Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/kPNk-WumW5JkNATtPPWXwoXyAwM.roa
File: kPNk-WumW5JkNATtPPWXwoXyAwM.roa (raw, json)
Hash identifier: D0BY+tOJi4dWnsIogN+YPF0IInHCUm4AZytVwBlQvCU=
Subject key identifier: 90:F3:64:F9:6B:A6:5B:92:64:34:04:ED:3C:F5:97:C2:85:F2:03:03
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184193138100DE59E6FB624F7668B20A4DB
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/kPNk-WumW5JkNATtPPWXwoXyAwM.roa
Signing time: Thu 27 Oct 2022 11:26:06 +0000
ROA not before: Thu 27 Oct 2022 11:26:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50222
IP address blocks: 84.204.53.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:19:31:38:10:0d:e5:9e:6f:b6:24:f7:66:8b:20:a4:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 27 11:26:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90f364f96ba65b92643404ed3cf597c285f20303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:45:f7:42:f2:5e:dc:67:e9:11:25:6d:10:db:
6f:bc:4f:f4:36:05:dd:85:18:f8:a0:27:f1:73:d3:
ee:9f:83:56:1f:38:bd:93:33:4e:cc:bb:9d:8a:51:
41:ea:29:99:26:be:8b:0e:fb:b1:45:c6:10:1e:ba:
88:20:60:6a:e3:11:92:42:e0:34:3e:60:06:1a:12:
d0:db:af:07:8f:f1:a7:7a:3a:b0:49:d2:ad:d7:19:
41:ae:de:3a:b7:07:31:91:08:20:24:d4:6b:1b:52:
c4:a8:89:1e:94:b6:05:23:67:0d:f6:8d:cf:78:6e:
da:c4:7a:5c:ef:48:e8:f8:fe:53:a5:bb:81:64:95:
22:24:d2:8a:06:49:62:e4:8f:30:07:e2:a2:16:bb:
08:d8:68:bc:c2:db:f3:58:84:c9:5e:d0:cc:57:1b:
40:d8:b5:9d:a1:ab:6f:9e:d3:0c:9b:50:b8:5d:d0:
14:8d:34:29:2e:dd:56:ea:56:e1:9e:1a:cc:5d:79:
8a:1d:0f:00:ac:ce:a2:b2:b3:0e:0c:59:ce:9c:8c:
c7:fa:4e:1c:71:05:1c:11:06:06:07:87:52:9b:4a:
ed:13:42:51:59:45:33:b1:2f:f7:3d:87:d0:54:d7:
ef:8d:da:58:38:e6:07:18:83:d1:6e:3e:63:18:91:
70:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F3:64:F9:6B:A6:5B:92:64:34:04:ED:3C:F5:97:C2:85:F2:03:03
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/kPNk-WumW5JkNATtPPWXwoXyAwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.204.53.0/24
Signature Algorithm: sha256WithRSAEncryption
89:6e:ed:78:32:13:8d:4b:0b:71:ab:60:15:51:3b:26:af:1e:
a6:bf:c0:eb:32:6b:00:e5:c6:f4:f7:06:0c:7e:e5:2e:9c:a1:
6c:88:62:30:ac:e7:bd:e2:86:85:1a:18:b1:29:91:c4:a6:46:
a6:75:75:87:b7:d5:49:0b:4a:80:d5:8a:95:3d:ba:c6:fc:7c:
b9:a1:10:8d:19:14:2d:33:ab:94:f0:48:74:1d:95:f6:7a:9f:
d9:21:7f:ea:b4:e7:24:03:04:62:68:ee:9f:86:b2:ba:75:1f:
ce:07:48:05:84:02:c6:aa:11:f2:fa:4a:34:7c:1c:09:8c:6f:
86:16:b8:ff:52:2f:d9:d4:1a:f8:8e:7f:de:23:fe:7d:da:d4:
7f:5a:68:ea:de:c9:eb:5d:38:d8:25:d9:2f:af:3e:56:5f:67:
76:2a:a5:4b:fc:a6:22:69:3a:00:1a:27:0c:2f:79:56:1c:63:
51:34:d1:5c:13:8f:a0:68:c6:24:c2:ec:14:a2:f9:69:92:5d:
08:fd:71:67:df:dd:fd:e4:a0:e4:fc:44:94:f5:ff:4b:da:60:
f7:9d:cb:2c:1b:83:83:89:e8:59:f5:1d:58:2d:13:48:f1:92:
9c:bb:4f:b9:1f:d9:84:a6:f0:5c:26:bc:f9:4c:2b:07:92:d4:
aa:07:71:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQZMTgQDeWeb7Yk92aLIKTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI3MTEyNjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGYzNjRmOTZiYTY1YjkyNjQzNDA0ZWQzY2Y1OTdjMjg1ZjIwMzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UX3QvJe3GfpESVtENtvvE/0NgXd
hRj4oCfxc9Pun4NWHzi9kzNOzLudilFB6imZJr6LDvuxRcYQHrqIIGBq4xGSQuA0
PmAGGhLQ268Hj/GnejqwSdKt1xlBrt46twcxkQggJNRrG1LEqIkelLYFI2cN9o3P
eG7axHpc70jo+P5TpbuBZJUiJNKKBkli5I8wB+KiFrsI2Gi8wtvzWITJXtDMVxtA
2LWdoatvntMMm1C4XdAUjTQpLt1W6lbhnhrMXXmKHQ8ArM6isrMODFnOnIzH+k4c
cQUcEQYGB4dSm0rtE0JRWUUzsS/3PYfQVNfvjdpYOOYHGIPRbj5jGJFwbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDzZPlrpluSZDQE7Tz1l8KF8gMDMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEva1BOay1XdW1XNUprTkFUdFBQV1h3b1h5QXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVMw1MA0G
CSqGSIb3DQEBCwUAA4IBAQCJbu14MhONSwtxq2AVUTsmrx6mv8DrMmsA5cb09wYM
fuUunKFsiGIwrOe94oaFGhixKZHEpkamdXWHt9VJC0qA1YqVPbrG/Hy5oRCNGRQt
M6uU8Eh0HZX2ep/ZIX/qtOckAwRiaO6fhrK6dR/OB0gFhALGqhHy+ko0fBwJjG+G
Frj/Ui/Z1Br4jn/eI/592tR/Wmjq3snrXTjYJdkvrz5WX2d2KqVL/KYiaToAGicM
L3lWHGNRNNFcE4+gaMYkwuwUovlpkl0I/XFn39395KDk/ESU9f9L2mD3ncssG4OD
iehZ9R1YLRNI8ZKcu0+5H9mEpvBcJrz5TCsHktSqB3FJ
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:33:51 2025 by rpki-client