Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/KJs5BJGa_OTz9-La3U1dE7lloiM.roa
File: KJs5BJGa_OTz9-La3U1dE7lloiM.roa (raw, json)
Hash identifier: zoUYkheMNE1EOlD9q4Oh/Ho26pBHjJrEDoEE/tcQchc=
Subject key identifier: 28:9B:39:04:91:9A:FC:E4:F3:F7:E2:DA:DD:4D:5D:13:B9:65:A2:23
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 018654321204B8D59FEA6018EC1DC42F1E80
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/KJs5BJGa_OTz9-La3U1dE7lloiM.roa
Signing time: Wed 15 Feb 2023 08:30:12 +0000
ROA not before: Wed 15 Feb 2023 08:30:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12462
IP address blocks: 212.80.160.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:54:32:12:04:b8:d5:9f:ea:60:18:ec:1d:c4:2f:1e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Feb 15 08:30:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=289b3904919afce4f3f7e2dadd4d5d13b965a223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0a:9d:e6:e0:31:ed:ee:cb:63:8c:bf:be:5e:
2f:fe:b5:87:9c:4d:b9:e8:ca:a8:62:69:39:e5:cd:
90:3f:bb:7a:57:39:4e:c9:02:11:12:da:0a:d1:10:
31:d0:e6:f7:7d:ca:02:9e:07:cd:12:72:41:c2:7e:
99:80:a0:db:c2:d2:ed:3d:94:5b:d9:23:47:2f:85:
89:08:de:08:b7:55:93:34:ce:fb:d7:41:79:41:28:
62:19:50:40:61:4c:73:ce:2b:66:94:5b:24:44:62:
06:2e:21:41:65:13:90:e4:29:39:5c:fe:57:96:c4:
14:72:16:3c:f3:5f:fc:3c:03:ec:ec:4f:14:f3:61:
44:bc:d4:b1:1b:f6:95:c1:7a:b7:36:bd:28:7e:8e:
2b:1c:7c:2d:82:49:5b:c3:c0:60:9a:a1:6a:84:1e:
b7:8b:4e:81:a1:b6:e8:0d:43:f6:c3:1a:2c:69:5f:
5a:c2:9a:71:0d:f8:e2:90:f9:37:d2:2a:30:da:54:
ed:64:0e:46:0b:2d:27:7c:5c:93:2c:10:7f:b2:ae:
8a:a9:38:0a:de:d6:34:ef:54:5c:25:e3:9a:66:d6:
db:17:35:e9:99:76:e6:60:9a:d4:83:56:b1:89:56:
91:4f:9c:fb:dd:8a:e8:4e:fd:a3:bc:56:57:7a:fc:
c7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9B:39:04:91:9A:FC:E4:F3:F7:E2:DA:DD:4D:5D:13:B9:65:A2:23
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/KJs5BJGa_OTz9-La3U1dE7lloiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.80.160.0/19
Signature Algorithm: sha256WithRSAEncryption
56:e9:02:b3:a4:d4:d1:73:0e:19:5a:be:50:27:ee:8d:6a:d9:
05:c3:24:6b:ec:2e:56:69:7f:9a:f0:69:d6:42:df:db:5f:c9:
a9:c8:73:e7:a9:94:f4:d7:8c:54:52:42:42:18:ab:ed:4d:7d:
20:48:e6:ba:a3:7e:34:fe:56:7a:3c:e4:19:b9:84:96:0c:ee:
ae:2d:64:f9:e1:a9:c0:e3:01:e2:c4:ae:2d:fb:21:ac:c2:b7:
e3:a4:13:ce:9e:50:e2:16:14:cc:23:99:c7:79:aa:64:dc:26:
8f:7a:d7:bc:e1:48:29:bb:97:2c:83:b3:ee:5d:89:27:cd:ab:
b9:3c:76:f5:9c:4b:83:47:d8:c8:f1:fc:1f:64:76:b0:91:f7:
f0:73:a1:74:9f:c8:f7:f4:ce:26:6f:55:a5:54:04:13:ff:96:
c5:cf:8c:b9:25:7d:f2:29:d2:3a:63:1c:cd:e2:dc:5e:bd:a5:
d5:2b:2f:a3:c5:5a:7b:35:d4:e6:aa:3f:95:7c:2e:be:96:a2:
08:2a:19:18:14:29:e1:4b:0f:7c:11:28:50:09:2a:91:6b:d2:
64:62:40:8d:f6:21:4c:5b:46:e4:be:bc:a1:03:4d:e7:62:ad:
8e:1d:33:1f:5b:58:cc:a3:be:cd:84:e8:fc:2b:a8:bd:a2:4c:
ae:38:b7:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZUMhIEuNWf6mAY7B3ELx6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjMwMjE1MDgzMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODliMzkwNDkxOWFmY2U0ZjNmN2UyZGFkZDRkNWQxM2I5NjVhMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQqd5uAx7e7LY4y/vl4v/rWHnE25
6MqoYmk55c2QP7t6VzlOyQIREtoK0RAx0Ob3fcoCngfNEnJBwn6ZgKDbwtLtPZRb
2SNHL4WJCN4It1WTNM7710F5QShiGVBAYUxzzitmlFskRGIGLiFBZROQ5Ck5XP5X
lsQUchY881/8PAPs7E8U82FEvNSxG/aVwXq3Nr0ofo4rHHwtgklbw8BgmqFqhB63
i06BobboDUP2wxosaV9awppxDfjikPk30iow2lTtZA5GCy0nfFyTLBB/sq6KqTgK
3tY071RcJeOaZtbbFzXpmXbmYJrUg1axiVaRT5z73YroTv2jvFZXevzHhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCibOQSRmvzk8/fi2t1NXRO5ZaIjMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvS0pzNUJKR2FfT1R6OS1MYTNVMWRFN2xsb2lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1FCgMA0G
CSqGSIb3DQEBCwUAA4IBAQBW6QKzpNTRcw4ZWr5QJ+6NatkFwyRr7C5WaX+a8GnW
Qt/bX8mpyHPnqZT014xUUkJCGKvtTX0gSOa6o340/lZ6POQZuYSWDO6uLWT54anA
4wHixK4t+yGswrfjpBPOnlDiFhTMI5nHeapk3CaPete84Ugpu5csg7PuXYknzau5
PHb1nEuDR9jI8fwfZHawkffwc6F0n8j39M4mb1WlVAQT/5bFz4y5JX3yKdI6YxzN
4txevaXVKy+jxVp7NdTmqj+VfC6+lqIIKhkYFCnhSw98EShQCSqRa9JkYkCN9iFM
W0bkvryhA03nYq2OHTMfW1jMo77NhOj8K6i9okyuOLeJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:27 2025 by rpki-client