Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/kPhLp1AkVIj2PcpOWqC7Vo2b-iY.roa
File: kPhLp1AkVIj2PcpOWqC7Vo2b-iY.roa (raw, json)
Hash identifier: sQW1Cvzb0QFLYnsgbz8il9KncC2AnYvfAnMGIhQ7XyY=
Subject key identifier: 90:F8:4B:A7:50:24:54:88:F6:3D:CA:4E:5A:A0:BB:56:8D:9B:FA:26
Certificate issuer: /CN=195997a8bfc698b8eb9e8728ecaf12a527b357df
Certificate serial: 018732C92026CF271A6F7C99AB59A90588C9
Authority key identifier: 19:59:97:A8:BF:C6:98:B8:EB:9E:87:28:EC:AF:12:A5:27:B3:57:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GVmXqL_GmLjrnoco7K8SpSezV98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/kPhLp1AkVIj2PcpOWqC7Vo2b-iY.roa
Signing time: Thu 30 Mar 2023 13:50:54 +0000
ROA not before: Thu 30 Mar 2023 13:50:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202869
IP address blocks: 185.152.52.0/22 maxlen: 22
2a07:7f00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:32:c9:20:26:cf:27:1a:6f:7c:99:ab:59:a9:05:88:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=195997a8bfc698b8eb9e8728ecaf12a527b357df
Validity
Not Before: Mar 30 13:50:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90f84ba750245488f63dca4e5aa0bb568d9bfa26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0f:a7:d1:e9:0b:b4:8c:77:ff:fa:8e:bf:96:
98:ee:48:32:4c:3d:09:16:f8:cf:ff:89:8b:39:c4:
43:79:a5:23:2e:e4:68:b6:85:e1:0a:fd:eb:6f:e3:
4e:d5:d6:c2:a4:1a:d5:66:3e:98:61:10:e2:18:1a:
72:6d:f1:f9:c6:75:5f:c7:42:5d:38:60:88:0c:f8:
ee:60:68:fc:d9:84:9d:28:64:36:52:83:28:4c:06:
ae:2f:1f:e9:ec:ea:ea:82:c0:03:e5:02:66:9f:60:
fe:76:7b:35:38:ed:9a:bc:43:87:fa:40:9e:55:b6:
bc:7a:82:72:27:60:0a:b9:4e:73:a3:c5:6a:44:64:
e1:c4:d3:be:6a:90:9c:47:91:aa:21:65:35:1e:b9:
f5:15:f7:05:fc:32:c2:3c:3a:0e:0f:28:82:e6:8c:
87:74:03:98:45:8e:fe:a1:d4:99:f7:b8:9c:4d:41:
94:da:6c:ab:82:f7:19:52:9b:82:8b:0e:73:68:40:
d8:ef:9f:f1:89:8d:dd:af:b4:95:50:06:a7:d8:df:
c2:0e:64:82:5c:35:bf:ee:4c:bd:e5:98:f6:19:cd:
53:c0:ff:92:05:c3:1d:d4:6e:26:40:a7:eb:4b:24:
02:1e:f2:bb:92:0d:28:8b:50:2f:14:04:3d:51:ae:
aa:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F8:4B:A7:50:24:54:88:F6:3D:CA:4E:5A:A0:BB:56:8D:9B:FA:26
X509v3 Authority Key Identifier:
keyid:19:59:97:A8:BF:C6:98:B8:EB:9E:87:28:EC:AF:12:A5:27:B3:57:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GVmXqL_GmLjrnoco7K8SpSezV98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/kPhLp1AkVIj2PcpOWqC7Vo2b-iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/GVmXqL_GmLjrnoco7K8SpSezV98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.52.0/22
IPv6:
2a07:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
3a:c8:b6:23:01:1e:39:a8:89:0a:1e:db:a8:7e:a3:df:f4:22:
1d:6f:67:bc:1f:5e:71:2a:a4:ba:7b:37:0d:6f:cd:c4:9b:06:
b6:8d:d8:13:de:20:6e:18:1e:d7:fd:9d:20:73:88:ca:0f:99:
e8:02:18:8e:5b:b1:f9:63:32:02:c3:8a:79:35:7e:47:3f:f1:
1a:c5:af:84:82:e4:a4:c5:5e:ae:1b:20:1b:01:26:ee:2a:fb:
66:4e:28:56:4f:64:29:ba:5c:e8:69:e4:fb:e5:63:02:43:63:
a6:a3:85:0c:3e:0a:08:a9:e3:61:f0:5f:71:9c:a0:0a:b3:cb:
eb:e5:95:93:cf:77:43:b4:0d:bb:de:a0:e4:9f:4a:14:39:bd:
d2:6f:fe:1d:27:13:b8:02:df:53:41:a7:02:0a:1a:44:38:f7:
3d:e0:70:4b:f8:b6:0b:b8:5a:ed:eb:0f:05:75:61:29:8e:eb:
bf:e3:73:53:84:9c:cb:e0:2d:ef:e0:eb:89:3e:ef:62:2d:ac:
f9:3f:43:9b:cd:6a:c3:41:16:90:29:a6:b3:9f:37:97:a4:19:
67:92:88:53:95:c3:2e:ef:0b:90:a6:ea:d7:a5:90:ab:a8:3d:
dc:22:29:6a:3a:9b:8d:76:bc:a5:0e:03:b7:23:3f:41:6a:e7:
55:64:09:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYcyySAmzycab3yZq1mpBYjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NTk5N2E4YmZjNjk4YjhlYjllODcyOGVjYWYxMmE1Mjdi
MzU3ZGYwHhcNMjMwMzMwMTM1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGY4NGJhNzUwMjQ1NDg4ZjYzZGNhNGU1YWEwYmI1NjhkOWJmYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoA+n0ekLtIx3//qOv5aY7kgyTD0J
FvjP/4mLOcRDeaUjLuRotoXhCv3rb+NO1dbCpBrVZj6YYRDiGBpybfH5xnVfx0Jd
OGCIDPjuYGj82YSdKGQ2UoMoTAauLx/p7OrqgsAD5QJmn2D+dns1OO2avEOH+kCe
Vba8eoJyJ2AKuU5zo8VqRGThxNO+apCcR5GqIWU1Hrn1FfcF/DLCPDoODyiC5oyH
dAOYRY7+odSZ97icTUGU2myrgvcZUpuCiw5zaEDY75/xiY3dr7SVUAan2N/CDmSC
XDW/7ky95Zj2Gc1TwP+SBcMd1G4mQKfrSyQCHvK7kg0oi1AvFAQ9Ua6qGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJD4S6dQJFSI9j3KTlqgu1aNm/omMB8GA1UdIwQY
MBaAFBlZl6i/xpi4656HKOyvEqUns1ffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1ZtWHFMX0dtTGpybm9jbzdLOFNwU2V6Vjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82Y2RiNjMtOWNmZC00OTg0LTg3N2Ut
MDkyMTAyMTI3MTRjLzEva1BoTHAxQWtWSWoyUGNwT1dxQzdWbzJiLWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82Y2RiNjMtOWNmZC00OTg0LTg3N2UtMDkyMTAyMTI3MTRj
LzEvR1ZtWHFMX0dtTGpybm9jbzdLOFNwU2V6Vjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZg0MA0E
AgACMAcDBQMqB38AMA0GCSqGSIb3DQEBCwUAA4IBAQA6yLYjAR45qIkKHtuofqPf
9CIdb2e8H15xKqS6ezcNb83Emwa2jdgT3iBuGB7X/Z0gc4jKD5noAhiOW7H5YzIC
w4p5NX5HP/Eaxa+EguSkxV6uGyAbASbuKvtmTihWT2QpulzoaeT75WMCQ2Omo4UM
PgoIqeNh8F9xnKAKs8vr5ZWTz3dDtA273qDkn0oUOb3Sb/4dJxO4At9TQacCChpE
OPc94HBL+LYLuFrt6w8FdWEpjuu/43NThJzL4C3v4OuJPu9iLaz5P0ObzWrDQRaQ
KaaznzeXpBlnkohTlcMu7wuQpurXpZCrqD3cIilqOpuNdrylDgO3Iz9BaudVZAlD
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:06 2025 by rpki-client