Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/kMkjV6X5i49HTMvVgWMYQs6AU8s.roa
File: kMkjV6X5i49HTMvVgWMYQs6AU8s.roa (raw, json)
Hash identifier: +640bmcSa8hOt9QeyyI9HbekCwKFqKqU9qmflOYdcko=
Subject key identifier: 90:C9:23:57:A5:F9:8B:8F:47:4C:CB:D5:81:63:18:42:CE:80:53:CB
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 01883D87D9FB44076DA07FC8DF2B81619D52
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/kMkjV6X5i49HTMvVgWMYQs6AU8s.roa
Signing time: Sun 21 May 2023 08:58:13 +0000
ROA not before: Sun 21 May 2023 08:58:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200313
IP address blocks: 185.232.52.0/24 maxlen: 24
195.43.147.0/24 maxlen: 24
185.212.128.0/23 maxlen: 23
185.212.130.0/24 maxlen: 24
185.212.131.0/24 maxlen: 24
45.142.2.0/24 maxlen: 24
2a0d:1640::/32 maxlen: 32
2a0d:63c0::/32 maxlen: 32
2a0d:1643::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:3d:87:d9:fb:44:07:6d:a0:7f:c8:df:2b:81:61:9d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: May 21 08:58:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90c92357a5f98b8f474ccbd581631842ce8053cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:de:db:37:95:6e:f6:ac:4d:43:23:46:25:b7:
4f:5e:c1:de:97:ed:62:e3:b3:70:4c:b4:d5:71:45:
f3:58:c9:a4:d0:1c:e2:2d:b3:85:86:ef:3c:0a:8d:
de:02:e6:8b:62:98:b0:b9:9f:b3:9a:d9:02:40:72:
a0:c1:64:33:10:4c:65:e9:c9:90:9c:d9:f8:15:fe:
bf:a5:62:31:ca:46:44:bc:c1:73:f2:21:64:ec:2e:
99:11:0f:77:18:ad:4e:9c:be:fb:d5:9a:27:93:7a:
e8:5b:73:ce:02:d1:38:8b:4e:53:15:92:8a:6d:e3:
0d:6f:f3:46:38:8c:be:a3:1a:e6:dc:a8:80:17:f1:
10:01:8e:df:f1:c1:2c:41:59:e4:6b:35:d5:8e:c1:
53:c2:4a:a1:24:e0:26:0f:27:dc:4d:84:04:99:eb:
5a:61:f9:62:77:01:b6:48:c9:a8:a1:48:08:75:ea:
68:6e:08:08:4b:b5:91:df:7d:0d:90:56:d4:13:b1:
d2:ec:43:08:80:f1:3a:cf:73:45:73:75:fd:f5:ec:
28:f8:02:08:e6:d3:c3:67:e8:fd:00:64:dc:7d:27:
dc:77:8d:7a:46:54:8b:f3:dd:b9:bd:62:54:31:b2:
cd:d1:9f:8d:67:dc:0b:72:de:f2:10:0b:57:94:03:
e6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C9:23:57:A5:F9:8B:8F:47:4C:CB:D5:81:63:18:42:CE:80:53:CB
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/kMkjV6X5i49HTMvVgWMYQs6AU8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.2.0/24
185.212.128.0/22
185.232.52.0/24
195.43.147.0/24
IPv6:
2a0d:1640::/32
2a0d:1643::/32
2a0d:63c0::/32
Signature Algorithm: sha256WithRSAEncryption
9c:72:f3:c6:91:3c:26:c1:20:1c:19:3e:d9:56:0a:62:c5:8a:
2c:16:1b:1f:99:56:ab:a5:31:08:25:8f:60:be:53:67:54:ca:
77:fa:92:8f:73:5c:6b:61:90:8c:6e:19:18:5b:d1:ef:a2:c7:
bd:0c:a4:ed:a5:1e:f6:2c:db:fb:c9:0e:fc:a9:9b:4a:27:c2:
ae:08:dc:3c:f2:65:0a:6f:9d:e6:93:4e:fd:e9:73:7f:9e:54:
ee:ea:6e:72:4a:db:90:cc:6a:5d:25:7d:39:ba:d6:e0:84:ba:
38:c2:7c:86:26:6e:9f:26:4d:55:dd:1e:a9:65:90:d7:12:2e:
37:2a:8a:e5:69:6e:d5:45:1d:3c:d1:c9:47:98:a8:4f:7d:16:
0b:7e:87:42:e4:19:e8:fc:ae:7b:ee:75:8b:15:21:3f:29:50:
3d:76:f8:c2:0c:e5:d2:29:be:44:05:4e:93:ee:0d:1f:93:49:
fc:3c:5d:81:80:76:92:01:78:ce:43:42:e8:44:b1:5f:b1:08:
04:74:1d:58:cc:36:fe:5d:23:a8:ce:c9:be:fe:c6:19:2a:24:
09:8a:ae:06:4e:a7:76:24:ba:d7:07:d9:6e:44:a9:a4:2b:be:
06:c7:60:be:ac:7e:79:01:15:38:43:06:31:a5:1b:e6:5b:7f:
a5:d1:9e:bb
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYg9h9n7RAdtoH/I3yuBYZ1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwNTIxMDg1ODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGM5MjM1N2E1Zjk4YjhmNDc0Y2NiZDU4MTYzMTg0MmNlODA1M2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd7bN5Vu9qxNQyNGJbdPXsHel+1i
47NwTLTVcUXzWMmk0BziLbOFhu88Co3eAuaLYpiwuZ+zmtkCQHKgwWQzEExl6cmQ
nNn4Ff6/pWIxykZEvMFz8iFk7C6ZEQ93GK1OnL771Zonk3roW3POAtE4i05TFZKK
beMNb/NGOIy+oxrm3KiAF/EQAY7f8cEsQVnkazXVjsFTwkqhJOAmDyfcTYQEmeta
YflidwG2SMmooUgIdepobggIS7WR330NkFbUE7HS7EMIgPE6z3NFc3X99ewo+AII
5tPDZ+j9AGTcfSfcd416RlSL8925vWJUMbLN0Z+NZ9wLct7yEAtXlAPmpwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJDJI1el+YuPR0zL1YFjGELOgFPLMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEva01ralY2WDVpNDlIVE12VmdXTVlRczZBVThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQALY4CAwQC
udSAAwQAueg0AwQAwyuTMBsEAgACMBUDBQAqDRZAAwUAKg0WQwMFACoNY8AwDQYJ
KoZIhvcNAQELBQADggEBAJxy88aRPCbBIBwZPtlWCmLFiiwWGx+ZVqulMQglj2C+
U2dUynf6ko9zXGthkIxuGRhb0e+ix70MpO2lHvYs2/vJDvypm0onwq4I3DzyZQpv
neaTTv3pc3+eVO7qbnJK25DMal0lfTm61uCEujjCfIYmbp8mTVXdHqllkNcSLjcq
iuVpbtVFHTzRyUeYqE99Fgt+h0LkGej8rnvudYsVIT8pUD12+MIM5dIpvkQFTpPu
DR+TSfw8XYGAdpIBeM5DQuhEsV+xCAR0HVjMNv5dI6jOyb7+xhkqJAmKrgZOp3Yk
utcH2W5EqaQrvgbHYL6sfnkBFThDBjGlG+Zbf6XRnrs=
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:30:17 2025 by rpki-client