Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Kp9zgNDh9AuIHDHadRvOumT-0OE.roa
File: Kp9zgNDh9AuIHDHadRvOumT-0OE.roa (raw, json)
Hash identifier: ZtdUPbDfyXOUWsp9k2rYGKOqGx0GGZG3J8ltRO/mUIo=
Subject key identifier: 2A:9F:73:80:D0:E1:F4:0B:88:1C:31:DA:75:1B:CE:BA:64:FE:D0:E1
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0183A8D0658A89FAE8AFB0C299FF639587EC
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Kp9zgNDh9AuIHDHadRvOumT-0OE.roa
Signing time: Wed 05 Oct 2022 15:42:53 +0000
ROA not before: Wed 05 Oct 2022 15:42:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208737
IP address blocks: 78.159.130.0/24 maxlen: 24
91.92.54.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a8:d0:65:8a:89:fa:e8:af:b0:c2:99:ff:63:95:87:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Oct 5 15:42:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a9f7380d0e1f40b881c31da751bceba64fed0e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:73:c3:b2:d0:78:82:fb:58:9c:d7:f5:dc:ed:
84:f6:c0:71:30:19:f1:24:2e:2b:36:ce:6d:6d:ec:
1a:98:4a:4e:a0:61:b2:58:02:ab:f0:1f:3e:ac:0c:
b8:ae:50:c2:d8:ea:ed:db:88:fa:5c:46:8d:c8:95:
49:04:6b:3b:d5:59:ca:6d:b2:cf:fe:8a:25:71:e9:
7a:d8:dd:72:af:50:c2:ab:77:a7:06:bd:e7:22:3f:
0a:e9:14:95:09:e2:b9:0d:4a:a7:76:38:b2:52:ac:
de:5a:6f:fd:d8:3b:3d:af:c0:42:39:27:5e:56:1b:
b5:05:d2:2b:2b:0c:1d:c9:56:a1:17:95:58:bf:7b:
9c:dc:27:02:26:83:c1:2b:8c:b6:80:41:55:e1:58:
ea:ea:1a:06:29:3c:82:37:a7:99:6d:25:ff:cc:de:
0c:af:10:00:57:98:82:58:54:95:5d:5c:14:10:ef:
aa:9d:89:f4:26:69:d5:5a:53:51:ce:f7:5d:ea:d5:
72:0d:d9:b1:8e:1d:4a:5b:a2:86:d4:35:c9:d0:2d:
41:19:4a:bd:8a:a9:47:5d:0a:38:ba:0c:bf:9b:08:
bc:c2:77:4c:5c:43:26:3e:bf:25:f7:2c:9d:b1:52:
83:71:98:c2:2b:1f:da:34:54:0d:1e:1d:92:c4:ce:
4c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:9F:73:80:D0:E1:F4:0B:88:1C:31:DA:75:1B:CE:BA:64:FE:D0:E1
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Kp9zgNDh9AuIHDHadRvOumT-0OE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.130.0/24
78.159.156.0/24
91.92.54.0/24
Signature Algorithm: sha256WithRSAEncryption
41:87:74:89:de:a5:14:5c:d0:18:09:25:56:b4:e6:b3:1e:e1:
a3:cb:ad:6e:4e:ce:24:54:a0:27:4b:0e:99:42:25:af:b3:d7:
7b:b6:b5:7e:5f:33:da:c2:ff:b2:1c:e4:37:d7:6d:50:45:af:
93:4e:ed:d1:71:54:9e:ad:94:e6:fc:87:41:95:70:fc:68:39:
76:99:51:13:32:5d:83:70:91:84:6e:28:7a:ba:ab:0a:03:df:
f1:d9:8f:5e:c7:8d:e1:22:4c:ff:4b:1c:2b:40:5e:e4:92:42:
84:d0:ad:cb:da:c5:44:f1:e7:69:b1:45:d8:71:34:a9:0f:fe:
fb:5e:f0:47:58:df:b5:79:80:3d:f8:8b:da:72:7c:95:f8:c6:
e2:4e:9b:44:da:42:f4:d9:28:b5:72:be:f2:ea:55:ac:bc:3c:
f6:93:ea:2d:55:50:19:5a:33:e9:b5:fd:ff:90:b3:19:46:e1:
03:ce:12:1e:72:5f:fd:ea:2f:40:5e:06:af:d2:1b:e7:79:a5:
bd:8e:d9:fc:3d:97:97:d1:43:51:4d:37:3a:aa:3b:75:70:82:
6c:4d:74:55:f5:4f:95:30:0a:92:8f:6c:0c:1c:c1:91:69:4f:
89:f5:e2:5c:54:b6:ff:09:f2:d1:25:32:67:39:be:da:b1:bd:
f2:9a:4b:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOo0GWKifror7DCmf9jlYfsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjIxMDA1MTU0MjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTlmNzM4MGQwZTFmNDBiODgxYzMxZGE3NTFiY2ViYTY0ZmVkMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHPDstB4gvtYnNf13O2E9sBxMBnx
JC4rNs5tbewamEpOoGGyWAKr8B8+rAy4rlDC2Ort24j6XEaNyJVJBGs71VnKbbLP
/oolcel62N1yr1DCq3enBr3nIj8K6RSVCeK5DUqndjiyUqzeWm/92Ds9r8BCOSde
Vhu1BdIrKwwdyVahF5VYv3uc3CcCJoPBK4y2gEFV4Vjq6hoGKTyCN6eZbSX/zN4M
rxAAV5iCWFSVXVwUEO+qnYn0JmnVWlNRzvdd6tVyDdmxjh1KW6KG1DXJ0C1BGUq9
iqlHXQo4ugy/mwi8wndMXEMmPr8l9yydsVKDcZjCKx/aNFQNHh2SxM5MGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCqfc4DQ4fQLiBwx2nUbzrpk/tDhMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvS3A5emdORGg5QXVJSERIYWRSdk91bVQtME9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATp+CAwQA
Tp+cAwQAW1w2MA0GCSqGSIb3DQEBCwUAA4IBAQBBh3SJ3qUUXNAYCSVWtOazHuGj
y61uTs4kVKAnSw6ZQiWvs9d7trV+XzPawv+yHOQ3121QRa+TTu3RcVSerZTm/IdB
lXD8aDl2mVETMl2DcJGEbih6uqsKA9/x2Y9ex43hIkz/SxwrQF7kkkKE0K3L2sVE
8edpsUXYcTSpD/77XvBHWN+1eYA9+IvacnyV+MbiTptE2kL02Si1cr7y6lWsvDz2
k+otVVAZWjPptf3/kLMZRuEDzhIecl/96i9AXgav0hvneaW9jtn8PZeX0UNRTTc6
qjt1cIJsTXRV9U+VMAqSj2wMHMGRaU+J9eJcVLb/CfLRJTJnOb7asb3ymkso
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:11:48 2025 by rpki-client