Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/kDej3SBIiG5IE4tB5Z4-YLeq2_g.roa
File: kDej3SBIiG5IE4tB5Z4-YLeq2_g.roa (raw, json)
Hash identifier: hZGWcaD4ZWrLChlfHRUfQnb4f6K5GtTa9XXGnOyYUx8=
Subject key identifier: 90:37:A3:DD:20:48:88:6E:48:13:8B:41:E5:9E:3E:60:B7:AA:DB:F8
Certificate issuer: /CN=29e46e75865e8d4a081e4b5dda46d3c94003679b
Certificate serial: 04FC2061
Authority key identifier: 29:E4:6E:75:86:5E:8D:4A:08:1E:4B:5D:DA:46:D3:C9:40:03:67:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeRudYZejUoIHktd2kbTyUADZ5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/kDej3SBIiG5IE4tB5Z4-YLeq2_g.roa
Signing time: Sat 01 Jan 2022 14:58:12 +0000
ROA not before: Sat 01 Jan 2022 14:58:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43783
IP address blocks: 185.167.56.0/24 maxlen: 24
185.167.58.0/24 maxlen: 24
185.167.57.0/24 maxlen: 24
185.167.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83632225 (0x4fc2061)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29e46e75865e8d4a081e4b5dda46d3c94003679b
Validity
Not Before: Jan 1 14:58:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9037a3dd2048886e48138b41e59e3e60b7aadbf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ce:ae:8b:c5:d3:90:c8:d3:9c:2a:1a:98:6a:
86:5c:30:43:93:8e:2a:8b:6e:4b:77:79:eb:f3:6e:
21:0d:7e:17:8e:6a:63:fa:00:a8:c6:6d:09:33:be:
77:09:49:ea:d2:d0:c2:03:6c:1c:84:04:93:ab:b4:
48:d7:a0:56:2b:09:da:02:bd:9c:ee:23:e1:75:41:
96:9e:4d:8c:40:66:a4:b0:ea:b0:02:ff:2a:85:21:
4e:8b:3d:8d:9c:4e:07:e2:bc:40:be:ea:5f:9c:dd:
93:a8:a3:ae:08:4e:b9:6d:c5:bb:9a:55:ce:f6:99:
04:a9:2d:4e:63:61:a4:6e:a7:ed:4c:9a:b6:cf:11:
5b:cf:f4:8c:a3:de:c7:0a:64:f6:2b:38:20:20:5c:
b5:96:64:04:16:1b:bc:a3:2a:a3:22:18:97:42:31:
5c:43:97:72:5c:70:2d:5b:a0:9d:37:66:61:82:cb:
d1:14:b0:ad:c4:48:19:13:09:eb:06:92:4f:01:f4:
69:f4:89:c8:89:8e:7b:06:d3:5b:50:b4:3d:f5:f3:
97:b0:e7:e4:06:e1:77:3f:cd:86:83:29:1c:95:45:
f3:52:4d:99:7e:75:ce:80:de:b9:b7:17:05:1d:f0:
a4:1e:4f:e3:d8:9d:e1:ae:8f:b4:fc:f5:40:41:68:
3d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:37:A3:DD:20:48:88:6E:48:13:8B:41:E5:9E:3E:60:B7:AA:DB:F8
X509v3 Authority Key Identifier:
keyid:29:E4:6E:75:86:5E:8D:4A:08:1E:4B:5D:DA:46:D3:C9:40:03:67:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeRudYZejUoIHktd2kbTyUADZ5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/kDej3SBIiG5IE4tB5Z4-YLeq2_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/KeRudYZejUoIHktd2kbTyUADZ5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.56.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:55:2a:71:62:e7:ae:a8:93:50:d9:97:44:e6:d9:a0:a1:e7:
09:b7:e0:d5:3e:39:95:cb:2c:6a:ed:f4:ee:5f:98:ec:be:93:
1b:9e:01:bb:fd:d5:57:f8:4a:23:ea:b1:68:52:fb:11:e3:82:
d0:02:13:ac:5f:e4:d7:db:d1:0a:e7:9f:46:37:58:cf:41:d9:
dc:66:b1:70:f1:ff:c2:88:ad:0a:d8:6d:15:59:69:c0:f1:95:
74:98:e5:8c:17:68:21:97:2f:f2:44:10:b5:73:a9:a7:64:4b:
5e:2f:42:1c:dc:8e:61:d5:d7:4e:65:ce:f7:d8:95:1a:03:82:
f6:40:ab:dc:ee:4c:91:53:e9:af:11:af:fd:87:82:36:6e:5e:
f0:5e:5b:71:e9:25:a8:3a:af:f8:18:97:31:a9:4f:32:85:d2:
e5:b4:dd:e1:69:40:fc:95:e8:3d:6f:60:cc:70:a9:06:98:a0:
70:2c:28:9b:be:f3:76:b8:1a:9b:54:2b:fe:f1:69:9b:72:67:
69:a4:d4:9c:46:4c:32:51:03:ae:d4:19:67:79:51:0b:35:e5:
29:6a:6e:11:a5:6e:60:f7:fa:b8:38:4a:a9:cc:a8:f0:e9:3f:
74:75:dd:79:c9:e3:20:e1:67:e8:ba:93:d4:64:fb:68:57:bb:
4d:eb:8d:45
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBPwgYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWU0NmU3NTg2NWU4ZDRhMDgxZTRiNWRkYTQ2ZDNjOTQwMDM2NzliMB4XDTIyMDEw
MTE0NTgxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTAzN2EzZGQyMDQ4
ODg2ZTQ4MTM4YjQxZTU5ZTNlNjBiN2FhZGJmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3OrovF05DI05wqGphqhlwwQ5OOKotuS3d56/NuIQ1+F45q
Y/oAqMZtCTO+dwlJ6tLQwgNsHIQEk6u0SNegVisJ2gK9nO4j4XVBlp5NjEBmpLDq
sAL/KoUhTos9jZxOB+K8QL7qX5zdk6ijrghOuW3Fu5pVzvaZBKktTmNhpG6n7Uya
ts8RW8/0jKPexwpk9is4ICBctZZkBBYbvKMqoyIYl0IxXEOXclxwLVugnTdmYYLL
0RSwrcRIGRMJ6waSTwH0afSJyImOewbTW1C0PfXzl7Dn5Abhdz/NhoMpHJVF81JN
mX51zoDeubcXBR3wpB5P49id4a6PtPz1QEFoPQ8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSQN6PdIEiIbkgTi0Hlnj5gt6rb+DAfBgNVHSMEGDAWgBQp5G51hl6NSgge
S13aRtPJQANnmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tlUnVkWVplalVvSUhrdGQya2JUeVVBRFo1cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvZDIzNTRhLWYzYzItNDFkNS1iMjkyLWE5ZDI2N2FjZjY2NC8x
L2tEZWozU0JJaUc1SUU0dEI1WjQtWUxlcTJfZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
ZDIzNTRhLWYzYzItNDFkNS1iMjkyLWE5ZDI2N2FjZjY2NC8xL0tlUnVkWVplalVv
SUhrdGQya2JUeVVBRFo1cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmnODANBgkqhkiG9w0BAQsFAAOC
AQEAalUqcWLnrqiTUNmXRObZoKHnCbfg1T45lcssau307l+Y7L6TG54Bu/3VV/hK
I+qxaFL7EeOC0AITrF/k19vRCuefRjdYz0HZ3GaxcPH/woitCthtFVlpwPGVdJjl
jBdoIZcv8kQQtXOpp2RLXi9CHNyOYdXXTmXO99iVGgOC9kCr3O5MkVPprxGv/YeC
Nm5e8F5bceklqDqv+BiXMalPMoXS5bTd4WlA/JXoPW9gzHCpBpigcCwom77zdrga
m1Qr/vFpm3JnaaTUnEZMMlEDrtQZZ3lRCzXlKWpuEaVuYPf6uDhKqcyo8Ok/dHXd
ecnjIOFn6LqT1GT7aFe7TeuNRQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:29:14 2025 by rpki-client