Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/eff18d-5cc4-423f-9518-eb843e17c05e/1/KMlpo8EVvrPl4HRmGO60Eu7xjh4.roa
File: KMlpo8EVvrPl4HRmGO60Eu7xjh4.roa (raw, json)
Hash identifier: 7apolmdGQ29PU4+5j28a3xKC8uJ1wY5Q9/d2vrhyeME=
Subject key identifier: 28:C9:69:A3:C1:15:BE:B3:E5:E0:74:66:18:EE:B4:12:EE:F1:8E:1E
Certificate issuer: /CN=5b693cf1eef5fb0bf72ed5c2e22867d1124af3d8
Certificate serial: 081C5085
Authority key identifier: 5B:69:3C:F1:EE:F5:FB:0B:F7:2E:D5:C2:E2:28:67:D1:12:4A:F3:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2k88e71-wv3LtXC4ihn0RJK89g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/eff18d-5cc4-423f-9518-eb843e17c05e/1/KMlpo8EVvrPl4HRmGO60Eu7xjh4.roa
Signing time: Sat 01 Jan 2022 06:53:31 +0000
ROA not before: Sat 01 Jan 2022 06:53:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25424
IP address blocks: 212.111.0.0/19 maxlen: 19
185.157.196.0/22 maxlen: 22
85.92.32.0/19 maxlen: 19
188.244.48.0/20 maxlen: 20
37.9.192.0/21 maxlen: 21
91.109.32.0/21 maxlen: 21
77.92.192.0/19 maxlen: 19
2a00:e580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136073349 (0x81c5085)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b693cf1eef5fb0bf72ed5c2e22867d1124af3d8
Validity
Not Before: Jan 1 06:53:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28c969a3c115beb3e5e0746618eeb412eef18e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:03:b6:a9:22:cb:c9:93:b2:08:93:9a:46:af:
c5:21:30:04:78:73:ae:fd:11:1a:b3:92:18:c2:23:
b4:2a:6d:f7:7d:e8:44:e3:21:78:6e:9f:26:c5:51:
92:e3:d9:b2:a5:eb:8c:df:fc:da:c6:79:2a:9a:a7:
2f:91:18:63:cc:06:00:2d:f2:9b:2b:50:22:29:6f:
02:f0:8a:70:35:42:1a:a5:0a:ee:2d:71:ef:be:da:
2e:73:0b:65:18:2d:e1:5c:9d:88:97:36:c0:62:84:
ef:92:94:f6:39:63:f6:8b:82:62:76:b7:3a:19:39:
24:11:d4:38:37:13:14:5e:b1:45:77:18:41:79:c2:
b3:e9:2a:68:82:2d:51:e2:66:3c:e0:d2:ae:78:f6:
6f:12:5f:3c:44:cf:ac:31:e9:38:58:aa:60:e8:68:
b7:c8:12:ff:8e:53:bc:35:0a:cd:6e:17:a8:9c:a8:
37:ee:14:d7:89:4f:ff:d9:1f:c0:3f:9c:43:e8:bf:
9b:c3:f1:3c:f8:16:c3:fa:f9:a4:95:82:19:ee:7a:
f7:1f:e8:62:9a:eb:40:87:da:47:13:bb:e7:90:58:
ca:d3:1c:43:37:2b:c3:5b:25:a1:b9:de:6f:b5:5e:
d5:92:69:c8:d3:4f:2a:55:69:bd:52:1f:1a:ec:ff:
d9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C9:69:A3:C1:15:BE:B3:E5:E0:74:66:18:EE:B4:12:EE:F1:8E:1E
X509v3 Authority Key Identifier:
keyid:5B:69:3C:F1:EE:F5:FB:0B:F7:2E:D5:C2:E2:28:67:D1:12:4A:F3:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2k88e71-wv3LtXC4ihn0RJK89g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/eff18d-5cc4-423f-9518-eb843e17c05e/1/KMlpo8EVvrPl4HRmGO60Eu7xjh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/eff18d-5cc4-423f-9518-eb843e17c05e/1/W2k88e71-wv3LtXC4ihn0RJK89g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.192.0/21
77.92.192.0/19
85.92.32.0/19
91.109.32.0/21
185.157.196.0/22
188.244.48.0/20
212.111.0.0/19
IPv6:
2a00:e580::/29
Signature Algorithm: sha256WithRSAEncryption
29:9b:0b:94:5e:d8:0d:51:fc:86:24:92:08:a9:a7:f1:68:a0:
b9:85:10:1f:2e:60:8b:7f:1a:fa:b8:53:b2:42:c0:df:09:7d:
3e:1d:b8:48:f0:4b:d5:79:0a:73:23:f1:2e:b7:69:13:48:75:
17:ad:62:e3:58:78:12:5c:b6:dd:eb:b8:8f:3d:e6:fb:13:0d:
0f:3d:7d:6e:12:ce:14:84:09:af:4c:51:35:b5:c4:b1:54:a2:
09:3a:28:99:3d:79:a2:4b:3f:fb:3c:a0:35:e6:2a:8e:d4:2f:
39:d4:94:a2:e3:1d:5c:59:4e:e7:1b:98:3d:e2:62:e3:6a:97:
eb:09:50:8b:bf:55:6e:3a:55:40:4b:e1:a2:84:b0:d6:b6:7a:
83:7a:ba:42:7f:65:a3:67:d6:cb:32:c4:44:6b:63:ce:63:ea:
00:dd:22:2e:08:19:be:a6:b0:b5:50:34:64:aa:83:83:73:1c:
c4:d3:e4:5a:f8:5a:9f:23:2f:45:0c:62:18:ca:52:88:99:1b:
a4:e6:f7:30:07:a6:f1:29:8e:98:c9:f2:29:d3:78:2a:ef:04:
10:f1:d3:52:dd:34:2c:0c:f0:c8:bb:13:c1:31:f0:be:1a:9d:
ce:72:a5:2d:e7:b4:f2:31:b9:73:a9:af:78:d1:1b:4b:67:d9:
b1:a5:52:cf
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIECBxQhTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjY5M2NmMWVlZjVmYjBiZjcyZWQ1YzJlMjI4NjdkMTEyNGFmM2Q4MB4XDTIyMDEw
MTA2NTMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhjOTY5YTNjMTE1
YmViM2U1ZTA3NDY2MThlZWI0MTJlZWYxOGUxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcDtqkiy8mTsgiTmkavxSEwBHhzrv0RGrOSGMIjtCpt933o
ROMheG6fJsVRkuPZsqXrjN/82sZ5KpqnL5EYY8wGAC3ymytQIilvAvCKcDVCGqUK
7i1x777aLnMLZRgt4VydiJc2wGKE75KU9jlj9ouCYna3Ohk5JBHUODcTFF6xRXcY
QXnCs+kqaIItUeJmPODSrnj2bxJfPETPrDHpOFiqYOhot8gS/45TvDUKzW4XqJyo
N+4U14lP/9kfwD+cQ+i/m8PxPPgWw/r5pJWCGe569x/oYprrQIfaRxO755BYytMc
Qzcrw1slobneb7Ve1ZJpyNNPKlVpvVIfGuz/2QcCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBQoyWmjwRW+s+XgdGYY7rQS7vGOHjAfBgNVHSMEGDAWgBRbaTzx7vX7C/cu
1cLiKGfREkrz2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1cyazg4ZTcxLXd2M0x0WEM0aWhuMFJKSzg5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvZWZmMThkLTVjYzQtNDIzZi05NTE4LWViODQzZTE3YzA1ZS8x
L0tNbHBvOEVWdnJQbDRIUm1HTzYwRXU3eGpoNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
ZWZmMThkLTVjYzQtNDIzZi05NTE4LWViODQzZTE3YzA1ZS8xL1cyazg4ZTcxLXd2
M0x0WEM0aWhuMFJKSzg5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAyUJwAMEBU1cwAMEBVVcIAMEA1tt
IAMEArmdxAMEBLz0MAMEBdRvADANBAIAAjAHAwUDKgDlgDANBgkqhkiG9w0BAQsF
AAOCAQEAKZsLlF7YDVH8hiSSCKmn8WiguYUQHy5gi38a+rhTskLA3wl9Ph24SPBL
1XkKcyPxLrdpE0h1F61i41h4Ely23eu4jz3m+xMNDz19bhLOFIQJr0xRNbXEsVSi
CToomT15oks/+zygNeYqjtQvOdSUouMdXFlO5xuYPeJi42qX6wlQi79VbjpVQEvh
ooSw1rZ6g3q6Qn9lo2fWyzLERGtjzmPqAN0iLggZvqawtVA0ZKqDg3McxNPkWvha
nyMvRQxiGMpSiJkbpOb3MAem8SmOmMnyKdN4Ku8EEPHTUt00LAzwyLsTwTHwvhqd
znKlLee08jG5c6mveNEbS2fZsaVSzw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:23:15 2025 by rpki-client