Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/ca9cc3-7537-4c6a-a028-70af5f6573b5/1/K0uKXXs6Vku-D9apg7RTYfqQ_LE.roa
File: K0uKXXs6Vku-D9apg7RTYfqQ_LE.roa (raw, json)
Hash identifier: wKhdyHa6MlrbzzamrRfWl5cYU35gP1kAzLseQJfdq2I=
Subject key identifier: 2B:4B:8A:5D:7B:3A:56:4B:BE:0F:D6:A9:83:B4:53:61:FA:90:FC:B1
Certificate issuer: /CN=41cede907492e50c951263957881bc3cc5ce30ae
Certificate serial: 37A9614D
Authority key identifier: 41:CE:DE:90:74:92:E5:0C:95:12:63:95:78:81:BC:3C:C5:CE:30:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qc7ekHSS5QyVEmOVeIG8PMXOMK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/ca9cc3-7537-4c6a-a028-70af5f6573b5/1/K0uKXXs6Vku-D9apg7RTYfqQ_LE.roa
Signing time: Sat 01 Jan 2022 12:59:36 +0000
ROA not before: Sat 01 Jan 2022 12:59:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49892
IP address blocks: 94.143.128.0/24 maxlen: 24
94.143.128.0/21 maxlen: 21
94.143.129.0/24 maxlen: 24
94.143.130.0/24 maxlen: 24
94.143.131.0/24 maxlen: 24
94.143.132.0/24 maxlen: 24
94.143.133.0/24 maxlen: 24
94.143.134.0/24 maxlen: 24
94.143.135.0/24 maxlen: 24
185.169.216.0/24 maxlen: 24
185.169.216.0/22 maxlen: 22
185.169.217.0/24 maxlen: 24
185.169.218.0/24 maxlen: 24
185.169.219.0/24 maxlen: 24
2a04:6a40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 933847373 (0x37a9614d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41cede907492e50c951263957881bc3cc5ce30ae
Validity
Not Before: Jan 1 12:59:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b4b8a5d7b3a564bbe0fd6a983b45361fa90fcb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:41:a7:5c:fa:48:f2:24:02:86:e9:75:08:6a:
7d:39:72:59:de:d1:0b:06:09:c0:c8:32:3f:e8:c2:
72:08:9b:c1:6f:1a:15:b9:c3:a9:7f:e4:fb:e7:d7:
60:1b:78:e7:6c:6d:cd:c2:69:15:23:07:c8:bc:6f:
2d:dc:1c:d3:39:5e:a3:2e:1f:44:eb:11:6e:7d:f7:
72:f5:04:c8:be:a1:b0:a5:c1:36:ba:b3:34:ac:5f:
bf:94:04:8d:b9:34:8c:09:10:aa:1a:a7:c9:7c:17:
bd:de:67:f1:88:98:6a:ee:73:46:71:f8:26:e1:63:
51:c6:03:94:8f:31:a3:6f:60:01:d5:ec:da:26:62:
29:41:15:19:44:0f:0f:2b:b3:12:7d:d3:26:2a:b9:
9d:5d:69:58:6d:27:25:5b:4f:37:8a:98:7a:a1:43:
a7:2e:53:20:55:31:84:cb:a9:2a:b3:ad:d0:e7:bd:
d6:37:df:39:06:60:6f:3d:aa:ae:72:e1:f8:bb:31:
1a:d8:ba:20:db:27:47:43:09:21:9e:da:23:ce:8d:
ae:bf:fd:69:b5:35:7e:67:36:10:a2:d3:b0:34:b9:
50:2f:d9:6d:b0:f6:53:3b:97:fa:c8:d5:a3:33:89:
38:ea:72:25:b2:b9:43:f9:d3:f2:58:bd:57:dc:2c:
17:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4B:8A:5D:7B:3A:56:4B:BE:0F:D6:A9:83:B4:53:61:FA:90:FC:B1
X509v3 Authority Key Identifier:
keyid:41:CE:DE:90:74:92:E5:0C:95:12:63:95:78:81:BC:3C:C5:CE:30:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qc7ekHSS5QyVEmOVeIG8PMXOMK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ca9cc3-7537-4c6a-a028-70af5f6573b5/1/K0uKXXs6Vku-D9apg7RTYfqQ_LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ca9cc3-7537-4c6a-a028-70af5f6573b5/1/Qc7ekHSS5QyVEmOVeIG8PMXOMK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.128.0/21
185.169.216.0/22
IPv6:
2a04:6a40::/29
Signature Algorithm: sha256WithRSAEncryption
9e:c6:9a:20:ff:8c:76:fb:7e:07:e8:5f:f2:3e:00:c0:3a:5e:
dd:ae:d1:78:31:55:47:c6:6d:aa:e7:4c:86:4d:41:68:71:e2:
c5:13:67:b8:9a:60:ee:84:c4:52:bb:67:96:e3:b4:a6:d3:fb:
eb:a7:49:b5:60:44:c4:68:68:5a:26:43:24:e6:c2:56:a3:be:
a9:81:75:df:73:7a:b8:b3:06:a8:4e:8c:fe:bb:25:46:76:01:
60:5d:3f:44:6a:8b:91:52:18:01:ab:b4:82:b1:95:a9:86:df:
c6:34:cc:74:ee:d5:e6:cb:f8:e4:bd:8f:4a:02:cc:92:ad:81:
4b:6d:fa:0b:6d:3a:4f:cd:b5:bc:b0:f6:1b:9c:93:b4:f3:a1:
67:fc:3c:d6:fc:8c:c1:4f:d2:94:2a:0f:02:78:02:80:77:1a:
f0:dd:d1:57:0a:01:a1:3a:65:33:57:cf:23:85:9f:89:22:d0:
26:f6:5b:19:0e:0d:37:0a:e1:d2:b8:7c:52:88:11:3a:eb:e4:
36:03:e0:4e:c1:a9:96:2f:a4:be:a1:07:d7:b4:b5:00:ee:74:
5c:68:1d:13:cd:51:11:7e:23:f1:64:c3:15:c2:45:ad:0c:c8:
69:17:ca:91:e8:07:56:0b:31:60:5a:a3:66:38:4c:0b:d8:46:
a0:5d:44:72
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEN6lhTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWNlZGU5MDc0OTJlNTBjOTUxMjYzOTU3ODgxYmMzY2M1Y2UzMGFlMB4XDTIyMDEw
MTEyNTkzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmI0YjhhNWQ3YjNh
NTY0YmJlMGZkNmE5ODNiNDUzNjFmYTkwZmNiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdBp1z6SPIkAobpdQhqfTlyWd7RCwYJwMgyP+jCcgibwW8a
FbnDqX/k++fXYBt452xtzcJpFSMHyLxvLdwc0zleoy4fROsRbn33cvUEyL6hsKXB
NrqzNKxfv5QEjbk0jAkQqhqnyXwXvd5n8YiYau5zRnH4JuFjUcYDlI8xo29gAdXs
2iZiKUEVGUQPDyuzEn3TJiq5nV1pWG0nJVtPN4qYeqFDpy5TIFUxhMupKrOt0Oe9
1jffOQZgbz2qrnLh+LsxGti6INsnR0MJIZ7aI86Nrr/9abU1fmc2EKLTsDS5UC/Z
bbD2UzuX+sjVozOJOOpyJbK5Q/nT8li9V9wsF6UCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQrS4pdezpWS74P1qmDtFNh+pD8sTAfBgNVHSMEGDAWgBRBzt6QdJLlDJUS
Y5V4gbw8xc4wrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FjN2VrSFNTNVF5VkVtT1ZlSUc4UE1YT01LNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvY2E5Y2MzLTc1MzctNGM2YS1hMDI4LTcwYWY1ZjY1NzNiNS8x
L0swdUtYWHM2Vmt1LUQ5YXBnN1JUWWZxUV9MRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
Y2E5Y2MzLTc1MzctNGM2YS1hMDI4LTcwYWY1ZjY1NzNiNS8xL1FjN2VrSFNTNVF5
VkVtT1ZlSUc4UE1YT01LNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA16PgAMEArmp2DANBAIAAjAHAwUD
KgRqQDANBgkqhkiG9w0BAQsFAAOCAQEAnsaaIP+Mdvt+B+hf8j4AwDpe3a7ReDFV
R8ZtqudMhk1BaHHixRNnuJpg7oTEUrtnluO0ptP766dJtWBExGhoWiZDJObCVqO+
qYF133N6uLMGqE6M/rslRnYBYF0/RGqLkVIYAau0grGVqYbfxjTMdO7V5sv45L2P
SgLMkq2BS236C206T821vLD2G5yTtPOhZ/w81vyMwU/SlCoPAngCgHca8N3RVwoB
oTplM1fPI4WfiSLQJvZbGQ4NNwrh0rh8UogROuvkNgPgTsGpli+kvqEH17S1AO50
XGgdE81REX4j8WTDFcJFrQzIaRfKkegHVgsxYFqjZjhMC9hGoF1Ecg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:01:01 2025 by rpki-client