Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/lk8Kbm2tYj8vf0OTw2KcUSWY7Sw.roa
File: lk8Kbm2tYj8vf0OTw2KcUSWY7Sw.roa (raw, json)
Hash identifier: 0KK7/0D4h1VAh/LhancthLwcVR4YbwSRwMbB63kRn90=
Subject key identifier: 96:4F:0A:6E:6D:AD:62:3F:2F:7F:43:93:C3:62:9C:51:25:98:ED:2C
Certificate issuer: /CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Certificate serial: 01856F42D16D31BE03FAD99AE777811B7E0E
Authority key identifier: 6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/lk8Kbm2tYj8vf0OTw2KcUSWY7Sw.roa
Signing time: Sun 01 Jan 2023 21:35:28 +0000
ROA not before: Sun 01 Jan 2023 21:35:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47527
IP address blocks: 185.126.152.0/23 maxlen: 23
91.223.235.0/24 maxlen: 24
185.208.212.0/22 maxlen: 24
194.247.61.0/24 maxlen: 24
62.69.152.0/21 maxlen: 21
46.30.120.0/21 maxlen: 21
2a00:1b18::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d1:6d:31:be:03:fa:d9:9a:e7:77:81:1b:7e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Validity
Not Before: Jan 1 21:35:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=964f0a6e6dad623f2f7f4393c3629c512598ed2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:47:db:b5:bf:5a:a1:09:75:25:36:c4:00:37:
10:64:1d:0e:5a:4d:30:36:7e:3e:e3:4f:58:b5:c1:
91:fe:93:7d:c3:e9:dd:6b:3f:b7:c6:72:e2:5e:f7:
b1:f0:57:55:96:99:9a:1c:d6:8d:ce:b9:e9:77:24:
f8:70:ea:d1:9d:86:35:48:82:77:5a:cd:cd:d3:8e:
d7:3f:35:22:f3:ed:12:20:3c:ba:b1:27:87:5a:fd:
40:1d:c6:ef:80:8e:88:0d:dd:4e:9e:99:8e:08:da:
0a:6e:22:a4:92:32:09:cf:b0:7f:e6:9f:ca:25:ca:
92:b0:bc:c5:9a:5c:bd:3a:6a:b0:c5:6b:56:24:f8:
be:eb:3c:bc:82:7c:ca:a2:0b:b1:4b:a7:5f:89:c1:
46:28:1b:15:04:55:a3:67:0a:12:48:69:5e:42:8c:
dd:a1:02:84:99:81:72:3d:71:ad:4a:d1:04:39:bb:
04:84:cf:c0:f9:63:df:c8:c9:4f:17:71:ad:32:b2:
46:46:5b:70:30:de:2d:cc:b2:24:d8:4f:2a:bd:fa:
6e:c0:1f:ea:86:b3:e3:a6:44:a0:a1:af:f0:3d:72:
5a:88:6b:df:92:ce:a8:85:11:46:6c:d8:42:92:bc:
05:e0:c6:25:5e:e9:c0:43:8c:24:21:26:b8:5a:ac:
97:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:4F:0A:6E:6D:AD:62:3F:2F:7F:43:93:C3:62:9C:51:25:98:ED:2C
X509v3 Authority Key Identifier:
keyid:6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/lk8Kbm2tYj8vf0OTw2KcUSWY7Sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/bF5O9VFnmf_guxuDkxfb01W7eps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.120.0/21
62.69.152.0/21
91.223.235.0/24
185.126.152.0/23
185.208.212.0/22
194.247.61.0/24
IPv6:
2a00:1b18::/29
Signature Algorithm: sha256WithRSAEncryption
70:5f:3e:64:ab:19:16:0f:e8:aa:73:06:5f:92:1b:c1:1b:8b:
0e:59:3c:ec:19:d9:bf:9a:ce:88:bf:96:04:c4:fa:8d:bd:e0:
5a:2e:3c:bb:d2:38:06:3a:1f:41:66:e7:bf:67:ae:bb:6a:23:
cb:8f:bf:f4:50:3f:d3:b5:64:f6:99:86:00:80:fe:ae:7e:5c:
b0:e8:2b:06:84:c1:de:c3:f3:12:c7:b5:72:28:2b:1c:34:e0:
d3:84:99:cb:7b:bc:36:59:ac:cc:84:b6:c3:11:f6:d7:17:1f:
7b:ab:a1:b1:74:0f:86:94:0d:11:1a:51:c1:bd:59:4b:5a:66:
ec:73:4e:52:51:b9:f8:79:9b:c0:19:eb:0e:76:a4:c8:4b:47:
a3:cb:51:32:7f:33:ca:58:62:fa:b9:38:95:2f:b2:c4:a5:d0:
22:8c:9b:f6:ae:dc:f1:ef:0d:a8:5d:69:75:87:eb:55:33:61:
f1:22:4d:dd:9e:cb:5e:65:85:0f:d9:c1:ab:23:df:bd:e2:e7:
55:5c:4a:b9:56:bf:43:b6:49:95:66:c7:25:10:82:77:e7:b7:
c3:00:72:30:0f:76:32:e6:67:34:88:57:c6:2d:1c:1c:bb:6c:
0d:41:50:ce:9f:c0:c0:52:44:24:ce:3e:a7:0e:88:c0:94:e8:
76:8e:f9:72
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVvQtFtMb4D+tma53eBG34OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNWU0ZWY1NTE2Nzk5ZmZlMGJiMWI4MzkzMTdkYmQzNTVi
YjdhOWIwHhcNMjMwMTAxMjEzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjRmMGE2ZTZkYWQ2MjNmMmY3ZjQzOTNjMzYyOWM1MTI1OThlZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUfbtb9aoQl1JTbEADcQZB0OWk0w
Nn4+409YtcGR/pN9w+ndaz+3xnLiXvex8FdVlpmaHNaNzrnpdyT4cOrRnYY1SIJ3
Ws3N047XPzUi8+0SIDy6sSeHWv1AHcbvgI6IDd1OnpmOCNoKbiKkkjIJz7B/5p/K
JcqSsLzFmly9OmqwxWtWJPi+6zy8gnzKoguxS6dficFGKBsVBFWjZwoSSGleQozd
oQKEmYFyPXGtStEEObsEhM/A+WPfyMlPF3GtMrJGRltwMN4tzLIk2E8qvfpuwB/q
hrPjpkSgoa/wPXJaiGvfks6ohRFGbNhCkrwF4MYlXunAQ4wkISa4WqyX+wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJZPCm5trWI/L39Dk8NinFElmO0sMB8GA1UdIwQY
MBaAFGxeTvVRZ5n/4Lsbg5MX29NVu3qbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUt
MWJlNzUzZmFkMWJmLzEvbGs4S2JtMnRZajh2ZjBPVHcyS2NVU1dZN1N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUtMWJlNzUzZmFkMWJm
LzEvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLh54AwQD
PkWYAwQAW9/rAwQBuX6YAwQCudDUAwQAwvc9MA0EAgACMAcDBQMqABsYMA0GCSqG
SIb3DQEBCwUAA4IBAQBwXz5kqxkWD+iqcwZfkhvBG4sOWTzsGdm/ms6Iv5YExPqN
veBaLjy70jgGOh9BZue/Z667aiPLj7/0UD/TtWT2mYYAgP6uflyw6CsGhMHew/MS
x7VyKCscNODThJnLe7w2WazMhLbDEfbXFx97q6GxdA+GlA0RGlHBvVlLWmbsc05S
Ubn4eZvAGesOdqTIS0ejy1EyfzPKWGL6uTiVL7LEpdAijJv2rtzx7w2oXWl1h+tV
M2HxIk3dnsteZYUP2cGrI9+94udVXEq5Vr9DtkmVZsclEIJ357fDAHIwD3Yy5mc0
iFfGLRwcu2wNQVDOn8DAUkQkzj6nDojAlOh2jvly
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:13:19 2025 by rpki-client