Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/kSVPKzGFeRyyNNV1FH6ou92I1cw.roa
File: kSVPKzGFeRyyNNV1FH6ou92I1cw.roa (raw, json)
Hash identifier: 4yGDOMnKOT5A560FpxhRCawC13kfgir5fgTJwRFJznQ=
Subject key identifier: 91:25:4F:2B:31:85:79:1C:B2:34:D5:75:14:7E:A8:BB:DD:88:D5:CC
Certificate issuer: /CN=45b9854b044594e6cf0846fb41de7b0908fb5f72
Certificate serial: 01856D0161F3D2A8329382DEFB68F877A916
Authority key identifier: 45:B9:85:4B:04:45:94:E6:CF:08:46:FB:41:DE:7B:09:08:FB:5F:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbmFSwRFlObPCEb7Qd57CQj7X3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/kSVPKzGFeRyyNNV1FH6ou92I1cw.roa
Signing time: Sun 01 Jan 2023 11:04:45 +0000
ROA not before: Sun 01 Jan 2023 11:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24679
IP address blocks: 217.175.224.0/19 maxlen: 24
195.47.229.0/24 maxlen: 24
193.201.52.0/22 maxlen: 24
81.3.0.0/18 maxlen: 24
83.246.0.0/17 maxlen: 24
193.238.228.0/22 maxlen: 24
217.195.32.0/20 maxlen: 24
2a02:790::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:61:f3:d2:a8:32:93:82:de:fb:68:f8:77:a9:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45b9854b044594e6cf0846fb41de7b0908fb5f72
Validity
Not Before: Jan 1 11:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91254f2b3185791cb234d575147ea8bbdd88d5cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a6:d8:6c:44:08:36:e9:09:94:ee:36:0e:42:
d7:91:ce:33:24:12:bd:6f:2b:14:9f:97:1b:68:5a:
28:f1:14:95:aa:73:59:6f:fc:a7:a2:aa:a3:41:5f:
62:bd:65:8b:fc:49:31:fb:a3:cb:dc:1f:5f:86:92:
57:1f:b3:1c:dd:52:d7:fd:6c:d6:b9:4f:ee:97:0e:
64:e8:48:86:e1:44:eb:4f:70:a2:c3:4d:52:79:74:
5a:06:35:f1:f9:db:31:6e:72:92:58:33:d3:fb:e2:
9f:ac:9d:db:a4:84:51:01:a8:53:b9:b5:ab:0a:f7:
36:b6:cb:ad:af:24:33:1b:c2:24:75:f1:ba:96:ee:
bb:32:2d:ef:4a:11:b4:66:df:9f:44:5f:20:af:26:
6c:81:9e:16:47:81:e7:5d:f3:1b:13:97:87:eb:a3:
81:c5:25:d5:cb:1f:4b:d6:74:b7:ac:91:de:38:cd:
dc:ed:ad:67:c1:10:58:f3:18:01:b5:1a:47:49:18:
df:91:7d:92:c3:57:2a:47:6b:a0:4a:88:01:57:50:
f1:fd:36:6a:bd:27:6e:97:3f:e7:d5:a7:9e:fc:98:
d5:2c:0f:39:8c:36:fa:85:c6:48:3d:e2:2c:38:59:
29:cf:ad:f4:e5:0e:51:35:10:fa:7b:4d:7e:2b:a9:
d3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:25:4F:2B:31:85:79:1C:B2:34:D5:75:14:7E:A8:BB:DD:88:D5:CC
X509v3 Authority Key Identifier:
keyid:45:B9:85:4B:04:45:94:E6:CF:08:46:FB:41:DE:7B:09:08:FB:5F:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbmFSwRFlObPCEb7Qd57CQj7X3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/kSVPKzGFeRyyNNV1FH6ou92I1cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/RbmFSwRFlObPCEb7Qd57CQj7X3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.3.0.0/18
83.246.0.0/17
193.201.52.0/22
193.238.228.0/22
195.47.229.0/24
217.175.224.0/19
217.195.32.0/20
IPv6:
2a02:790::/32
Signature Algorithm: sha256WithRSAEncryption
8f:b6:5c:06:df:54:f6:55:cc:d6:01:14:bf:f0:74:3d:09:bc:
28:75:76:70:f1:46:c5:fe:08:33:41:07:d1:85:37:11:a5:6b:
cb:16:06:f2:46:c8:b9:58:5e:cf:59:5b:6a:7f:4e:33:c2:f8:
3f:11:13:e7:e5:2f:56:60:ce:c5:28:4b:d1:01:33:42:83:2c:
bd:07:8b:10:8c:75:45:0b:65:f2:98:72:36:6c:ac:1f:e8:45:
92:80:85:bb:20:ae:27:18:5c:0a:98:b4:6e:71:df:e1:a9:04:
4f:e8:34:e8:ae:b1:2f:6e:0f:3c:45:a8:b5:f6:30:8f:b7:0c:
2a:b2:00:a2:1d:18:66:06:fd:d2:bf:28:de:ed:99:e1:12:fe:
f9:6c:a5:3f:c7:b3:b3:89:34:c3:38:8a:ec:b8:d5:04:33:13:
ce:fd:e4:5d:b2:9b:4c:d1:89:53:16:b5:de:77:19:ea:94:f7:
64:6f:5a:66:61:dd:f8:70:99:24:59:68:99:90:d3:df:67:73:
d0:ef:61:8a:6b:0d:c4:5b:29:7a:14:c4:a5:6a:89:8a:67:16:
0a:3f:0f:ed:43:9f:82:3d:e0:82:04:bb:19:37:fd:b8:03:5b:
24:bd:40:9f:f1:2f:a5:f0:ea:cd:06:97:48:4f:1c:a4:3a:74:
f8:89:fe:19
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVtAWHz0qgyk4Le+2j4d6kWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1Yjk4NTRiMDQ0NTk0ZTZjZjA4NDZmYjQxZGU3YjA5MDhm
YjVmNzIwHhcNMjMwMTAxMTEwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTI1NGYyYjMxODU3OTFjYjIzNGQ1NzUxNDdlYThiYmRkODhkNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKbYbEQINukJlO42DkLXkc4zJBK9
bysUn5cbaFoo8RSVqnNZb/ynoqqjQV9ivWWL/Ekx+6PL3B9fhpJXH7Mc3VLX/WzW
uU/ulw5k6EiG4UTrT3Ciw01SeXRaBjXx+dsxbnKSWDPT++KfrJ3bpIRRAahTubWr
Cvc2tsutryQzG8IkdfG6lu67Mi3vShG0Zt+fRF8gryZsgZ4WR4HnXfMbE5eH66OB
xSXVyx9L1nS3rJHeOM3c7a1nwRBY8xgBtRpHSRjfkX2Sw1cqR2ugSogBV1Dx/TZq
vSdulz/n1aee/JjVLA85jDb6hcZIPeIsOFkpz6305Q5RNRD6e01+K6nT0QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJElTysxhXkcsjTVdRR+qLvdiNXMMB8GA1UdIwQY
MBaAFEW5hUsERZTmzwhG+0HeewkI+19yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJtRlN3UkZsT2JQQ0ViN1FkNTdDUWo3WDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi81ZTYxMTYtNTZlNi00YzFkLTk2ODMt
NGIyMmZjNTE4NGEyLzEva1NWUEt6R0ZlUnl5Tk5WMUZINm91OTJJMWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi81ZTYxMTYtNTZlNi00YzFkLTk2ODMtNGIyMmZjNTE4NGEy
LzEvUmJtRlN3UkZsT2JQQ0ViN1FkNTdDUWo3WDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQGUQMAAwQH
U/YAAwQCwck0AwQCwe7kAwQAwy/lAwQF2a/gAwQE2cMgMA0EAgACMAcDBQAqAgeQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCPtlwG31T2VczWARS/8HQ9CbwodXZw8UbF/ggz
QQfRhTcRpWvLFgbyRsi5WF7PWVtqf04zwvg/ERPn5S9WYM7FKEvRATNCgyy9B4sQ
jHVFC2XymHI2bKwf6EWSgIW7IK4nGFwKmLRucd/hqQRP6DTorrEvbg88Rai19jCP
twwqsgCiHRhmBv3Svyje7ZnhEv75bKU/x7OziTTDOIrsuNUEMxPO/eRdsptM0YlT
FrXedxnqlPdkb1pmYd34cJkkWWiZkNPfZ3PQ72GKaw3EWyl6FMSlaomKZxYKPw/t
Q5+CPeCCBLsZN/24A1skvUCf8S+l8OrNBpdITxykOnT4if4Z
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:12 2025 by rpki-client