Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/kdjkYgCMvsYpJulZL3ez1RZkjWU.roa
File: kdjkYgCMvsYpJulZL3ez1RZkjWU.roa (raw, json)
Hash identifier: kKHxU37rUzet6EqZ6/Pu4hhXSqfMgVXoRYPWIATspIE=
Subject key identifier: 91:D8:E4:62:00:8C:BE:C6:29:26:E9:59:2F:77:B3:D5:16:64:8D:65
Certificate issuer: /CN=458834c52abe30427f0a22aa46fd3d0809ed4585
Certificate serial: 0183F10973E4BD31917B548F359B3A2B1F48
Authority key identifier: 45:88:34:C5:2A:BE:30:42:7F:0A:22:AA:46:FD:3D:08:09:ED:45:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RYg0xSq-MEJ_CiKqRv09CAntRYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/kdjkYgCMvsYpJulZL3ez1RZkjWU.roa
Signing time: Wed 19 Oct 2022 16:17:51 +0000
ROA not before: Wed 19 Oct 2022 16:17:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60822
IP address blocks: 46.23.200.0/22 maxlen: 22
46.23.204.0/22 maxlen: 22
195.137.144.0/22 maxlen: 22
195.137.152.0/24 maxlen: 24
195.137.148.0/22 maxlen: 22
195.137.153.0/24 maxlen: 24
185.85.212.0/22 maxlen: 22
46.23.192.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f1:09:73:e4:bd:31:91:7b:54:8f:35:9b:3a:2b:1f:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458834c52abe30427f0a22aa46fd3d0809ed4585
Validity
Not Before: Oct 19 16:17:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91d8e462008cbec62926e9592f77b3d516648d65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5a:15:e1:b7:f9:28:3f:01:96:d1:a1:94:70:
5a:cb:09:f2:54:0e:14:92:be:0e:e3:a0:5b:d6:dd:
db:d0:2a:11:c8:fc:76:8e:f0:a8:7c:83:b6:0c:30:
13:36:e0:c2:65:6b:e4:0a:92:d3:c7:e2:25:e8:00:
8f:e3:50:57:4b:bd:63:ad:49:2b:43:c9:d4:b2:78:
7f:c2:29:b9:bc:c8:86:66:7d:64:b0:39:59:09:d2:
bd:fa:9a:69:04:a7:36:b2:94:8d:00:0e:47:d7:71:
8a:37:ed:b6:93:aa:4b:d8:63:3a:d5:e4:4f:d4:53:
12:11:c2:aa:3c:2a:d5:bc:e7:a9:52:d3:01:be:76:
71:60:f2:76:a6:3a:a6:c4:da:e7:f0:87:48:44:97:
e4:ff:ad:29:c2:7b:97:b0:42:b4:5c:87:f5:63:16:
70:1e:4d:b5:32:1a:58:19:da:da:f9:f7:09:0e:b7:
5a:82:86:1e:64:c1:2d:a3:04:e5:a6:40:ce:70:cc:
0b:bf:d5:49:71:88:b6:1c:67:66:32:ca:6e:36:a1:
4b:5f:11:eb:1b:15:1a:dd:da:1a:89:1f:ba:00:ef:
d7:36:fd:42:13:29:b3:b9:d7:ca:66:cd:71:17:a6:
fe:a0:ab:cc:2b:de:42:61:0e:6f:15:17:83:4b:e9:
36:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D8:E4:62:00:8C:BE:C6:29:26:E9:59:2F:77:B3:D5:16:64:8D:65
X509v3 Authority Key Identifier:
keyid:45:88:34:C5:2A:BE:30:42:7F:0A:22:AA:46:FD:3D:08:09:ED:45:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RYg0xSq-MEJ_CiKqRv09CAntRYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/kdjkYgCMvsYpJulZL3ez1RZkjWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/RYg0xSq-MEJ_CiKqRv09CAntRYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.192.0/20
185.85.212.0/22
195.137.144.0-195.137.153.255
Signature Algorithm: sha256WithRSAEncryption
5f:34:78:2a:94:fa:f0:68:f3:aa:1b:0f:e2:51:c8:2d:53:3b:
b3:9c:01:7e:c5:98:ba:ea:8e:b0:19:e8:6b:87:ad:52:7f:45:
00:7d:71:cc:f7:26:8b:7d:a0:39:41:1a:3b:cd:fc:df:6a:43:
78:0e:b6:6b:84:25:92:4f:29:61:84:49:49:8c:8d:d5:dc:76:
1a:0b:36:15:b2:8b:13:80:de:71:ad:77:6e:50:d7:ce:16:42:
74:7e:d1:66:5a:3f:cf:5e:4c:16:db:68:2e:1c:25:de:ff:27:
26:89:07:f5:a1:20:d9:16:f8:16:09:68:75:99:1d:a7:7c:d9:
9f:b3:90:64:80:95:c9:d4:f8:06:2c:38:2a:ba:c4:e0:83:9c:
08:81:8f:89:28:6b:e3:ae:a3:ea:a2:eb:2d:c2:e5:62:f3:92:
4a:7d:1e:53:a5:9f:6c:66:46:2a:d9:d8:a3:89:4c:37:22:5f:
8c:da:50:19:db:ff:83:a6:a5:85:07:0d:fc:af:8b:8b:9f:e3:
ae:6e:a5:44:a6:cb:c0:49:29:ed:70:13:b2:89:67:7d:ef:6d:
70:0c:6c:ed:ba:a0:a8:44:43:f5:dc:ec:74:1f:fe:6f:21:a1:
f4:40:c6:bb:05:dd:c0:0e:c5:d8:07:f8:cf:65:95:f6:ce:21:
ec:2a:86:bb
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYPxCXPkvTGRe1SPNZs6Kx9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ODgzNGM1MmFiZTMwNDI3ZjBhMjJhYTQ2ZmQzZDA4MDll
ZDQ1ODUwHhcNMjIxMDE5MTYxNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQ4ZTQ2MjAwOGNiZWM2MjkyNmU5NTkyZjc3YjNkNTE2NjQ4ZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1oV4bf5KD8BltGhlHBaywnyVA4U
kr4O46Bb1t3b0CoRyPx2jvCofIO2DDATNuDCZWvkCpLTx+Il6ACP41BXS71jrUkr
Q8nUsnh/wim5vMiGZn1ksDlZCdK9+pppBKc2spSNAA5H13GKN+22k6pL2GM61eRP
1FMSEcKqPCrVvOepUtMBvnZxYPJ2pjqmxNrn8IdIRJfk/60pwnuXsEK0XIf1YxZw
Hk21MhpYGdra+fcJDrdagoYeZMEtowTlpkDOcMwLv9VJcYi2HGdmMspuNqFLXxHr
GxUa3doaiR+6AO/XNv1CEymzudfKZs1xF6b+oKvMK95CYQ5vFReDS+k2CQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJHY5GIAjL7GKSbpWS93s9UWZI1lMB8GA1UdIwQY
MBaAFEWINMUqvjBCfwoiqkb9PQgJ7UWFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUllnMHhTcS1NRUpfQ2lLcVJ2MDlDQW50UllVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jOTVhMjQtMjI2Yy00NzZhLWFkZGIt
YTMxMTQzNDYzYmU5LzEva2Rqa1lnQ012c1lwSnVsWkwzZXoxUlpraldVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jOTVhMjQtMjI2Yy00NzZhLWFkZGItYTMxMTQzNDYzYmU5
LzEvUllnMHhTcS1NRUpfQ2lLcVJ2MDlDQW50UllVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQELhfAAwQC
uVXUMAwDBATDiZADBAHDiZgwDQYJKoZIhvcNAQELBQADggEBAF80eCqU+vBo86ob
D+JRyC1TO7OcAX7FmLrqjrAZ6GuHrVJ/RQB9ccz3Jot9oDlBGjvN/N9qQ3gOtmuE
JZJPKWGESUmMjdXcdhoLNhWyixOA3nGtd25Q184WQnR+0WZaP89eTBbbaC4cJd7/
JyaJB/WhINkW+BYJaHWZHad82Z+zkGSAlcnU+AYsOCq6xOCDnAiBj4koa+Ouo+qi
6y3C5WLzkkp9HlOln2xmRirZ2KOJTDciX4zaUBnb/4OmpYUHDfyvi4uf465upUSm
y8BJKe1wE7KJZ33vbXAMbO26oKhEQ/Xc7HQf/m8hofRAxrsF3cAOxdgH+M9llfbO
Iewqhrs=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:21 2025 by rpki-client