Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/KsLcaIHUsCvmrJLpc7ADKIUVMNU.roa
File: KsLcaIHUsCvmrJLpc7ADKIUVMNU.roa (raw, json)
Hash identifier: 6b5xtkIg7OBhQyeqvGXTRndJKikp6KLQ49yw76IAeyc=
Subject key identifier: 2A:C2:DC:68:81:D4:B0:2B:E6:AC:92:E9:73:B0:03:28:85:15:30:D5
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01857139C8152F56DCA7BD424B667ADFBF68
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/KsLcaIHUsCvmrJLpc7ADKIUVMNU.roa
Signing time: Mon 02 Jan 2023 06:44:50 +0000
ROA not before: Mon 02 Jan 2023 06:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34837
IP address blocks: 193.104.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:c8:15:2f:56:dc:a7:bd:42:4b:66:7a:df:bf:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 06:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ac2dc6881d4b02be6ac92e973b00328851530d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0c:8a:60:3d:f3:9c:53:06:16:f0:c7:89:3d:
3f:17:b2:bb:c7:c3:83:c4:60:62:3d:88:22:3d:b2:
40:a4:df:bd:25:56:69:ca:52:13:8f:4e:25:3d:4b:
64:12:23:c7:cc:61:e4:79:75:87:3f:39:64:08:2f:
e5:69:c6:8a:33:12:ba:a6:0e:20:7e:13:2f:d1:f0:
6b:cf:d0:de:41:a2:a5:f7:02:b5:5e:bc:ed:44:a1:
c2:d4:d7:a9:3b:73:1b:6e:2f:ad:21:44:b8:9a:0d:
96:27:e7:93:4e:ae:a4:52:36:c9:dd:b3:1d:7f:54:
53:5d:c9:c8:ce:3d:4f:5c:2f:4d:c7:b8:2a:82:38:
06:36:d5:35:12:a5:44:b6:12:91:4d:aa:21:9c:03:
30:65:38:9c:04:d7:f0:1e:4a:cd:ca:f3:f0:89:37:
60:31:88:2b:f6:02:ac:47:84:23:65:cb:ba:0e:e5:
dd:60:7d:65:70:9a:f9:25:1c:38:86:1c:78:9a:68:
a1:06:55:b4:89:2e:61:69:0c:f5:0f:29:08:d0:f5:
a2:47:19:bd:35:af:eb:6b:2b:62:d3:1d:77:ff:35:
50:43:f4:34:66:36:5d:9c:5b:4c:6a:1a:61:8e:a2:
b3:d1:07:9d:ee:90:07:fc:48:ba:a8:82:fa:49:89:
a5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C2:DC:68:81:D4:B0:2B:E6:AC:92:E9:73:B0:03:28:85:15:30:D5
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/KsLcaIHUsCvmrJLpc7ADKIUVMNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.212.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:98:99:e8:ed:f2:3c:da:c5:ca:92:65:84:d6:f3:82:79:0c:
96:f0:1b:a4:6f:bc:12:66:bc:77:72:51:74:d2:a8:3f:0d:d8:
94:27:8b:84:8e:fb:77:4e:74:8a:71:ab:09:c1:e1:eb:3a:81:
6c:a9:e2:9b:56:82:0d:26:a8:89:77:4a:72:9d:32:e4:be:3b:
c1:cb:ab:59:4a:10:80:cd:12:c4:fb:3a:93:b1:45:79:4c:72:
87:63:56:9c:70:97:1a:64:71:eb:8b:31:55:15:26:d4:61:77:
c5:9c:07:03:03:e9:a1:4f:72:f4:fd:41:83:1b:fc:35:09:2d:
ba:52:73:cf:b2:0b:d8:30:4e:69:e7:56:63:95:e2:58:40:5d:
9a:b2:75:f1:2e:c7:fe:5d:a0:d2:b9:43:bf:6f:a5:f9:db:5b:
1e:1c:81:cb:a4:a1:41:37:b1:09:8b:ae:7e:b6:9b:21:03:d4:
b3:56:d8:e8:90:03:55:41:66:1a:7a:51:be:37:7d:49:fe:d2:
3d:36:f5:23:b2:c5:b3:94:4c:d8:7b:82:83:db:a7:bc:bf:33:
0b:e7:46:1c:f8:83:4e:20:59:63:d5:aa:e8:82:08:7a:01:62:
99:f6:55:34:f9:ad:6c:93:d1:f7:17:a8:06:07:41:cc:af:83:
46:b5:6b:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxOcgVL1bcp71CS2Z6379oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjMwMTAyMDY0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWMyZGM2ODgxZDRiMDJiZTZhYzkyZTk3M2IwMDMyODg1MTUzMGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAyKYD3znFMGFvDHiT0/F7K7x8OD
xGBiPYgiPbJApN+9JVZpylITj04lPUtkEiPHzGHkeXWHPzlkCC/lacaKMxK6pg4g
fhMv0fBrz9DeQaKl9wK1XrztRKHC1NepO3Mbbi+tIUS4mg2WJ+eTTq6kUjbJ3bMd
f1RTXcnIzj1PXC9Nx7gqgjgGNtU1EqVEthKRTaohnAMwZTicBNfwHkrNyvPwiTdg
MYgr9gKsR4QjZcu6DuXdYH1lcJr5JRw4hhx4mmihBlW0iS5haQz1DykI0PWiRxm9
Na/rayti0x13/zVQQ/Q0ZjZdnFtMahphjqKz0Qed7pAH/Ei6qIL6SYmlMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCrC3GiB1LAr5qyS6XOwAyiFFTDVMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvS3NMY2FJSFVzQ3ZtckpMcGM3QURLSVVWTU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWjUMA0G
CSqGSIb3DQEBCwUAA4IBAQAcmJno7fI82sXKkmWE1vOCeQyW8Bukb7wSZrx3clF0
0qg/DdiUJ4uEjvt3TnSKcasJweHrOoFsqeKbVoINJqiJd0pynTLkvjvBy6tZShCA
zRLE+zqTsUV5THKHY1accJcaZHHrizFVFSbUYXfFnAcDA+mhT3L0/UGDG/w1CS26
UnPPsgvYME5p51ZjleJYQF2asnXxLsf+XaDSuUO/b6X521seHIHLpKFBN7EJi65+
tpshA9SzVtjokANVQWYaelG+N31J/tI9NvUjssWzlEzYe4KD26e8vzML50Yc+INO
IFlj1aroggh6AWKZ9lU0+a1sk9H3F6gGB0HMr4NGtWtk
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:02 2025 by rpki-client