Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/KRTc1MUMIbEo8X6ZDcP3bDvO3BQ.roa
File: KRTc1MUMIbEo8X6ZDcP3bDvO3BQ.roa (raw, json)
Hash identifier: 7GmxOJtQrUhzpTRIU5972se30MYz2Id/vH1oC21jxyg=
Subject key identifier: 29:14:DC:D4:C5:0C:21:B1:28:F1:7E:99:0D:C3:F7:6C:3B:CE:DC:14
Certificate issuer: /CN=8df51d0670715eb69efa2fbff1998c3bdbd8a9f5
Certificate serial: 0C357E53
Authority key identifier: 8D:F5:1D:06:70:71:5E:B6:9E:FA:2F:BF:F1:99:8C:3B:DB:D8:A9:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jfUdBnBxXrae-i-_8ZmMO9vYqfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/KRTc1MUMIbEo8X6ZDcP3bDvO3BQ.roa
Signing time: Sat 01 Jan 2022 14:59:35 +0000
ROA not before: Sat 01 Jan 2022 14:59:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15510
IP address blocks: 91.192.192.0/22 maxlen: 24
193.200.80.0/23 maxlen: 24
194.116.174.0/23 maxlen: 24
195.8.126.0/24 maxlen: 24
46.17.88.0/21 maxlen: 24
91.215.184.0/22 maxlen: 24
185.27.244.0/22 maxlen: 24
193.164.206.0/23 maxlen: 24
2a03:be80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 204832339 (0xc357e53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8df51d0670715eb69efa2fbff1998c3bdbd8a9f5
Validity
Not Before: Jan 1 14:59:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2914dcd4c50c21b128f17e990dc3f76c3bcedc14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:63:56:75:8f:c9:33:39:e3:71:25:ea:4b:0a:
51:67:4b:f0:18:e0:bd:b0:70:01:91:28:db:dc:69:
74:dd:e1:f1:8d:01:90:de:1f:10:9e:3f:b9:e4:01:
35:2d:99:a0:0d:c9:21:5f:e7:6a:f0:3a:32:20:c3:
35:12:b2:a4:43:f5:3b:e3:7a:0c:92:22:1b:02:70:
24:6c:46:0c:52:b3:7a:ca:f8:d9:21:17:b4:d8:28:
fa:db:9a:cc:63:8c:aa:29:06:e3:1d:aa:e7:74:b4:
97:52:94:af:f0:f1:25:4c:e0:35:be:67:4c:0f:e0:
d8:98:64:ab:be:17:37:c3:64:e5:d8:c7:be:53:f9:
b7:7f:37:9a:18:67:6f:eb:fb:dd:2a:f5:35:16:b3:
83:5c:37:65:2b:0d:57:99:16:ce:f6:58:50:fb:6f:
ed:d2:e2:88:8e:11:73:5e:0e:00:48:6d:9e:b2:97:
af:d5:6f:55:4f:9a:e4:c3:cc:78:65:78:6b:20:d6:
29:a6:5d:6e:14:bf:de:5a:fe:9e:0d:f6:f9:a3:e7:
c7:79:5b:e3:b9:fb:24:b1:f4:26:4d:e5:14:9e:ac:
62:7f:87:29:13:0a:f6:da:4f:fe:46:19:ae:35:0e:
72:bc:7d:9e:83:e8:a0:44:cc:5b:16:bc:5a:65:ea:
29:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:14:DC:D4:C5:0C:21:B1:28:F1:7E:99:0D:C3:F7:6C:3B:CE:DC:14
X509v3 Authority Key Identifier:
keyid:8D:F5:1D:06:70:71:5E:B6:9E:FA:2F:BF:F1:99:8C:3B:DB:D8:A9:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jfUdBnBxXrae-i-_8ZmMO9vYqfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/KRTc1MUMIbEo8X6ZDcP3bDvO3BQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jfUdBnBxXrae-i-_8ZmMO9vYqfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.88.0/21
91.192.192.0/22
91.215.184.0/22
185.27.244.0/22
193.164.206.0/23
193.200.80.0/23
194.116.174.0/23
195.8.126.0/24
IPv6:
2a03:be80::/32
Signature Algorithm: sha256WithRSAEncryption
6a:1f:fc:10:8d:a6:6d:f3:ae:18:42:1c:32:f9:a6:40:63:37:
08:18:f0:6c:95:32:6b:04:b0:3e:72:78:6f:b8:ea:64:a3:5d:
b5:dd:db:16:80:49:a2:3a:bc:71:c8:82:80:3d:82:82:33:37:
b5:56:96:1c:74:90:17:8c:2d:38:43:8e:8d:07:77:f1:67:92:
c3:3a:68:30:17:03:d0:f1:8b:a2:f8:86:b3:95:36:1b:b7:2d:
6c:96:7f:01:cf:df:18:c6:f3:f6:74:06:c5:9e:79:6d:35:4c:
dc:42:58:3e:e3:78:12:15:d4:00:a8:c4:73:e0:47:36:34:41:
ef:23:04:59:8f:32:8b:04:06:ae:9b:38:bc:f2:12:98:4c:84:
cb:f9:35:2c:cc:41:2b:9c:ad:e4:7f:12:f0:31:05:a8:62:89:
90:25:86:68:cb:62:92:08:8d:94:71:67:2d:ff:82:82:25:b4:
05:9e:10:06:6d:19:72:03:5e:8d:a5:26:d2:88:0c:86:e1:61:
92:a4:ff:53:15:b9:e7:db:fe:b6:83:3b:43:f0:16:de:56:22:
ee:c9:89:4f:9b:41:d0:80:66:d2:75:d1:f3:f5:6d:34:c2:87:
25:eb:48:85:d6:71:ef:7a:8d:89:28:b8:f6:5e:1d:e5:68:04:
f3:e1:f3:6c
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEDDV+UzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZGY1MWQwNjcwNzE1ZWI2OWVmYTJmYmZmMTk5OGMzYmRiZDhhOWY1MB4XDTIyMDEw
MTE0NTkzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkxNGRjZDRjNTBj
MjFiMTI4ZjE3ZTk5MGRjM2Y3NmMzYmNlZGMxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRjVnWPyTM543El6ksKUWdL8BjgvbBwAZEo29xpdN3h8Y0B
kN4fEJ4/ueQBNS2ZoA3JIV/navA6MiDDNRKypEP1O+N6DJIiGwJwJGxGDFKzesr4
2SEXtNgo+tuazGOMqikG4x2q53S0l1KUr/DxJUzgNb5nTA/g2Jhkq74XN8Nk5djH
vlP5t383mhhnb+v73Sr1NRazg1w3ZSsNV5kWzvZYUPtv7dLiiI4Rc14OAEhtnrKX
r9VvVU+a5MPMeGV4ayDWKaZdbhS/3lr+ng32+aPnx3lb47n7JLH0Jk3lFJ6sYn+H
KRMK9tpP/kYZrjUOcrx9noPooETMWxa8WmXqKfUCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBQpFNzUxQwhsSjxfpkNw/dsO87cFDAfBgNVHSMEGDAWgBSN9R0GcHFetp76
L7/xmYw729ip9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pmVWRCbkJ4WHJhZS1pLV84Wm1NTzl2WXFmVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvNzQ3MTEzLTU5MWQtNDgwOC05MmQ5LTdhNzk0ZDVjZWQzZC8x
L0tSVGMxTVVNSWJFbzhYNlpEY1AzYkR2TzNCUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
NzQ3MTEzLTU5MWQtNDgwOC05MmQ5LTdhNzk0ZDVjZWQzZC8xL2pmVWRCbkJ4WHJh
ZS1pLV84Wm1NTzl2WXFmVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAy4RWAMEAlvAwAMEAlvXuAMEArkb
9AMEAcGkzgMEAcHIUAMEAcJ0rgMEAMMIfjANBAIAAjAHAwUAKgO+gDANBgkqhkiG
9w0BAQsFAAOCAQEAah/8EI2mbfOuGEIcMvmmQGM3CBjwbJUyawSwPnJ4b7jqZKNd
td3bFoBJojq8cciCgD2CgjM3tVaWHHSQF4wtOEOOjQd38WeSwzpoMBcD0PGLoviG
s5U2G7ctbJZ/Ac/fGMbz9nQGxZ55bTVM3EJYPuN4EhXUAKjEc+BHNjRB7yMEWY8y
iwQGrps4vPISmEyEy/k1LMxBK5yt5H8S8DEFqGKJkCWGaMtikgiNlHFnLf+CgiW0
BZ4QBm0ZcgNejaUm0ogMhuFhkqT/UxW559v+toM7Q/AW3lYi7smJT5tB0IBm0nXR
8/VtNMKHJetIhdZx73qNiSi49l4d5WgE8+HzbA==
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:01:02 2025 by rpki-client