Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/kvjL2o1LpTc0PoTjpgyfoYIBhFo.roa
File: kvjL2o1LpTc0PoTjpgyfoYIBhFo.roa (raw, json)
Hash identifier: Q18x/AYLVtwR5NBzD3uq3Ujej6rrdQaD3QVciXhrOx4=
Subject key identifier: 92:F8:CB:DA:8D:4B:A5:37:34:3E:84:E3:A6:0C:9F:A1:82:01:84:5A
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01857139CF42D67AFB611F84438B22232671
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/kvjL2o1LpTc0PoTjpgyfoYIBhFo.roa
Signing time: Mon 02 Jan 2023 06:44:52 +0000
ROA not before: Mon 02 Jan 2023 06:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59794
IP address blocks: 194.225.32.0/22 maxlen: 24
194.225.108.0/22 maxlen: 22
2001:14e8:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:cf:42:d6:7a:fb:61:1f:84:43:8b:22:23:26:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 06:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92f8cbda8d4ba537343e84e3a60c9fa18201845a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:85:db:e7:90:d9:5b:14:64:3f:84:3f:16:3c:
71:41:ff:2d:85:68:2c:c5:d0:91:70:d9:19:5a:23:
ca:47:66:02:90:08:10:13:8f:e9:e0:d0:6e:81:20:
8e:7e:3d:8e:f0:df:e6:9b:e4:bf:96:d6:a2:bf:db:
f6:ed:6e:58:8e:28:5c:66:36:2a:72:35:64:03:d4:
03:f0:c6:f7:13:73:c5:cf:c9:9a:54:fa:0c:d2:ec:
a2:01:78:34:f4:8c:10:f8:67:f6:c9:73:c8:5e:6f:
76:72:6b:ba:30:4b:6f:65:00:e2:8a:d3:da:e6:f3:
e9:1e:d4:e0:b1:2c:fa:c5:9b:f3:f7:2f:45:9f:6f:
c6:8a:f7:37:d6:e0:85:23:0a:1d:e3:18:e1:ce:29:
80:53:f7:0f:2a:0a:91:f9:50:b1:99:a7:9f:7f:95:
3f:23:13:62:4b:6b:49:bf:20:f3:f9:29:4f:68:6a:
8c:7c:31:9b:02:e7:d4:6a:50:5a:f6:51:fe:82:83:
5c:78:5f:8d:e1:fb:4c:8c:ff:3a:d6:71:7e:3c:32:
4a:ad:be:06:85:f9:99:00:ef:e2:f9:4b:d6:55:ed:
aa:be:86:a8:f5:4b:81:44:5f:2d:de:9a:01:9c:23:
0b:d7:b4:f4:07:4b:74:ef:33:de:2d:b5:b4:a6:3a:
22:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F8:CB:DA:8D:4B:A5:37:34:3E:84:E3:A6:0C:9F:A1:82:01:84:5A
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/kvjL2o1LpTc0PoTjpgyfoYIBhFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.225.32.0/22
194.225.108.0/22
IPv6:
2001:14e8:6::/48
Signature Algorithm: sha256WithRSAEncryption
37:77:0d:e3:19:2b:69:aa:ba:c1:65:21:0f:c8:ee:52:06:73:
50:75:41:cd:84:49:ec:e9:8d:12:27:3b:cd:25:07:a2:86:91:
25:02:65:19:2f:91:c7:01:d5:3a:f1:0f:33:17:54:f5:d8:89:
66:29:06:8a:d5:a1:a1:87:bd:cb:e6:80:a1:f8:8f:03:ec:48:
e1:90:00:b1:41:ed:19:b6:34:6f:b0:54:3b:32:33:22:9c:48:
06:3c:84:d4:34:c3:23:fb:88:7a:b0:a9:bf:f1:75:f8:44:e9:
f1:07:6c:d0:f3:04:bc:75:f3:67:b1:45:38:b3:dc:dd:f3:98:
fe:b5:e8:7d:97:02:5a:ed:9e:14:40:b7:50:4f:8a:73:9c:0a:
45:50:08:e6:e5:65:aa:2a:4f:ed:e7:54:4f:ec:05:d0:95:7a:
cf:f8:30:94:1d:a3:ea:ba:a9:b3:dc:9b:06:a5:31:17:cc:c9:
5a:0d:7e:ed:b2:60:d3:dd:2e:5d:80:c0:b3:3b:6c:15:68:8d:
0f:bb:34:3f:d8:9f:c7:b8:13:b7:c9:d6:3b:4d:46:cd:79:c1:
0a:67:02:13:88:e0:11:1d:bf:1d:54:18:01:84:de:40:64:a0:
0b:52:65:66:8f:d8:e2:14:4f:c7:cd:82:db:fe:6a:21:0f:4a:
c2:94:25:2d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxOc9C1nr7YR+EQ4siIyZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjMwMTAyMDY0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmY4Y2JkYThkNGJhNTM3MzQzZTg0ZTNhNjBjOWZhMTgyMDE4NDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIXb55DZWxRkP4Q/FjxxQf8thWgs
xdCRcNkZWiPKR2YCkAgQE4/p4NBugSCOfj2O8N/mm+S/ltaiv9v27W5YjihcZjYq
cjVkA9QD8Mb3E3PFz8maVPoM0uyiAXg09IwQ+Gf2yXPIXm92cmu6MEtvZQDiitPa
5vPpHtTgsSz6xZvz9y9Fn2/Givc31uCFIwod4xjhzimAU/cPKgqR+VCxmaeff5U/
IxNiS2tJvyDz+SlPaGqMfDGbAufUalBa9lH+goNceF+N4ftMjP861nF+PDJKrb4G
hfmZAO/i+UvWVe2qvoao9UuBRF8t3poBnCML17T0B0t07zPeLbW0pjoigQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJL4y9qNS6U3ND6E46YMn6GCAYRaMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEva3ZqTDJvMUxwVGMwUG9UanBneWZvWUlCaEZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCwuEgAwQC
wuFsMA8EAgACMAkDBwAgARToAAYwDQYJKoZIhvcNAQELBQADggEBADd3DeMZK2mq
usFlIQ/I7lIGc1B1Qc2ESezpjRInO80lB6KGkSUCZRkvkccB1TrxDzMXVPXYiWYp
BorVoaGHvcvmgKH4jwPsSOGQALFB7Rm2NG+wVDsyMyKcSAY8hNQ0wyP7iHqwqb/x
dfhE6fEHbNDzBLx182exRTiz3N3zmP616H2XAlrtnhRAt1BPinOcCkVQCOblZaoq
T+3nVE/sBdCVes/4MJQdo+q6qbPcmwalMRfMyVoNfu2yYNPdLl2AwLM7bBVojQ+7
ND/Yn8e4E7fJ1jtNRs15wQpnAhOI4BEdvx1UGAGE3kBkoAtSZWaP2OIUT8fNgtv+
aiEPSsKUJS0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:41 2025 by rpki-client