Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/ktlSTBouejkhspWZAq1q3phtHKg.roa
File: ktlSTBouejkhspWZAq1q3phtHKg.roa (raw, json)
Hash identifier: VMOVFn/nfaGMMyvMt7Dzi2VYU64pr23TRLOtaOd+ax4=
Subject key identifier: 92:D9:52:4C:1A:2E:7A:39:21:B2:95:99:02:AD:6A:DE:98:6D:1C:A8
Certificate issuer: /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial: 01856C1CC2DF4CC16B86CB6A2848A89D86CB
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/ktlSTBouejkhspWZAq1q3phtHKg.roa
Signing time: Sun 01 Jan 2023 06:55:02 +0000
ROA not before: Sun 01 Jan 2023 06:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12618
IP address blocks: 89.191.144.0/20 maxlen: 23
46.239.144.0/20 maxlen: 20
94.141.128.0/19 maxlen: 19
46.238.248.0/21 maxlen: 21
212.122.216.0/22 maxlen: 22
212.122.220.0/22 maxlen: 22
46.238.192.0/19 maxlen: 19
46.239.160.0/19 maxlen: 19
46.238.224.0/22 maxlen: 22
46.238.232.0/22 maxlen: 22
46.238.228.0/22 maxlen: 22
46.238.239.0/24 maxlen: 24
2001:90e::/32 maxlen: 32
2001:90c::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:c2:df:4c:c1:6b:86:cb:6a:28:48:a8:9d:86:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Validity
Not Before: Jan 1 06:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92d9524c1a2e7a3921b2959902ad6ade986d1ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:07:f2:94:d8:4c:d1:d6:8b:fc:2a:72:db:c4:
9f:70:f5:bb:00:35:a1:4b:c6:6a:b5:1c:ad:61:00:
57:d7:ae:d6:e0:a2:35:42:ae:0a:66:3d:86:55:51:
51:21:b2:a3:3c:28:02:9b:77:ff:11:46:7c:a8:62:
f7:c7:a6:3b:91:9e:c6:7f:10:6d:91:08:15:e0:a3:
a8:9b:04:fc:e7:1d:83:c5:1f:ee:40:8b:33:3e:b3:
eb:33:cd:14:72:e1:3a:f2:47:8e:32:f2:76:d7:33:
fc:2b:ec:87:cb:9f:7a:62:d7:f1:31:ca:66:e0:15:
2f:b2:99:bc:96:de:9b:31:d7:73:af:a3:ab:1d:99:
1d:d1:67:0e:62:92:83:c6:8a:79:3c:3d:e2:63:b7:
20:c8:5a:f2:b7:44:c5:7a:49:5c:66:be:2f:e8:a3:
0c:7a:3e:8e:bf:51:11:20:9d:4b:05:5e:3f:2e:91:
58:e1:e6:eb:72:40:18:6e:d4:f8:18:1e:49:47:bc:
e9:85:16:df:11:4b:ad:af:d2:2a:75:dc:78:f6:98:
6b:b0:e5:9d:45:b9:d6:f0:e2:9b:49:6e:40:17:51:
e3:21:53:d2:68:48:25:81:9b:cc:7e:b8:92:b4:4f:
ac:aa:41:5b:61:df:e8:cc:0b:6d:4b:fa:77:a8:ec:
15:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:D9:52:4C:1A:2E:7A:39:21:B2:95:99:02:AD:6A:DE:98:6D:1C:A8
X509v3 Authority Key Identifier:
keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/ktlSTBouejkhspWZAq1q3phtHKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.238.192.0-46.238.235.255
46.238.239.0/24
46.238.248.0/21
46.239.144.0-46.239.191.255
89.191.144.0/20
94.141.128.0/19
212.122.216.0/21
IPv6:
2001:90c::-2001:90e:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ae:f6:13:c8:96:fc:95:20:56:84:c9:6a:fc:38:c6:83:4a:84:
72:68:77:c8:86:89:88:97:0a:f9:36:c2:fa:95:3e:fd:17:32:
f9:21:98:90:a6:a8:a2:78:44:2c:8f:25:98:21:6f:56:1e:4e:
80:e4:22:22:f3:65:af:7b:48:93:eb:66:e4:e7:6a:6c:d5:aa:
f3:2c:7a:9e:15:59:62:b6:f4:a1:c6:a2:6b:d7:ab:e0:e8:0b:
50:6f:7c:79:ca:d9:17:91:30:64:3b:d4:25:53:74:76:dc:ae:
23:63:1f:2f:0a:32:1b:ef:50:6d:46:19:e3:b1:87:37:fc:4b:
34:8e:b7:7a:b0:fd:5e:6e:26:72:a2:bc:4a:98:0b:9e:3b:05:
13:3e:06:19:c3:45:5d:5b:51:fc:a0:3b:2c:83:a6:2a:d1:ef:
d4:74:79:53:e7:fc:b8:b3:d5:8f:c1:72:3a:b5:3e:ca:e3:07:
44:84:28:a8:d7:73:b2:53:8c:1f:4c:6e:bb:66:fc:af:c9:50:
9c:3c:99:fa:d3:a8:b7:42:73:07:d0:0e:c6:61:87:af:66:2b:
19:50:bd:6c:d4:14:94:4b:08:9b:24:8e:56:ff:ae:4d:c2:6a:
57:5e:62:79:f0:61:b7:c3:98:8d:59:8a:ae:67:8f:a9:f4:c5:
8a:48:62:d4
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYVsHMLfTMFrhstqKEionYbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZThmNTZiYzFmNTAxMDI5MTY4MWJjMmQ4YzAyZjlhY2Jm
NzE0YTAwHhcNMjMwMTAxMDY1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmQ5NTI0YzFhMmU3YTM5MjFiMjk1OTkwMmFkNmFkZTk4NmQxY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgfylNhM0daL/Cpy28SfcPW7ADWh
S8ZqtRytYQBX167W4KI1Qq4KZj2GVVFRIbKjPCgCm3f/EUZ8qGL3x6Y7kZ7GfxBt
kQgV4KOomwT85x2DxR/uQIszPrPrM80UcuE68keOMvJ21zP8K+yHy596YtfxMcpm
4BUvspm8lt6bMddzr6OrHZkd0WcOYpKDxop5PD3iY7cgyFryt0TFeklcZr4v6KMM
ej6Ov1ERIJ1LBV4/LpFY4ebrckAYbtT4GB5JR7zphRbfEUutr9Iqddx49phrsOWd
RbnW8OKbSW5AF1HjIVPSaEglgZvMfriStE+sqkFbYd/ozAttS/p3qOwVzwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFJLZUkwaLno5IbKVmQKtat6YbRyoMB8GA1UdIwQY
MBaAFOLo9WvB9QECkWgbwtjAL5rL9xSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTct
NDQ3ZWRjNGY5YWY2LzEva3RsU1RCb3Vlamtoc3BXWkFxMXEzcGh0SEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTctNDQ3ZWRjNGY5YWY2
LzEvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBABAIAATA6MAwDBAYu7sAD
BAIu7ugDBAAu7u8DBAMu7vgwDAMEBC7vkAMEBi7vgAMEBFm/kAMEBV6NgAMEA9R6
2DAWBAIAAjAQMA4DBQIgAQkMAwUAIAEJDjANBgkqhkiG9w0BAQsFAAOCAQEArvYT
yJb8lSBWhMlq/DjGg0qEcmh3yIaJiJcK+TbC+pU+/Rcy+SGYkKaoonhELI8lmCFv
Vh5OgOQiIvNlr3tIk+tm5OdqbNWq8yx6nhVZYrb0ocaia9er4OgLUG98ecrZF5Ew
ZDvUJVN0dtyuI2MfLwoyG+9QbUYZ47GHN/xLNI63erD9Xm4mcqK8SpgLnjsFEz4G
GcNFXVtR/KA7LIOmKtHv1HR5U+f8uLPVj8FyOrU+yuMHRIQoqNdzslOMH0xuu2b8
r8lQnDyZ+tOot0JzB9AOxmGHr2YrGVC9bNQUlEsImySOVv+uTcJqV15iefBht8OY
jVmKrmePqfTFikhi1A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:49 2025 by rpki-client