Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/KLzNyjkAJxVF0G3wzlv_H6tH7Z4.roa
File: KLzNyjkAJxVF0G3wzlv_H6tH7Z4.roa (raw, json)
Hash identifier: pYUIbwG2e/FkXWggKhkz3TU8C3VWL1AgrNXAZj0LVJE=
Subject key identifier: 28:BC:CD:CA:39:00:27:15:45:D0:6D:F0:CE:5B:FF:1F:AB:47:ED:9E
Certificate issuer: /CN=e378a94b9964ea5e9f8b05938702ba58316b500f
Certificate serial: 0186DF11D836F8D4A0DE543440B760EBD6A8
Authority key identifier: E3:78:A9:4B:99:64:EA:5E:9F:8B:05:93:87:02:BA:58:31:6B:50:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/43ipS5lk6l6fiwWThwK6WDFrUA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/KLzNyjkAJxVF0G3wzlv_H6tH7Z4.roa
Signing time: Tue 14 Mar 2023 07:42:13 +0000
ROA not before: Tue 14 Mar 2023 07:42:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50057
IP address blocks: 185.161.112.0/24 maxlen: 24
185.161.113.0/24 maxlen: 24
185.161.114.0/24 maxlen: 24
185.161.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:df:11:d8:36:f8:d4:a0:de:54:34:40:b7:60:eb:d6:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e378a94b9964ea5e9f8b05938702ba58316b500f
Validity
Not Before: Mar 14 07:42:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28bccdca3900271545d06df0ce5bff1fab47ed9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a0:59:44:2f:07:32:ae:b1:63:02:af:06:83:
8a:95:f2:0b:7e:16:96:17:e8:7e:29:da:16:05:0d:
9a:f6:2f:59:27:22:dc:d9:6c:1d:53:e4:26:93:dd:
21:c5:5f:dd:a7:74:38:50:3a:ad:c9:88:3d:c1:d4:
1d:68:40:9b:52:25:e9:97:e2:97:7f:f9:40:74:fd:
7b:2e:d0:fa:e6:62:8e:de:52:c0:09:46:f7:2a:4e:
72:b5:96:22:45:8b:5f:03:94:1f:32:5e:da:1b:ef:
fd:46:7b:83:05:c9:9b:b3:7d:ee:d9:38:2b:30:30:
ea:4d:89:a7:43:12:06:74:a0:ed:c6:28:3c:06:63:
23:ab:67:e3:f0:15:97:13:5d:5a:3e:cf:f9:12:a2:
48:3a:36:79:25:73:b5:e2:25:a0:69:ec:5c:b8:b8:
33:5e:b0:da:b1:7d:ca:77:00:31:41:a1:b1:85:f0:
53:72:fc:e1:44:1f:3e:13:80:9b:51:31:61:1d:dd:
ae:15:d3:86:a0:43:32:4b:63:22:16:cd:6c:72:02:
f4:97:7f:2d:35:81:98:3e:98:50:e5:50:33:74:cd:
b2:20:37:ea:cd:81:d9:c8:c7:5a:55:60:55:bd:45:
72:5e:53:d7:6d:a1:be:23:ea:5b:b0:ae:30:a7:42:
a8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:BC:CD:CA:39:00:27:15:45:D0:6D:F0:CE:5B:FF:1F:AB:47:ED:9E
X509v3 Authority Key Identifier:
keyid:E3:78:A9:4B:99:64:EA:5E:9F:8B:05:93:87:02:BA:58:31:6B:50:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/43ipS5lk6l6fiwWThwK6WDFrUA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/KLzNyjkAJxVF0G3wzlv_H6tH7Z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6a5e8c-d831-41e3-84e5-f42176cd0445/1/43ipS5lk6l6fiwWThwK6WDFrUA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.112.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:dc:b8:b3:5c:71:f7:e2:b6:cf:9d:3e:12:37:0d:b4:08:51:
0b:91:6d:92:c0:67:a1:5b:c7:00:77:6e:e7:22:ba:10:06:77:
69:8f:da:68:b8:20:d4:a5:d7:48:80:2f:64:8d:20:4f:0a:aa:
9f:b8:12:15:1e:03:44:ad:77:5a:f7:b4:89:a4:29:4c:74:9e:
91:f5:76:f9:fd:39:99:0f:a6:b6:57:4a:0d:7b:55:9b:ca:c1:
3f:a0:22:9d:cc:4e:a4:67:2d:34:14:6f:23:22:d6:4f:14:f8:
40:a5:ae:73:c3:78:93:2f:1f:be:0c:03:ec:fc:b7:3e:6a:c9:
c4:01:7e:f2:47:d0:a8:aa:ee:bf:99:0f:f0:d6:d2:49:9e:20:
f2:01:e0:80:0a:56:dc:10:5c:f6:35:f1:2f:fd:6b:d9:56:12:
79:b3:8a:5f:ea:b1:83:cf:00:8a:13:0e:e8:6a:a0:02:01:b6:
08:49:34:7c:78:aa:f5:7e:77:fa:bd:33:5b:d1:87:06:cf:d7:
10:cf:e0:93:c0:7f:aa:b9:3a:86:16:6b:1e:2d:7b:ca:34:2b:
fa:c1:ff:a4:00:fc:8f:bb:ae:64:ff:9c:8c:85:39:82:f7:91:
11:e9:8c:45:51:41:65:a6:13:d7:d2:6d:a6:48:d2:9e:f4:b6:
cd:c2:b0:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbfEdg2+NSg3lQ0QLdg69aoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNzhhOTRiOTk2NGVhNWU5ZjhiMDU5Mzg3MDJiYTU4MzE2
YjUwMGYwHhcNMjMwMzE0MDc0MjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGJjY2RjYTM5MDAyNzE1NDVkMDZkZjBjZTViZmYxZmFiNDdlZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaBZRC8HMq6xYwKvBoOKlfILfhaW
F+h+KdoWBQ2a9i9ZJyLc2WwdU+Qmk90hxV/dp3Q4UDqtyYg9wdQdaECbUiXpl+KX
f/lAdP17LtD65mKO3lLACUb3Kk5ytZYiRYtfA5QfMl7aG+/9RnuDBcmbs33u2Tgr
MDDqTYmnQxIGdKDtxig8BmMjq2fj8BWXE11aPs/5EqJIOjZ5JXO14iWgaexcuLgz
XrDasX3KdwAxQaGxhfBTcvzhRB8+E4CbUTFhHd2uFdOGoEMyS2MiFs1scgL0l38t
NYGYPphQ5VAzdM2yIDfqzYHZyMdaVWBVvUVyXlPXbaG+I+pbsK4wp0Ko0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCi8zco5ACcVRdBt8M5b/x+rR+2eMB8GA1UdIwQY
MBaAFON4qUuZZOpen4sFk4cCulgxa1APMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDNpcFM1bGs2bDZmaXdXVGh3SzZXREZyVUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy82YTVlOGMtZDgzMS00MWUzLTg0ZTUt
ZjQyMTc2Y2QwNDQ1LzEvS0x6Tnlqa0FKeFZGMEczd3psdl9INnRIN1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy82YTVlOGMtZDgzMS00MWUzLTg0ZTUtZjQyMTc2Y2QwNDQ1
LzEvNDNpcFM1bGs2bDZmaXdXVGh3SzZXREZyVUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaFwMA0G
CSqGSIb3DQEBCwUAA4IBAQBd3LizXHH34rbPnT4SNw20CFELkW2SwGehW8cAd27n
IroQBndpj9pouCDUpddIgC9kjSBPCqqfuBIVHgNErXda97SJpClMdJ6R9Xb5/TmZ
D6a2V0oNe1WbysE/oCKdzE6kZy00FG8jItZPFPhApa5zw3iTLx++DAPs/Lc+asnE
AX7yR9Coqu6/mQ/w1tJJniDyAeCAClbcEFz2NfEv/WvZVhJ5s4pf6rGDzwCKEw7o
aqACAbYISTR8eKr1fnf6vTNb0YcGz9cQz+CTwH+quTqGFmseLXvKNCv6wf+kAPyP
u65k/5yMhTmC95ER6YxFUUFlphPX0m2mSNKe9LbNwrBp
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:26:39 2025 by rpki-client