Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/kP876_oCdXJybm6tUUVZ4xlQgKs.roa
File: kP876_oCdXJybm6tUUVZ4xlQgKs.roa (raw, json)
Hash identifier: MOz7/a42hVvT0fk4EWri67BlroLLkrTeYV3pBBHu98I=
Subject key identifier: 90:FF:3B:EB:FA:02:75:72:72:6E:6E:AD:51:45:59:E3:19:50:80:AB
Certificate issuer: /CN=a56316c7129831e0511079532ded81dc12c81da0
Certificate serial: 0181E344C3850EA276BC8996B42F2C14C8F7
Authority key identifier: A5:63:16:C7:12:98:31:E0:51:10:79:53:2D:ED:81:DC:12:C8:1D:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pWMWxxKYMeBREHlTLe2B3BLIHaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/kP876_oCdXJybm6tUUVZ4xlQgKs.roa
Signing time: Sat 09 Jul 2022 14:02:23 +0000
ROA not before: Sat 09 Jul 2022 14:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64441
IP address blocks: 194.102.162.0/24 maxlen: 24
91.206.160.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e3:44:c3:85:0e:a2:76:bc:89:96:b4:2f:2c:14:c8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a56316c7129831e0511079532ded81dc12c81da0
Validity
Not Before: Jul 9 14:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90ff3bebfa027572726e6ead514559e3195080ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:82:cc:d1:44:b4:ac:fb:e8:28:ba:df:d0:d5:
66:06:18:6f:6d:73:b7:97:f4:8d:61:9b:0f:59:c0:
3b:fd:6c:32:88:06:70:6f:bc:67:e8:4e:1d:8d:ba:
b7:4e:d5:ce:16:59:04:98:70:f3:9c:da:92:20:23:
95:77:c3:94:49:5a:e3:16:8d:ac:ec:10:0b:52:42:
63:98:da:63:6e:24:00:70:71:16:08:05:f5:a1:c2:
b1:d7:75:b6:c8:16:da:09:de:5f:c5:f6:b7:fe:4f:
58:4b:85:cb:b7:b3:1f:d3:1a:8d:e4:08:bc:f4:ff:
6e:09:9e:92:cd:72:8e:15:cc:09:97:d5:73:33:57:
41:21:c3:48:c7:52:de:4b:42:50:5c:c9:74:94:00:
d4:50:d7:af:43:de:a0:08:7d:db:aa:d0:08:12:16:
9d:42:49:f4:d5:0c:c4:a9:c5:89:6e:61:4a:70:32:
57:9d:f2:74:97:3f:5d:16:7c:9d:71:f1:39:2f:97:
fd:3b:d9:33:a6:89:b6:95:f2:a2:b9:76:01:cd:6c:
46:b0:9a:7b:5f:9c:5e:84:b9:44:79:07:72:37:2a:
e2:7c:4f:3f:81:5b:54:f5:13:b1:1c:6b:ef:3f:1d:
74:eb:31:96:62:7f:f3:e1:73:f9:97:4e:40:08:af:
3b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:FF:3B:EB:FA:02:75:72:72:6E:6E:AD:51:45:59:E3:19:50:80:AB
X509v3 Authority Key Identifier:
keyid:A5:63:16:C7:12:98:31:E0:51:10:79:53:2D:ED:81:DC:12:C8:1D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pWMWxxKYMeBREHlTLe2B3BLIHaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/kP876_oCdXJybm6tUUVZ4xlQgKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/4d9267-4eac-4213-9bcb-28b82c0a14f0/1/pWMWxxKYMeBREHlTLe2B3BLIHaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.160.0/23
194.102.162.0/24
Signature Algorithm: sha256WithRSAEncryption
36:19:b6:06:21:67:ef:ea:c8:f3:04:50:71:bb:4a:ab:c1:32:
2c:95:f0:b7:ee:e4:3c:b5:71:97:d6:7d:a3:b5:36:4d:10:46:
4f:87:7e:2a:81:e6:06:2d:4b:fb:9b:5d:90:87:84:8d:33:db:
74:0d:a1:f6:e4:ad:1e:03:a4:44:77:b5:c1:a0:b3:33:8c:4c:
a4:7a:35:61:bb:46:29:78:f6:90:fd:e6:f0:60:67:d7:94:0a:
5f:fa:f1:05:42:08:69:a0:4e:3b:db:09:df:8c:04:83:03:0d:
10:4c:61:63:bc:ca:18:41:1a:b9:53:b1:6d:1c:74:53:b0:17:
32:81:59:c3:92:5f:ab:d4:4c:0b:64:eb:07:4f:74:20:54:bf:
17:5d:98:34:00:16:17:64:07:ee:8e:23:0e:e0:5a:8a:c6:84:
64:2b:15:08:b2:a5:aa:d6:69:af:f3:22:6c:96:9b:30:05:08:
4e:41:e7:d8:c4:9b:e2:f5:7f:21:aa:a0:ab:25:a7:75:55:ac:
9d:1d:9e:c7:a5:d9:8a:11:b9:fa:e5:2d:4f:a4:b6:66:62:5d:
e6:85:e1:a2:fd:e0:3f:70:6c:0e:47:05:f4:44:f7:53:eb:e0:
04:26:20:2a:33:ce:55:63:f2:5b:92:37:20:9b:a0:8c:e6:32:
aa:0f:f9:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYHjRMOFDqJ2vImWtC8sFMj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NjMxNmM3MTI5ODMxZTA1MTEwNzk1MzJkZWQ4MWRjMTJj
ODFkYTAwHhcNMjIwNzA5MTQwMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGZmM2JlYmZhMDI3NTcyNzI2ZTZlYWQ1MTQ1NTllMzE5NTA4MGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyILM0US0rPvoKLrf0NVmBhhvbXO3
l/SNYZsPWcA7/WwyiAZwb7xn6E4djbq3TtXOFlkEmHDznNqSICOVd8OUSVrjFo2s
7BALUkJjmNpjbiQAcHEWCAX1ocKx13W2yBbaCd5fxfa3/k9YS4XLt7Mf0xqN5Ai8
9P9uCZ6SzXKOFcwJl9VzM1dBIcNIx1LeS0JQXMl0lADUUNevQ96gCH3bqtAIEhad
Qkn01QzEqcWJbmFKcDJXnfJ0lz9dFnydcfE5L5f9O9kzpom2lfKiuXYBzWxGsJp7
X5xehLlEeQdyNyrifE8/gVtU9ROxHGvvPx106zGWYn/z4XP5l05ACK87mQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJD/O+v6AnVycm5urVFFWeMZUICrMB8GA1UdIwQY
MBaAFKVjFscSmDHgURB5Uy3tgdwSyB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFdNV3h4S1lNZUJSRUhsVExlMkIzQkxJSGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80ZDkyNjctNGVhYy00MjEzLTliY2It
MjhiODJjMGExNGYwLzEva1A4NzZfb0NkWEp5Ym02dFVVVlo0eGxRZ0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS80ZDkyNjctNGVhYy00MjEzLTliY2ItMjhiODJjMGExNGYw
LzEvcFdNV3h4S1lNZUJSRUhsVExlMkIzQkxJSGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW86gAwQA
wmaiMA0GCSqGSIb3DQEBCwUAA4IBAQA2GbYGIWfv6sjzBFBxu0qrwTIslfC37uQ8
tXGX1n2jtTZNEEZPh34qgeYGLUv7m12Qh4SNM9t0DaH25K0eA6REd7XBoLMzjEyk
ejVhu0YpePaQ/ebwYGfXlApf+vEFQghpoE472wnfjASDAw0QTGFjvMoYQRq5U7Ft
HHRTsBcygVnDkl+r1EwLZOsHT3QgVL8XXZg0ABYXZAfujiMO4FqKxoRkKxUIsqWq
1mmv8yJslpswBQhOQefYxJvi9X8hqqCrJad1VaydHZ7HpdmKEbn65S1PpLZmYl3m
heGi/eA/cGwORwX0RPdT6+AEJiAqM85VY/Jbkjcgm6CM5jKqD/nS
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:13 2025 by rpki-client