c1:
09:f2:b8:1f:40:41:b3:db:3a:db:0e:3a:78:e4:ab:
07:3e:b7:b2:2c:68:be:01:08:03:9a:af:89:48:2b:
44:42:ad:cd:5a:53:68:80:3a:ee:ca:b6:5c:f3:8e:
8f:c6:61:6d:ce:00:25:6c:48:51:53:4e:97:e8:59:
07:bb:ac:cb:c8:2a:bf:4b:58:79:7a:e0:f2:c9:84:
a9:42:50:42:e1:77:c5:73:bb:26:3d:f3:1c:4d:dc:
12:2e:24:ec:b5:99:0f:c9:da:14:66:49:57:52:b5:
6e:08:7d:08:fe:21:45:3b:60:10:3f:50:c4:81:57:
53:b2:2e:61:d1:07:cd:89:cc:52:e5:6e:e6:af:da:
b4:03:01:68:55:13:47:94:9b:f3:dc:e5:2d:0e:87:
06:07:ce:94:6a:a6:77:4d:c5:a2:bf:80:3f:f6:e3:
03:29:d7:87:f9:95:ba:a6:bc:57:70:70:5b:b9:43:
c2:f1:d3:58:e3:7d:1c:f7:33:1e:6a:0d:87:d8:65:
d1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:34:4A:58:E9:86:FB:D9:9E:0D:64:F3:7C:66:9E:BF:66:42:5E:A8
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/KDRKWOmG-9meDWTzfGaev2ZCXqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:e100::/40
Signature Algorithm: sha256WithRSAEncryption
c4:a7:27:34:0b:87:de:8d:e5:2b:c3:16:4d:d8:9e:01:49:fd:
b1:6b:98:bc:11:0e:e8:a0:00:f8:08:06:46:a5:d9:db:ec:43:
53:76:ff:d4:9e:05:12:a5:df:6c:53:7c:f3:30:e8:0b:6f:6c:
00:dc:9a:b1:35:88:43:4c:bf:e7:6e:df:ca:f1:41:21:3a:bd:
4b:7c:ec:f2:07:8b:03:fb:10:18:fa:72:72:3d:bc:39:07:33:
f4:21:9b:7a:d9:10:4c:31:02:b4:f1:e9:7b:84:a7:75:89:9d:
50:04:01:f3:6c:4f:0d:4e:fa:af:44:18:fb:b3:74:f1:4b:08:
29:86:33:10:6c:58:e6:24:9c:9c:1e:6e:3c:0f:cc:00:2a:17:
d6:51:c8:e7:13:38:09:0f:75:84:45:f5:5b:3f:5d:33:e9:5c:
7a:46:be:68:9f:ad:67:aa:df:22:e9:cd:11:8b:bd:e6:c9:38:
6f:92:90:b5:4e:d9:6b:02:39:ac:13:de:85:39:52:f4:05:24:
c2:55:99:31:8c:6c:c5:90:aa:ce:8b:a7:49:88:9c:d5:73:14:
73:be:b9:9c:f1:5d:79:a1:05:a5:f4:75:dc:e0:65:46:cb:86:
f8:8d:81:11:6d:eb:4c:4c:8e:d3:dd:15:f3:f4:66:9a:a7:1d:
5f:16:9f:1f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYTm+mYqzs/BRLTydgChszdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjIxMjA2MTAyODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODM0NGE1OGU5ODZmYmQ5OWUwZDY0ZjM3YzY2OWViZjY2NDI1ZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0GhFp6V9fywnTKAQvELPpKBh37o
eaJyoynD3Iq+AD4pfXaASvjaJ8JAzfx+bCmswnUVyYxO2DPdu8EJ8rgfQEGz2zrb
Djp45KsHPreyLGi+AQgDmq+JSCtEQq3NWlNogDruyrZc846PxmFtzgAlbEhRU06X
6FkHu6zLyCq/S1h5euDyyYSpQlBC4XfFc7smPfMcTdwSLiTstZkPydoUZklXUrVu
CH0I/iFFO2AQP1DEgVdTsi5h0QfNicxS5W7mr9q0AwFoVRNHlJvz3OUtDocGB86U
aqZ3TcWiv4A/9uMDKdeH+ZW6prxXcHBbuUPC8dNY430c9zMeag2H2GXRUQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCg0SljphvvZng1k83xmnr9mQl6oMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvS0RSS1dPbUctOW1lRFdUemZHYWV2MlpDWHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI/wuEw
DQYJKoZIhvcNAQELBQADggEBAMSnJzQLh96N5SvDFk3YngFJ/bFrmLwRDuigAPgI
Bkal2dvsQ1N2/9SeBRKl32xTfPMw6AtvbADcmrE1iENMv+du38rxQSE6vUt87PIH
iwP7EBj6cnI9vDkHM/Qhm3rZEEwxArTx6XuEp3WJnVAEAfNsTw1O+q9EGPuzdPFL
CCmGMxBsWOYknJwebjwPzAAqF9ZRyOcTOAkPdYRF9Vs/XTPpXHpGvmifrWeq3yLp
zRGLvebJOG+SkLVO2WsCOawT3oU5UvQFJMJVmTGMbMWQqs6Lp0mInNVzFHO+uZzx
XXmhBaX0ddzgZUbLhviNgRFt60xMjtPdFfP0ZpqnHV8Wnx8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:36 2025 by rpki-client