Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/kZdk7C1AZwaHhVNXuIKdz5M8Kcc.roa
File: kZdk7C1AZwaHhVNXuIKdz5M8Kcc.roa (raw, json)
Hash identifier: L1JWqzNlkZmyZlucizC0UO1XC/GWQKdblcaVNaV65eM=
Subject key identifier: 91:97:64:EC:2D:40:67:06:87:85:53:57:B8:82:9D:CF:93:3C:29:C7
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 01837DA37CA4CFC60850E2D6CDC7CAB5AA6D
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/kZdk7C1AZwaHhVNXuIKdz5M8Kcc.roa
Signing time: Tue 27 Sep 2022 06:30:09 +0000
ROA not before: Tue 27 Sep 2022 06:30:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 194.113.239.0/24 maxlen: 24
45.88.103.0/24 maxlen: 24
45.88.102.0/24 maxlen: 24
185.238.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7d:a3:7c:a4:cf:c6:08:50:e2:d6:cd:c7:ca:b5:aa:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Sep 27 06:30:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=919764ec2d40670687855357b8829dcf933c29c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6f:ef:d6:86:60:f4:f7:c3:c4:28:34:0f:70:
c8:19:d8:90:84:ea:4a:49:73:7a:11:da:1f:4f:1b:
63:e0:83:ab:5c:ca:e7:b9:c6:a2:fb:df:62:c8:80:
62:ea:da:52:43:f5:cd:40:26:78:7c:2a:98:6f:6a:
44:cb:64:92:86:e7:5f:4b:c3:c4:68:05:24:12:e1:
03:49:b8:b2:c0:f0:4b:ac:15:8f:71:b4:67:eb:e5:
42:00:4d:79:46:c6:a0:6b:03:54:e8:6c:af:53:5c:
a7:5f:e4:df:2b:b5:b8:2d:5c:14:07:fc:95:6f:64:
2b:31:87:73:28:30:c2:66:d8:7b:21:bb:78:97:95:
ab:8a:f2:21:eb:ba:3b:71:c7:d8:24:99:46:d4:5e:
d1:b8:c4:fb:41:32:1e:a5:db:d7:9a:cc:75:83:0b:
43:e5:91:09:45:29:87:ae:47:0a:a9:dd:eb:5c:0b:
3c:4f:1d:d2:95:f4:df:45:43:50:4b:8e:9b:f0:65:
01:bc:42:3d:a5:1c:43:89:18:a0:6c:a0:0e:a0:49:
8b:60:b8:f0:3a:95:14:89:a0:28:9d:21:c8:5a:fa:
78:09:8d:29:7f:ee:71:35:30:e9:e9:f9:c0:06:50:
ad:b4:4b:fb:b6:20:63:99:e9:01:d3:41:40:d9:d7:
46:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:97:64:EC:2D:40:67:06:87:85:53:57:B8:82:9D:CF:93:3C:29:C7
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/kZdk7C1AZwaHhVNXuIKdz5M8Kcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.102.0/23
185.238.88.0/22
194.113.239.0/24
Signature Algorithm: sha256WithRSAEncryption
04:c3:03:16:f9:47:36:88:e1:f9:8c:7e:25:3c:00:18:03:4f:
09:88:90:2b:4d:88:3e:2d:c7:c1:76:f9:7c:34:1e:8b:9b:20:
32:fd:af:2b:73:0d:f3:1c:f2:f4:45:64:eb:71:32:6d:d4:43:
8f:76:87:c8:31:34:1f:20:c9:20:05:8b:22:aa:fb:e0:96:60:
a1:2f:76:64:a3:b3:ea:9c:ac:52:65:4b:6c:76:6d:51:ce:59:
ea:a7:02:83:be:2b:3a:8b:2a:2f:19:ad:a9:9f:06:90:64:ce:
ee:44:23:00:2e:58:e8:38:5a:62:26:54:fc:7c:62:f7:2a:f0:
42:3b:8c:f3:f5:c2:1d:f5:91:16:f4:e2:57:0e:bd:43:73:f1:
2c:e5:f4:f6:d2:4f:c3:bf:81:34:1e:3c:cf:b9:88:6c:b2:e6:
ae:9e:9b:91:e6:8b:fb:4c:83:1c:7c:ae:03:d8:c9:86:94:aa:
42:a3:50:e7:4c:5d:c6:89:e2:83:86:d2:25:3f:ca:b9:47:b9:
bb:69:e6:1c:a8:ad:7f:c6:fa:32:01:ca:d2:81:26:a3:14:73:
8b:92:08:25:14:31:70:7f:cb:32:35:34:cd:d2:49:e8:7c:1f:
25:c0:16:9a:4a:e6:7c:af:a6:9b:9b:78:32:b7:65:78:49:af:
91:89:fb:84
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYN9o3ykz8YIUOLWzcfKtaptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjIwOTI3MDYzMDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTk3NjRlYzJkNDA2NzA2ODc4NTUzNTdiODgyOWRjZjkzM2MyOWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlW/v1oZg9PfDxCg0D3DIGdiQhOpK
SXN6EdofTxtj4IOrXMrnucai+99iyIBi6tpSQ/XNQCZ4fCqYb2pEy2SShudfS8PE
aAUkEuEDSbiywPBLrBWPcbRn6+VCAE15RsagawNU6GyvU1ynX+TfK7W4LVwUB/yV
b2QrMYdzKDDCZth7Ibt4l5WrivIh67o7ccfYJJlG1F7RuMT7QTIepdvXmsx1gwtD
5ZEJRSmHrkcKqd3rXAs8Tx3SlfTfRUNQS46b8GUBvEI9pRxDiRigbKAOoEmLYLjw
OpUUiaAonSHIWvp4CY0pf+5xNTDp6fnABlCttEv7tiBjmekB00FA2ddGTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJGXZOwtQGcGh4VTV7iCnc+TPCnHMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEva1pkazdDMUFad2FIaFZOWHVJS2R6NU04S2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVhmAwQC
ue5YAwQAwnHvMA0GCSqGSIb3DQEBCwUAA4IBAQAEwwMW+Uc2iOH5jH4lPAAYA08J
iJArTYg+LcfBdvl8NB6LmyAy/a8rcw3zHPL0RWTrcTJt1EOPdofIMTQfIMkgBYsi
qvvglmChL3Zko7PqnKxSZUtsdm1RzlnqpwKDvis6iyovGa2pnwaQZM7uRCMALljo
OFpiJlT8fGL3KvBCO4zz9cId9ZEW9OJXDr1Dc/Es5fT20k/Dv4E0HjzPuYhssuau
npuR5ov7TIMcfK4D2MmGlKpCo1DnTF3GieKDhtIlP8q5R7m7aeYcqK1/xvoyAcrS
gSajFHOLkgglFDFwf8syNTTN0knofB8lwBaaSuZ8r6abm3gyt2V4Sa+RifuE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:57 2025 by rpki-client