Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/KDPJP5wYiWs1YMNzlk106uNHU9s.roa
File: KDPJP5wYiWs1YMNzlk106uNHU9s.roa (raw, json)
Hash identifier: 2NeOLayPIojufwyN2bLZQ6XIv8bZBmPngMhKvT+QKlE=
Subject key identifier: 28:33:C9:3F:9C:18:89:6B:35:60:C3:73:96:4D:74:EA:E3:47:53:DB
Certificate issuer: /CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00
Certificate serial: 018852795A936EB9EDBD09F51B344D9271ED
Authority key identifier: 67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/KDPJP5wYiWs1YMNzlk106uNHU9s.roa
Signing time: Thu 25 May 2023 10:34:24 +0000
ROA not before: Thu 25 May 2023 10:34:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212047
IP address blocks: 45.157.0.0/24 maxlen: 24
212.2.240.0/21 maxlen: 21
2a10:c880::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:79:5a:93:6e:b9:ed:bd:09:f5:1b:34:4d:92:71:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00
Validity
Not Before: May 25 10:34:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2833c93f9c18896b3560c373964d74eae34753db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:73:36:22:9d:f2:bd:1e:28:17:1a:fd:c2:2e:
8d:b1:61:c7:8a:38:ce:f5:9e:05:c6:5a:75:66:33:
e6:0d:80:3f:6b:8e:47:9d:d3:d1:65:f5:42:fc:23:
a1:02:04:72:bb:38:e8:9b:5b:0b:f8:f6:55:49:b2:
19:49:83:31:63:31:fe:69:3d:e6:f6:e0:84:73:7e:
60:c8:f4:5a:a6:54:15:28:86:c3:27:29:65:2d:b6:
a4:46:08:f2:9a:ba:64:f3:92:7f:6d:32:f4:6c:45:
fe:a6:5e:8f:2f:09:c1:e4:76:7f:d7:37:55:95:87:
f0:f7:f4:a1:82:05:73:11:5a:aa:60:fb:b0:0c:8b:
85:81:32:5f:38:c8:f0:96:21:67:1e:0f:d3:67:ed:
2a:12:3c:61:06:8c:3e:7b:63:3d:17:d3:9f:d2:9a:
69:15:97:2c:34:7b:02:19:c4:55:2e:f9:46:d1:fa:
cb:f6:7b:ad:be:14:1a:8f:d9:67:13:8b:10:d7:94:
3e:d3:b9:bb:95:88:a8:67:a8:30:db:f5:05:7f:f5:
e8:68:1a:f1:5b:d9:32:6d:98:84:d8:b9:69:e3:c2:
c5:10:9d:3a:54:79:29:ff:f7:22:46:b3:7c:d0:dc:
d2:ee:10:0f:22:da:a1:1e:e0:7d:1e:23:3c:b0:f0:
ea:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:33:C9:3F:9C:18:89:6B:35:60:C3:73:96:4D:74:EA:E3:47:53:DB
X509v3 Authority Key Identifier:
keyid:67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/KDPJP5wYiWs1YMNzlk106uNHU9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.0.0/24
212.2.240.0/21
IPv6:
2a10:c880::/32
Signature Algorithm: sha256WithRSAEncryption
19:ff:74:aa:bc:2b:08:76:e5:c3:99:6e:7b:6f:42:db:31:1f:
6c:61:9a:08:28:24:d9:5b:e9:23:f2:78:b5:b5:6a:8c:78:28:
ff:0c:e3:14:e8:9e:54:87:b8:5e:78:9a:29:15:00:62:09:bf:
fa:43:e9:5a:a3:cc:dd:fb:3c:81:60:92:9e:38:1e:bd:f3:2c:
e3:e5:57:fd:aa:3a:bb:d3:83:59:c4:99:79:1d:30:f0:34:8f:
48:5e:44:e0:af:04:80:0a:ae:f7:b1:45:35:09:51:9f:f5:a5:
38:c0:74:b0:92:85:06:cf:31:5d:d5:13:f6:50:77:23:14:be:
95:9a:82:98:2e:43:63:89:c1:9d:4f:a4:c7:83:ab:d6:3d:41:
2e:e2:ab:cb:77:1a:be:2f:df:e6:3c:2f:9d:68:c9:9a:2c:08:
7e:3f:5a:5f:22:47:d7:dd:e0:65:65:fa:7d:e6:de:41:8c:99:
d5:71:be:38:8d:10:9a:4d:f0:e9:6b:a7:a4:58:6d:d0:34:e7:
9f:03:5b:3a:90:b9:72:0d:3d:52:cc:37:f0:ba:06:80:f2:a7:
32:64:68:32:5c:a9:30:b0:a2:c9:2c:c9:aa:60:19:2b:e5:a3:
65:19:6a:c8:97:c3:35:17:78:68:41:d4:0f:26:fe:6b:a0:34:
d9:6b:38:7f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYhSeVqTbrntvQn1GzRNknHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZTI0YzcyODRlZjQ4ODdlNDVkNGNjZDliZGU2NzljZDlh
YjRmMDAwHhcNMjMwNTI1MTAzNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODMzYzkzZjljMTg4OTZiMzU2MGMzNzM5NjRkNzRlYWUzNDc1M2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XM2Ip3yvR4oFxr9wi6NsWHHijjO
9Z4Fxlp1ZjPmDYA/a45HndPRZfVC/COhAgRyuzjom1sL+PZVSbIZSYMxYzH+aT3m
9uCEc35gyPRaplQVKIbDJyllLbakRgjymrpk85J/bTL0bEX+pl6PLwnB5HZ/1zdV
lYfw9/ShggVzEVqqYPuwDIuFgTJfOMjwliFnHg/TZ+0qEjxhBow+e2M9F9Of0ppp
FZcsNHsCGcRVLvlG0frL9nutvhQaj9lnE4sQ15Q+07m7lYioZ6gw2/UFf/XoaBrx
W9kybZiE2Llp48LFEJ06VHkp//ciRrN80NzS7hAPItqhHuB9HiM8sPDqfwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCgzyT+cGIlrNWDDc5ZNdOrjR1PbMB8GA1UdIwQY
MBaAFGfiTHKE70iH5F1MzZveZ5zZq08AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzct
MDM3NWE5YzMyYjAwLzEvS0RQSlA1d1lpV3MxWU1OemxrMTA2dU5IVTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzctMDM3NWE5YzMyYjAw
LzEvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALZ0AAwQD
1ALwMA0EAgACMAcDBQAqEMiAMA0GCSqGSIb3DQEBCwUAA4IBAQAZ/3SqvCsIduXD
mW57b0LbMR9sYZoIKCTZW+kj8ni1tWqMeCj/DOMU6J5Uh7heeJopFQBiCb/6Q+la
o8zd+zyBYJKeOB698yzj5Vf9qjq704NZxJl5HTDwNI9IXkTgrwSACq73sUU1CVGf
9aU4wHSwkoUGzzFd1RP2UHcjFL6VmoKYLkNjicGdT6THg6vWPUEu4qvLdxq+L9/m
PC+daMmaLAh+P1pfIkfX3eBlZfp95t5BjJnVcb44jRCaTfDpa6ekWG3QNOefA1s6
kLlyDT1SzDfwugaA8qcyZGgyXKkwsKLJLMmqYBkr5aNlGWrIl8M1F3hoQdQPJv5r
oDTZazh/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:57 2025 by rpki-client