Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/aed946-9efa-48b7-a8c7-1465a4b52136/1/kDaYlFv51Z3klvT4LqLSV4SLwTg.roa
File: kDaYlFv51Z3klvT4LqLSV4SLwTg.roa (raw, json)
Hash identifier: rEyVJH14GjnBXml2lPDJKEgxvIcpLD2H28AXoQHQiQU=
Subject key identifier: 90:36:98:94:5B:F9:D5:9D:E4:96:F4:F8:2E:A2:D2:57:84:8B:C1:38
Certificate issuer: /CN=ff4cb09de82650ee4cc4327eab6770b7ab147efb
Certificate serial: 018571D78E3422925A29A4E5C8263B475EF9
Authority key identifier: FF:4C:B0:9D:E8:26:50:EE:4C:C4:32:7E:AB:67:70:B7:AB:14:7E:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0ywnegmUO5MxDJ-q2dwt6sUfvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/aed946-9efa-48b7-a8c7-1465a4b52136/1/kDaYlFv51Z3klvT4LqLSV4SLwTg.roa
Signing time: Mon 02 Jan 2023 09:37:10 +0000
ROA not before: Mon 02 Jan 2023 09:37:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198614
IP address blocks: 87.238.252.0/22 maxlen: 22
87.238.248.0/22 maxlen: 22
185.200.75.0/24 maxlen: 24
185.200.72.0/24 maxlen: 24
185.200.74.0/24 maxlen: 24
185.200.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:8e:34:22:92:5a:29:a4:e5:c8:26:3b:47:5e:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff4cb09de82650ee4cc4327eab6770b7ab147efb
Validity
Not Before: Jan 2 09:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=903698945bf9d59de496f4f82ea2d257848bc138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d0:dd:9a:f1:9c:c7:7c:17:d3:91:88:07:bb:
6d:7c:ed:7b:10:a1:3d:49:5b:92:07:5f:29:d5:28:
59:2a:56:9c:af:89:9b:0a:a0:33:54:92:63:68:ad:
15:fd:3f:a4:fe:ee:ab:d5:b2:2c:36:79:b3:ea:41:
b6:f2:16:ad:a1:10:30:ea:84:4f:cf:11:42:dc:86:
30:f8:c9:76:38:31:97:d3:53:73:e1:8c:65:b9:af:
82:87:9e:3c:eb:12:25:74:7a:8e:72:e6:52:12:2d:
1d:35:2f:60:03:8b:00:70:b2:18:32:ff:33:a9:2e:
98:cb:2d:cc:03:79:7b:24:81:45:98:b1:21:ef:1b:
ed:8d:83:db:9c:fa:49:26:28:72:32:71:79:19:f2:
b2:53:21:ff:03:10:5b:0d:d8:9b:16:05:9a:f4:b4:
44:8b:75:ab:e3:d7:97:a6:d2:d3:82:53:be:bc:b4:
db:85:5d:08:5e:69:51:45:b8:3c:70:bc:14:e9:6c:
8a:24:84:91:f4:8a:98:f4:3c:cf:aa:7e:ba:68:2a:
a6:e0:4d:27:f6:77:f5:80:7f:5f:6c:f9:35:dd:f8:
90:c5:35:78:17:ae:24:c8:5a:9b:0c:b3:3a:9f:6b:
62:af:72:7b:d1:23:64:55:7c:a5:54:0d:9c:63:6e:
6d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:36:98:94:5B:F9:D5:9D:E4:96:F4:F8:2E:A2:D2:57:84:8B:C1:38
X509v3 Authority Key Identifier:
keyid:FF:4C:B0:9D:E8:26:50:EE:4C:C4:32:7E:AB:67:70:B7:AB:14:7E:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0ywnegmUO5MxDJ-q2dwt6sUfvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/aed946-9efa-48b7-a8c7-1465a4b52136/1/kDaYlFv51Z3klvT4LqLSV4SLwTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/aed946-9efa-48b7-a8c7-1465a4b52136/1/_0ywnegmUO5MxDJ-q2dwt6sUfvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.248.0/21
185.200.72.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:0d:da:2e:8d:8c:6d:6c:83:9f:30:3c:b7:4c:c4:4b:a5:9a:
05:28:ed:65:e3:da:9c:99:59:1e:75:77:66:71:55:b7:92:60:
98:7c:04:83:a8:78:fb:ec:a0:a5:c0:50:9f:cf:3a:9c:9e:b5:
bc:8d:4c:fb:d8:a6:fa:08:4f:97:64:e5:89:ec:73:8c:77:89:
e7:21:8b:9a:00:cc:6b:c3:6e:f2:e1:48:4c:b0:27:d1:0d:9c:
6e:d4:7b:ce:e2:76:08:52:17:a6:e4:b3:8b:79:8f:56:f7:77:
21:c8:3b:04:3d:c6:dd:fc:40:32:13:e9:cd:95:4f:ca:9c:7f:
e5:9f:18:69:32:fc:8d:df:fc:28:a8:99:08:b2:03:a4:1f:8d:
76:29:1a:43:c0:3d:47:eb:58:60:dd:94:fe:d4:03:2f:e8:f8:
5e:10:c8:a3:dc:01:34:67:2d:83:31:9f:db:30:67:97:c1:3f:
39:38:e7:18:fb:0c:77:f7:83:b6:e7:bc:d6:78:3d:a5:fe:44:
42:39:11:e1:99:4d:50:0a:c0:04:0d:0e:1f:cc:05:00:05:00:
a7:b7:14:14:37:29:22:c0:68:02:76:40:2a:c2:06:cc:f9:a7:
e9:9e:b6:37:c8:fc:9f:a9:3e:09:7a:b8:49:22:a4:af:b9:bf:
2e:68:68:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx1440IpJaKaTlyCY7R175MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNGNiMDlkZTgyNjUwZWU0Y2M0MzI3ZWFiNjc3MGI3YWIx
NDdlZmIwHhcNMjMwMTAyMDkzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDM2OTg5NDViZjlkNTlkZTQ5NmY0ZjgyZWEyZDI1Nzg0OGJjMTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNDdmvGcx3wX05GIB7ttfO17EKE9
SVuSB18p1ShZKlacr4mbCqAzVJJjaK0V/T+k/u6r1bIsNnmz6kG28hatoRAw6oRP
zxFC3IYw+Ml2ODGX01Nz4Yxlua+Ch5486xIldHqOcuZSEi0dNS9gA4sAcLIYMv8z
qS6Yyy3MA3l7JIFFmLEh7xvtjYPbnPpJJihyMnF5GfKyUyH/AxBbDdibFgWa9LRE
i3Wr49eXptLTglO+vLTbhV0IXmlRRbg8cLwU6WyKJISR9IqY9DzPqn66aCqm4E0n
9nf1gH9fbPk13fiQxTV4F64kyFqbDLM6n2tir3J70SNkVXylVA2cY25tZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJA2mJRb+dWd5Jb0+C6i0leEi8E4MB8GA1UdIwQY
MBaAFP9MsJ3oJlDuTMQyfqtncLerFH77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzB5d25lZ21VTzVNeERKLXEyZHd0NnNVZnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hZWQ5NDYtOWVmYS00OGI3LWE4Yzct
MTQ2NWE0YjUyMTM2LzEva0RhWWxGdjUxWjNrbHZUNExxTFNWNFNMd1RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9hZWQ5NDYtOWVmYS00OGI3LWE4YzctMTQ2NWE0YjUyMTM2
LzEvXzB5d25lZ21VTzVNeERKLXEyZHd0NnNVZnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDV+74AwQC
uchIMA0GCSqGSIb3DQEBCwUAA4IBAQBaDdoujYxtbIOfMDy3TMRLpZoFKO1l49qc
mVkedXdmcVW3kmCYfASDqHj77KClwFCfzzqcnrW8jUz72Kb6CE+XZOWJ7HOMd4nn
IYuaAMxrw27y4UhMsCfRDZxu1HvO4nYIUhem5LOLeY9W93chyDsEPcbd/EAyE+nN
lU/KnH/lnxhpMvyN3/woqJkIsgOkH412KRpDwD1H61hg3ZT+1AMv6PheEMij3AE0
Zy2DMZ/bMGeXwT85OOcY+wx394O257zWeD2l/kRCORHhmU1QCsAEDQ4fzAUABQCn
txQUNykiwGgCdkAqwgbM+afpnrY3yPyfqT4JerhJIqSvub8uaGjh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:17 2025 by rpki-client