Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/KlDaqKB45mow_T668vaq4CnzLbs.roa
File: KlDaqKB45mow_T668vaq4CnzLbs.roa (raw, json)
Hash identifier: OgYf9Po+F6zakX2o8VGn2n2EibSwXaGsI8l4tSv0LIs=
Subject key identifier: 2A:50:DA:A8:A0:78:E6:6A:30:FD:3E:BA:F2:F6:AA:E0:29:F3:2D:BB
Certificate issuer: /CN=fd261d45319e8375187436da44bf5b9adb044a7f
Certificate serial: 01885356EA31A169C344E4FE54ABF2E19AEF
Authority key identifier: FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/KlDaqKB45mow_T668vaq4CnzLbs.roa
Signing time: Thu 25 May 2023 14:36:24 +0000
ROA not before: Thu 25 May 2023 14:36:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8758
IP address blocks: 37.46.144.0/22 maxlen: 24
194.31.128.0/23 maxlen: 24
217.71.240.0/20 maxlen: 24
178.250.130.0/23 maxlen: 24
185.160.244.0/22 maxlen: 24
217.150.224.0/20 maxlen: 24
157.143.0.0/17 maxlen: 24
109.70.112.0/21 maxlen: 24
109.70.116.0/22 maxlen: 24
109.70.115.0/24 maxlen: 24
212.25.0.0/19 maxlen: 24
77.74.96.0/21 maxlen: 24
145.40.192.0/19 maxlen: 24
84.254.80.0/20 maxlen: 24
95.143.48.0/20 maxlen: 24
84.254.96.0/20 maxlen: 24
83.150.0.0/18 maxlen: 24
87.239.200.0/21 maxlen: 24
88.218.24.0/22 maxlen: 24
31.24.8.0/21 maxlen: 24
178.22.104.0/21 maxlen: 24
80.89.208.0/20 maxlen: 24
194.246.118.0/23 maxlen: 24
217.22.128.0/20 maxlen: 24
2001:8e0::/29 maxlen: 32
2a01:bd00::/32 maxlen: 32
2a00:10c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:56:ea:31:a1:69:c3:44:e4:fe:54:ab:f2:e1:9a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd261d45319e8375187436da44bf5b9adb044a7f
Validity
Not Before: May 25 14:36:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a50daa8a078e66a30fd3ebaf2f6aae029f32dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0e:6f:30:a5:78:ab:d0:aa:c6:39:85:9b:82:
7e:f1:97:aa:2a:4a:49:7d:81:0b:0a:9a:2e:9f:dd:
40:c6:89:66:8c:3f:89:3a:99:3a:9f:73:13:31:67:
7e:ee:6f:87:06:bc:67:58:ac:60:5e:38:64:1e:4b:
d4:72:42:43:0b:28:96:4c:af:10:00:5c:46:5c:7c:
f0:91:66:60:2d:88:06:0f:42:69:77:84:d9:56:82:
a0:c1:ea:27:24:86:20:9b:10:f1:eb:de:f4:30:90:
d6:c8:49:26:d7:ea:39:4c:05:54:84:c0:ad:53:f4:
ee:ab:98:6e:f2:e9:ce:58:f5:1a:36:3e:84:e2:00:
b4:a0:2f:13:29:37:df:54:f9:e5:fc:39:9a:f4:de:
09:c5:e9:9f:e7:d4:d1:ce:7f:8e:c6:d3:7f:d0:59:
fd:6a:01:8c:3d:54:7f:f9:a7:c2:53:28:d9:30:7d:
83:cc:bb:e1:ca:ee:56:93:38:46:e4:bf:90:75:1e:
47:7c:a7:ff:97:f9:0f:61:79:fe:bb:38:7b:15:71:
f0:05:33:fb:64:cb:ba:de:e3:3b:6b:55:3f:d2:ba:
2d:99:b7:4a:48:83:21:7f:5c:7f:f4:c0:f0:4b:33:
5f:06:f0:6a:8f:1b:34:9a:d8:ba:bf:de:f4:b0:0a:
e0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:50:DA:A8:A0:78:E6:6A:30:FD:3E:BA:F2:F6:AA:E0:29:F3:2D:BB
X509v3 Authority Key Identifier:
keyid:FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/KlDaqKB45mow_T668vaq4CnzLbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.8.0/21
37.46.144.0/22
77.74.96.0/21
80.89.208.0/20
83.150.0.0/18
84.254.80.0-84.254.111.255
87.239.200.0/21
88.218.24.0/22
95.143.48.0/20
109.70.112.0/21
145.40.192.0/19
157.143.0.0/17
178.22.104.0/21
178.250.130.0/23
185.160.244.0/22
194.31.128.0/23
194.246.118.0/23
212.25.0.0/19
217.22.128.0/20
217.71.240.0/20
217.150.224.0/20
IPv6:
2001:8e0::/29
2a00:10c0::/32
2a01:bd00::/32
Signature Algorithm: sha256WithRSAEncryption
12:22:10:b3:7b:df:46:ba:c0:17:52:f8:fb:2b:12:e6:72:d4:
2a:64:24:93:6f:94:9c:88:87:7e:5e:f9:51:21:24:a3:ce:ae:
47:a2:cb:48:15:e0:b5:29:a7:20:f2:03:67:ac:0c:c0:07:2e:
df:7e:9e:fe:a7:39:5f:ef:e9:cd:b8:b7:3b:a9:9c:ed:09:9a:
5f:6e:b2:d0:a5:8c:45:ad:de:bb:9e:6a:ba:02:aa:89:10:f7:
72:e4:d0:68:98:f4:95:4b:b7:6f:3d:0b:b8:8b:d9:f8:e4:cd:
e8:49:0e:70:b6:60:55:dd:9f:b6:4b:55:b5:db:38:b8:0d:39:
d0:a8:ac:29:74:20:98:74:8c:50:08:15:da:1f:c6:55:d0:86:
05:ba:a2:fa:ee:88:b0:4d:d3:e7:8d:67:b8:45:41:ba:a2:d4:
ba:44:b2:c3:16:ae:39:50:c6:03:01:98:6d:f4:ac:fa:51:6f:
f1:97:39:d1:0b:1e:b4:d3:1f:3d:13:f0:bb:a7:54:52:24:07:
c5:c2:27:84:3a:4f:f5:1c:e5:71:8b:58:60:d9:b9:c3:e5:80:
42:8a:63:a0:d4:b9:ae:ef:ec:28:78:ab:6a:8c:01:29:35:0f:
d5:4e:e9:12:2d:81:16:ba:1e:41:e2:8e:35:de:5f:f5:ba:3c:
89:27:bb:08
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAYhTVuoxoWnDROT+VKvy4ZrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjYxZDQ1MzE5ZTgzNzUxODc0MzZkYTQ0YmY1YjlhZGIw
NDRhN2YwHhcNMjMwNTI1MTQzNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTUwZGFhOGEwNzhlNjZhMzBmZDNlYmFmMmY2YWFlMDI5ZjMyZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA5vMKV4q9CqxjmFm4J+8ZeqKkpJ
fYELCpoun91AxolmjD+JOpk6n3MTMWd+7m+HBrxnWKxgXjhkHkvUckJDCyiWTK8Q
AFxGXHzwkWZgLYgGD0Jpd4TZVoKgweonJIYgmxDx6970MJDWyEkm1+o5TAVUhMCt
U/Tuq5hu8unOWPUaNj6E4gC0oC8TKTffVPnl/Dma9N4Jxemf59TRzn+OxtN/0Fn9
agGMPVR/+afCUyjZMH2DzLvhyu5WkzhG5L+QdR5HfKf/l/kPYXn+uzh7FXHwBTP7
ZMu63uM7a1U/0rotmbdKSIMhf1x/9MDwSzNfBvBqjxs0mti6v970sArgNQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFCpQ2qigeOZqMP0+uvL2quAp8y27MB8GA1UdIwQY
MBaAFP0mHUUxnoN1GHQ22kS/W5rbBEp/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQt
ZWI1MDkzYjIzMWMxLzEvS2xEYXFLQjQ1bW93X1Q2Njh2YXE0Q256TGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQtZWI1MDkzYjIzMWMx
LzEvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBjQQCAAEwgYYDBAMf
GAgDBAIlLpADBANNSmADBARQWdADBAZTlgAwDAMEBFT+UAMEBFT+YAMEA1fvyAME
AljaGAMEBF+PMAMEA21GcAMEBZEowAMEB52PAAMEA7IWaAMEAbL6ggMEArmg9AME
AcIfgAMEAcL2dgMEBdQZAAMEBNkWgAMEBNlH8AMEBNmW4DAbBAIAAjAVAwUDIAEI
4AMFACoAEMADBQAqAb0AMA0GCSqGSIb3DQEBCwUAA4IBAQASIhCze99GusAXUvj7
KxLmctQqZCSTb5SciId+XvlRISSjzq5HostIFeC1Kacg8gNnrAzABy7ffp7+pzlf
7+nNuLc7qZztCZpfbrLQpYxFrd67nmq6AqqJEPdy5NBomPSVS7dvPQu4i9n45M3o
SQ5wtmBV3Z+2S1W12zi4DTnQqKwpdCCYdIxQCBXaH8ZV0IYFuqL67oiwTdPnjWe4
RUG6otS6RLLDFq45UMYDAZht9Kz6UW/xlznRCx600x89E/C7p1RSJAfFwieEOk/1
HOVxi1hg2bnD5YBCimOg1Lmu7+woeKtqjAEpNQ/VTukSLYEWuh5B4o413l/1ujyJ
J7sI
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:41:20 2025 by rpki-client