Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KGwOfZty-g9ECxC4fYcq_4G5Ir0.roa
File: KGwOfZty-g9ECxC4fYcq_4G5Ir0.roa (raw, json)
Hash identifier: FtlEVq/c9vhyf02vFGQtCwUWZjR27tDYdSWxpsKHkDg=
Subject key identifier: 28:6C:0E:7D:9B:72:FA:0F:44:0B:10:B8:7D:87:2A:FF:81:B9:22:BD
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018926BB84755AAE28B0CEF00CA014E04FB5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KGwOfZty-g9ECxC4fYcq_4G5Ir0.roa
Signing time: Wed 05 Jul 2023 15:46:10 +0000
ROA not before: Wed 05 Jul 2023 15:46:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147287
IP address blocks: 109.176.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:bb:84:75:5a:ae:28:b0:ce:f0:0c:a0:14:e0:4f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 5 15:46:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=286c0e7d9b72fa0f440b10b87d872aff81b922bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ca:ab:56:51:ec:a8:10:5b:c8:73:b2:83:03:
72:3e:ae:03:41:9a:b6:95:9b:34:a0:53:a0:53:65:
54:54:50:7d:0f:5a:c4:d5:c5:7a:f8:34:3c:ae:25:
42:6d:a7:df:ea:e9:a2:18:29:85:49:ee:02:02:63:
7d:6a:ed:c2:da:55:8d:95:90:d3:80:95:8d:18:eb:
be:40:8a:42:56:94:e4:16:3d:e6:8e:59:57:04:8d:
68:90:d4:4f:4a:ee:cf:32:46:79:12:17:4f:8d:d8:
66:90:01:a3:c1:b8:26:d7:c3:3e:6b:6f:ea:72:d1:
58:f4:0a:66:7e:4c:4c:eb:66:9a:bd:26:0c:a3:5a:
8d:9a:8d:08:63:05:39:7b:0b:23:e2:0a:ab:41:f3:
8d:e1:41:4e:a2:0d:f2:7e:21:5a:a3:4c:23:66:5a:
07:ed:f4:0c:18:93:47:53:9b:74:fa:77:3e:3e:4f:
61:08:42:c5:9b:5a:f3:50:aa:95:fa:76:45:66:5d:
a0:41:ce:a9:fd:e5:d2:94:12:ce:fd:c1:97:1c:a9:
41:31:25:9a:18:15:33:46:d6:6b:82:52:4a:e4:57:
5d:30:9b:18:45:8f:0c:38:9f:9e:5b:b2:bf:55:ee:
59:cc:f9:e4:d0:cf:d6:19:78:ac:74:92:33:f5:98:
18:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:6C:0E:7D:9B:72:FA:0F:44:0B:10:B8:7D:87:2A:FF:81:B9:22:BD
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KGwOfZty-g9ECxC4fYcq_4G5Ir0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.246.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:92:7b:c7:77:15:3d:b1:8e:15:82:0e:c6:b3:c3:bd:33:fb:
8a:8b:02:d3:3d:22:00:c6:85:56:43:cc:f2:e0:21:62:4b:cf:
97:22:ce:ed:eb:bc:03:12:c8:ea:8b:1f:52:9d:d4:c3:01:b0:
8c:fc:87:49:db:fb:57:fb:b8:e1:67:7b:69:d4:79:b6:c3:9f:
75:da:9e:34:24:39:39:31:c2:ae:8a:0f:e2:8b:8a:30:de:23:
d3:33:19:d1:91:67:c8:a0:b9:46:3f:cb:85:f7:7b:12:2e:d5:
a5:c9:33:8a:77:9f:05:43:2f:aa:3b:dd:ef:59:f8:db:71:48:
b0:e8:af:69:62:38:6b:d0:5f:1c:d9:0d:88:db:ef:37:9b:cc:
9c:ad:e8:a0:5e:4b:4e:3e:a9:5f:c6:26:43:fb:6d:5d:be:8e:
db:94:08:89:73:34:47:34:fc:22:d3:9c:ab:c3:f0:1a:28:fc:
b4:05:0e:a2:90:70:be:4e:e3:69:cb:5f:c0:4f:8e:27:ef:e2:
70:f9:02:f9:bf:08:d1:38:cf:50:f6:95:b1:0e:ff:6e:8d:2b:
7a:6b:3d:8e:e6:b7:e1:9d:9b:56:59:4b:d2:9e:54:cd:80:7e:
14:10:9f:21:48:ea:3d:52:6a:f4:ff:d1:99:ac:0d:a6:36:1f:
65:98:9c:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkmu4R1Wq4osM7wDKAU4E+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA1MTU0NjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODZjMGU3ZDliNzJmYTBmNDQwYjEwYjg3ZDg3MmFmZjgxYjkyMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcqrVlHsqBBbyHOygwNyPq4DQZq2
lZs0oFOgU2VUVFB9D1rE1cV6+DQ8riVCbaff6umiGCmFSe4CAmN9au3C2lWNlZDT
gJWNGOu+QIpCVpTkFj3mjllXBI1okNRPSu7PMkZ5EhdPjdhmkAGjwbgm18M+a2/q
ctFY9ApmfkxM62aavSYMo1qNmo0IYwU5ewsj4gqrQfON4UFOog3yfiFao0wjZloH
7fQMGJNHU5t0+nc+Pk9hCELFm1rzUKqV+nZFZl2gQc6p/eXSlBLO/cGXHKlBMSWa
GBUzRtZrglJK5FddMJsYRY8MOJ+eW7K/Ve5ZzPnk0M/WGXisdJIz9ZgYPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChsDn2bcvoPRAsQuH2HKv+BuSK9MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS0d3T2ZadHktZzlFQ3hDNGZZY3FfNEc1SXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD2MA0G
CSqGSIb3DQEBCwUAA4IBAQBtknvHdxU9sY4Vgg7Gs8O9M/uKiwLTPSIAxoVWQ8zy
4CFiS8+XIs7t67wDEsjqix9SndTDAbCM/IdJ2/tX+7jhZ3tp1Hm2w5912p40JDk5
McKuig/ii4ow3iPTMxnRkWfIoLlGP8uF93sSLtWlyTOKd58FQy+qO93vWfjbcUiw
6K9pYjhr0F8c2Q2I2+83m8ycreigXktOPqlfxiZD+21dvo7blAiJczRHNPwi05yr
w/AaKPy0BQ6ikHC+TuNpy1/AT44n7+Jw+QL5vwjROM9Q9pWxDv9ujSt6az2O5rfh
nZtWWUvSnlTNgH4UEJ8hSOo9Umr0/9GZrA2mNh9lmJy6
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:44 2025 by rpki-client