Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9159db-6173-408c-8e1b-8d498827f45c/1/kanJodErKWTLl9qjP2KlHigsBus.roa
File: kanJodErKWTLl9qjP2KlHigsBus.roa (raw, json)
Hash identifier: NM3Yevh3cyi3RzURsMLOu4eoLe4hXEgA0Gd3xDNOZQs=
Subject key identifier: 91:A9:C9:A1:D1:2B:29:64:CB:97:DA:A3:3F:62:A5:1E:28:2C:06:EB
Certificate issuer: /CN=f4f8ec96c8ee265c3da423230a55219366dd9b28
Certificate serial: 0184A501DE171EDA9890FF43855A746C2D4C
Authority key identifier: F4:F8:EC:96:C8:EE:26:5C:3D:A4:23:23:0A:55:21:93:66:DD:9B:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9PjslsjuJlw9pCMjClUhk2bdmyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9159db-6173-408c-8e1b-8d498827f45c/1/kanJodErKWTLl9qjP2KlHigsBus.roa
Signing time: Wed 23 Nov 2022 15:01:13 +0000
ROA not before: Wed 23 Nov 2022 15:01:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39599
IP address blocks: 185.51.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a5:01:de:17:1e:da:98:90:ff:43:85:5a:74:6c:2d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4f8ec96c8ee265c3da423230a55219366dd9b28
Validity
Not Before: Nov 23 15:01:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91a9c9a1d12b2964cb97daa33f62a51e282c06eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:60:1d:14:28:2d:53:d9:ff:81:23:7d:d0:88:
6f:2b:1b:26:5c:da:2a:ce:b2:c7:f7:1a:61:96:9d:
c0:13:47:e3:ea:e7:f6:ab:8a:bf:cd:1f:28:5a:41:
7a:45:e1:cc:ac:f0:57:51:89:7c:f9:32:fc:4d:4e:
4a:84:ba:55:8a:60:18:83:a0:0e:ad:a6:de:5d:24:
58:4b:df:fa:55:87:07:65:56:bd:6f:c5:ec:38:d3:
02:75:a5:90:a4:4c:95:69:55:f2:f4:03:40:e4:6f:
bc:c4:21:59:31:b2:92:8c:d1:dd:57:2f:88:10:23:
1e:bc:6a:3f:40:54:fd:19:c9:0e:f7:3a:a4:0f:30:
ce:d0:c2:1b:49:89:90:78:1d:c6:39:7c:50:bc:b8:
6d:48:d8:05:b1:02:e2:ee:90:bc:cd:a3:48:d9:a4:
00:1d:a9:72:3b:fa:b1:b0:e9:7b:1f:53:e5:86:96:
31:91:59:e4:c5:4e:70:20:a6:80:b0:4d:6d:a8:d1:
d7:c3:ae:3c:64:9b:84:c7:16:b7:ab:88:96:19:e4:
40:94:84:b2:d7:28:31:fd:aa:22:56:e0:94:cf:8b:
4f:21:9d:ed:da:5d:0b:6f:a9:aa:bf:3d:5e:c0:02:
c2:9d:a4:cb:f2:94:26:6e:81:9a:d1:c7:77:b7:a5:
13:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A9:C9:A1:D1:2B:29:64:CB:97:DA:A3:3F:62:A5:1E:28:2C:06:EB
X509v3 Authority Key Identifier:
keyid:F4:F8:EC:96:C8:EE:26:5C:3D:A4:23:23:0A:55:21:93:66:DD:9B:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PjslsjuJlw9pCMjClUhk2bdmyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9159db-6173-408c-8e1b-8d498827f45c/1/kanJodErKWTLl9qjP2KlHigsBus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9159db-6173-408c-8e1b-8d498827f45c/1/9PjslsjuJlw9pCMjClUhk2bdmyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.117.0/24
Signature Algorithm: sha256WithRSAEncryption
31:35:72:fd:b0:6f:82:dd:6a:a6:87:7e:47:73:06:aa:12:49:
eb:36:44:ce:e0:79:19:fb:69:d2:e7:df:8e:75:54:96:e0:3b:
0a:92:81:4b:aa:ea:6b:e3:bd:a6:96:dd:a4:35:8a:8a:de:90:
0d:eb:d0:47:85:61:38:16:e6:14:bc:83:e9:00:35:5d:9c:73:
0e:f7:71:62:08:8b:0b:4e:58:86:25:49:67:09:38:c4:5b:59:
6c:68:91:e4:a7:77:17:fe:2d:57:3c:a6:d7:d2:8a:a9:dc:07:
03:c7:c3:6f:26:f5:c7:ab:da:78:15:c7:c4:e2:33:8c:ab:74:
6b:9e:69:46:1d:a5:17:a6:e0:54:5f:91:8f:ce:a6:81:13:47:
fb:33:11:ad:34:1a:a0:53:7c:e6:3c:16:bc:8f:2a:50:27:60:
1e:d2:d4:35:fe:21:91:b2:6f:c0:f1:09:47:2d:f0:94:6f:f9:
4b:c5:46:57:e6:be:ea:62:43:20:f4:94:1e:d8:44:37:59:53:
ce:79:69:b9:72:96:d5:bb:f0:fe:07:db:a9:b4:40:46:3c:51:
dd:57:fa:b5:fe:37:69:62:97:fd:cb:3d:f0:db:4b:b2:a4:81:
7e:5a:47:01:cb:af:c4:e0:09:7e:9b:08:de:6b:54:95:d4:d4:
45:01:fb:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSlAd4XHtqYkP9DhVp0bC1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZjhlYzk2YzhlZTI2NWMzZGE0MjMyMzBhNTUyMTkzNjZk
ZDliMjgwHhcNMjIxMTIzMTUwMTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWE5YzlhMWQxMmIyOTY0Y2I5N2RhYTMzZjYyYTUxZTI4MmMwNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2AdFCgtU9n/gSN90IhvKxsmXNoq
zrLH9xphlp3AE0fj6uf2q4q/zR8oWkF6ReHMrPBXUYl8+TL8TU5KhLpVimAYg6AO
rabeXSRYS9/6VYcHZVa9b8XsONMCdaWQpEyVaVXy9ANA5G+8xCFZMbKSjNHdVy+I
ECMevGo/QFT9GckO9zqkDzDO0MIbSYmQeB3GOXxQvLhtSNgFsQLi7pC8zaNI2aQA
HalyO/qxsOl7H1PlhpYxkVnkxU5wIKaAsE1tqNHXw648ZJuExxa3q4iWGeRAlISy
1ygx/aoiVuCUz4tPIZ3t2l0Lb6mqvz1ewALCnaTL8pQmboGa0cd3t6UTnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGpyaHRKylky5faoz9ipR4oLAbrMB8GA1UdIwQY
MBaAFPT47JbI7iZcPaQjIwpVIZNm3ZsoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBqc2xzanVKbHc5cENNakNsVWhrMmJkbXlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85MTU5ZGItNjE3My00MDhjLThlMWIt
OGQ0OTg4MjdmNDVjLzEva2FuSm9kRXJLV1RMbDlxalAyS2xIaWdzQnVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS85MTU5ZGItNjE3My00MDhjLThlMWItOGQ0OTg4MjdmNDVj
LzEvOVBqc2xzanVKbHc5cENNakNsVWhrMmJkbXlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTN1MA0G
CSqGSIb3DQEBCwUAA4IBAQAxNXL9sG+C3Wqmh35HcwaqEknrNkTO4HkZ+2nS59+O
dVSW4DsKkoFLqupr472mlt2kNYqK3pAN69BHhWE4FuYUvIPpADVdnHMO93FiCIsL
TliGJUlnCTjEW1lsaJHkp3cX/i1XPKbX0oqp3AcDx8NvJvXHq9p4FcfE4jOMq3Rr
nmlGHaUXpuBUX5GPzqaBE0f7MxGtNBqgU3zmPBa8jypQJ2Ae0tQ1/iGRsm/A8QlH
LfCUb/lLxUZX5r7qYkMg9JQe2EQ3WVPOeWm5cpbVu/D+B9uptEBGPFHdV/q1/jdp
Ypf9yz3w20uypIF+WkcBy6/E4Al+mwjea1SV1NRFAfue
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:53 2025 by rpki-client