Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/ede94e-ba2a-41ee-b12c-e0534e23859b/1/KQOmiPl3aLkpVWZv1a-0AfBxNE4.roa
File: KQOmiPl3aLkpVWZv1a-0AfBxNE4.roa (raw, json)
Hash identifier: tJW9IW0oFBg1RZJxo3EQojYlVGW+XYHsXMYJyQsCcb8=
Subject key identifier: 29:03:A6:88:F9:77:68:B9:29:55:66:6F:D5:AF:B4:01:F0:71:34:4E
Certificate issuer: /CN=e6596f1b163cab0c45a84eeb13261b65f1a22962
Certificate serial: 0185700278820215F8D0F503F1175CBC98C9
Authority key identifier: E6:59:6F:1B:16:3C:AB:0C:45:A8:4E:EB:13:26:1B:65:F1:A2:29:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5llvGxY8qwxFqE7rEyYbZfGiKWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/ede94e-ba2a-41ee-b12c-e0534e23859b/1/KQOmiPl3aLkpVWZv1a-0AfBxNE4.roa
Signing time: Mon 02 Jan 2023 01:04:48 +0000
ROA not before: Mon 02 Jan 2023 01:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20552
IP address blocks: 93.105.74.0/24 maxlen: 24
93.105.73.0/24 maxlen: 24
93.105.75.0/24 maxlen: 24
93.105.72.0/24 maxlen: 24
178.235.240.0/24 maxlen: 24
178.235.240.0/22 maxlen: 22
178.235.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:78:82:02:15:f8:d0:f5:03:f1:17:5c:bc:98:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6596f1b163cab0c45a84eeb13261b65f1a22962
Validity
Not Before: Jan 2 01:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2903a688f97768b92955666fd5afb401f071344e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b9:7a:f3:9a:e6:61:ae:03:de:9c:15:8a:95:
a7:f8:49:81:de:ad:bf:4e:5f:a0:fe:b9:46:12:18:
4a:18:5f:57:22:26:c0:be:e4:55:71:f5:df:de:47:
85:a2:7f:30:c0:0f:f8:74:69:68:14:ec:48:88:8d:
70:7f:e1:5e:87:6f:91:94:ad:d0:6a:65:af:b5:32:
17:ad:92:36:28:9e:9b:6b:b4:c6:41:da:bb:53:6c:
98:1f:25:f8:d3:8c:4e:8f:78:fb:1e:37:fd:b8:b5:
5a:18:cf:7a:7f:bf:ca:cc:37:e7:38:ea:d8:4d:4e:
9e:c4:95:68:0f:1a:84:db:5a:34:d6:1f:97:88:af:
b7:20:8c:de:80:d7:f6:09:7b:3b:75:4b:01:2d:bc:
02:ae:b7:1a:08:3d:56:b3:0e:81:71:42:4f:ce:4b:
06:35:0c:59:3b:04:5b:e5:8b:ba:9b:2a:5a:77:47:
b7:7f:6b:c6:43:a4:2f:3a:ab:0b:44:81:d5:6a:f2:
54:6a:23:eb:08:94:4d:a2:69:e3:fe:2f:51:3a:c2:
27:09:16:95:a9:04:a8:10:dc:62:f5:f6:01:c5:c3:
e8:47:9d:29:d2:95:ef:b4:8a:f3:b9:7a:ee:39:ae:
00:1b:7f:b2:32:40:c1:66:a0:97:12:5c:a9:0a:fb:
71:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:03:A6:88:F9:77:68:B9:29:55:66:6F:D5:AF:B4:01:F0:71:34:4E
X509v3 Authority Key Identifier:
keyid:E6:59:6F:1B:16:3C:AB:0C:45:A8:4E:EB:13:26:1B:65:F1:A2:29:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5llvGxY8qwxFqE7rEyYbZfGiKWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/ede94e-ba2a-41ee-b12c-e0534e23859b/1/KQOmiPl3aLkpVWZv1a-0AfBxNE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/ede94e-ba2a-41ee-b12c-e0534e23859b/1/5llvGxY8qwxFqE7rEyYbZfGiKWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.105.72.0/22
178.235.240.0/22
Signature Algorithm: sha256WithRSAEncryption
19:7b:d6:03:1e:ea:7b:31:86:3c:57:60:cc:22:1b:6b:2b:e9:
b7:ca:8d:5b:a5:92:4b:e0:11:cf:31:e8:62:f8:aa:85:a9:bc:
7a:73:8d:9f:da:2d:b3:f4:d5:03:4d:c8:6e:67:eb:5d:5e:ac:
df:37:a8:cd:18:2a:98:b0:0b:fb:b1:62:14:6b:b2:24:59:c2:
8c:00:95:4d:04:93:3d:22:64:e4:79:9f:33:c8:bd:11:52:49:
45:b6:2e:64:68:06:15:fc:7a:ac:55:6b:83:e8:bc:b1:46:53:
e4:05:41:a2:49:1b:d4:da:10:d1:3b:8f:52:19:00:d3:b5:36:
1a:c5:cc:af:13:ba:38:c4:15:a6:a8:75:8d:32:15:c5:46:48:
9d:b9:60:a6:36:63:3d:bc:62:2e:b9:60:65:92:de:56:c8:66:
3d:ae:f5:c1:28:15:78:29:98:1c:b3:c7:fc:84:da:0c:df:83:
e7:3f:f6:f7:86:01:e7:72:66:5f:71:d3:70:6f:40:70:1a:00:
98:b2:8b:af:dd:8b:d6:de:e8:e3:12:7d:13:5a:ff:98:64:75:
d8:0e:14:49:7a:02:3a:1d:72:bf:02:ff:8a:9a:fa:ec:58:30:
63:95:d4:18:39:98:5c:43:e4:24:67:3d:aa:fe:30:9c:ad:a4:
9f:c1:7c:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwAniCAhX40PUD8RdcvJjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2NTk2ZjFiMTYzY2FiMGM0NWE4NGVlYjEzMjYxYjY1ZjFh
MjI5NjIwHhcNMjMwMTAyMDEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTAzYTY4OGY5Nzc2OGI5Mjk1NTY2NmZkNWFmYjQwMWYwNzEzNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7l685rmYa4D3pwVipWn+EmB3q2/
Tl+g/rlGEhhKGF9XIibAvuRVcfXf3keFon8wwA/4dGloFOxIiI1wf+Feh2+RlK3Q
amWvtTIXrZI2KJ6ba7TGQdq7U2yYHyX404xOj3j7Hjf9uLVaGM96f7/KzDfnOOrY
TU6exJVoDxqE21o01h+XiK+3IIzegNf2CXs7dUsBLbwCrrcaCD1Wsw6BcUJPzksG
NQxZOwRb5Yu6mypad0e3f2vGQ6QvOqsLRIHVavJUaiPrCJRNomnj/i9ROsInCRaV
qQSoENxi9fYBxcPoR50p0pXvtIrzuXruOa4AG3+yMkDBZqCXElypCvtx8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCkDpoj5d2i5KVVmb9WvtAHwcTROMB8GA1UdIwQY
MBaAFOZZbxsWPKsMRahO6xMmG2XxoiliMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWxsdkd4WThxd3hGcUU3ckV5WWJaZkdpS1dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9lZGU5NGUtYmEyYS00MWVlLWIxMmMt
ZTA1MzRlMjM4NTliLzEvS1FPbWlQbDNhTGtwVldadjFhLTBBZkJ4TkU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9lZGU5NGUtYmEyYS00MWVlLWIxMmMtZTA1MzRlMjM4NTli
LzEvNWxsdkd4WThxd3hGcUU3ckV5WWJaZkdpS1dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXWlIAwQC
suvwMA0GCSqGSIb3DQEBCwUAA4IBAQAZe9YDHup7MYY8V2DMIhtrK+m3yo1bpZJL
4BHPMehi+KqFqbx6c42f2i2z9NUDTchuZ+tdXqzfN6jNGCqYsAv7sWIUa7IkWcKM
AJVNBJM9ImTkeZ8zyL0RUklFti5kaAYV/HqsVWuD6LyxRlPkBUGiSRvU2hDRO49S
GQDTtTYaxcyvE7o4xBWmqHWNMhXFRkiduWCmNmM9vGIuuWBlkt5WyGY9rvXBKBV4
KZgcs8f8hNoM34PnP/b3hgHncmZfcdNwb0BwGgCYsouv3YvW3ujjEn0TWv+YZHXY
DhRJegI6HXK/Av+KmvrsWDBjldQYOZhcQ+QkZz2q/jCcraSfwXxc
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:12 2025 by rpki-client