Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/48a8ba-dc61-42bd-943a-c31fa71e2635/1/K9Won6C7ME6LVJNvWmFSTb27RYs.roa
File: K9Won6C7ME6LVJNvWmFSTb27RYs.roa (raw, json)
Hash identifier: ZYoNE7Sq0cBo0Jp3YOPMsPv2E5A6E6O9h193UcZTiX4=
Subject key identifier: 2B:D5:A8:9F:A0:BB:30:4E:8B:54:93:6F:5A:61:52:4D:BD:BB:45:8B
Certificate issuer: /CN=e695cfb36fe5a1f384cc778ae299acab81c27bfa
Certificate serial: 018572C35FB03FF5720E5E3CF8F96BF467D0
Authority key identifier: E6:95:CF:B3:6F:E5:A1:F3:84:CC:77:8A:E2:99:AC:AB:81:C2:7B:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5pXPs2_lofOEzHeK4pmsq4HCe_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/48a8ba-dc61-42bd-943a-c31fa71e2635/1/K9Won6C7ME6LVJNvWmFSTb27RYs.roa
Signing time: Mon 02 Jan 2023 13:54:44 +0000
ROA not before: Mon 02 Jan 2023 13:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60237
IP address blocks: 185.34.44.0/22 maxlen: 22
2a00:d5e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:5f:b0:3f:f5:72:0e:5e:3c:f8:f9:6b:f4:67:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e695cfb36fe5a1f384cc778ae299acab81c27bfa
Validity
Not Before: Jan 2 13:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bd5a89fa0bb304e8b54936f5a61524dbdbb458b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:db:5c:6f:20:ee:c7:c9:9c:ce:92:a2:43:2b:
96:0b:7f:b0:86:3e:b3:6f:7b:67:a0:b9:b7:c0:11:
f9:75:42:cd:48:d3:98:08:bf:a1:ef:3b:36:40:62:
a8:cf:df:13:86:0c:50:e4:ee:35:d0:de:4e:a9:5d:
f0:8e:42:37:a5:75:10:0b:28:25:06:ea:9d:9d:29:
a9:60:ac:cc:0d:54:0c:01:81:2f:06:e4:df:a0:06:
a1:b4:f3:44:cc:a0:a4:f6:c2:10:da:10:76:8e:ca:
2a:9b:56:45:fd:b9:5f:3d:56:69:08:59:49:2e:99:
d6:e1:c4:c1:02:ef:2f:08:fe:5d:1b:e9:50:63:99:
84:cd:05:28:b3:38:4f:23:12:57:25:6a:14:57:32:
c2:70:60:ea:18:f3:b7:30:6c:7b:29:62:f4:9e:37:
65:06:22:9f:b9:c9:51:c9:2b:3c:61:87:4f:7e:2f:
f4:6d:4d:6e:43:4a:e3:c8:f6:93:96:46:51:57:36:
21:65:92:77:eb:a0:7c:63:5a:a3:4d:47:b5:ce:fc:
2e:28:65:fc:76:35:37:da:4b:9f:79:6d:94:ad:ab:
f4:97:30:d5:c6:ec:e7:f6:22:ea:ec:7e:a1:28:72:
d0:3e:a5:02:c2:fc:5e:c6:92:b1:c2:e4:e8:c7:f6:
ef:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D5:A8:9F:A0:BB:30:4E:8B:54:93:6F:5A:61:52:4D:BD:BB:45:8B
X509v3 Authority Key Identifier:
keyid:E6:95:CF:B3:6F:E5:A1:F3:84:CC:77:8A:E2:99:AC:AB:81:C2:7B:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5pXPs2_lofOEzHeK4pmsq4HCe_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/48a8ba-dc61-42bd-943a-c31fa71e2635/1/K9Won6C7ME6LVJNvWmFSTb27RYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/48a8ba-dc61-42bd-943a-c31fa71e2635/1/5pXPs2_lofOEzHeK4pmsq4HCe_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.44.0/22
IPv6:
2a00:d5e0::/32
Signature Algorithm: sha256WithRSAEncryption
b9:83:3f:8b:7a:03:f3:67:1e:03:ce:9a:6f:2b:c6:6d:24:44:
a7:60:4f:47:26:04:a8:8c:38:02:e4:90:70:f5:11:34:9d:cc:
02:ef:37:78:6d:a2:8d:3e:69:e0:b8:14:48:db:e4:78:27:17:
3f:eb:81:b0:dd:4f:2c:09:eb:d6:e3:b1:2a:1a:76:f0:b6:da:
e5:62:1a:3c:ea:11:ff:5b:dc:29:7c:24:30:b4:3e:f3:c5:7b:
82:aa:a4:f6:50:4a:11:ff:82:45:9a:73:c6:b4:44:7d:a6:08:
e4:9e:c6:ea:3d:73:2c:19:6b:6b:0f:1f:bf:d2:c6:fd:73:43:
ea:27:b8:aa:60:4c:8b:91:e5:57:1f:d3:b7:2c:fd:fa:45:3a:
24:68:67:9e:51:5c:6b:15:a9:1b:bd:ce:ca:3d:14:04:a5:bf:
56:93:95:62:7b:da:24:b1:30:d4:84:ec:97:54:0b:a0:40:2e:
1b:af:83:96:a4:af:64:be:93:0c:a2:41:ee:9a:3b:37:d3:b8:
84:1e:0c:d8:6d:43:de:ae:72:45:30:a1:6c:f0:86:a1:b8:40:
41:f4:7e:0f:a7:e7:7b:79:30:68:08:e9:f6:af:35:2e:d4:d3:
92:56:ca:53:95:90:7f:7f:0a:0b:43:5e:5b:c3:83:75:11:cb:
8e:5c:d0:e9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyw1+wP/VyDl48+Plr9GfQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2OTVjZmIzNmZlNWExZjM4NGNjNzc4YWUyOTlhY2FiODFj
MjdiZmEwHhcNMjMwMTAyMTM1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQ1YTg5ZmEwYmIzMDRlOGI1NDkzNmY1YTYxNTI0ZGJkYmI0NThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArttcbyDux8mczpKiQyuWC3+whj6z
b3tnoLm3wBH5dULNSNOYCL+h7zs2QGKoz98ThgxQ5O410N5OqV3wjkI3pXUQCygl
BuqdnSmpYKzMDVQMAYEvBuTfoAahtPNEzKCk9sIQ2hB2jsoqm1ZF/blfPVZpCFlJ
LpnW4cTBAu8vCP5dG+lQY5mEzQUoszhPIxJXJWoUVzLCcGDqGPO3MGx7KWL0njdl
BiKfuclRySs8YYdPfi/0bU1uQ0rjyPaTlkZRVzYhZZJ366B8Y1qjTUe1zvwuKGX8
djU32kufeW2Urav0lzDVxuzn9iLq7H6hKHLQPqUCwvxexpKxwuTox/bv4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCvVqJ+guzBOi1STb1phUk29u0WLMB8GA1UdIwQY
MBaAFOaVz7Nv5aHzhMx3iuKZrKuBwnv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXBYUHMyX2xvZk9FekhlSzRwbXNxNEhDZV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80OGE4YmEtZGM2MS00MmJkLTk0M2Et
YzMxZmE3MWUyNjM1LzEvSzlXb242QzdNRTZMVkpOdldtRlNUYjI3UllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80OGE4YmEtZGM2MS00MmJkLTk0M2EtYzMxZmE3MWUyNjM1
LzEvNXBYUHMyX2xvZk9FekhlSzRwbXNxNEhDZV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSIsMA0E
AgACMAcDBQAqANXgMA0GCSqGSIb3DQEBCwUAA4IBAQC5gz+LegPzZx4DzppvK8Zt
JESnYE9HJgSojDgC5JBw9RE0ncwC7zd4baKNPmnguBRI2+R4Jxc/64Gw3U8sCevW
47EqGnbwttrlYho86hH/W9wpfCQwtD7zxXuCqqT2UEoR/4JFmnPGtER9pgjknsbq
PXMsGWtrDx+/0sb9c0PqJ7iqYEyLkeVXH9O3LP36RTokaGeeUVxrFakbvc7KPRQE
pb9Wk5Vie9oksTDUhOyXVAugQC4br4OWpK9kvpMMokHumjs307iEHgzYbUPernJF
MKFs8IahuEBB9H4Pp+d7eTBoCOn2rzUu1NOSVspTlZB/fwoLQ15bw4N1EcuOXNDp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:57 2025 by rpki-client