Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/ecaa96-9af6-4b99-957f-6b7599fcdc33/1/KhB8xGj8cMhes25E7ONLD8S7UvU.roa
File: KhB8xGj8cMhes25E7ONLD8S7UvU.roa (raw, json)
Hash identifier: Ez0SrtH1FpPS0szxA3ryOMdzEhyKo6dXEXbD6KerpbQ=
Subject key identifier: 2A:10:7C:C4:68:FC:70:C8:5E:B3:6E:44:EC:E3:4B:0F:C4:BB:52:F5
Certificate issuer: /CN=810cd50db437c789464cb64dfabfe405ca981b1a
Certificate serial: 345A2B55
Authority key identifier: 81:0C:D5:0D:B4:37:C7:89:46:4C:B6:4D:FA:BF:E4:05:CA:98:1B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQzVDbQ3x4lGTLZN-r_kBcqYGxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/ecaa96-9af6-4b99-957f-6b7599fcdc33/1/KhB8xGj8cMhes25E7ONLD8S7UvU.roa
Signing time: Sat 01 Jan 2022 04:53:11 +0000
ROA not before: Sat 01 Jan 2022 04:53:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44999
IP address blocks: 93.188.120.0/21 maxlen: 24
176.62.216.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 878324565 (0x345a2b55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=810cd50db437c789464cb64dfabfe405ca981b1a
Validity
Not Before: Jan 1 04:53:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a107cc468fc70c85eb36e44ece34b0fc4bb52f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:79:a8:d5:85:20:7b:d2:e1:a6:91:36:de:49:
8c:51:d5:54:63:29:d1:08:11:32:f1:ba:69:79:34:
1b:09:2e:e5:32:ce:57:9b:82:ff:f2:92:59:20:16:
4a:a5:01:86:5e:f6:d9:33:46:ad:06:37:42:34:99:
d8:0a:1b:e1:2a:5f:fe:25:e8:d2:6d:b4:41:16:f2:
3c:da:c4:07:7a:39:57:cb:c1:42:ad:c9:01:f6:f9:
12:bd:b7:93:6b:cc:fe:76:01:3b:23:ba:05:64:0c:
9a:b8:fa:e6:72:b5:10:78:f8:cc:3c:7a:46:d8:2d:
04:db:e3:e0:7b:d1:34:33:6b:73:77:a0:b9:20:42:
99:50:d8:ce:8e:d6:56:39:a5:35:f8:58:51:24:9a:
50:bf:aa:0d:e5:fd:2c:91:35:9b:ae:63:0e:75:93:
1c:3f:62:cd:f4:6e:67:81:dc:5a:74:aa:71:dd:ac:
48:20:2b:fd:63:a2:1c:8a:b1:db:a4:b0:f8:5d:f8:
b4:67:94:52:99:b2:f6:50:d2:b8:34:a7:80:6c:2f:
c6:e2:f9:39:bb:90:28:17:04:db:f3:c2:ec:9e:ac:
35:59:0c:f4:2f:41:24:c8:38:74:fe:59:3d:7b:9f:
5b:b7:46:d9:b4:ad:80:ee:39:b5:84:aa:f0:51:8b:
90:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:10:7C:C4:68:FC:70:C8:5E:B3:6E:44:EC:E3:4B:0F:C4:BB:52:F5
X509v3 Authority Key Identifier:
keyid:81:0C:D5:0D:B4:37:C7:89:46:4C:B6:4D:FA:BF:E4:05:CA:98:1B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQzVDbQ3x4lGTLZN-r_kBcqYGxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ecaa96-9af6-4b99-957f-6b7599fcdc33/1/KhB8xGj8cMhes25E7ONLD8S7UvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ecaa96-9af6-4b99-957f-6b7599fcdc33/1/gQzVDbQ3x4lGTLZN-r_kBcqYGxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.120.0/21
176.62.216.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:34:8d:15:59:57:40:1a:97:5c:0b:cd:15:59:89:3a:9d:23:
df:ff:6c:57:f1:1a:15:90:0b:55:07:48:79:a8:06:72:73:2b:
46:4a:27:5c:96:89:32:13:99:c2:0d:aa:49:bc:ad:6d:02:e2:
d2:fc:97:24:24:59:ed:e4:4c:5c:0c:3c:83:ad:ee:c7:87:46:
f9:a4:f5:96:30:60:8d:78:eb:f8:29:58:76:d4:a2:93:6c:0f:
3d:f0:95:77:c5:87:d7:c3:66:89:c0:35:b8:e3:2e:30:1a:0f:
f2:f8:8d:61:5b:4e:5a:77:7e:ca:85:df:0d:6f:b1:69:f2:45:
53:79:9a:b5:46:32:eb:1c:e4:b4:08:9f:9b:73:89:a5:ec:71:
dd:1f:3d:1b:fe:27:7d:80:82:6e:f7:66:aa:d6:0b:92:89:87:
72:31:0d:fb:ce:28:be:d3:18:0a:93:14:7c:5d:ec:4e:54:a3:
c0:0f:88:25:21:16:51:50:d0:ff:b1:3b:e0:d8:5e:a0:f9:ee:
83:a7:b5:d9:f7:55:0e:4c:00:cc:fb:bf:1f:17:2c:82:b6:1e:
e0:fa:47:2c:ee:79:76:f2:96:ab:14:6e:8b:c1:f7:72:a2:56:
44:8b:59:fe:6c:65:15:c4:d2:b4:e6:c1:34:3b:51:69:79:16:
6c:13:79:ca
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENForVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTBjZDUwZGI0MzdjNzg5NDY0Y2I2NGRmYWJmZTQwNWNhOTgxYjFhMB4XDTIyMDEw
MTA0NTMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmExMDdjYzQ2OGZj
NzBjODVlYjM2ZTQ0ZWNlMzRiMGZjNGJiNTJmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMV5qNWFIHvS4aaRNt5JjFHVVGMp0QgRMvG6aXk0Gwku5TLO
V5uC//KSWSAWSqUBhl722TNGrQY3QjSZ2Aob4Spf/iXo0m20QRbyPNrEB3o5V8vB
Qq3JAfb5Er23k2vM/nYBOyO6BWQMmrj65nK1EHj4zDx6RtgtBNvj4HvRNDNrc3eg
uSBCmVDYzo7WVjmlNfhYUSSaUL+qDeX9LJE1m65jDnWTHD9izfRuZ4HcWnSqcd2s
SCAr/WOiHIqx26Sw+F34tGeUUpmy9lDSuDSngGwvxuL5ObuQKBcE2/PC7J6sNVkM
9C9BJMg4dP5ZPXufW7dG2bStgO45tYSq8FGLkCUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQqEHzEaPxwyF6zbkTs40sPxLtS9TAfBgNVHSMEGDAWgBSBDNUNtDfHiUZM
tk36v+QFypgbGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dRelZEYlEzeDRsR1RMWk4tcl9rQmNxWUd4by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvZWNhYTk2LTlhZjYtNGI5OS05NTdmLTZiNzU5OWZjZGMzMy8x
L0toQjh4R2o4Y01oZXMyNUU3T05MRDhTN1V2VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
ZWNhYTk2LTlhZjYtNGI5OS05NTdmLTZiNzU5OWZjZGMzMy8xL2dRelZEYlEzeDRs
R1RMWk4tcl9rQmNxWUd4by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA128eAMEA7A+2DANBgkqhkiG9w0B
AQsFAAOCAQEAWjSNFVlXQBqXXAvNFVmJOp0j3/9sV/EaFZALVQdIeagGcnMrRkon
XJaJMhOZwg2qSbytbQLi0vyXJCRZ7eRMXAw8g63ux4dG+aT1ljBgjXjr+ClYdtSi
k2wPPfCVd8WH18NmicA1uOMuMBoP8viNYVtOWnd+yoXfDW+xafJFU3matUYy6xzk
tAifm3OJpexx3R89G/4nfYCCbvdmqtYLkomHcjEN+84ovtMYCpMUfF3sTlSjwA+I
JSEWUVDQ/7E74NheoPnug6e12fdVDkwAzPu/HxcsgrYe4PpHLO55dvKWqxRui8H3
cqJWRItZ/mxlFcTStObBNDtRaXkWbBN5yg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:27:35 2025 by rpki-client