Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/KaYooHKGc0PpYQVg8SEIVzcAHOE.roa
File: KaYooHKGc0PpYQVg8SEIVzcAHOE.roa (raw, json)
Hash identifier: bf2X+WNuVZsWgWLDHip3mK7Atg7KtsMO3mRPmM5B6K8=
Subject key identifier: 29:A6:28:A0:72:86:73:43:E9:61:05:60:F1:21:08:57:37:00:1C:E1
Certificate issuer: /CN=b0cc95fc42f3d81920f464b0f20c8a5203f21e30
Certificate serial: 018BA9402F80035667BE59068A84CBE4FFD1
Authority key identifier: B0:CC:95:FC:42:F3:D8:19:20:F4:64:B0:F2:0C:8A:52:03:F2:1E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/KaYooHKGc0PpYQVg8SEIVzcAHOE.roa
Signing time: Tue 07 Nov 2023 10:07:17 +0000
ROA not before: Tue 07 Nov 2023 10:07:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8925
IP address blocks: 212.8.192.0/19 maxlen: 24
212.15.192.0/19 maxlen: 24
2001:ae0::/30 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:40:2f:80:03:56:67:be:59:06:8a:84:cb:e4:ff:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0cc95fc42f3d81920f464b0f20c8a5203f21e30
Validity
Not Before: Nov 7 10:07:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29a628a072867343e9610560f121085737001ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6f:d2:17:9a:a1:ab:eb:b1:b7:f2:6f:2b:24:
76:d5:1c:dd:aa:31:ce:0b:b3:c9:d4:08:b4:e1:b6:
93:9d:47:70:a3:0b:f0:ed:e0:bf:53:d0:f8:ab:c1:
ae:c7:4b:ff:83:26:85:c9:73:c3:d8:69:e7:20:92:
64:b5:47:82:77:58:bc:1f:4d:fe:88:5a:d2:e7:e5:
0c:04:15:8e:03:ed:cd:a5:3e:f5:c4:d7:6d:8a:48:
f0:36:f0:e7:01:55:58:cb:38:f3:ce:3d:8c:11:eb:
d8:de:d1:f7:4a:b5:4a:85:d7:2e:6e:39:bd:40:f1:
35:d7:f7:89:36:88:6c:c3:59:93:e0:43:99:ff:ec:
4f:ce:01:18:8d:db:0b:e7:41:50:85:7c:34:08:18:
72:7e:63:1d:e2:3c:31:82:b3:cc:6e:c0:c6:e6:01:
ef:fb:7a:06:b2:98:98:9b:57:0e:f1:33:74:ff:3a:
23:0d:79:f2:7d:22:61:cd:69:35:42:1d:8b:70:0b:
d6:27:d7:e3:50:cc:39:8d:ec:ec:44:07:fb:2d:36:
ac:20:2b:4a:90:33:6d:76:9d:b6:45:ac:1a:f0:6c:
ed:da:07:cf:bb:2b:d7:ad:ab:fd:47:8f:30:b6:8e:
8f:6b:15:1f:aa:75:5e:8f:48:0f:de:2c:85:bc:b8:
91:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A6:28:A0:72:86:73:43:E9:61:05:60:F1:21:08:57:37:00:1C:E1
X509v3 Authority Key Identifier:
keyid:B0:CC:95:FC:42:F3:D8:19:20:F4:64:B0:F2:0C:8A:52:03:F2:1E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/KaYooHKGc0PpYQVg8SEIVzcAHOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e96877-1133-4b29-a6ba-8453c0f135d6/1/sMyV_ELz2Bkg9GSw8gyKUgPyHjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.8.192.0/19
212.15.192.0/19
IPv6:
2001:ae0::/30
Signature Algorithm: sha256WithRSAEncryption
a6:55:26:ad:af:c4:c2:3b:3a:06:76:a3:24:6a:b9:c3:55:11:
f4:f5:41:84:1e:25:fb:4f:91:74:06:fb:15:0c:b4:4c:93:cf:
6f:ae:d3:dd:8c:d1:7f:6b:f0:f1:ec:d0:e0:0c:85:92:5f:d2:
f0:3e:d4:9c:1a:96:3d:80:5f:41:43:51:b4:06:0f:35:af:8e:
9a:12:7c:33:38:90:36:ce:b1:f4:ce:50:dd:c5:1a:35:40:bc:
df:dc:58:30:b7:01:d3:69:42:d4:95:87:71:5f:fb:59:b1:44:
c5:e5:99:ed:ff:34:2a:7a:ca:56:52:7c:76:38:e6:b6:be:80:
c8:3d:d0:27:6c:69:34:93:2b:62:47:36:2a:8d:f8:4d:66:10:
f8:cc:72:62:ac:fb:95:a6:01:fa:7a:66:c3:42:cc:2a:54:a2:
2f:fc:8d:0b:48:b0:b2:67:0d:d9:15:79:15:b5:37:c0:a9:31:
ad:40:f9:f4:bc:21:eb:28:42:95:f9:09:2a:5a:c2:a9:c8:b9:
41:27:c2:42:98:ac:a1:23:ea:20:a7:76:a4:1a:a8:8a:53:51:
f3:25:48:54:54:b4:6e:c0:d3:03:07:b0:19:1a:d2:e9:3c:14:
7a:d7:81:25:bb:70:ce:5b:73:4d:6f:a4:87:88:d4:48:d1:ee:
8c:24:55:0d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYupQC+AA1ZnvlkGioTL5P/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwY2M5NWZjNDJmM2Q4MTkyMGY0NjRiMGYyMGM4YTUyMDNm
MjFlMzAwHhcNMjMxMTA3MTAwNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE2MjhhMDcyODY3MzQzZTk2MTA1NjBmMTIxMDg1NzM3MDAxY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm/SF5qhq+uxt/JvKyR21RzdqjHO
C7PJ1Ai04baTnUdwowvw7eC/U9D4q8Gux0v/gyaFyXPD2GnnIJJktUeCd1i8H03+
iFrS5+UMBBWOA+3NpT71xNdtikjwNvDnAVVYyzjzzj2MEevY3tH3SrVKhdcubjm9
QPE11/eJNohsw1mT4EOZ/+xPzgEYjdsL50FQhXw0CBhyfmMd4jwxgrPMbsDG5gHv
+3oGspiYm1cO8TN0/zojDXnyfSJhzWk1Qh2LcAvWJ9fjUMw5jezsRAf7LTasICtK
kDNtdp22Rawa8Gzt2gfPuyvXrav9R48wto6PaxUfqnVej0gP3iyFvLiRyQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCmmKKByhnND6WEFYPEhCFc3ABzhMB8GA1UdIwQY
MBaAFLDMlfxC89gZIPRksPIMilID8h4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc015Vl9FTHoyQmtnOUdTdzhneUtVZ1B5SGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lOTY4NzctMTEzMy00YjI5LWE2YmEt
ODQ1M2MwZjEzNWQ2LzEvS2FZb29IS0djMFBwWVFWZzhTRUlWemNBSE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lOTY4NzctMTEzMy00YjI5LWE2YmEtODQ1M2MwZjEzNWQ2
LzEvc015Vl9FTHoyQmtnOUdTdzhneUtVZ1B5SGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQF1AjAAwQF
1A/AMA0EAgACMAcDBQIgAQrgMA0GCSqGSIb3DQEBCwUAA4IBAQCmVSatr8TCOzoG
dqMkarnDVRH09UGEHiX7T5F0BvsVDLRMk89vrtPdjNF/a/Dx7NDgDIWSX9LwPtSc
GpY9gF9BQ1G0Bg81r46aEnwzOJA2zrH0zlDdxRo1QLzf3FgwtwHTaULUlYdxX/tZ
sUTF5Znt/zQqespWUnx2OOa2voDIPdAnbGk0kytiRzYqjfhNZhD4zHJirPuVpgH6
embDQswqVKIv/I0LSLCyZw3ZFXkVtTfAqTGtQPn0vCHrKEKV+QkqWsKpyLlBJ8JC
mKyhI+ogp3akGqiKU1HzJUhUVLRuwNMDB7AZGtLpPBR614Elu3DOW3NNb6SHiNRI
0e6MJFUN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:03 2025 by rpki-client