Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/KtVxvH3JGW9pSAfX5_Z-cBcQZIQ.roa
File: KtVxvH3JGW9pSAfX5_Z-cBcQZIQ.roa (raw, json)
Hash identifier: RSpnN1JlteX2aDdHCXTPnpei+GNNvXfqYXLJi6GYGMg=
Subject key identifier: 2A:D5:71:BC:7D:C9:19:6F:69:48:07:D7:E7:F6:7E:70:17:10:64:84
Certificate issuer: /CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
Certificate serial: 018BF27A94F5D8F1A091F33BF623443904FD
Authority key identifier: A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/KtVxvH3JGW9pSAfX5_Z-cBcQZIQ.roa
Signing time: Tue 21 Nov 2023 15:23:21 +0000
ROA not before: Tue 21 Nov 2023 15:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6461
IP address blocks: 185.83.150.0/23 maxlen: 24
185.83.148.0/23 maxlen: 24
94.26.97.0/24 maxlen: 24
185.94.78.0/23 maxlen: 24
185.94.76.0/23 maxlen: 24
45.94.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f2:7a:94:f5:d8:f1:a0:91:f3:3b:f6:23:44:39:04:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
Validity
Not Before: Nov 21 15:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ad571bc7dc9196f694807d7e7f67e7017106484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1a:eb:00:d1:2a:13:f0:b3:e4:3a:37:aa:9b:
4c:d6:a6:37:fd:d2:b0:1b:94:aa:36:66:87:3d:21:
70:90:a7:ff:34:3b:65:c6:20:3a:4f:a3:05:f2:e6:
0c:a1:69:33:ea:5f:68:3c:95:43:df:57:da:a5:8a:
53:92:22:af:00:21:56:eb:80:88:f3:5d:16:3b:93:
2d:9b:7f:84:d2:e8:ec:b4:99:aa:cb:76:0b:18:4c:
3d:4d:b1:06:6b:0d:89:57:e9:7d:f2:7b:67:23:3e:
4a:e0:87:ea:fa:a5:f9:51:81:dc:e4:01:86:4c:9f:
02:d6:6b:92:cb:d7:68:5a:31:59:47:7e:6d:b0:fe:
d3:94:b9:1a:56:d0:3a:e5:8d:14:72:20:05:22:27:
46:84:5c:d4:4b:d6:a4:a8:74:69:83:8e:6b:54:12:
b6:ef:06:a1:a0:ae:3d:af:bc:e2:cc:d6:a1:fb:5e:
76:aa:8e:75:41:6d:fc:3f:fb:11:3a:13:74:6c:02:
e4:2c:1b:fc:24:ee:6b:83:6a:10:17:b4:05:fc:50:
d2:99:fd:b1:e9:05:87:4d:33:fb:4f:a1:06:fe:ff:
d5:86:8c:0f:b5:8f:41:c9:a0:d0:cd:a2:c4:96:2a:
43:42:1b:bc:fb:33:9f:20:19:46:25:31:45:e9:ac:
1f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D5:71:BC:7D:C9:19:6F:69:48:07:D7:E7:F6:7E:70:17:10:64:84
X509v3 Authority Key Identifier:
keyid:A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/KtVxvH3JGW9pSAfX5_Z-cBcQZIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.10.0/24
94.26.97.0/24
185.83.148.0/22
185.94.76.0/22
Signature Algorithm: sha256WithRSAEncryption
40:e5:0f:1c:a9:ee:35:97:b1:20:fc:ce:73:97:56:33:5b:92:
96:bc:12:95:a1:9a:57:94:cf:2e:66:a2:62:9d:88:27:30:03:
bb:0d:9d:0a:f7:b9:e9:f1:0e:a5:9c:cc:92:c6:2c:06:1d:2e:
38:c1:31:92:9a:9b:3a:75:43:ba:6e:19:5d:16:c0:52:38:a2:
0b:21:53:31:7f:74:44:31:51:2d:74:fb:88:d7:0b:5d:ab:83:
68:99:da:d4:e3:3f:6c:e9:34:d3:e8:44:5f:1c:1a:19:e9:e1:
44:c1:fa:b5:5e:d5:94:ac:4e:0f:be:21:a4:a4:9c:dd:3f:f5:
d2:de:95:1f:89:3d:28:e9:af:8f:f1:14:6f:56:d2:6a:75:eb:
4f:e6:9f:6b:66:6b:9f:da:38:3c:3a:2a:5b:23:0c:1e:68:12:
c0:d7:4d:c5:e9:7b:83:b4:2a:e8:ca:4f:1a:65:7f:4b:b8:c0:
53:80:49:e0:52:d5:76:ac:c6:d5:f9:93:64:bf:de:bd:1a:55:
15:ef:0c:07:b9:59:7d:f7:93:e0:df:97:1c:1b:c1:f6:34:bd:
c1:d3:57:8b:12:69:13:8f:a3:94:c1:20:8d:96:d4:0c:cd:c4:
d8:40:ed:fc:45:3e:22:a1:2e:47:65:ff:3e:84:e1:33:46:45:
e3:b0:89:c8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvyepT12PGgkfM79iNEOQT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OWM0ZTBjZjVjOGRiYmI2YTY3Y2YxZGEyZjMxZjQxNjI3
NDlmZGQwHhcNMjMxMTIxMTUyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQ1NzFiYzdkYzkxOTZmNjk0ODA3ZDdlN2Y2N2U3MDE3MTA2NDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhrrANEqE/Cz5Do3qptM1qY3/dKw
G5SqNmaHPSFwkKf/NDtlxiA6T6MF8uYMoWkz6l9oPJVD31fapYpTkiKvACFW64CI
810WO5Mtm3+E0ujstJmqy3YLGEw9TbEGaw2JV+l98ntnIz5K4Ifq+qX5UYHc5AGG
TJ8C1muSy9doWjFZR35tsP7TlLkaVtA65Y0UciAFIidGhFzUS9akqHRpg45rVBK2
7wahoK49r7zizNah+152qo51QW38P/sROhN0bALkLBv8JO5rg2oQF7QF/FDSmf2x
6QWHTTP7T6EG/v/VhowPtY9ByaDQzaLElipDQhu8+zOfIBlGJTFF6awfzQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCrVcbx9yRlvaUgH1+f2fnAXEGSEMB8GA1UdIwQY
MBaAFKScTgz1yNu7amfPHaLzH0FidJ/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMt
ODhlZDhkNzcxN2E0LzEvS3RWeHZIM0pHVzlwU0FmWDVfWi1jQmNRWklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMtODhlZDhkNzcxN2E0
LzEvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALV4KAwQA
XhphAwQCuVOUAwQCuV5MMA0GCSqGSIb3DQEBCwUAA4IBAQBA5Q8cqe41l7Eg/M5z
l1YzW5KWvBKVoZpXlM8uZqJinYgnMAO7DZ0K97np8Q6lnMySxiwGHS44wTGSmps6
dUO6bhldFsBSOKILIVMxf3REMVEtdPuI1wtdq4NomdrU4z9s6TTT6ERfHBoZ6eFE
wfq1XtWUrE4PviGkpJzdP/XS3pUfiT0o6a+P8RRvVtJqdetP5p9rZmuf2jg8Oipb
IwweaBLA103F6XuDtCroyk8aZX9LuMBTgEngUtV2rMbV+ZNkv969GlUV7wwHuVl9
95Pg35ccG8H2NL3B01eLEmkTj6OUwSCNltQMzcTYQO38RT4ioS5HZf8+hOEzRkXj
sInI
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:16:26 2025 by rpki-client