Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/KGkiJrQGXlKSKrJ5TmZwv-vvUAw.roa
File: KGkiJrQGXlKSKrJ5TmZwv-vvUAw.roa (raw, json)
Hash identifier: Zkp+vslWQI+jF9YiLmowbFWLfPi6cPwF2mMcm4cEVAU=
Subject key identifier: 28:69:22:26:B4:06:5E:52:92:2A:B2:79:4E:66:70:BF:EB:EF:50:0C
Certificate issuer: /CN=2bbc002a2b359b1aa8879e1c4d70455b3192efac
Certificate serial: 01856DCACAFA50837520AAEB0F630487E302
Authority key identifier: 2B:BC:00:2A:2B:35:9B:1A:A8:87:9E:1C:4D:70:45:5B:31:92:EF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/KGkiJrQGXlKSKrJ5TmZwv-vvUAw.roa
Signing time: Sun 01 Jan 2023 14:44:44 +0000
ROA not before: Sun 01 Jan 2023 14:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1257
IP address blocks: 159.72.192.0/18 maxlen: 18
159.72.0.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ca:fa:50:83:75:20:aa:eb:0f:63:04:87:e3:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bbc002a2b359b1aa8879e1c4d70455b3192efac
Validity
Not Before: Jan 1 14:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28692226b4065e52922ab2794e6670bfebef500c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a9:20:6d:55:bc:ab:61:f9:67:64:63:0e:bf:
e4:ff:27:e0:98:e2:de:d9:f6:26:b6:02:cf:02:00:
f9:b2:8e:06:c0:ef:aa:75:e2:77:09:70:8b:c2:f9:
eb:d7:4a:99:bd:fe:65:62:8c:27:15:a3:fa:be:5b:
d9:48:c1:16:07:51:2e:5d:ee:40:c2:78:40:bf:da:
84:47:7e:9b:4c:11:d3:b1:b2:dd:eb:6f:26:db:9f:
75:a6:ba:07:ce:9b:ea:01:a7:ff:44:55:5c:02:7a:
88:46:32:01:e6:d1:d9:a2:bf:8a:89:b0:3c:cc:5f:
e1:ad:1d:84:3d:de:d6:7b:8d:23:4b:1a:77:5e:35:
31:36:8f:82:86:15:9e:2d:0e:4a:71:3f:f5:c8:07:
30:96:38:c8:13:6a:76:86:dd:d2:6d:f6:69:87:e9:
12:a4:c1:70:00:5b:6c:0a:eb:e3:1a:f2:6e:88:ed:
c5:d2:45:8e:d6:11:87:11:f2:a1:a3:04:86:ce:e5:
cf:7a:02:b3:30:9c:e7:12:6e:d4:bb:3e:ad:db:25:
ca:59:1a:47:79:70:71:8c:37:49:ce:06:dd:6d:5c:
75:2c:f6:7b:bf:20:3e:07:23:9b:dc:ae:75:9c:30:
66:5b:ce:54:a9:e9:0d:23:c5:98:43:f3:5b:6e:fc:
66:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:69:22:26:B4:06:5E:52:92:2A:B2:79:4E:66:70:BF:EB:EF:50:0C
X509v3 Authority Key Identifier:
keyid:2B:BC:00:2A:2B:35:9B:1A:A8:87:9E:1C:4D:70:45:5B:31:92:EF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7wAKis1mxqoh54cTXBFWzGS76w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/KGkiJrQGXlKSKrJ5TmZwv-vvUAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7c3726-2dbe-4174-b164-a89889ce5f84/1/K7wAKis1mxqoh54cTXBFWzGS76w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.72.0.0/17
159.72.192.0/18
Signature Algorithm: sha256WithRSAEncryption
1d:b7:b7:34:a6:e7:9d:fc:a9:21:23:ab:38:dc:dd:c6:64:0d:
c7:a6:47:98:4e:c1:68:d0:8c:be:11:87:d8:74:88:be:5b:cf:
c1:25:3b:f5:c2:6a:a0:f4:52:99:22:37:b4:08:25:e3:f2:ff:
4c:88:7b:86:a7:24:2a:e5:c5:ee:bd:b8:f6:3e:0a:7e:80:20:
3d:10:95:b4:d9:e6:be:4e:6e:aa:a4:da:ea:32:db:06:eb:5e:
89:b5:ee:91:b9:1e:67:c1:98:27:ed:f9:c7:ff:ac:02:4a:c1:
c2:c7:0f:2c:26:db:b9:e1:7a:20:cd:8b:76:5e:d5:a0:b2:b1:
c0:ee:bd:85:e0:b0:40:6c:a3:45:d4:77:8a:fe:20:7e:aa:2e:
f9:1f:d8:13:6b:90:e6:a5:36:a1:d0:f2:ba:c4:01:a6:ed:2b:
c1:6d:d3:55:21:81:f5:d0:f1:8a:a1:04:73:a5:f3:4b:e2:d8:
00:18:b6:ce:d4:87:2d:62:14:55:6f:4a:c9:66:9a:1b:51:86:
fd:e0:12:bb:9f:20:47:ab:31:ff:ee:e1:e1:37:2a:18:4c:ce:
b9:64:16:e9:ed:c5:14:eb:8e:9a:37:b3:36:08:f8:95:d7:9c:
fc:1c:70:a4:45:b6:95:29:3b:9c:4d:24:c1:b4:f0:ad:30:86:
9c:33:26:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtysr6UIN1IKrrD2MEh+MCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYmMwMDJhMmIzNTliMWFhODg3OWUxYzRkNzA0NTViMzE5
MmVmYWMwHhcNMjMwMTAxMTQ0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODY5MjIyNmI0MDY1ZTUyOTIyYWIyNzk0ZTY2NzBiZmViZWY1MDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKkgbVW8q2H5Z2RjDr/k/yfgmOLe
2fYmtgLPAgD5so4GwO+qdeJ3CXCLwvnr10qZvf5lYownFaP6vlvZSMEWB1EuXe5A
wnhAv9qER36bTBHTsbLd628m2591proHzpvqAaf/RFVcAnqIRjIB5tHZor+KibA8
zF/hrR2EPd7We40jSxp3XjUxNo+ChhWeLQ5KcT/1yAcwljjIE2p2ht3SbfZph+kS
pMFwAFtsCuvjGvJuiO3F0kWO1hGHEfKhowSGzuXPegKzMJznEm7Uuz6t2yXKWRpH
eXBxjDdJzgbdbVx1LPZ7vyA+ByOb3K51nDBmW85UqekNI8WYQ/NbbvxmEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFChpIia0Bl5SkiqyeU5mcL/r71AMMB8GA1UdIwQY
MBaAFCu8ACorNZsaqIeeHE1wRVsxku+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzd3QUtpczFteHFvaDU0Y1RYQkZXekdTNzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83YzM3MjYtMmRiZS00MTc0LWIxNjQt
YTg5ODg5Y2U1Zjg0LzEvS0draUpyUUdYbEtTS3JKNVRtWnd2LXZ2VUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83YzM3MjYtMmRiZS00MTc0LWIxNjQtYTg5ODg5Y2U1Zjg0
LzEvSzd3QUtpczFteHFvaDU0Y1RYQkZXekdTNzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHn0gAAwQG
n0jAMA0GCSqGSIb3DQEBCwUAA4IBAQAdt7c0pued/KkhI6s43N3GZA3HpkeYTsFo
0Iy+EYfYdIi+W8/BJTv1wmqg9FKZIje0CCXj8v9MiHuGpyQq5cXuvbj2Pgp+gCA9
EJW02ea+Tm6qpNrqMtsG616Jte6RuR5nwZgn7fnH/6wCSsHCxw8sJtu54XogzYt2
XtWgsrHA7r2F4LBAbKNF1HeK/iB+qi75H9gTa5DmpTah0PK6xAGm7SvBbdNVIYH1
0PGKoQRzpfNL4tgAGLbO1IctYhRVb0rJZpobUYb94BK7nyBHqzH/7uHhNyoYTM65
ZBbp7cUU646aN7M2CPiV15z8HHCkRbaVKTucTSTBtPCtMIacMyZj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:05 2025 by rpki-client