Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kCCcPfsXXK4Rdakz6RqL_YYZKQ0.roa
File: kCCcPfsXXK4Rdakz6RqL_YYZKQ0.roa (raw, json)
Hash identifier: q9P6zW6Y4ogHCrLvYOV+KAsW1hVrE59XOS1fhPkF+Cg=
Subject key identifier: 90:20:9C:3D:FB:17:5C:AE:11:75:A9:33:E9:1A:8B:FD:86:19:29:0D
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAE5DF283482FE00CB41787671ACA9
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kCCcPfsXXK4Rdakz6RqL_YYZKQ0.roa
Signing time: Sun 01 Jan 2023 10:05:14 +0000
ROA not before: Sun 01 Jan 2023 10:05:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39840
IP address blocks: 192.36.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:e5:df:28:34:82:fe:00:cb:41:78:76:71:ac:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90209c3dfb175cae1175a933e91a8bfd8619290d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:26:4e:57:02:af:26:35:a8:a8:ca:80:46:89:
1f:c5:7b:4b:e0:d4:2f:d6:53:6f:8f:e4:a2:cd:5f:
6c:9d:87:dd:a0:39:49:74:ae:60:ee:f8:84:9c:13:
ac:3a:b7:a3:dd:61:72:2c:77:46:e8:37:24:2c:e0:
8e:b3:9f:8a:e9:c3:da:1b:c1:5b:b1:92:7a:69:00:
1a:7a:b2:a5:35:2f:66:e5:6b:20:76:9c:ab:d6:71:
a2:f2:4a:8d:e0:c8:79:7b:f9:48:03:b9:41:af:41:
35:ed:12:68:7a:bd:4c:6c:e1:d3:2c:69:ab:18:fa:
44:8e:bf:36:8b:01:2d:f7:11:1d:8a:d1:12:36:74:
a4:50:68:27:4f:f1:45:32:67:24:69:eb:aa:9c:90:
dc:bf:81:83:6f:07:f0:a9:bb:51:29:b2:2e:63:1e:
58:04:c6:1a:68:d0:c5:96:af:50:ea:5b:75:e0:02:
54:31:f3:b9:15:db:d0:be:a7:c7:d6:28:96:38:71:
93:71:fa:03:c5:4f:db:95:0b:d9:6c:f7:fe:e2:0b:
f7:63:67:8e:4c:1e:91:ac:4c:8a:01:29:63:19:dc:
85:a3:32:8a:22:82:a9:01:dc:fe:06:fd:bd:6a:77:
ad:59:59:28:e9:21:92:6f:4a:c9:9d:b4:a1:6d:18:
d4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:20:9C:3D:FB:17:5C:AE:11:75:A9:33:E9:1A:8B:FD:86:19:29:0D
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/kCCcPfsXXK4Rdakz6RqL_YYZKQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.135.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:08:bb:17:a8:94:94:86:8e:3a:3c:21:54:01:cb:b7:ef:fe:
10:3f:f0:6f:31:bc:66:2a:24:a8:5b:b6:43:a7:6c:6a:99:0e:
50:77:04:57:87:a7:21:0e:e0:78:a4:b3:03:71:bf:17:39:4d:
09:b5:dd:e9:b5:7c:64:25:a7:45:0e:f4:10:80:2a:6c:24:f7:
6c:e4:5a:61:5b:91:1b:21:18:08:5f:66:d4:21:66:ea:f4:f8:
a5:39:06:85:be:90:7b:20:90:9c:34:bc:ba:4d:39:ca:47:3a:
c3:d3:9e:e7:07:31:48:fe:a8:d2:26:ba:3d:b9:79:52:e1:52:
71:11:38:16:bd:52:00:fd:5f:42:d0:72:69:f4:87:fb:32:4b:
19:5f:19:99:ad:6c:ad:71:4d:af:0b:a8:5c:a8:24:23:c9:96:
bb:ba:cb:ce:ea:f5:42:77:58:c2:66:9c:ee:e0:da:f1:a0:e6:
cf:a3:37:4c:cc:63:16:40:5d:27:4f:7b:f0:a2:f7:78:d6:b7:
9f:c2:0b:9a:37:84:30:da:1b:47:2e:87:49:36:fb:b9:dd:29:
b7:de:54:f9:61:90:04:8a:b1:2b:73:2d:f4:f1:bc:4e:77:ea:
5b:f2:26:b5:d6:e5:ee:df:ca:07:0c:36:6f:8f:aa:8e:2e:50:
fd:de:a7:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyuXfKDSC/gDLQXh2caypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDIwOWMzZGZiMTc1Y2FlMTE3NWE5MzNlOTFhOGJmZDg2MTkyOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCZOVwKvJjWoqMqARokfxXtL4NQv
1lNvj+SizV9snYfdoDlJdK5g7viEnBOsOrej3WFyLHdG6DckLOCOs5+K6cPaG8Fb
sZJ6aQAaerKlNS9m5Wsgdpyr1nGi8kqN4Mh5e/lIA7lBr0E17RJoer1MbOHTLGmr
GPpEjr82iwEt9xEditESNnSkUGgnT/FFMmckaeuqnJDcv4GDbwfwqbtRKbIuYx5Y
BMYaaNDFlq9Q6lt14AJUMfO5FdvQvqfH1iiWOHGTcfoDxU/blQvZbPf+4gv3Y2eO
TB6RrEyKASljGdyFozKKIoKpAdz+Bv29anetWVko6SGSb0rJnbShbRjUhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAgnD37F1yuEXWpM+kai/2GGSkNMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEva0NDY1Bmc1hYSzRSZGFrejZScUxfWVlaS1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwCSHMA0G
CSqGSIb3DQEBCwUAA4IBAQCKCLsXqJSUho46PCFUAcu37/4QP/BvMbxmKiSoW7ZD
p2xqmQ5QdwRXh6chDuB4pLMDcb8XOU0Jtd3ptXxkJadFDvQQgCpsJPds5FphW5Eb
IRgIX2bUIWbq9PilOQaFvpB7IJCcNLy6TTnKRzrD057nBzFI/qjSJro9uXlS4VJx
ETgWvVIA/V9C0HJp9If7MksZXxmZrWytcU2vC6hcqCQjyZa7usvO6vVCd1jCZpzu
4NrxoObPozdMzGMWQF0nT3vwovd41refwguaN4Qw2htHLodJNvu53Sm33lT5YZAE
irErcy308bxOd+pb8ia11uXu38oHDDZvj6qOLlD93qcK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:10 2025 by rpki-client