Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b7a249-1552-4f10-b008-1f66faab4ab5/1/KSD-LFocfGsjR3_VP3iLFiQtYSA.roa
File: KSD-LFocfGsjR3_VP3iLFiQtYSA.roa (raw, json)
Hash identifier: zgoczAN22NfbhliyOdBkSoFm2s8m65CVkQvFfiEObfc=
Subject key identifier: 29:20:FE:2C:5A:1C:7C:6B:23:47:7F:D5:3F:78:8B:16:24:2D:61:20
Certificate issuer: /CN=30d8a64903cfa217379749f18b7fdcea1dab6db4
Certificate serial: 18AFDAF7
Authority key identifier: 30:D8:A6:49:03:CF:A2:17:37:97:49:F1:8B:7F:DC:EA:1D:AB:6D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MNimSQPPohc3l0nxi3_c6h2rbbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/b7a249-1552-4f10-b008-1f66faab4ab5/1/KSD-LFocfGsjR3_VP3iLFiQtYSA.roa
Signing time: Sat 01 Jan 2022 07:53:10 +0000
ROA not before: Sat 01 Jan 2022 07:53:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202032
IP address blocks: 185.54.81.0/24 maxlen: 24
185.54.80.0/24 maxlen: 24
185.54.80.0/22 maxlen: 22
185.54.83.0/24 maxlen: 24
185.54.82.0/24 maxlen: 24
2a02:4460:2::/48 maxlen: 48
2a02:4460::/64 maxlen: 64
2a02:4460::/32 maxlen: 32
2a02:4460:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 414178039 (0x18afdaf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30d8a64903cfa217379749f18b7fdcea1dab6db4
Validity
Not Before: Jan 1 07:53:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2920fe2c5a1c7c6b23477fd53f788b16242d6120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:af:6c:58:3a:61:70:7d:86:3b:4c:cf:14:e0:
e0:cf:1a:50:fe:60:ee:8c:38:85:99:55:88:d5:2d:
df:2a:b5:5f:6d:6a:25:a9:55:e8:2f:fc:56:db:0f:
09:51:05:3a:a4:7c:4b:82:e5:19:8a:f1:04:5c:4d:
ff:94:27:8c:38:46:56:ba:17:36:4b:36:6c:b3:47:
5b:04:69:c3:eb:09:64:ed:b5:ba:5d:5b:ec:df:78:
28:97:42:2b:3f:d0:e5:f2:f2:11:15:d6:0a:bf:10:
f4:22:eb:de:25:13:2f:23:2e:d5:07:d0:dd:53:fb:
f0:44:cc:b4:d7:0b:c4:47:f3:60:df:b6:48:96:0a:
67:46:8d:01:fe:1e:a7:02:2e:31:e3:65:91:eb:e9:
fa:e9:9f:9e:32:e6:f9:e4:fe:28:a5:8a:8c:98:ec:
72:3f:07:64:9c:95:40:ff:f7:92:bf:34:ec:fe:8a:
fe:da:20:dc:40:a0:56:69:10:84:44:0f:10:94:6d:
3c:67:59:33:1e:2a:a8:04:e1:91:59:52:57:c4:dc:
7b:75:bf:1e:28:3f:f1:7c:a7:9a:56:5e:0b:08:a2:
26:4e:c3:3e:73:1a:e9:6d:4f:17:28:af:a8:3a:73:
a2:fe:ab:18:cb:a7:b0:a2:6c:e8:17:38:44:de:5e:
c9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:20:FE:2C:5A:1C:7C:6B:23:47:7F:D5:3F:78:8B:16:24:2D:61:20
X509v3 Authority Key Identifier:
keyid:30:D8:A6:49:03:CF:A2:17:37:97:49:F1:8B:7F:DC:EA:1D:AB:6D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MNimSQPPohc3l0nxi3_c6h2rbbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b7a249-1552-4f10-b008-1f66faab4ab5/1/KSD-LFocfGsjR3_VP3iLFiQtYSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b7a249-1552-4f10-b008-1f66faab4ab5/1/MNimSQPPohc3l0nxi3_c6h2rbbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.80.0/22
IPv6:
2a02:4460::/32
Signature Algorithm: sha256WithRSAEncryption
3d:11:11:c3:39:77:be:6b:6a:3a:56:b9:87:2d:02:de:a0:46:
a1:ae:3d:60:06:78:df:64:df:58:19:f8:85:66:32:b7:f9:1d:
1f:d5:26:0f:d1:fb:22:19:ae:2c:77:93:0c:ba:62:ee:24:9c:
45:3b:ce:84:94:c1:0b:4c:ce:39:2e:9f:cf:bf:79:d5:52:54:
77:b9:70:78:f0:83:f7:24:6f:fc:7c:92:7d:dd:b6:e5:94:ff:
d2:0c:f7:4a:b3:72:85:c5:e2:f7:88:e0:0d:5c:a5:98:21:30:
25:72:6e:f0:88:ca:e8:e5:fe:f0:1e:7e:2b:e8:ba:c9:2e:5a:
b4:e8:0b:01:0b:64:86:c4:6c:71:8b:51:de:11:7d:e4:57:77:
a0:12:6a:71:98:01:2a:59:a5:1e:17:a8:1b:05:1c:37:11:63:
3f:3a:c2:a0:3d:35:7e:65:ae:c2:07:d7:44:d3:eb:1a:04:2b:
bc:d6:93:f8:ce:20:59:85:0d:c3:46:58:a9:a8:63:2a:af:df:
b3:d2:3c:13:36:67:f9:dc:cb:ef:2e:bc:71:c9:99:1e:37:b6:
a8:d8:4b:9b:76:42:b4:7d:ac:d1:7d:4a:0c:e4:a3:9a:6a:f0:
c0:1e:5d:c9:f5:77:f6:70:26:b2:7a:8e:3f:eb:89:51:74:ad:
99:2c:f6:07
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGK/a9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MGQ4YTY0OTAzY2ZhMjE3Mzc5NzQ5ZjE4YjdmZGNlYTFkYWI2ZGI0MB4XDTIyMDEw
MTA3NTMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkyMGZlMmM1YTFj
N2M2YjIzNDc3ZmQ1M2Y3ODhiMTYyNDJkNjEyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJyvbFg6YXB9hjtMzxTg4M8aUP5g7ow4hZlViNUt3yq1X21q
JalV6C/8VtsPCVEFOqR8S4LlGYrxBFxN/5QnjDhGVroXNks2bLNHWwRpw+sJZO21
ul1b7N94KJdCKz/Q5fLyERXWCr8Q9CLr3iUTLyMu1QfQ3VP78ETMtNcLxEfzYN+2
SJYKZ0aNAf4epwIuMeNlkevp+umfnjLm+eT+KKWKjJjscj8HZJyVQP/3kr807P6K
/tog3ECgVmkQhEQPEJRtPGdZMx4qqAThkVlSV8Tce3W/Hig/8XynmlZeCwiiJk7D
PnMa6W1PFyivqDpzov6rGMunsKJs6Bc4RN5eyRECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQpIP4sWhx8ayNHf9U/eIsWJC1hIDAfBgNVHSMEGDAWgBQw2KZJA8+iFzeX
SfGLf9zqHatttDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01OaW1TUVBQb2hjM2wwbnhpM19jNmgycmJiUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvYjdhMjQ5LTE1NTItNGYxMC1iMDA4LTFmNjZmYWFiNGFiNS8x
L0tTRC1MRm9jZkdzalIzX1ZQM2lMRmlRdFlTQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
YjdhMjQ5LTE1NTItNGYxMC1iMDA4LTFmNjZmYWFiNGFiNS8xL01OaW1TUVBQb2hj
M2wwbnhpM19jNmgycmJiUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk2UDANBAIAAjAHAwUAKgJEYDAN
BgkqhkiG9w0BAQsFAAOCAQEAPRERwzl3vmtqOla5hy0C3qBGoa49YAZ432TfWBn4
hWYyt/kdH9UmD9H7IhmuLHeTDLpi7iScRTvOhJTBC0zOOS6fz7951VJUd7lwePCD
9yRv/HySfd225ZT/0gz3SrNyhcXi94jgDVylmCEwJXJu8IjK6OX+8B5+K+i6yS5a
tOgLAQtkhsRscYtR3hF95Fd3oBJqcZgBKlmlHheoGwUcNxFjPzrCoD01fmWuwgfX
RNPrGgQrvNaT+M4gWYUNw0ZYqahjKq/fs9I8EzZn+dzL7y68ccmZHje2qNhLm3ZC
tH2s0X1KDOSjmmrwwB5dyfV39nAmsnqOP+uJUXStmSz2Bw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:32 2025 by rpki-client