Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/b1c7f9-ad9c-4bb7-ac47-927dd459ac5c/1/kTV-PZqzw6_P1-lTe9yFDEAhdBw.roa
File: kTV-PZqzw6_P1-lTe9yFDEAhdBw.roa (raw, json)
Hash identifier: Wz30HUzWr9UvZeLHz3UYJZmAW50y/42A7LBR1Bn41Z8=
Subject key identifier: 91:35:7E:3D:9A:B3:C3:AF:CF:D7:E9:53:7B:DC:85:0C:40:21:74:1C
Certificate issuer: /CN=82aa3ec58ba846d27a797111c5585153000dba0e
Certificate serial: 018572835E9D2F8C30A4F7B222745ABF10E8
Authority key identifier: 82:AA:3E:C5:8B:A8:46:D2:7A:79:71:11:C5:58:51:53:00:0D:BA:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gqo-xYuoRtJ6eXERxVhRUwANug4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/b1c7f9-ad9c-4bb7-ac47-927dd459ac5c/1/kTV-PZqzw6_P1-lTe9yFDEAhdBw.roa
Signing time: Mon 02 Jan 2023 12:44:50 +0000
ROA not before: Mon 02 Jan 2023 12:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202130
IP address blocks: 83.136.144.0/24 maxlen: 24
83.136.145.0/24 maxlen: 24
83.136.147.0/24 maxlen: 24
83.136.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:5e:9d:2f:8c:30:a4:f7:b2:22:74:5a:bf:10:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82aa3ec58ba846d27a797111c5585153000dba0e
Validity
Not Before: Jan 2 12:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91357e3d9ab3c3afcfd7e9537bdc850c4021741c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0f:2c:c2:72:29:54:72:73:bd:8a:3c:d0:7d:
ce:ab:b7:a5:f7:f6:09:d2:2d:12:9d:b9:12:52:57:
b4:24:98:0c:cc:d3:10:c8:f4:70:0b:44:4b:a4:2c:
10:74:a2:b7:92:95:12:82:29:f8:c1:b1:9a:97:a5:
8c:3e:cd:6f:97:5c:19:4b:37:c3:ca:69:f3:0d:61:
c4:af:ad:1f:68:25:70:50:29:d8:03:9f:e6:0d:75:
5a:94:92:0a:11:8d:3a:8d:06:74:ce:2d:04:66:7d:
8d:de:5c:70:ab:a8:e4:48:2f:48:cd:40:10:33:7d:
d1:fc:a2:b8:fa:49:d1:12:48:3b:45:02:ec:22:8a:
74:9c:d9:c2:d9:e9:1a:7b:1c:6f:8c:ad:20:07:3f:
2d:4b:d4:11:4d:d9:d3:ae:26:b4:d9:89:33:53:7d:
36:ed:e2:0e:72:ef:e5:04:76:91:3b:4c:7c:4e:56:
4e:fe:43:f6:3d:4a:cb:9b:8f:ec:5d:33:72:8e:b1:
72:7c:b2:e2:06:ad:d9:34:52:95:9e:88:e3:0c:62:
41:72:2a:9b:3c:6e:dc:6d:d1:ca:6e:fb:20:9f:02:
0b:df:22:54:ea:40:6e:aa:bd:15:c1:68:c6:0b:26:
d6:e4:c2:b4:67:82:90:78:62:68:f3:63:7e:fc:2f:
b8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:35:7E:3D:9A:B3:C3:AF:CF:D7:E9:53:7B:DC:85:0C:40:21:74:1C
X509v3 Authority Key Identifier:
keyid:82:AA:3E:C5:8B:A8:46:D2:7A:79:71:11:C5:58:51:53:00:0D:BA:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gqo-xYuoRtJ6eXERxVhRUwANug4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b1c7f9-ad9c-4bb7-ac47-927dd459ac5c/1/kTV-PZqzw6_P1-lTe9yFDEAhdBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b1c7f9-ad9c-4bb7-ac47-927dd459ac5c/1/gqo-xYuoRtJ6eXERxVhRUwANug4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.144.0/22
Signature Algorithm: sha256WithRSAEncryption
72:05:ec:a0:ae:07:55:bf:d8:4f:b9:bd:77:6f:01:c6:e6:f3:
fd:ea:f9:0f:1d:06:40:b1:8a:d6:28:ba:06:5d:9e:e3:b0:a6:
f6:66:58:32:c9:5a:ff:7f:e1:79:c5:d0:4b:53:9c:c8:42:5e:
af:27:04:c4:8b:99:4c:14:58:46:3e:6c:c8:13:31:69:1b:e4:
57:7e:55:17:5e:73:5c:f4:47:85:77:de:aa:e6:1e:56:9c:f3:
81:c2:7b:1f:e5:ea:e5:17:c9:03:75:4b:82:70:91:6f:97:28:
f2:47:4d:fc:93:50:e7:a6:51:03:1f:ea:23:b5:49:d9:49:03:
96:17:33:15:9f:53:d2:51:e8:28:0e:b5:cd:28:c5:24:af:90:
3e:1a:9d:33:23:85:13:ef:28:d3:d5:e3:4f:b8:c9:10:88:bd:
4f:b7:81:4f:14:71:26:91:23:3c:6b:fa:dd:39:93:60:6b:05:
3d:ff:10:55:cb:00:6c:0f:d7:4f:0a:28:99:42:72:4c:84:74:
f7:73:5f:db:fc:88:24:15:68:47:e1:15:81:17:82:3d:59:65:
6d:4c:33:b3:94:e6:b8:ae:fa:dc:48:ed:6a:d9:b4:67:7d:72:
05:48:3c:be:07:88:50:a3:84:da:49:09:4b:c5:36:2a:ff:48:
cf:7f:a7:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyg16dL4wwpPeyInRavxDoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYWEzZWM1OGJhODQ2ZDI3YTc5NzExMWM1NTg1MTUzMDAw
ZGJhMGUwHhcNMjMwMTAyMTI0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTM1N2UzZDlhYjNjM2FmY2ZkN2U5NTM3YmRjODUwYzQwMjE3NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuw8swnIpVHJzvYo80H3Oq7el9/YJ
0i0SnbkSUle0JJgMzNMQyPRwC0RLpCwQdKK3kpUSgin4wbGal6WMPs1vl1wZSzfD
ymnzDWHEr60faCVwUCnYA5/mDXValJIKEY06jQZ0zi0EZn2N3lxwq6jkSC9IzUAQ
M33R/KK4+knREkg7RQLsIop0nNnC2ekaexxvjK0gBz8tS9QRTdnTria02YkzU302
7eIOcu/lBHaRO0x8TlZO/kP2PUrLm4/sXTNyjrFyfLLiBq3ZNFKVnojjDGJBciqb
PG7cbdHKbvsgnwIL3yJU6kBuqr0VwWjGCybW5MK0Z4KQeGJo82N+/C+4vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJE1fj2as8Ovz9fpU3vchQxAIXQcMB8GA1UdIwQY
MBaAFIKqPsWLqEbSenlxEcVYUVMADboOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3FvLXhZdW9SdEo2ZVhFUnhWaFJVd0FOdWc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9iMWM3ZjktYWQ5Yy00YmI3LWFjNDct
OTI3ZGQ0NTlhYzVjLzEva1RWLVBacXp3Nl9QMS1sVGU5eUZERUFoZEJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9iMWM3ZjktYWQ5Yy00YmI3LWFjNDctOTI3ZGQ0NTlhYzVj
LzEvZ3FvLXhZdW9SdEo2ZVhFUnhWaFJVd0FOdWc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU4iQMA0G
CSqGSIb3DQEBCwUAA4IBAQByBeygrgdVv9hPub13bwHG5vP96vkPHQZAsYrWKLoG
XZ7jsKb2ZlgyyVr/f+F5xdBLU5zIQl6vJwTEi5lMFFhGPmzIEzFpG+RXflUXXnNc
9EeFd96q5h5WnPOBwnsf5erlF8kDdUuCcJFvlyjyR038k1DnplEDH+ojtUnZSQOW
FzMVn1PSUegoDrXNKMUkr5A+Gp0zI4UT7yjT1eNPuMkQiL1Pt4FPFHEmkSM8a/rd
OZNgawU9/xBVywBsD9dPCiiZQnJMhHT3c1/b/IgkFWhH4RWBF4I9WWVtTDOzlOa4
rvrcSO1q2bRnfXIFSDy+B4hQo4TaSQlLxTYq/0jPf6f2
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:10 2025 by rpki-client