Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/kek_fdIoUsWGmCkfYxET-sikg_c.roa
File: kek_fdIoUsWGmCkfYxET-sikg_c.roa (raw, json)
Hash identifier: LZQv7hsVbR3jVbrlTB+VCeubc2eqlAHly4MzHxYyUv8=
Subject key identifier: 91:E9:3F:7D:D2:28:52:C5:86:98:29:1F:63:11:13:FA:C8:A4:83:F7
Certificate issuer: /CN=b7733e9de9485b44671c8e511da221e4153c711b
Certificate serial: 018571B0C3DEB4DC6719FF7858ABD8189B38
Authority key identifier: B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/kek_fdIoUsWGmCkfYxET-sikg_c.roa
Signing time: Mon 02 Jan 2023 08:54:47 +0000
ROA not before: Mon 02 Jan 2023 08:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25145
IP address blocks: 91.241.51.0/24 maxlen: 24
91.241.48.0/24 maxlen: 24
2a0c:8dc6::/32 maxlen: 32
2a0c:8dc5::/32 maxlen: 32
2a0c:8dc7::/32 maxlen: 32
2a0c:8dc4::/32 maxlen: 32
2a00:7540::/29 maxlen: 29
2a0c:8dc0::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:c3:de:b4:dc:67:19:ff:78:58:ab:d8:18:9b:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7733e9de9485b44671c8e511da221e4153c711b
Validity
Not Before: Jan 2 08:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91e93f7dd22852c58698291f631113fac8a483f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:02:c1:2d:57:b1:1e:cc:4d:f7:da:19:de:88:
13:e2:41:b6:a2:24:36:8f:c0:ba:f3:0a:26:5f:45:
6a:62:ca:00:b8:96:b5:fe:2a:45:e5:1a:9b:e7:c8:
19:65:82:cd:d6:b6:44:57:15:d4:b2:b0:e7:14:60:
54:8a:4c:54:4f:6c:e5:f8:fb:59:30:62:c0:99:05:
ed:84:2d:dc:16:e4:58:0c:f7:93:19:59:c5:20:3f:
26:73:1e:dc:59:a5:6e:e6:0a:0a:43:8a:e3:90:b0:
d6:85:4f:b8:5d:7e:dd:51:d8:e8:31:7c:44:3b:b9:
e1:25:01:b8:bf:f5:0a:7d:14:ed:e6:87:08:57:6e:
0e:4e:df:f3:a9:cd:7d:34:bd:32:99:91:2c:c6:0e:
91:28:90:60:36:fc:2c:54:99:4a:61:fe:ef:ff:be:
85:d9:a1:32:cc:d1:35:3b:af:f5:d6:09:c1:1f:6f:
cd:fc:a0:3c:dd:f3:30:d1:e9:ca:ff:ea:e5:14:39:
ed:50:87:32:37:2c:ec:bd:12:70:fd:48:3e:73:6d:
90:77:bf:c0:32:56:66:5c:53:75:ba:cc:5a:f4:55:
79:2a:73:37:1c:ea:ef:c8:46:7c:c5:d2:c3:34:82:
d6:05:2d:45:e8:7e:d6:6d:2e:39:a5:f3:cc:5e:65:
52:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E9:3F:7D:D2:28:52:C5:86:98:29:1F:63:11:13:FA:C8:A4:83:F7
X509v3 Authority Key Identifier:
keyid:B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/kek_fdIoUsWGmCkfYxET-sikg_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.48.0/24
91.241.51.0/24
IPv6:
2a00:7540::/29
2a0c:8dc0::/29
Signature Algorithm: sha256WithRSAEncryption
41:0a:04:b4:e4:89:46:95:b9:b3:6c:f2:12:0a:f2:4e:02:b4:
60:58:45:ba:6d:eb:40:49:cd:a9:14:7f:f5:c4:ec:c1:a2:20:
43:95:8d:d9:64:b0:78:ad:37:6a:0d:61:8a:1d:c4:93:dd:ec:
25:33:7b:30:0b:ef:ad:ba:aa:44:40:77:cc:94:21:38:fd:57:
e0:24:0f:f0:12:62:63:eb:25:88:9f:76:98:0d:d9:d0:60:d2:
e6:f2:70:98:bd:c3:9a:c3:ad:0b:b2:e7:52:53:eb:84:85:a8:
bd:d1:b5:ae:ed:59:c3:9e:f2:85:8b:2a:6b:1a:51:09:72:c4:
08:08:29:88:53:94:4b:64:4b:65:52:b5:0b:29:0c:53:ce:d5:
12:2c:03:09:7c:35:78:6e:1e:e0:1f:01:72:38:39:c8:a0:85:
c4:e2:82:f1:99:25:e6:5d:23:0b:6c:e4:d7:4d:36:4c:54:e7:
31:73:9b:5d:ce:5e:07:a5:c1:43:ad:8c:bd:c2:9a:9c:01:50:
59:10:8c:bd:d0:b5:9a:f8:fe:2c:b7:64:ce:a6:9b:81:47:24:
43:76:6e:88:7b:70:a6:2c:d8:8c:9d:e8:f4:85:fd:b1:c9:b9:
64:7f:da:51:a1:89:fe:7e:90:f6:72:7d:fa:75:56:74:43:93:
78:68:fa:b0
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVxsMPetNxnGf94WKvYGJs4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzMzZTlkZTk0ODViNDQ2NzFjOGU1MTFkYTIyMWU0MTUz
YzcxMWIwHhcNMjMwMTAyMDg1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWU5M2Y3ZGQyMjg1MmM1ODY5ODI5MWY2MzExMTNmYWM4YTQ4M2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoALBLVexHsxN99oZ3ogT4kG2oiQ2
j8C68womX0VqYsoAuJa1/ipF5Rqb58gZZYLN1rZEVxXUsrDnFGBUikxUT2zl+PtZ
MGLAmQXthC3cFuRYDPeTGVnFID8mcx7cWaVu5goKQ4rjkLDWhU+4XX7dUdjoMXxE
O7nhJQG4v/UKfRTt5ocIV24OTt/zqc19NL0ymZEsxg6RKJBgNvwsVJlKYf7v/76F
2aEyzNE1O6/11gnBH2/N/KA83fMw0enK/+rlFDntUIcyNyzsvRJw/Ug+c22Qd7/A
MlZmXFN1usxa9FV5KnM3HOrvyEZ8xdLDNILWBS1F6H7WbS45pfPMXmVSqwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJHpP33SKFLFhpgpH2MRE/rIpIP3MB8GA1UdIwQY
MBaAFLdzPp3pSFtEZxyOUR2iIeQVPHEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUt
NTE4Y2QxNDcxM2ViLzEva2VrX2ZkSW9Vc1dHbUNrZll4RVQtc2lrZ19jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUtNTE4Y2QxNDcxM2Vi
LzEvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAW/EwAwQA
W/EzMBQEAgACMA4DBQMqAHVAAwUDKgyNwDANBgkqhkiG9w0BAQsFAAOCAQEAQQoE
tOSJRpW5s2zyEgryTgK0YFhFum3rQEnNqRR/9cTswaIgQ5WN2WSweK03ag1hih3E
k93sJTN7MAvvrbqqREB3zJQhOP1X4CQP8BJiY+sliJ92mA3Z0GDS5vJwmL3DmsOt
C7LnUlPrhIWovdG1ru1Zw57yhYsqaxpRCXLECAgpiFOUS2RLZVK1CykMU87VEiwD
CXw1eG4e4B8Bcjg5yKCFxOKC8Zkl5l0jC2zk1002TFTnMXObXc5eB6XBQ62MvcKa
nAFQWRCMvdC1mvj+LLdkzqabgUckQ3ZuiHtwpizYjJ3o9IX9scm5ZH/aUaGJ/n6Q
9nJ9+nVWdEOTeGj6sA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 01:09:55 2025 by rpki-client