Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/e5ea19-0b7b-431f-91bf-abcc905d9ffe/1/KAJTTPDaI3Tqmqk2BxNNv-jEbYg.roa
File: KAJTTPDaI3Tqmqk2BxNNv-jEbYg.roa (raw, json)
Hash identifier: LUwk3jtAYYUSJGvSCn1RGIMXGWkGR1uY9Ty3I3g4MS0=
Subject key identifier: 28:02:53:4C:F0:DA:23:74:EA:9A:A9:36:07:13:4D:BF:E8:C4:6D:88
Certificate issuer: /CN=6547443e620d63c8e4f54a67178474d1f909af68
Certificate serial: 018BCD625CD1EAB992845EB840BD2E45F849
Authority key identifier: 65:47:44:3E:62:0D:63:C8:E4:F5:4A:67:17:84:74:D1:F9:09:AF:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZUdEPmINY8jk9UpnF4R00fkJr2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/e5ea19-0b7b-431f-91bf-abcc905d9ffe/1/KAJTTPDaI3Tqmqk2BxNNv-jEbYg.roa
Signing time: Tue 14 Nov 2023 10:30:57 +0000
ROA not before: Tue 14 Nov 2023 10:30:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21466
IP address blocks: 213.230.32.0/20 maxlen: 24
213.230.40.0/21 maxlen: 24
185.166.80.0/22 maxlen: 24
213.202.32.0/21 maxlen: 24
213.202.32.0/19 maxlen: 24
213.202.40.0/21 maxlen: 24
213.202.48.0/20 maxlen: 24
2a06:3f40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:62:5c:d1:ea:b9:92:84:5e:b8:40:bd:2e:45:f8:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6547443e620d63c8e4f54a67178474d1f909af68
Validity
Not Before: Nov 14 10:30:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2802534cf0da2374ea9aa93607134dbfe8c46d88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a5:7b:31:fb:91:ba:e9:72:71:8d:aa:d1:64:
1a:5b:92:55:26:fa:e7:29:be:9a:7c:50:5f:89:b1:
ab:1b:7c:2f:6e:d9:92:e4:be:45:42:fe:2a:b8:90:
69:87:7a:66:f4:d6:0b:d8:f7:ee:66:64:e9:de:ce:
14:f2:38:2d:38:d1:a2:10:e6:6b:83:d4:24:31:e7:
07:ba:fd:7a:f9:c4:7a:f0:32:95:1f:19:43:47:54:
05:67:0e:30:15:87:f6:9e:69:80:b4:8d:44:cc:f8:
ec:e2:16:bb:e5:48:23:e1:32:9b:e2:54:d3:b1:7e:
3a:e4:7c:ca:83:b1:c6:51:bb:b9:26:09:04:40:c2:
6a:69:b8:69:eb:9d:60:70:e8:a6:89:2e:7b:5a:4a:
45:e2:50:27:42:c1:6b:51:97:d7:90:e6:93:f9:a0:
c8:04:75:f9:ee:09:46:8b:41:22:9a:2c:5f:ae:87:
f2:77:2b:f9:fd:8f:04:0b:2e:41:c0:06:46:22:e9:
44:d8:4c:0b:7a:48:91:6a:76:02:0c:8f:b2:4f:fe:
8f:5d:f9:56:ee:c9:d4:c8:e4:3f:1b:12:e8:5d:2b:
80:b6:de:15:a0:f9:e9:a5:7d:6f:61:2c:06:1e:70:
16:ab:fc:4b:0f:20:24:57:cb:6a:d9:2f:d5:d9:72:
35:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:02:53:4C:F0:DA:23:74:EA:9A:A9:36:07:13:4D:BF:E8:C4:6D:88
X509v3 Authority Key Identifier:
keyid:65:47:44:3E:62:0D:63:C8:E4:F5:4A:67:17:84:74:D1:F9:09:AF:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZUdEPmINY8jk9UpnF4R00fkJr2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/e5ea19-0b7b-431f-91bf-abcc905d9ffe/1/KAJTTPDaI3Tqmqk2BxNNv-jEbYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/e5ea19-0b7b-431f-91bf-abcc905d9ffe/1/ZUdEPmINY8jk9UpnF4R00fkJr2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.80.0/22
213.202.32.0/19
213.230.32.0/20
IPv6:
2a06:3f40::/29
Signature Algorithm: sha256WithRSAEncryption
15:99:b0:82:50:6e:c5:c8:6a:97:09:5a:52:2e:00:f6:a4:de:
3a:40:fa:67:b4:58:45:86:7c:7c:e3:54:30:ce:5b:d6:72:bb:
4c:71:9d:e4:12:df:01:14:ef:bc:3d:42:e9:96:74:70:5c:15:
58:2a:b2:44:70:95:09:0e:a3:45:69:b3:f1:9b:c4:f8:c9:0d:
71:92:29:85:e3:af:ff:b7:1c:cf:f5:0b:72:3a:8c:3d:61:fd:
4b:7e:24:60:73:8c:57:6f:a6:f2:08:59:bd:5e:5a:a9:50:eb:
76:15:18:22:d8:f9:39:e1:53:c7:28:9b:c2:02:42:df:24:d4:
08:71:5c:2e:71:54:c4:c3:0c:f6:e5:61:dd:1a:c3:7b:17:29:
18:16:1f:8b:ef:9d:ad:ff:e3:28:f3:ea:8e:a4:b4:33:3f:12:
e7:9a:6c:4e:53:99:cb:87:14:2c:ff:10:e2:7f:c4:35:aa:35:
22:34:e4:09:46:a7:db:6e:f8:76:6a:3d:d4:36:6f:f6:ef:0d:
6e:b6:5d:ea:e2:18:ea:81:31:7f:23:0b:33:85:b3:78:bf:72:
1f:14:3e:94:83:58:8a:f3:64:87:2c:20:31:ab:54:0e:af:a2:
fe:fa:fc:47:fe:67:ba:06:49:d5:17:55:cd:c0:5a:5a:5e:2f:
e5:cb:b0:4a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYvNYlzR6rmShF64QL0uRfhJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NDc0NDNlNjIwZDYzYzhlNGY1NGE2NzE3ODQ3NGQxZjkw
OWFmNjgwHhcNMjMxMTE0MTAzMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODAyNTM0Y2YwZGEyMzc0ZWE5YWE5MzYwNzEzNGRiZmU4YzQ2ZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKV7MfuRuulycY2q0WQaW5JVJvrn
Kb6afFBfibGrG3wvbtmS5L5FQv4quJBph3pm9NYL2PfuZmTp3s4U8jgtONGiEOZr
g9QkMecHuv16+cR68DKVHxlDR1QFZw4wFYf2nmmAtI1EzPjs4ha75Ugj4TKb4lTT
sX465HzKg7HGUbu5JgkEQMJqabhp651gcOimiS57WkpF4lAnQsFrUZfXkOaT+aDI
BHX57glGi0Eimixfrofydyv5/Y8ECy5BwAZGIulE2EwLekiRanYCDI+yT/6PXflW
7snUyOQ/GxLoXSuAtt4VoPnppX1vYSwGHnAWq/xLDyAkV8tq2S/V2XI1xwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCgCU0zw2iN06pqpNgcTTb/oxG2IMB8GA1UdIwQY
MBaAFGVHRD5iDWPI5PVKZxeEdNH5Ca9oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlVkRVBtSU5ZOGprOVVwbkY0UjAwZmtKcjJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lNWVhMTktMGI3Yi00MzFmLTkxYmYt
YWJjYzkwNWQ5ZmZlLzEvS0FKVFRQRGFJM1RxbXFrMkJ4Tk52LWpFYllnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lNWVhMTktMGI3Yi00MzFmLTkxYmYtYWJjYzkwNWQ5ZmZl
LzEvWlVkRVBtSU5ZOGprOVVwbkY0UjAwZmtKcjJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuaZQAwQF
1cogAwQE1eYgMA0EAgACMAcDBQMqBj9AMA0GCSqGSIb3DQEBCwUAA4IBAQAVmbCC
UG7FyGqXCVpSLgD2pN46QPpntFhFhnx841QwzlvWcrtMcZ3kEt8BFO+8PULplnRw
XBVYKrJEcJUJDqNFabPxm8T4yQ1xkimF46//txzP9QtyOow9Yf1LfiRgc4xXb6by
CFm9XlqpUOt2FRgi2Pk54VPHKJvCAkLfJNQIcVwucVTEwwz25WHdGsN7FykYFh+L
752t/+Mo8+qOpLQzPxLnmmxOU5nLhxQs/xDif8Q1qjUiNOQJRqfbbvh2aj3UNm/2
7w1utl3q4hjqgTF/IwszhbN4v3IfFD6Ug1iK82SHLCAxq1QOr6L++vxH/me6BknV
F1XNwFpaXi/ly7BK
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:39:16 2025 by rpki-client