Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/KjozrcuQfnl4y5jphl8FBn5JMII.roa
File: KjozrcuQfnl4y5jphl8FBn5JMII.roa (raw, json)
Hash identifier: anvmBRgS7JzLXE9ulQkh6tU/2LTfswVcma+fM8lKVB4=
Subject key identifier: 2A:3A:33:AD:CB:90:7E:79:78:CB:98:E9:86:5F:05:06:7E:49:30:82
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018CB38EA114628DBCCA5700A23671859BC8
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/KjozrcuQfnl4y5jphl8FBn5JMII.roa
Signing time: Fri 29 Dec 2023 03:11:58 +0000
ROA not before: Fri 29 Dec 2023 03:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.98.0/24 maxlen: 24
85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b3:8e:a1:14:62:8d:bc:ca:57:00:a2:36:71:85:9b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Dec 29 03:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a3a33adcb907e7978cb98e9865f05067e493082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2f:c0:6c:40:14:a5:8e:01:05:7c:bc:a5:01:
3d:ef:f4:f6:93:c8:d9:ec:de:b9:e9:c8:c2:dd:4c:
57:dc:c6:6b:1b:71:bf:c6:9f:9e:76:dc:4e:9f:a2:
84:4e:5c:81:48:cf:63:dd:b7:5b:e2:9b:df:e6:fc:
9e:7e:42:62:3e:e5:fd:20:9b:5f:e7:53:41:1b:71:
28:29:c8:5f:f0:3a:84:28:da:7f:f7:15:75:7e:8a:
0c:26:0f:43:bb:cd:ea:84:d0:f9:99:b5:e8:b7:4e:
3c:fc:09:71:db:16:f3:c6:1b:53:90:85:4f:86:be:
62:ff:2a:42:f2:ab:00:dc:44:6f:a1:d1:b2:8d:a4:
de:0b:d2:d6:36:a5:4d:7f:1a:52:4b:f7:ed:ab:c9:
e2:d5:b8:c5:b5:67:e5:d4:07:16:7f:43:f0:83:de:
ee:05:64:49:29:6a:78:9b:c2:61:dd:91:b4:98:9e:
cb:a1:a2:c8:cd:5a:2f:7c:22:db:39:e2:58:d6:7d:
68:a2:28:12:f5:86:c3:7f:83:70:d1:0a:94:a4:1c:
c2:7e:ae:22:d0:4f:ac:82:5d:ef:f0:42:64:28:a7:
4e:54:8a:88:a3:b7:0d:44:be:51:27:95:a2:9e:62:
ff:f9:e9:40:1a:0e:53:38:03:a6:2d:b9:57:aa:1a:
a8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:3A:33:AD:CB:90:7E:79:78:CB:98:E9:86:5F:05:06:7E:49:30:82
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/KjozrcuQfnl4y5jphl8FBn5JMII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0-85.117.105.255
Signature Algorithm: sha256WithRSAEncryption
8b:b8:9e:8e:31:43:8c:39:fd:49:52:64:67:09:65:6b:c2:77:
85:ed:ce:80:00:b8:46:7f:a0:1e:e6:87:e2:cd:4b:f1:4e:c8:
fa:3c:bc:b5:15:aa:5c:75:9e:6a:c5:bd:b6:47:4b:0c:98:01:
e5:20:8e:9e:1d:54:9e:e4:c0:ca:84:bb:2e:91:4d:17:30:b9:
8b:13:63:ad:f4:98:df:c3:0e:b7:1d:b1:12:70:67:f9:0c:45:
6d:e6:44:b5:d2:e9:b2:bd:a8:2a:60:cc:bc:b0:b4:e9:f9:10:
84:88:b2:d9:16:47:78:9a:1a:41:42:85:12:32:7b:bb:19:08:
3c:12:a4:ed:9d:f3:b0:e0:5d:dd:2f:7e:64:ac:ff:b0:d9:8a:
a3:a2:44:4c:02:5b:73:65:5b:56:ad:57:68:e5:1b:10:21:cb:
1a:f5:14:99:7f:74:f2:7d:8e:c8:03:10:11:c2:87:c0:de:be:
16:2f:3d:39:d2:fc:9e:49:66:19:ed:04:0b:77:2f:57:22:ba:
7d:df:d7:df:46:3a:1c:e0:90:c7:57:31:18:80:bb:e7:d1:bf:
d9:ee:6e:03:32:ab:d6:2b:1d:db:3e:5b:fc:98:e4:31:56:dd:
1a:24:50:bb:ac:a2:cf:3a:93:4b:7f:b3:f6:17:0f:08:e0:fb:
22:8d:f2:51
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYyzjqEUYo28ylcAojZxhZvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjMxMjI5MDMxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTNhMzNhZGNiOTA3ZTc5NzhjYjk4ZTk4NjVmMDUwNjdlNDkzMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS/AbEAUpY4BBXy8pQE97/T2k8jZ
7N656cjC3UxX3MZrG3G/xp+edtxOn6KETlyBSM9j3bdb4pvf5vyefkJiPuX9IJtf
51NBG3EoKchf8DqEKNp/9xV1fooMJg9Du83qhND5mbXot048/Alx2xbzxhtTkIVP
hr5i/ypC8qsA3ERvodGyjaTeC9LWNqVNfxpSS/ftq8ni1bjFtWfl1AcWf0Pwg97u
BWRJKWp4m8Jh3ZG0mJ7LoaLIzVovfCLbOeJY1n1ooigS9YbDf4Nw0QqUpBzCfq4i
0E+sgl3v8EJkKKdOVIqIo7cNRL5RJ5WinmL/+elAGg5TOAOmLblXqhqo/wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCo6M63LkH55eMuY6YZfBQZ+STCCMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvS2pvenJjdVFmbmw0eTVqcGhsOEZCbjVKTUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVVdWAD
BAFVdWgwDQYJKoZIhvcNAQELBQADggEBAIu4no4xQ4w5/UlSZGcJZWvCd4XtzoAA
uEZ/oB7mh+LNS/FOyPo8vLUVqlx1nmrFvbZHSwyYAeUgjp4dVJ7kwMqEuy6RTRcw
uYsTY630mN/DDrcdsRJwZ/kMRW3mRLXS6bK9qCpgzLywtOn5EISIstkWR3iaGkFC
hRIye7sZCDwSpO2d87DgXd0vfmSs/7DZiqOiREwCW3NlW1atV2jlGxAhyxr1FJl/
dPJ9jsgDEBHCh8DevhYvPTnS/J5JZhntBAt3L1ciun3f199GOhzgkMdXMRiAu+fR
v9nubgMyq9YrHds+W/yY5DFW3RokULusos86k0t/s/YXDwjg+yKN8lE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:45 2025 by rpki-client