Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/KJ3QNcuR20u_FZmveDerWZAalxg.roa
File: KJ3QNcuR20u_FZmveDerWZAalxg.roa (raw, json)
Hash identifier: 2XvmluJtU/IASiqMjd9/GyO728SL8x/EULtPrR2NsOE=
Subject key identifier: 28:9D:D0:35:CB:91:DB:4B:BF:15:99:AF:78:37:AB:59:90:1A:97:18
Certificate issuer: /CN=8cd9d61f83e0d7e8308a6cde4dd315dd75756c03
Certificate serial: 01856BCA157FD61A732EF7C0E48D2980FEE5
Authority key identifier: 8C:D9:D6:1F:83:E0:D7:E8:30:8A:6C:DE:4D:D3:15:DD:75:75:6C:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNnWH4Pg1-gwimzeTdMV3XV1bAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/KJ3QNcuR20u_FZmveDerWZAalxg.roa
Signing time: Sun 01 Jan 2023 05:24:43 +0000
ROA not before: Sun 01 Jan 2023 05:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205493
IP address blocks: 185.215.192.0/22 maxlen: 22
2a0b:ad40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:15:7f:d6:1a:73:2e:f7:c0:e4:8d:29:80:fe:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cd9d61f83e0d7e8308a6cde4dd315dd75756c03
Validity
Not Before: Jan 1 05:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=289dd035cb91db4bbf1599af7837ab59901a9718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4d:3f:97:75:3d:15:12:6a:af:fc:e8:f9:84:
ff:06:eb:3f:1c:f1:9c:6e:26:ea:80:2f:e2:1e:68:
2a:2a:a5:dd:b7:79:2e:53:94:cf:05:c9:fe:e0:39:
89:74:c3:76:b8:3d:85:9d:2f:38:3f:0e:52:49:af:
4a:a1:5a:e6:a4:66:18:57:62:b0:71:85:37:b7:81:
71:3e:17:b2:04:02:36:52:3d:c0:43:a4:f6:47:73:
f5:07:be:2d:74:84:01:88:5e:2c:f0:8a:d7:e3:65:
a8:d7:c7:d0:71:3a:71:0a:e2:1d:89:9c:4f:67:ea:
a4:90:ff:a9:05:4f:55:2b:36:12:a8:76:7f:22:0b:
b8:28:94:6b:98:7b:20:29:a7:89:67:21:5b:a5:75:
e4:6a:99:e6:fb:84:97:98:e5:da:bd:f0:bf:80:29:
0d:17:26:6d:86:50:ab:5d:d9:59:5a:ca:c2:1b:2d:
75:cb:8c:fb:87:6b:26:dc:a1:3e:fc:7c:7d:67:8c:
b4:e9:bc:ee:d3:b8:53:d1:8c:7a:97:b0:f9:88:d8:
ce:fe:b2:41:d5:3c:be:6e:9b:ca:ec:d4:72:f4:31:
b9:56:4a:b1:c4:34:c2:58:37:47:1b:6b:3f:64:6b:
4f:02:30:cf:db:dd:00:6d:98:3e:68:ec:11:34:c0:
32:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9D:D0:35:CB:91:DB:4B:BF:15:99:AF:78:37:AB:59:90:1A:97:18
X509v3 Authority Key Identifier:
keyid:8C:D9:D6:1F:83:E0:D7:E8:30:8A:6C:DE:4D:D3:15:DD:75:75:6C:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNnWH4Pg1-gwimzeTdMV3XV1bAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/KJ3QNcuR20u_FZmveDerWZAalxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/86c946-14cb-4935-88e3-d2d57843a27d/1/jNnWH4Pg1-gwimzeTdMV3XV1bAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.192.0/22
IPv6:
2a0b:ad40::/29
Signature Algorithm: sha256WithRSAEncryption
3e:3d:f2:9e:6e:7c:fb:75:e0:cc:ac:11:25:a1:39:d4:b8:e7:
92:0f:bf:b0:b0:39:ee:6d:1a:08:c5:52:80:ed:42:1a:18:f1:
fa:5a:64:ac:ad:5f:4f:af:11:28:15:94:4c:be:9b:de:ee:52:
48:d3:2d:44:3f:02:8c:fb:d1:75:be:c2:f9:03:fd:69:52:b8:
19:72:9e:0e:f0:f6:b0:92:47:a5:af:fc:bc:df:cd:16:0a:9b:
03:6f:06:d4:27:11:d6:ca:61:4b:d5:f8:04:ea:61:2d:ab:33:
06:61:3c:0b:b2:57:80:fd:28:7d:9c:2c:cb:8a:7a:6d:4f:95:
32:6e:47:e4:83:4b:c8:bb:8e:ed:cf:ae:5c:31:ca:ee:14:e8:
40:61:64:1e:50:59:26:21:46:95:1a:08:06:2d:f1:7a:c5:62:
54:fd:cf:77:63:cf:19:22:fd:9a:1e:8c:91:da:81:36:e4:f4:
0c:bb:78:43:94:66:e9:84:b1:a5:73:75:3e:1e:bf:95:76:7e:
9f:c0:da:94:4f:e2:19:ba:a4:0c:0d:93:4c:ad:83:87:98:e1:
1e:ac:7d:22:b0:c4:b9:5e:4a:d2:1c:62:20:cd:81:e6:d8:f9:
a7:4a:22:b5:c6:34:f9:f3:25:37:ea:a5:81:16:60:f4:1b:73:
9f:df:d5:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVryhV/1hpzLvfA5I0pgP7lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZDlkNjFmODNlMGQ3ZTgzMDhhNmNkZTRkZDMxNWRkNzU3
NTZjMDMwHhcNMjMwMTAxMDUyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODlkZDAzNWNiOTFkYjRiYmYxNTk5YWY3ODM3YWI1OTkwMWE5NzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk0/l3U9FRJqr/zo+YT/Bus/HPGc
bibqgC/iHmgqKqXdt3kuU5TPBcn+4DmJdMN2uD2FnS84Pw5SSa9KoVrmpGYYV2Kw
cYU3t4FxPheyBAI2Uj3AQ6T2R3P1B74tdIQBiF4s8IrX42Wo18fQcTpxCuIdiZxP
Z+qkkP+pBU9VKzYSqHZ/Igu4KJRrmHsgKaeJZyFbpXXkapnm+4SXmOXavfC/gCkN
FyZthlCrXdlZWsrCGy11y4z7h2sm3KE+/Hx9Z4y06bzu07hT0Yx6l7D5iNjO/rJB
1Ty+bpvK7NRy9DG5VkqxxDTCWDdHG2s/ZGtPAjDP290AbZg+aOwRNMAyAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCid0DXLkdtLvxWZr3g3q1mQGpcYMB8GA1UdIwQY
MBaAFIzZ1h+D4NfoMIps3k3TFd11dWwDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak5uV0g0UGcxLWd3aW16ZVRkTVYzWFYxYkFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84NmM5NDYtMTRjYi00OTM1LTg4ZTMt
ZDJkNTc4NDNhMjdkLzEvS0ozUU5jdVIyMHVfRlptdmVEZXJXWkFhbHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS84NmM5NDYtMTRjYi00OTM1LTg4ZTMtZDJkNTc4NDNhMjdk
LzEvak5uV0g0UGcxLWd3aW16ZVRkTVYzWFYxYkFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudfAMA0E
AgACMAcDBQMqC61AMA0GCSqGSIb3DQEBCwUAA4IBAQA+PfKebnz7deDMrBEloTnU
uOeSD7+wsDnubRoIxVKA7UIaGPH6WmSsrV9PrxEoFZRMvpve7lJI0y1EPwKM+9F1
vsL5A/1pUrgZcp4O8Pawkkelr/y8380WCpsDbwbUJxHWymFL1fgE6mEtqzMGYTwL
sleA/Sh9nCzLinptT5Uybkfkg0vIu47tz65cMcruFOhAYWQeUFkmIUaVGggGLfF6
xWJU/c93Y88ZIv2aHoyR2oE25PQMu3hDlGbphLGlc3U+Hr+Vdn6fwNqUT+IZuqQM
DZNMrYOHmOEerH0isMS5XkrSHGIgzYHm2PmnSiK1xjT58yU36qWBFmD0G3Of39Wx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:26 2025 by rpki-client