Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/KMjkqMowNXWTWcEOAjJ4XpquwZ8.roa
File: KMjkqMowNXWTWcEOAjJ4XpquwZ8.roa (raw, json)
Hash identifier: lKnu2+R0I9oDaFmgF4n72bQwRU68jD95+0tLGon+rX4=
Subject key identifier: 28:C8:E4:A8:CA:30:35:75:93:59:C1:0E:02:32:78:5E:9A:AE:C1:9F
Certificate issuer: /CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Certificate serial: 018A84B1F6896B0B86EFDA9654E97F70DAE8
Authority key identifier: 5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/KMjkqMowNXWTWcEOAjJ4XpquwZ8.roa
Signing time: Mon 11 Sep 2023 14:42:50 +0000
ROA not before: Mon 11 Sep 2023 14:42:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12350
IP address blocks: 77.236.112.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:b1:f6:89:6b:0b:86:ef:da:96:54:e9:7f:70:da:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Validity
Not Before: Sep 11 14:42:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28c8e4a8ca3035759359c10e0232785e9aaec19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:85:6f:2d:18:01:2c:6f:ec:ab:22:86:36:2d:
bf:14:c0:c5:c7:63:77:f0:91:80:48:23:4d:e4:b3:
92:96:d7:7b:44:e1:52:ce:54:37:b2:1a:e6:29:99:
81:2f:0e:d6:66:88:a0:3c:01:f9:5c:a7:6b:7b:ce:
63:25:82:37:62:d7:08:19:f7:45:35:5b:71:5e:4a:
b3:49:9f:7e:0d:9b:e1:57:a2:40:f0:28:ff:3c:1a:
96:af:84:28:c2:eb:42:2c:ac:55:b6:02:16:02:fd:
46:37:ec:25:6a:74:24:d8:07:b8:41:b8:17:e8:e4:
28:ab:3c:64:4e:a1:65:47:99:60:aa:bc:e8:79:a3:
d2:66:90:aa:1b:a5:8d:88:e8:3b:8e:1a:c9:eb:03:
ee:f9:73:78:eb:30:4c:00:3a:bd:ce:2f:eb:ff:31:
fc:eb:6a:ce:be:9f:b8:4e:b7:8b:55:cf:3c:f1:23:
ee:24:64:d6:21:26:12:ff:99:bf:59:56:b2:3c:57:
25:d1:d3:66:04:5a:30:91:7c:8f:f1:b9:a1:39:18:
75:24:53:5b:02:41:28:1d:06:46:7f:10:27:04:15:
f5:89:bd:35:6c:af:5e:57:fd:73:a3:e3:b2:39:18:
b9:9f:38:5b:1b:19:d8:ee:41:46:13:30:7d:7d:1b:
f3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C8:E4:A8:CA:30:35:75:93:59:C1:0E:02:32:78:5E:9A:AE:C1:9F
X509v3 Authority Key Identifier:
keyid:5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/KMjkqMowNXWTWcEOAjJ4XpquwZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.236.112.0/21
Signature Algorithm: sha256WithRSAEncryption
8e:22:43:4c:f1:d8:48:d9:71:a3:14:05:d3:e9:28:bd:ee:19:
8c:54:00:42:e3:ff:69:d5:2a:fe:a5:45:5e:ba:b7:0f:2d:6f:
78:3c:81:38:00:84:c1:eb:29:78:24:46:97:24:e6:5f:78:71:
2b:11:cc:2d:d7:9e:b1:8c:06:cb:51:6b:10:33:14:6e:11:f4:
ba:9e:80:25:a9:01:f4:ef:9c:7d:12:5e:d3:c2:e9:09:99:f5:
af:18:4c:8b:ff:35:18:0e:76:19:27:c5:3b:62:14:86:d7:10:
7b:da:7c:aa:f2:f2:ec:09:dc:10:3f:28:19:65:66:fe:fe:83:
32:2d:7a:68:23:f1:80:f2:51:a8:f1:a6:2a:f6:1d:87:19:b2:
b8:67:b1:fb:28:51:8b:3d:8b:b3:eb:69:47:fe:7d:6c:71:2b:
6c:7a:07:e2:17:bd:6d:99:d1:9b:fc:dd:9b:46:71:5d:e9:5e:
e9:ab:d9:7c:e1:5b:60:ba:f0:58:e7:66:94:aa:73:5f:84:3c:
0f:1a:46:9e:a4:c0:48:56:30:80:0e:62:80:61:9e:07:08:be:
f2:5f:f5:c4:5c:49:96:6b:c7:65:75:e6:9e:5e:92:9e:06:bf:
a5:7d:84:09:27:9e:9c:41:6b:5d:57:f0:93:0f:a8:c2:62:7c:
98:48:f6:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqEsfaJawuG79qWVOl/cNroMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzU2OTk0YmIyOTJlNDllY2M2MzM3YjdmOTVkNjllZTJh
ZjYxZTEwHhcNMjMwOTExMTQ0MjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM4ZTRhOGNhMzAzNTc1OTM1OWMxMGUwMjMyNzg1ZTlhYWVjMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoVvLRgBLG/sqyKGNi2/FMDFx2N3
8JGASCNN5LOSltd7ROFSzlQ3shrmKZmBLw7WZoigPAH5XKdre85jJYI3YtcIGfdF
NVtxXkqzSZ9+DZvhV6JA8Cj/PBqWr4QowutCLKxVtgIWAv1GN+wlanQk2Ae4QbgX
6OQoqzxkTqFlR5lgqrzoeaPSZpCqG6WNiOg7jhrJ6wPu+XN46zBMADq9zi/r/zH8
62rOvp+4TreLVc888SPuJGTWISYS/5m/WVayPFcl0dNmBFowkXyP8bmhORh1JFNb
AkEoHQZGfxAnBBX1ib01bK9eV/1zo+OyORi5nzhbGxnY7kFGEzB9fRvzxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjI5KjKMDV1k1nBDgIyeF6arsGfMB8GA1UdIwQY
MBaAFFp1aZS7KS5J7MYze3+V1p7ir2HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUt
NGUwYWE0MmExNWE4LzEvS01qa3FNb3dOWFdUV2NFT0FqSjRYcHF1d1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUtNGUwYWE0MmExNWE4
LzEvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTexwMA0G
CSqGSIb3DQEBCwUAA4IBAQCOIkNM8dhI2XGjFAXT6Si97hmMVABC4/9p1Sr+pUVe
urcPLW94PIE4AITB6yl4JEaXJOZfeHErEcwt156xjAbLUWsQMxRuEfS6noAlqQH0
75x9El7TwukJmfWvGEyL/zUYDnYZJ8U7YhSG1xB72nyq8vLsCdwQPygZZWb+/oMy
LXpoI/GA8lGo8aYq9h2HGbK4Z7H7KFGLPYuz62lH/n1scStsegfiF71tmdGb/N2b
RnFd6V7pq9l84VtguvBY52aUqnNfhDwPGkaepMBIVjCADmKAYZ4HCL7yX/XEXEmW
a8dldeaeXpKeBr+lfYQJJ56cQWtdV/CTD6jCYnyYSPYF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:11 2025 by rpki-client