Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/KAfqc9NnJ3xYWN8quJPzWOngdVU.roa
File: KAfqc9NnJ3xYWN8quJPzWOngdVU.roa (raw, json)
Hash identifier: K8qoCZTCgHh89pjg1HyKhe+//2XG46ztYsBqGe9UzGU=
Subject key identifier: 28:07:EA:73:D3:67:27:7C:58:58:DF:2A:B8:93:F3:58:E9:E0:75:55
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 0184BE4DCF2732B0013CA4E1E32E73F050B5
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/KAfqc9NnJ3xYWN8quJPzWOngdVU.roa
Signing time: Mon 28 Nov 2022 12:54:41 +0000
ROA not before: Mon 28 Nov 2022 12:54:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 84.254.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:4d:cf:27:32:b0:01:3c:a4:e1:e3:2e:73:f0:50:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Nov 28 12:54:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2807ea73d367277c5858df2ab893f358e9e07555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5b:b9:85:b9:ff:3e:6d:f2:43:d0:fd:3f:93:
fd:1c:47:48:a7:43:a1:4a:eb:03:4f:8a:95:e6:6d:
6a:03:66:0f:3d:18:8c:1c:7b:11:05:80:53:e8:ad:
e1:cd:76:d5:eb:e3:8a:a3:c9:3d:40:7f:3b:c8:e2:
1f:c7:a9:83:33:79:4c:df:72:3d:dd:d1:ef:3c:b2:
ff:38:34:b1:b1:64:09:47:02:0e:77:c3:93:0c:13:
ab:be:3f:5f:f7:68:3e:9b:9e:34:bc:9b:5d:c4:1a:
59:ed:64:30:4f:79:1e:ab:a6:95:af:07:5d:a3:c4:
5e:8f:3c:27:af:68:3a:12:24:5e:2e:2c:21:b0:bc:
0d:72:dc:d0:cd:b6:16:a9:5e:0b:12:df:f1:77:a6:
09:73:af:e4:68:5d:9b:9e:a1:2e:58:e2:f9:8c:8f:
33:f7:b9:74:cf:6a:14:0f:9b:87:f1:e1:90:3f:a6:
07:1c:2e:ed:f7:34:e1:fa:c9:d5:ed:72:67:36:f8:
a8:f4:1e:00:97:7b:7e:c0:b0:cb:d3:45:c6:8d:bf:
d3:f9:fe:b3:a9:36:7f:1b:8d:49:95:f2:89:55:11:
67:b6:02:b0:4f:65:ce:e8:47:57:5d:2f:24:95:cb:
cd:f1:0e:b2:99:46:7d:c2:17:01:6b:d4:df:15:71:
fc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:07:EA:73:D3:67:27:7C:58:58:DF:2A:B8:93:F3:58:E9:E0:75:55
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/KAfqc9NnJ3xYWN8quJPzWOngdVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.254.134.0/24
Signature Algorithm: sha256WithRSAEncryption
74:67:db:be:d5:34:b9:83:0a:e3:1f:6b:62:35:87:eb:df:35:
8a:b2:b1:b6:4e:1e:3f:35:0c:8d:4a:2f:21:9b:a2:e2:01:8c:
99:d3:f0:55:a7:cc:85:c6:0c:57:7e:eb:b7:81:60:16:df:fd:
c3:62:b3:7c:53:5d:3a:7d:20:40:a3:37:3b:d1:cb:70:a2:a7:
9d:e3:6b:61:3e:73:47:ad:fc:2f:a8:9a:f2:7d:49:93:ab:40:
bb:ef:7c:2b:4b:06:d6:c4:63:f2:89:18:e0:43:91:df:ad:3b:
8a:eb:75:5d:80:59:30:01:93:f3:d9:c5:f3:b5:c6:68:f0:60:
4c:a5:28:50:61:4d:87:14:e5:46:85:68:fe:cf:27:2b:49:19:
fc:48:98:b2:be:ae:d3:89:d2:13:bd:2e:11:39:e4:03:80:79:
0c:f8:98:fd:f2:37:c1:ef:00:6b:48:00:53:50:96:43:b0:1b:
66:98:a3:4a:3f:b6:a1:7c:fb:5b:99:1f:78:bb:6f:1f:e6:ff:
7d:b3:f9:29:0e:19:98:eb:8d:c1:80:7f:78:e2:c9:7c:b7:8b:
81:a0:cc:ac:7d:3f:cc:80:5d:d0:50:ec:ab:18:49:4f:20:e0:
d2:a2:e7:3d:f2:23:a4:9a:3c:0c:1d:c8:2d:f6:dd:26:33:09:
e8:60:02:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS+Tc8nMrABPKTh4y5z8FC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTU3MDI0Njc3NzBlZDY5YjM2N2I3N2JiZTY0MGJjNmRi
NDE1M2UwHhcNMjIxMTI4MTI1NDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODA3ZWE3M2QzNjcyNzdjNTg1OGRmMmFiODkzZjM1OGU5ZTA3NTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVu5hbn/Pm3yQ9D9P5P9HEdIp0Oh
SusDT4qV5m1qA2YPPRiMHHsRBYBT6K3hzXbV6+OKo8k9QH87yOIfx6mDM3lM33I9
3dHvPLL/ODSxsWQJRwIOd8OTDBOrvj9f92g+m540vJtdxBpZ7WQwT3keq6aVrwdd
o8Rejzwnr2g6EiReLiwhsLwNctzQzbYWqV4LEt/xd6YJc6/kaF2bnqEuWOL5jI8z
97l0z2oUD5uH8eGQP6YHHC7t9zTh+snV7XJnNvio9B4Al3t+wLDL00XGjb/T+f6z
qTZ/G41JlfKJVRFntgKwT2XO6EdXXS8klcvN8Q6ymUZ9whcBa9TfFXH8LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgH6nPTZyd8WFjfKriT81jp4HVVMB8GA1UdIwQY
MBaAFMdVcCRndw7WmzZ7d7vmQLxttBU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYt
MWQzNzM0OTk5MjRlLzEvS0FmcWM5Tm5KM3hZV044cXVKUHpXT25nZFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYtMWQzNzM0OTk5MjRl
LzEveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVP6GMA0G
CSqGSIb3DQEBCwUAA4IBAQB0Z9u+1TS5gwrjH2tiNYfr3zWKsrG2Th4/NQyNSi8h
m6LiAYyZ0/BVp8yFxgxXfuu3gWAW3/3DYrN8U106fSBAozc70ctwoqed42thPnNH
rfwvqJryfUmTq0C773wrSwbWxGPyiRjgQ5HfrTuK63VdgFkwAZPz2cXztcZo8GBM
pShQYU2HFOVGhWj+zycrSRn8SJiyvq7TidITvS4ROeQDgHkM+Jj98jfB7wBrSABT
UJZDsBtmmKNKP7ahfPtbmR94u28f5v99s/kpDhmY643BgH944sl8t4uBoMysfT/M
gF3QUOyrGElPIODSouc98iOkmjwMHcgt9t0mMwnoYAKV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:44 2025 by rpki-client