Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/kEKupn91E_v0hTe5_Dz0fuPbwZA.roa
File: kEKupn91E_v0hTe5_Dz0fuPbwZA.roa (raw, json)
Hash identifier: TaNtkuZtxTYlUkqZyo2ycfQxF5aoYUQ07N2rR7HfxOA=
Subject key identifier: 90:42:AE:A6:7F:75:13:FB:F4:85:37:B9:FC:3C:F4:7E:E3:DB:C1:90
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 01854D6A7A7FD13090CCF9062405096288BC
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/kEKupn91E_v0hTe5_Dz0fuPbwZA.roa
Signing time: Mon 26 Dec 2022 07:51:41 +0000
ROA not before: Mon 26 Dec 2022 07:51:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 94.176.212.0/24 maxlen: 24
89.34.239.0/24 maxlen: 24
77.81.103.0/24 maxlen: 24
89.43.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4d:6a:7a:7f:d1:30:90:cc:f9:06:24:05:09:62:88:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Dec 26 07:51:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9042aea67f7513fbf48537b9fc3cf47ee3dbc190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3f:91:8d:96:fd:de:e7:b4:45:3b:a2:cc:59:
65:1c:66:36:54:44:23:58:09:64:c1:ad:08:25:15:
d3:b6:ef:bf:ac:18:33:1a:e7:7d:72:29:37:12:5f:
77:4a:31:74:fd:ff:20:66:3b:2e:2b:c5:09:c1:b9:
e9:7d:97:9a:3e:cd:55:07:ac:ed:b9:2b:c9:e1:55:
64:07:1d:e6:f1:0c:45:2f:5d:1c:25:cc:99:85:1c:
d7:44:b5:f4:75:f7:6f:cd:38:5a:9e:e4:8c:d3:2d:
ee:56:eb:80:f2:6a:07:aa:18:30:7e:87:0f:81:bd:
73:56:35:28:11:73:8e:a6:46:03:62:e1:cf:ca:67:
5c:cf:94:73:de:ca:b7:56:c0:c1:95:0a:13:d6:25:
53:45:a9:ed:36:f8:30:71:78:61:6d:a4:75:75:f2:
f7:d2:b0:e4:80:78:71:0c:ea:11:c2:95:74:29:ec:
9b:70:30:a2:13:3d:c1:f0:6f:a0:21:46:17:72:4b:
f3:5e:c1:70:ec:87:b9:74:03:1a:dd:f9:3b:db:03:
50:01:3c:cf:47:51:ae:61:78:a6:ac:1b:d3:3a:db:
ef:c1:ff:3d:73:d9:0f:aa:c7:05:42:a6:fe:d9:d6:
25:5e:d8:60:e9:a5:87:f3:12:12:83:da:a7:96:69:
c6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:42:AE:A6:7F:75:13:FB:F4:85:37:B9:FC:3C:F4:7E:E3:DB:C1:90
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/kEKupn91E_v0hTe5_Dz0fuPbwZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.103.0/24
89.34.239.0/24
89.43.34.0/24
94.176.212.0/24
Signature Algorithm: sha256WithRSAEncryption
25:1f:2e:ac:e1:fb:8f:fd:2c:b3:e4:88:9b:6c:07:5a:7f:8c:
ce:bd:ba:75:c6:d6:19:8b:f7:13:d5:c2:d7:b1:54:91:20:2d:
98:c2:8a:be:67:ea:bc:28:e6:c5:ee:58:0a:40:18:54:66:90:
97:d5:37:77:a8:76:87:e4:eb:e6:44:b4:c8:95:01:fd:fa:0a:
f1:3e:c8:24:fa:89:23:af:35:30:cb:ae:9a:c9:12:eb:4e:57:
db:0d:52:ed:df:0b:9b:90:73:c6:e3:1d:5e:08:09:4c:30:98:
b4:0f:73:72:57:ac:1e:31:d4:47:f4:69:f9:c5:24:26:12:1a:
13:74:41:83:3b:68:c6:10:ce:ae:d7:17:fc:84:3e:3d:a8:27:
0c:ab:6b:86:2c:03:84:08:d1:5c:f8:60:f7:b0:ab:1c:67:b3:
83:9a:19:49:97:5c:cb:05:30:e7:1d:45:8d:c4:e5:6f:5a:09:
5a:d4:3d:01:d4:b1:67:07:3a:1b:76:56:40:27:86:74:99:fe:
1a:7c:d1:36:4a:bc:8a:92:33:75:ca:93:71:f6:c3:2f:bf:3d:
df:59:5b:00:47:cc:c9:99:33:89:dd:50:df:91:2e:f7:38:2e:
13:c2:9a:34:7f:5a:5b:6c:6a:6e:dd:c4:73:f8:59:19:0e:15:
4b:3f:9a:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVNanp/0TCQzPkGJAUJYoi8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjIxMjI2MDc1MTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDQyYWVhNjdmNzUxM2ZiZjQ4NTM3YjlmYzNjZjQ3ZWUzZGJjMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnz+RjZb93ue0RTuizFllHGY2VEQj
WAlkwa0IJRXTtu+/rBgzGud9cik3El93SjF0/f8gZjsuK8UJwbnpfZeaPs1VB6zt
uSvJ4VVkBx3m8QxFL10cJcyZhRzXRLX0dfdvzThanuSM0y3uVuuA8moHqhgwfocP
gb1zVjUoEXOOpkYDYuHPymdcz5Rz3sq3VsDBlQoT1iVTRantNvgwcXhhbaR1dfL3
0rDkgHhxDOoRwpV0KeybcDCiEz3B8G+gIUYXckvzXsFw7Ie5dAMa3fk72wNQATzP
R1GuYXimrBvTOtvvwf89c9kPqscFQqb+2dYlXthg6aWH8xISg9qnlmnGywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJBCrqZ/dRP79IU3ufw89H7j28GQMB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEva0VLdXBuOTFFX3YwaFRlNV9EejBmdVBid1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVFnAwQA
WSLvAwQAWSsiAwQAXrDUMA0GCSqGSIb3DQEBCwUAA4IBAQAlHy6s4fuP/Syz5Iib
bAdaf4zOvbp1xtYZi/cT1cLXsVSRIC2Ywoq+Z+q8KObF7lgKQBhUZpCX1Td3qHaH
5OvmRLTIlQH9+grxPsgk+okjrzUwy66ayRLrTlfbDVLt3wubkHPG4x1eCAlMMJi0
D3NyV6weMdRH9Gn5xSQmEhoTdEGDO2jGEM6u1xf8hD49qCcMq2uGLAOECNFc+GD3
sKscZ7ODmhlJl1zLBTDnHUWNxOVvWgla1D0B1LFnBzobdlZAJ4Z0mf4afNE2SryK
kjN1ypNx9sMvvz3fWVsAR8zJmTOJ3VDfkS73OC4Twpo0f1pbbGpu3cRz+FkZDhVL
P5rO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:07 2025 by rpki-client