Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/kc4KhZcMK0Sh-bkDpgM4jEldJ5M.roa
File: kc4KhZcMK0Sh-bkDpgM4jEldJ5M.roa (raw, json)
Hash identifier: ZVtLlWqwydXlofyGI7pkOzPBsFE3JSmTRFdhzIEvf9o=
Subject key identifier: 91:CE:0A:85:97:0C:2B:44:A1:F9:B9:03:A6:03:38:8C:49:5D:27:93
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 0181D6F2E2EE7FD09652CEBA0367888F61BB
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/kc4KhZcMK0Sh-bkDpgM4jEldJ5M.roa
Signing time: Thu 07 Jul 2022 04:37:30 +0000
ROA not before: Thu 07 Jul 2022 04:37:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31363
IP address blocks: 195.91.211.0/24 maxlen: 24
195.91.218.0/24 maxlen: 24
195.91.222.0/24 maxlen: 24
195.91.225.0/24 maxlen: 24
195.91.226.0/24 maxlen: 24
195.91.230.0/24 maxlen: 24
195.91.231.0/24 maxlen: 24
195.91.237.0/24 maxlen: 24
195.91.238.0/24 maxlen: 24
195.91.234.0/24 maxlen: 24
195.91.235.0/24 maxlen: 24
195.91.239.0/24 maxlen: 24
195.91.240.0/24 maxlen: 24
195.91.241.0/24 maxlen: 24
195.91.242.0/24 maxlen: 24
86.62.125.0/24 maxlen: 24
195.91.168.0/24 maxlen: 24
195.91.169.0/24 maxlen: 24
195.91.170.0/24 maxlen: 24
195.91.171.0/24 maxlen: 24
195.91.172.0/24 maxlen: 24
195.91.173.0/24 maxlen: 24
195.91.174.0/24 maxlen: 24
195.91.175.0/24 maxlen: 24
2a02:2698:9800::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d6:f2:e2:ee:7f:d0:96:52:ce:ba:03:67:88:8f:61:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jul 7 04:37:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91ce0a85970c2b44a1f9b903a603388c495d2793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a6:d4:38:49:ba:ed:45:83:3c:17:2e:c3:58:
d3:dc:70:08:8c:db:ea:02:ee:da:8d:25:bf:99:de:
d0:79:80:9d:37:f1:fb:c8:de:87:65:b6:f8:6e:ad:
e2:f9:e1:33:fd:3d:4f:9c:f2:e6:58:5b:09:ae:6d:
77:24:f6:e8:82:7f:ca:7d:4c:c6:86:40:53:2f:07:
f2:3c:40:9d:7a:0b:8d:e0:12:70:f6:b0:d4:92:dd:
28:79:54:52:29:3b:17:f3:41:39:98:bc:50:c6:a9:
53:b6:fc:38:4f:c0:b2:29:de:e0:23:21:52:0a:9d:
64:a6:52:2e:9b:bb:3f:33:4c:4e:4d:cd:b0:25:da:
96:36:7d:aa:fb:cc:44:be:f7:d3:15:91:d3:cf:ee:
ba:56:97:64:be:b8:a5:10:14:c7:42:76:6c:65:f5:
d7:6c:2e:d6:e9:86:1c:97:95:0e:62:e9:bd:9f:69:
35:8d:13:e2:d7:6b:83:d8:61:db:e2:b0:2a:7c:f0:
6a:77:e5:be:47:f4:2a:73:1f:ee:72:cd:3f:42:af:
4b:11:04:9e:f5:e3:16:eb:93:67:65:a5:1a:39:2b:
2d:d9:02:6f:25:95:7e:19:27:31:79:4e:fc:ec:b0:
73:f3:e1:65:40:a9:e6:ed:3a:80:15:d5:43:08:8a:
e1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CE:0A:85:97:0C:2B:44:A1:F9:B9:03:A6:03:38:8C:49:5D:27:93
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/kc4KhZcMK0Sh-bkDpgM4jEldJ5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.125.0/24
195.91.168.0/21
195.91.211.0/24
195.91.218.0/24
195.91.222.0/24
195.91.225.0-195.91.226.255
195.91.230.0/23
195.91.234.0/23
195.91.237.0-195.91.242.255
IPv6:
2a02:2698:9800::/38
Signature Algorithm: sha256WithRSAEncryption
01:7f:90:f3:62:1b:5e:28:52:3b:21:6e:ab:51:e3:7b:93:bd:
41:f4:9c:8f:39:ab:c5:7c:d5:d6:b9:0d:0a:a9:04:89:a7:e4:
ce:64:09:b7:74:51:fc:24:e4:a2:14:d3:da:9c:a2:fd:55:bc:
b5:d2:35:2c:93:8c:cc:98:e3:1a:e6:e6:9b:c7:60:75:7e:dc:
a6:fe:bf:19:68:a7:33:3a:4c:02:0e:85:66:08:12:fc:dd:ea:
d6:e8:9a:38:ac:d3:11:5f:ff:b9:10:b5:60:c9:93:b1:20:49:
3b:1f:09:ad:6b:19:3f:85:f6:a0:03:52:cd:79:5e:9f:dc:ab:
9d:09:7e:c1:0a:dd:c5:41:a0:dd:03:e3:d4:15:53:ba:4e:95:
12:12:16:33:bc:3c:a8:74:e2:e4:2e:0f:5d:34:1e:bb:cd:e4:
8b:4d:b8:1b:b7:2f:08:1a:e8:cf:09:c1:2d:f2:cb:06:26:6b:
fe:15:32:9c:5b:ba:b7:1e:a1:5e:f2:3f:b4:92:1d:f6:d7:08:
d0:41:4a:56:d6:29:04:41:da:ea:07:6f:74:f7:02:87:33:ae:
9a:b3:d0:05:bb:20:b7:81:4a:d7:6a:00:94:bf:55:ab:b3:c4:
cd:0a:fe:f1:94:e9:96:09:6e:73:a7:39:02:d6:1e:74:73:88:
e9:ca:c1:73
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYHW8uLuf9CWUs66A2eIj2G7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjIwNzA3MDQzNzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWNlMGE4NTk3MGMyYjQ0YTFmOWI5MDNhNjAzMzg4YzQ5NWQyNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlabUOEm67UWDPBcuw1jT3HAIjNvq
Au7ajSW/md7QeYCdN/H7yN6HZbb4bq3i+eEz/T1PnPLmWFsJrm13JPbogn/KfUzG
hkBTLwfyPECdeguN4BJw9rDUkt0oeVRSKTsX80E5mLxQxqlTtvw4T8CyKd7gIyFS
Cp1kplIum7s/M0xOTc2wJdqWNn2q+8xEvvfTFZHTz+66VpdkvrilEBTHQnZsZfXX
bC7W6YYcl5UOYum9n2k1jRPi12uD2GHb4rAqfPBqd+W+R/Qqcx/ucs0/Qq9LEQSe
9eMW65NnZaUaOSst2QJvJZV+GScxeU787LBz8+FlQKnm7TqAFdVDCIrhfQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFJHOCoWXDCtEofm5A6YDOIxJXSeTMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEva2M0S2haY01LMFNoLWJrRHBnTTRqRWxkSjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBMBAIAATBGAwQAVj59AwQD
w1uoAwQAw1vTAwQAw1vaAwQAw1veMAwDBADDW+EDBADDW+IDBAHDW+YDBAHDW+ow
DAMEAMNb7QMEAMNb8jAOBAIAAjAIAwYCKgImmJgwDQYJKoZIhvcNAQELBQADggEB
AAF/kPNiG14oUjshbqtR43uTvUH0nI85q8V81da5DQqpBImn5M5kCbd0Ufwk5KIU
09qcov1VvLXSNSyTjMyY4xrm5pvHYHV+3Kb+vxlopzM6TAIOhWYIEvzd6tbomjis
0xFf/7kQtWDJk7EgSTsfCa1rGT+F9qADUs15Xp/cq50JfsEK3cVBoN0D49QVU7pO
lRISFjO8PKh04uQuD100HrvN5ItNuBu3Lwga6M8JwS3yywYma/4VMpxburceoV7y
P7SSHfbXCNBBSlbWKQRB2uoHb3T3Aoczrpqz0AW7ILeBStdqAJS/VauzxM0K/vGU
6ZYJbnOnOQLWHnRziOnKwXM=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:01 2025 by rpki-client