Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/KsqN43T_wINchd-7qFTU94biAOs.roa
File: KsqN43T_wINchd-7qFTU94biAOs.roa (raw, json)
Hash identifier: droWM5PdegfN+gj1Q6Iq/oduyIpxU1QAu5HUTfC6DAA=
Subject key identifier: 2A:CA:8D:E3:74:FF:C0:83:5C:85:DF:BB:A8:54:D4:F7:86:E2:00:EB
Certificate issuer: /CN=7aef069e7e3ed5bf70f682ce40c5810ff3e5e378
Certificate serial: 0186B876869823840910D799E251D2B2CDED
Authority key identifier: 7A:EF:06:9E:7E:3E:D5:BF:70:F6:82:CE:40:C5:81:0F:F3:E5:E3:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/KsqN43T_wINchd-7qFTU94biAOs.roa
Signing time: Mon 06 Mar 2023 19:47:00 +0000
ROA not before: Mon 06 Mar 2023 19:47:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28721
IP address blocks: 194.149.245.0/24 maxlen: 24
185.88.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b8:76:86:98:23:84:09:10:d7:99:e2:51:d2:b2:cd:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7aef069e7e3ed5bf70f682ce40c5810ff3e5e378
Validity
Not Before: Mar 6 19:47:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2aca8de374ffc0835c85dfbba854d4f786e200eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1b:ab:14:c4:6a:e6:3c:e5:52:2b:83:be:a2:
59:d5:3a:02:7f:f9:49:b7:81:95:6b:08:84:fd:fa:
ae:12:49:4b:fa:e6:9f:fa:da:7e:50:70:f6:68:d3:
a0:45:a1:29:bd:b7:0a:66:c7:44:3e:fc:6e:31:a7:
23:c0:14:2d:82:b7:ce:8f:36:20:8b:3a:f5:2a:5f:
f6:49:af:bd:05:6e:af:20:e3:5b:63:f2:52:e3:0f:
03:c9:fb:a4:b2:37:ec:6d:57:5a:d5:38:9e:42:1d:
21:54:7f:b3:cc:37:fe:af:08:96:a6:42:cf:d8:a5:
2b:d4:ec:d3:de:56:fb:e8:09:f0:08:2c:9c:32:c2:
13:9b:26:92:da:ee:8d:db:e2:06:ca:cc:71:c0:f3:
56:0b:45:7a:5c:f4:e9:c1:7b:66:ff:58:3c:80:78:
17:9b:4c:b2:c0:7f:10:5b:7a:6f:b9:6f:6d:dd:49:
5a:fb:6f:0f:1e:4e:a0:f9:be:d5:15:d8:1b:f5:3f:
bb:e7:01:6a:fe:6c:c6:fe:5b:9a:26:d9:33:69:1f:
13:e8:2a:78:1f:0a:13:31:f0:12:18:46:ea:12:2e:
8c:bc:8f:c2:d6:5b:80:0e:15:bf:57:67:50:9f:02:
95:b5:3b:0b:d7:54:7d:34:c8:0e:a8:a7:9f:fa:9d:
5c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CA:8D:E3:74:FF:C0:83:5C:85:DF:BB:A8:54:D4:F7:86:E2:00:EB
X509v3 Authority Key Identifier:
keyid:7A:EF:06:9E:7E:3E:D5:BF:70:F6:82:CE:40:C5:81:0F:F3:E5:E3:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/KsqN43T_wINchd-7qFTU94biAOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.130.0/24
194.149.245.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:c2:f1:c7:44:ad:a0:6b:2e:e7:fa:54:a9:52:75:1f:1c:d7:
7b:c3:1b:2c:ac:1e:32:8a:da:4c:74:f2:7b:b7:05:58:da:d6:
c5:a6:b8:db:eb:be:d5:ca:96:5a:bd:cc:6b:7a:f9:eb:56:28:
82:32:0d:16:c2:02:32:0e:0c:94:16:e3:84:79:52:c4:22:a2:
7c:dd:bf:94:37:12:df:5f:7f:eb:9c:df:cb:7a:29:8d:a9:0f:
79:9d:43:e0:e4:75:0e:17:dc:6f:03:f0:d1:cf:21:06:2e:56:
a0:9c:95:bd:15:46:7f:a8:d0:75:87:0a:eb:64:34:69:2b:c3:
bb:3c:1c:60:07:fa:66:a4:ad:1b:5d:98:39:9e:09:a4:78:b4:
99:b1:89:50:74:5c:9f:b4:61:f0:4e:e8:c3:93:cb:7a:cf:5c:
0f:1d:6d:fa:ad:c1:74:d7:53:6b:96:26:83:24:aa:12:99:14:
f7:9e:19:2e:33:b2:7f:ec:f1:a3:c6:8b:e2:15:9f:a1:50:9e:
20:c2:d2:eb:d2:71:42:f0:db:c3:e3:9f:68:43:4a:29:22:00:
bd:67:e4:9a:76:80:27:37:62:8e:25:c5:64:8a:91:e3:53:7a:
2f:4a:7f:e5:e6:3d:dc:e8:fb:e2:47:b6:96:ed:2b:a5:24:c1:
c3:fa:88:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYa4doaYI4QJENeZ4lHSss3tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZWYwNjllN2UzZWQ1YmY3MGY2ODJjZTQwYzU4MTBmZjNl
NWUzNzgwHhcNMjMwMzA2MTk0NzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWNhOGRlMzc0ZmZjMDgzNWM4NWRmYmJhODU0ZDRmNzg2ZTIwMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRurFMRq5jzlUiuDvqJZ1ToCf/lJ
t4GVawiE/fquEklL+uaf+tp+UHD2aNOgRaEpvbcKZsdEPvxuMacjwBQtgrfOjzYg
izr1Kl/2Sa+9BW6vIONbY/JS4w8DyfuksjfsbVda1TieQh0hVH+zzDf+rwiWpkLP
2KUr1OzT3lb76AnwCCycMsITmyaS2u6N2+IGysxxwPNWC0V6XPTpwXtm/1g8gHgX
m0yywH8QW3pvuW9t3Ula+28PHk6g+b7VFdgb9T+75wFq/mzG/luaJtkzaR8T6Cp4
HwoTMfASGEbqEi6MvI/C1luADhW/V2dQnwKVtTsL11R9NMgOqKef+p1cgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCrKjeN0/8CDXIXfu6hU1PeG4gDrMB8GA1UdIwQY
MBaAFHrvBp5+PtW/cPaCzkDFgQ/z5eN4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXU4R25uNC0xYjl3OW9MT1FNV0JEX1BsNDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jMGJiNTItNzBkZS00YWYwLWE5ZmIt
OTAwMDM0ZjAwZDllLzEvS3NxTjQzVF93SU5jaGQtN3FGVFU5NGJpQU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9jMGJiNTItNzBkZS00YWYwLWE5ZmItOTAwMDM0ZjAwZDll
LzEvZXU4R25uNC0xYjl3OW9MT1FNV0JEX1BsNDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuViCAwQA
wpX1MA0GCSqGSIb3DQEBCwUAA4IBAQAvwvHHRK2gay7n+lSpUnUfHNd7wxssrB4y
itpMdPJ7twVY2tbFprjb677VypZavcxrevnrViiCMg0WwgIyDgyUFuOEeVLEIqJ8
3b+UNxLfX3/rnN/LeimNqQ95nUPg5HUOF9xvA/DRzyEGLlagnJW9FUZ/qNB1hwrr
ZDRpK8O7PBxgB/pmpK0bXZg5ngmkeLSZsYlQdFyftGHwTujDk8t6z1wPHW36rcF0
11NrliaDJKoSmRT3nhkuM7J/7PGjxoviFZ+hUJ4gwtLr0nFC8NvD459oQ0opIgC9
Z+SadoAnN2KOJcVkipHjU3ovSn/l5j3c6PviR7aW7SulJMHD+ogb
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:53:32 2025 by rpki-client