Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/061f23-4fb8-4636-b874-5e42a3f66f32/1/kHDL487BE4uBHyZUXT6E6NkX8Jc.roa
File: kHDL487BE4uBHyZUXT6E6NkX8Jc.roa (raw, json)
Hash identifier: CEza9PnX1p4CDxvZNFXHYbPJD0LzBOAtbcKkBhO/E0c=
Subject key identifier: 90:70:CB:E3:CE:C1:13:8B:81:1F:26:54:5D:3E:84:E8:D9:17:F0:97
Certificate issuer: /CN=4de1d371cd9f26a11fb64946674c31975f7c2edf
Certificate serial: 01830D70BA774FE610B5F85B8EE784001772
Authority key identifier: 4D:E1:D3:71:CD:9F:26:A1:1F:B6:49:46:67:4C:31:97:5F:7C:2E:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TeHTcc2fJqEftklGZ0wxl198Lt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/061f23-4fb8-4636-b874-5e42a3f66f32/1/kHDL487BE4uBHyZUXT6E6NkX8Jc.roa
Signing time: Mon 05 Sep 2022 11:37:15 +0000
ROA not before: Mon 05 Sep 2022 11:37:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205057
IP address blocks: 185.231.94.0/24 maxlen: 24
185.231.95.0/24 maxlen: 24
185.231.92.0/22 maxlen: 22
185.231.92.0/24 maxlen: 24
185.231.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0d:70:ba:77:4f:e6:10:b5:f8:5b:8e:e7:84:00:17:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4de1d371cd9f26a11fb64946674c31975f7c2edf
Validity
Not Before: Sep 5 11:37:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9070cbe3cec1138b811f26545d3e84e8d917f097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4c:1d:97:ae:9c:84:42:7e:50:17:da:22:c0:
07:f1:dc:f5:f7:6e:48:e5:d5:e4:b6:de:0f:59:b8:
f9:97:dd:20:b1:1b:50:95:a0:8e:fd:6d:dd:88:51:
bd:ea:96:65:82:4d:af:9b:66:04:1c:70:16:b5:c6:
ae:32:78:09:e8:7b:9b:30:37:06:06:29:1e:e1:5f:
68:f8:61:98:af:87:e4:be:5e:88:23:ec:0a:7a:0b:
38:10:b4:40:8c:78:26:5e:8e:cb:65:9a:4f:8e:e6:
e6:b7:99:33:d0:be:c1:cd:51:86:bd:c9:3e:85:7b:
ed:49:d9:1e:cd:7c:e1:2d:6b:9f:93:5c:36:3c:0f:
6e:60:f1:e7:56:e9:82:96:98:4f:c8:4b:d9:33:6a:
24:34:37:7a:c5:18:fd:a0:7e:3f:96:c0:30:b0:f2:
99:55:f4:eb:81:21:30:68:59:38:06:25:5f:d8:e6:
68:48:29:01:26:58:e6:de:7c:d4:d4:be:41:49:fa:
88:33:5a:0d:85:13:36:4d:b7:2d:4d:c7:cd:b1:17:
8a:ca:e6:08:58:8e:23:c9:22:29:e0:8b:9d:40:ec:
92:e4:36:18:90:9a:17:b5:f8:70:e4:00:55:c1:96:
80:50:ff:5e:13:b3:1d:60:ee:fc:05:28:97:64:25:
66:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:70:CB:E3:CE:C1:13:8B:81:1F:26:54:5D:3E:84:E8:D9:17:F0:97
X509v3 Authority Key Identifier:
keyid:4D:E1:D3:71:CD:9F:26:A1:1F:B6:49:46:67:4C:31:97:5F:7C:2E:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TeHTcc2fJqEftklGZ0wxl198Lt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/061f23-4fb8-4636-b874-5e42a3f66f32/1/kHDL487BE4uBHyZUXT6E6NkX8Jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/061f23-4fb8-4636-b874-5e42a3f66f32/1/TeHTcc2fJqEftklGZ0wxl198Lt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.92.0/22
Signature Algorithm: sha256WithRSAEncryption
94:9b:13:14:97:0e:19:25:d2:06:19:37:c5:54:32:e8:ad:cd:
c0:71:2b:8c:d7:be:51:23:08:71:3a:f4:94:4b:b3:34:2b:7f:
84:5c:f8:63:7a:fd:6c:39:e6:bd:d6:1d:ee:8c:94:80:4d:32:
fc:a8:81:bf:61:4a:5c:cb:7e:3b:86:de:18:35:83:41:97:8a:
53:85:ce:02:4a:38:b6:13:06:a8:81:2d:1f:28:f9:ed:37:c1:
91:9e:ae:89:9a:ab:a7:fe:f1:c3:94:5d:3e:be:80:9c:f5:0c:
c6:c0:78:69:44:c8:07:25:41:da:74:14:bd:d5:ed:09:11:c8:
4f:47:74:ca:4f:b9:d4:f1:8c:bc:96:4a:31:0b:58:b9:9a:f3:
e8:a8:85:b6:be:44:5d:7f:7a:cb:67:e4:6d:95:3b:38:0f:bf:
db:c0:38:d8:4d:53:b9:61:68:8f:f0:fc:de:7f:9e:8c:f0:50:
de:88:2b:7a:82:99:50:e0:8f:d2:9d:43:12:a1:58:b6:81:c0:
ab:be:21:a8:3e:1b:39:2e:8e:44:5a:87:e1:61:bf:22:81:82:
8a:85:dd:9f:15:3c:74:87:6e:4e:38:df:d2:b9:aa:23:90:04:
4b:53:ef:ab:78:3d:d2:38:95:35:79:26:70:ea:5f:31:32:ff:
65:98:5c:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMNcLp3T+YQtfhbjueEABdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZTFkMzcxY2Q5ZjI2YTExZmI2NDk0NjY3NGMzMTk3NWY3
YzJlZGYwHhcNMjIwOTA1MTEzNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDcwY2JlM2NlYzExMzhiODExZjI2NTQ1ZDNlODRlOGQ5MTdmMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokwdl66chEJ+UBfaIsAH8dz1925I
5dXktt4PWbj5l90gsRtQlaCO/W3diFG96pZlgk2vm2YEHHAWtcauMngJ6HubMDcG
Bike4V9o+GGYr4fkvl6II+wKegs4ELRAjHgmXo7LZZpPjubmt5kz0L7BzVGGvck+
hXvtSdkezXzhLWufk1w2PA9uYPHnVumClphPyEvZM2okNDd6xRj9oH4/lsAwsPKZ
VfTrgSEwaFk4BiVf2OZoSCkBJljm3nzU1L5BSfqIM1oNhRM2TbctTcfNsReKyuYI
WI4jySIp4IudQOyS5DYYkJoXtfhw5ABVwZaAUP9eE7MdYO78BSiXZCVmFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJBwy+POwROLgR8mVF0+hOjZF/CXMB8GA1UdIwQY
MBaAFE3h03HNnyahH7ZJRmdMMZdffC7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGVIVGNjMmZKcUVmdGtsR1owd3hsMTk4THQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8wNjFmMjMtNGZiOC00NjM2LWI4NzQt
NWU0MmEzZjY2ZjMyLzEva0hETDQ4N0JFNHVCSHlaVVhUNkU2TmtYOEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8wNjFmMjMtNGZiOC00NjM2LWI4NzQtNWU0MmEzZjY2ZjMy
LzEvVGVIVGNjMmZKcUVmdGtsR1owd3hsMTk4THQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuedcMA0G
CSqGSIb3DQEBCwUAA4IBAQCUmxMUlw4ZJdIGGTfFVDLorc3AcSuM175RIwhxOvSU
S7M0K3+EXPhjev1sOea91h3ujJSATTL8qIG/YUpcy347ht4YNYNBl4pThc4CSji2
EwaogS0fKPntN8GRnq6Jmqun/vHDlF0+voCc9QzGwHhpRMgHJUHadBS91e0JEchP
R3TKT7nU8Yy8lkoxC1i5mvPoqIW2vkRdf3rLZ+RtlTs4D7/bwDjYTVO5YWiP8Pze
f56M8FDeiCt6gplQ4I/SnUMSoVi2gcCrviGoPhs5Lo5EWofhYb8igYKKhd2fFTx0
h25OON/SuaojkARLU++reD3SOJU1eSZw6l8xMv9lmFxu
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:48 2025 by rpki-client