Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/KDIXzN4YIbPX5LkUU-wOPHEB-VQ.roa
File: KDIXzN4YIbPX5LkUU-wOPHEB-VQ.roa (raw, json)
Hash identifier: txH/35/nVfFIGW2uc4Bv4kv59GT9YUt7m4CQ6YY0lg4=
Subject key identifier: 28:32:17:CC:DE:18:21:B3:D7:E4:B9:14:53:EC:0E:3C:71:01:F9:54
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0185730CD02514A21DF56EFFF36AC03D3181
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/KDIXzN4YIbPX5LkUU-wOPHEB-VQ.roa
Signing time: Mon 02 Jan 2023 15:14:57 +0000
ROA not before: Mon 02 Jan 2023 15:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 147.234.89.0/24 maxlen: 24
147.234.88.0/24 maxlen: 24
62.90.135.0/24 maxlen: 24
147.234.75.0/24 maxlen: 24
147.234.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:d0:25:14:a2:1d:f5:6e:ff:f3:6a:c0:3d:31:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=283217ccde1821b3d7e4b91453ec0e3c7101f954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a2:2a:c4:59:69:45:c8:27:56:c5:1b:38:9c:
55:0f:84:b1:44:d2:95:d7:47:78:ad:7b:a6:16:c2:
96:aa:38:63:59:2e:af:52:75:ff:d6:9e:3c:d4:ba:
f6:88:e8:9f:b1:35:19:bb:f2:2e:6d:67:7c:bc:00:
6a:12:b4:37:5c:2a:a1:d8:f4:5c:ab:47:4a:20:99:
26:02:30:21:77:41:04:64:87:dd:1e:d9:f6:ca:89:
ff:04:5a:77:1d:fd:93:19:92:bc:26:92:93:7f:f5:
9c:f0:8a:40:02:81:46:8d:4a:f8:18:d5:f4:9b:78:
42:8b:bd:47:1b:46:b4:19:24:11:4c:49:c9:c9:de:
ca:af:99:3b:bd:3b:7a:c6:6a:d6:7e:e1:26:75:ed:
13:df:0d:9d:d8:c4:eb:a7:4a:f9:48:68:ce:14:59:
7c:bf:cb:9b:dd:eb:b8:02:9f:5c:a4:a8:d2:c0:bd:
10:69:57:79:36:25:88:0d:3c:96:74:08:56:69:1f:
9a:1d:bb:a4:96:3e:e3:e6:a2:0c:f9:11:66:ba:0c:
77:62:81:fa:cd:d1:11:c5:01:ec:ae:93:94:6c:4a:
3d:76:6f:15:6e:93:fb:30:e2:92:ed:6b:3c:86:5d:
fd:47:4c:53:e2:de:92:7c:88:ec:a4:be:7a:ba:18:
ea:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:32:17:CC:DE:18:21:B3:D7:E4:B9:14:53:EC:0E:3C:71:01:F9:54
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/KDIXzN4YIbPX5LkUU-wOPHEB-VQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.90.135.0/24
147.234.74.0/23
147.234.88.0/23
Signature Algorithm: sha256WithRSAEncryption
86:48:3e:2b:78:e4:45:60:ca:73:4f:e2:bf:0a:36:cf:e1:5b:
14:cb:95:eb:41:b8:92:29:09:7f:b0:75:4c:78:c2:c4:e9:0a:
11:8d:f9:b4:c3:cc:c5:b6:53:05:2d:03:ff:33:81:3d:d1:43:
72:ed:5e:03:0e:b7:e6:e2:07:ae:49:b5:b6:f6:8d:7b:2c:af:
b6:41:ad:d3:03:da:8b:6c:34:bc:a7:97:9e:2a:53:62:07:d7:
ae:83:02:9d:e7:48:5d:f0:39:8b:04:79:c2:67:9f:51:04:d2:
bd:18:11:54:dc:cd:a7:4a:6c:76:8a:34:51:10:4c:bc:81:18:
76:ae:81:1e:08:b5:15:5c:f9:99:55:9c:3d:e2:77:28:25:cd:
25:7d:c7:7d:d6:1d:5b:47:5e:55:f4:7c:23:64:24:17:6f:fb:
1b:1d:f4:72:20:d5:b7:28:54:3f:1c:33:b4:cf:8b:6b:e6:01:
b7:fc:6d:91:ac:b9:73:b6:ab:2a:32:29:f9:91:10:6b:10:ba:
8e:99:62:a2:06:d4:6b:15:65:d2:4d:69:78:44:ee:55:3b:29:
54:03:d8:3c:a1:d7:72:9f:97:6a:05:a7:c8:79:dc:3d:a6:c0:
fb:12:1b:79:69:9b:f7:28:fc:ee:27:ac:a1:91:7d:56:16:cc:
d4:b0:f0:bd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzDNAlFKId9W7/82rAPTGBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMwMTAyMTUxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODMyMTdjY2RlMTgyMWIzZDdlNGI5MTQ1M2VjMGUzYzcxMDFmOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqIqxFlpRcgnVsUbOJxVD4SxRNKV
10d4rXumFsKWqjhjWS6vUnX/1p481Lr2iOifsTUZu/IubWd8vABqErQ3XCqh2PRc
q0dKIJkmAjAhd0EEZIfdHtn2yon/BFp3Hf2TGZK8JpKTf/Wc8IpAAoFGjUr4GNX0
m3hCi71HG0a0GSQRTEnJyd7Kr5k7vTt6xmrWfuEmde0T3w2d2MTrp0r5SGjOFFl8
v8ub3eu4Ap9cpKjSwL0QaVd5NiWIDTyWdAhWaR+aHbuklj7j5qIM+RFmugx3YoH6
zdERxQHsrpOUbEo9dm8VbpP7MOKS7Ws8hl39R0xT4t6SfIjspL56uhjqbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCgyF8zeGCGz1+S5FFPsDjxxAflUMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvS0RJWHpONFlJYlBYNUxrVVUtd09QSEVCLVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPlqHAwQB
k+pKAwQBk+pYMA0GCSqGSIb3DQEBCwUAA4IBAQCGSD4reORFYMpzT+K/CjbP4VsU
y5XrQbiSKQl/sHVMeMLE6QoRjfm0w8zFtlMFLQP/M4E90UNy7V4DDrfm4geuSbW2
9o17LK+2Qa3TA9qLbDS8p5eeKlNiB9eugwKd50hd8DmLBHnCZ59RBNK9GBFU3M2n
Smx2ijRREEy8gRh2roEeCLUVXPmZVZw94ncoJc0lfcd91h1bR15V9HwjZCQXb/sb
HfRyINW3KFQ/HDO0z4tr5gG3/G2RrLlztqsqMin5kRBrELqOmWKiBtRrFWXSTWl4
RO5VOylUA9g8oddyn5dqBafIedw9psD7Eht5aZv3KPzuJ6yhkX1WFszUsPC9
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:21:35 2025 by rpki-client