Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/KO0bJG0UpWIjlplMK3iMFpX5cew.roa
File: KO0bJG0UpWIjlplMK3iMFpX5cew.roa (raw, json)
Hash identifier: pIPzU1d8ksmiMOVO8xgPjvGpc5NQIl7l+qhW+Evm2iw=
Subject key identifier: 28:ED:1B:24:6D:14:A5:62:23:96:99:4C:2B:78:8C:16:95:F9:71:EC
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 018570152C754DC43B87F4CB24D67157270C
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/KO0bJG0UpWIjlplMK3iMFpX5cew.roa
Signing time: Mon 02 Jan 2023 01:25:13 +0000
ROA not before: Mon 02 Jan 2023 01:25:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41079
IP address blocks: 185.204.216.0/22 maxlen: 22
195.114.0.0/23 maxlen: 23
91.199.22.0/24 maxlen: 24
178.250.40.0/21 maxlen: 21
194.169.227.0/24 maxlen: 24
185.208.164.0/24 maxlen: 24
185.123.160.0/22 maxlen: 22
185.243.52.0/22 maxlen: 22
195.242.116.0/23 maxlen: 23
195.78.66.0/23 maxlen: 23
193.218.152.0/22 maxlen: 22
195.2.254.0/23 maxlen: 23
2a02:1778::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:2c:75:4d:c4:3b:87:f4:cb:24:d6:71:57:27:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jan 2 01:25:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28ed1b246d14a5622396994c2b788c1695f971ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:69:14:fb:a7:b1:2a:1c:61:52:d2:4f:b5:2e:
28:13:fd:c2:88:0f:4f:e9:51:8f:20:31:35:f0:e0:
77:a3:15:77:20:ca:c7:e6:da:97:8d:a9:c3:b8:cf:
32:29:b3:14:d5:1b:d3:13:49:9a:97:4e:f6:ae:d7:
0e:fa:94:00:8a:73:60:9d:57:cd:07:49:aa:67:47:
4f:fc:a5:d6:18:75:ef:c9:5a:99:5c:56:1a:89:4c:
d0:ed:16:e6:c7:fb:84:f5:c7:72:86:42:58:27:9a:
3a:c0:8f:44:a9:f5:0b:99:b6:06:4c:67:eb:92:7f:
bd:c7:c3:8c:f8:9d:78:c7:f0:42:74:42:ef:f9:07:
ef:78:28:40:f5:00:ce:d4:56:1d:93:16:15:07:48:
ff:f0:f0:6e:dd:46:bb:ea:53:b9:7e:02:4b:29:0d:
7f:34:4d:18:b7:7e:e1:fa:b9:2a:82:8c:90:d7:35:
c9:ca:f0:54:2b:2e:2a:ca:ea:fb:db:54:a9:65:6b:
12:2f:9e:f0:d6:35:64:a7:28:86:d6:ee:18:65:b0:
b2:f3:70:b3:73:0e:86:f3:9f:25:52:7f:3c:73:b9:
e6:eb:8b:55:60:b5:5a:87:a3:43:a2:76:bf:b0:50:
c9:e1:bc:3c:0d:41:84:c6:a6:f7:a8:ca:68:1f:f2:
90:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:ED:1B:24:6D:14:A5:62:23:96:99:4C:2B:78:8C:16:95:F9:71:EC
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/KO0bJG0UpWIjlplMK3iMFpX5cew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.22.0/24
178.250.40.0/21
185.123.160.0/22
185.204.216.0/22
185.208.164.0/24
185.243.52.0/22
193.218.152.0/22
194.169.227.0/24
195.2.254.0/23
195.78.66.0/23
195.114.0.0/23
195.242.116.0/23
IPv6:
2a02:1778::/32
Signature Algorithm: sha256WithRSAEncryption
98:36:bf:a5:e9:7c:26:20:d1:d1:81:f9:74:db:5d:85:54:96:
b0:70:83:a8:86:cf:92:94:c0:c7:fa:b2:3b:d4:9c:42:5f:3b:
9e:f1:63:8f:0e:2c:3e:c1:fa:64:5c:5d:f0:3c:9b:b9:c4:2c:
e0:9a:d8:db:32:fb:b5:fc:1c:c6:82:b5:e5:b6:f1:b1:58:90:
f7:25:fd:d0:08:b8:d3:fb:b8:b8:2b:b1:02:d0:fc:dc:c5:79:
81:70:84:dd:10:4b:1f:25:12:55:10:18:f6:37:dd:f9:e3:58:
7a:36:a5:76:3d:c1:e2:b6:12:9b:1d:8a:64:89:84:a4:33:15:
54:ea:9d:72:8b:be:fc:2f:6a:76:5b:d6:ee:5a:22:d0:0c:25:
1d:d4:15:83:2b:ef:32:7e:d0:a4:b2:5d:84:81:88:a3:f3:b6:
a8:31:f6:98:f6:d1:65:0b:5d:46:a3:99:f4:1f:95:3b:fb:2d:
e7:8c:5e:35:2b:74:a2:ab:07:e3:c7:2a:dd:fd:dd:7b:52:92:
89:8c:d1:f8:c3:6d:b2:ce:95:c3:4e:09:cb:ed:a1:72:8f:86:
57:fb:c6:a2:9e:32:1d:6f:f2:75:51:b2:24:3a:70:0e:2e:7b:
b3:6b:2d:f1:14:a8:88:91:ea:06:30:ba:c5:fa:c7:13:b8:cd:
94:bf:3e:78
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVwFSx1TcQ7h/TLJNZxVycMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjMwMTAyMDEyNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGVkMWIyNDZkMTRhNTYyMjM5Njk5NGMyYjc4OGMxNjk1Zjk3MWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGkU+6exKhxhUtJPtS4oE/3CiA9P
6VGPIDE18OB3oxV3IMrH5tqXjanDuM8yKbMU1RvTE0mal072rtcO+pQAinNgnVfN
B0mqZ0dP/KXWGHXvyVqZXFYaiUzQ7Rbmx/uE9cdyhkJYJ5o6wI9EqfULmbYGTGfr
kn+9x8OM+J14x/BCdELv+QfveChA9QDO1FYdkxYVB0j/8PBu3Ua76lO5fgJLKQ1/
NE0Yt37h+rkqgoyQ1zXJyvBUKy4qyur721SpZWsSL57w1jVkpyiG1u4YZbCy83Cz
cw6G858lUn88c7nm64tVYLVah6NDona/sFDJ4bw8DUGExqb3qMpoH/KQ6QIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFCjtGyRtFKViI5aZTCt4jBaV+XHsMB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvS08wYkpHMFVwV0lqbHBsTUszaU1GcFg1Y2V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQAW8cWAwQD
svooAwQCuXugAwQCuczYAwQAudCkAwQCufM0AwQCwdqYAwQAwqnjAwQBwwL+AwQB
w05CAwQBw3IAAwQBw/J0MA0EAgACMAcDBQAqAhd4MA0GCSqGSIb3DQEBCwUAA4IB
AQCYNr+l6XwmINHRgfl0212FVJawcIOohs+SlMDH+rI71JxCXzue8WOPDiw+wfpk
XF3wPJu5xCzgmtjbMvu1/BzGgrXltvGxWJD3Jf3QCLjT+7i4K7EC0PzcxXmBcITd
EEsfJRJVEBj2N93541h6NqV2PcHithKbHYpkiYSkMxVU6p1yi778L2p2W9buWiLQ
DCUd1BWDK+8yftCksl2EgYij87aoMfaY9tFlC11Go5n0H5U7+y3njF41K3Siqwfj
xyrd/d17UpKJjNH4w22yzpXDTgnL7aFyj4ZX+8ainjIdb/J1UbIkOnAOLnuzay3x
FKiIkeoGMLrF+scTuM2Uvz54
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:31:52 2025 by rpki-client