Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/KLf1sKBieA5jAcxzJkkQX5h1h9o.roa
File: KLf1sKBieA5jAcxzJkkQX5h1h9o.roa (raw, json)
Hash identifier: SrX9HsqSbH9jb3YU5pz6DqWiXCsPfZC/s3UC8FX+x7U=
Subject key identifier: 28:B7:F5:B0:A0:62:78:0E:63:01:CC:73:26:49:10:5F:98:75:87:DA
Certificate issuer: /CN=74a59b7fb4e034f67775f2875efbfc9eff247e8e
Certificate serial: 018571CC275F80708A790F12DD021D0B0328
Authority key identifier: 74:A5:9B:7F:B4:E0:34:F6:77:75:F2:87:5E:FB:FC:9E:FF:24:7E:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/KLf1sKBieA5jAcxzJkkQX5h1h9o.roa
Signing time: Mon 02 Jan 2023 09:24:42 +0000
ROA not before: Mon 02 Jan 2023 09:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210318
IP address blocks: 185.37.233.0/24 maxlen: 24
185.37.232.0/24 maxlen: 24
185.37.234.0/24 maxlen: 24
185.37.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:cc:27:5f:80:70:8a:79:0f:12:dd:02:1d:0b:03:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74a59b7fb4e034f67775f2875efbfc9eff247e8e
Validity
Not Before: Jan 2 09:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28b7f5b0a062780e6301cc732649105f987587da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a3:8a:9b:90:e2:1d:73:ec:da:6f:af:28:b9:
1a:c3:b6:c8:e0:5e:49:aa:22:d8:32:56:a6:a5:ef:
20:58:d5:7a:09:ee:8f:52:1a:91:1a:27:69:e8:4b:
0d:a0:d0:84:1c:18:81:ea:c8:15:3c:d2:24:a8:6e:
2f:03:0a:ca:3f:93:37:9f:01:97:5b:9d:6f:00:19:
c1:da:00:1a:e0:26:e9:a4:04:19:3d:fc:85:34:49:
ac:e9:e1:b1:94:68:e0:4b:e2:e6:f1:0d:53:8a:e5:
37:a0:56:19:30:ae:0d:cf:31:ce:ba:de:8a:9c:9e:
a2:aa:a5:32:4d:35:7f:f3:31:75:a6:f8:fe:5e:3c:
48:e5:5d:9d:c3:58:ab:d5:16:b4:25:9a:18:fe:92:
bc:18:08:3d:fc:7b:a6:e3:84:dc:4a:79:51:38:b7:
c2:a9:fc:74:d6:e7:b6:80:1c:34:3a:e2:49:99:ad:
ef:5f:be:21:fa:92:04:9c:47:d7:7b:8c:7d:75:db:
72:21:ca:d4:cc:c7:91:32:a4:27:04:74:3a:b9:8b:
f8:f8:77:fa:78:44:7c:55:21:7d:db:25:f6:d4:7d:
1e:cf:95:5b:9e:aa:26:80:2d:49:4e:2b:d3:47:24:
f2:d9:1e:69:de:3c:1a:52:fa:85:47:cf:1d:4f:bf:
75:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B7:F5:B0:A0:62:78:0E:63:01:CC:73:26:49:10:5F:98:75:87:DA
X509v3 Authority Key Identifier:
keyid:74:A5:9B:7F:B4:E0:34:F6:77:75:F2:87:5E:FB:FC:9E:FF:24:7E:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/KLf1sKBieA5jAcxzJkkQX5h1h9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.232.0/22
Signature Algorithm: sha256WithRSAEncryption
66:42:0f:4e:d5:f7:6c:c7:8c:54:b3:1a:3b:bd:77:50:c3:91:
78:e5:ee:da:b4:c0:20:41:98:41:69:f1:42:32:75:aa:12:95:
6c:47:66:8f:c3:97:a0:84:9e:e4:3b:21:85:c3:57:c2:a1:3d:
cf:d9:82:d3:a0:12:63:80:c3:ef:09:34:c9:8c:6a:df:2b:d8:
69:a9:17:2a:12:35:c6:04:19:25:96:ac:07:a6:83:51:c7:ff:
1f:36:2d:68:63:ad:93:c5:74:ee:a7:d4:28:a7:f9:f9:e7:61:
ed:27:30:cf:6d:cb:62:f4:5c:89:63:41:43:d6:29:74:b7:29:
9a:b3:ed:e1:75:ef:e4:73:2b:dc:50:de:84:2d:ea:06:dc:b0:
43:0f:7c:d8:f5:c5:36:29:33:6d:d4:bc:19:0c:87:89:bc:08:
54:4a:72:ca:6f:99:9e:1a:fe:2b:60:a0:3f:36:cd:02:ae:83:
78:c2:da:9f:08:ee:17:fb:08:d8:48:e1:1e:3f:c4:81:ce:e2:
3d:db:e1:d1:82:dc:29:e7:76:32:92:f9:56:9a:6f:2e:dc:e5:
d3:27:f0:a4:77:a9:16:18:3b:7b:e8:75:80:23:ae:b4:ca:e8:
cc:2e:1a:94:a6:8f:23:3d:39:34:3e:29:3b:4d:f4:be:9e:70:
a9:69:be:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxzCdfgHCKeQ8S3QIdCwMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YTU5YjdmYjRlMDM0ZjY3Nzc1ZjI4NzVlZmJmYzllZmYy
NDdlOGUwHhcNMjMwMTAyMDkyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGI3ZjViMGEwNjI3ODBlNjMwMWNjNzMyNjQ5MTA1Zjk4NzU4N2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraOKm5DiHXPs2m+vKLkaw7bI4F5J
qiLYMlampe8gWNV6Ce6PUhqRGidp6EsNoNCEHBiB6sgVPNIkqG4vAwrKP5M3nwGX
W51vABnB2gAa4CbppAQZPfyFNEms6eGxlGjgS+Lm8Q1TiuU3oFYZMK4NzzHOut6K
nJ6iqqUyTTV/8zF1pvj+XjxI5V2dw1ir1Ra0JZoY/pK8GAg9/Hum44TcSnlROLfC
qfx01ue2gBw0OuJJma3vX74h+pIEnEfXe4x9ddtyIcrUzMeRMqQnBHQ6uYv4+Hf6
eER8VSF92yX21H0ez5VbnqomgC1JTivTRyTy2R5p3jwaUvqFR88dT791eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCi39bCgYngOYwHMcyZJEF+YdYfaMB8GA1UdIwQY
MBaAFHSlm3+04DT2d3Xyh177/J7/JH6OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEtXYmY3VGdOUFozZGZLSFh2djhudjhrZm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8yYjE5NWUtMGFiYS00N2Q0LThlM2It
YWQzMmVmNDlkNDE5LzEvS0xmMXNLQmllQTVqQWN4ekpra1FYNWgxaDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8yYjE5NWUtMGFiYS00N2Q0LThlM2ItYWQzMmVmNDlkNDE5
LzEvZEtXYmY3VGdOUFozZGZLSFh2djhudjhrZm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSXoMA0G
CSqGSIb3DQEBCwUAA4IBAQBmQg9O1fdsx4xUsxo7vXdQw5F45e7atMAgQZhBafFC
MnWqEpVsR2aPw5eghJ7kOyGFw1fCoT3P2YLToBJjgMPvCTTJjGrfK9hpqRcqEjXG
BBkllqwHpoNRx/8fNi1oY62TxXTup9Qop/n552HtJzDPbcti9FyJY0FD1il0tyma
s+3hde/kcyvcUN6ELeoG3LBDD3zY9cU2KTNt1LwZDIeJvAhUSnLKb5meGv4rYKA/
Ns0CroN4wtqfCO4X+wjYSOEeP8SBzuI92+HRgtwp53YykvlWmm8u3OXTJ/Ckd6kW
GDt76HWAI660yujMLhqUpo8jPTk0Pik7TfS+nnCpab7s
-----END CERTIFICATE-----
Generated at Sun Apr 13 17:16:59 2025 by rpki-client