Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/KnS4pgk0N2Ez4iksNrFGt6DPkCQ.roa
File: KnS4pgk0N2Ez4iksNrFGt6DPkCQ.roa (raw, json)
Hash identifier: xrLVvEDpJXHfvJagDZeZPIuhWPpWrwdccRiWF8qtgJU=
Subject key identifier: 2A:74:B8:A6:09:34:37:61:33:E2:29:2C:36:B1:46:B7:A0:CF:90:24
Certificate issuer: /CN=dd0b663c45d7bc2724d168485087581e14448fb6
Certificate serial: 01888062B2D609DB2D57527063896607FDD6
Authority key identifier: DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/KnS4pgk0N2Ez4iksNrFGt6DPkCQ.roa
Signing time: Sat 03 Jun 2023 08:32:11 +0000
ROA not before: Sat 03 Jun 2023 08:32:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9051
IP address blocks: 82.112.161.0/26 maxlen: 26
82.112.160.0/21 maxlen: 24
193.227.160.0/19 maxlen: 24
37.209.248.0/21 maxlen: 24
213.175.160.0/19 maxlen: 24
185.124.212.0/22 maxlen: 24
2a06:b540::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:80:62:b2:d6:09:db:2d:57:52:70:63:89:66:07:fd:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd0b663c45d7bc2724d168485087581e14448fb6
Validity
Not Before: Jun 3 08:32:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a74b8a60934376133e2292c36b146b7a0cf9024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:72:f9:d1:12:da:c3:0f:b7:45:25:eb:f2:92:
d1:af:86:b7:66:b3:38:de:44:b9:6c:5b:0f:0a:ad:
5a:47:fa:ea:36:41:99:b2:4d:de:70:a2:cd:fc:ed:
53:eb:58:f8:0f:af:b1:94:a8:e1:5f:af:c0:9d:42:
6e:b3:41:4f:b6:8a:4a:b9:12:a0:e0:ac:81:59:74:
83:83:8c:d7:23:48:46:ab:2d:8f:6e:a0:6e:00:2d:
c1:06:af:0e:67:fd:03:87:bc:ae:1b:d9:fe:14:61:
f5:be:76:61:82:58:06:02:9f:41:0f:af:d1:5f:c6:
a4:f8:2b:d1:5a:73:fd:e5:76:ef:2f:56:8e:8b:3d:
47:7c:aa:ad:2b:14:85:22:83:7a:15:e8:19:8b:a5:
86:9b:1a:f2:02:9d:b6:38:d4:f0:0a:19:88:20:d0:
61:02:77:05:e5:e5:56:fd:b9:55:e4:58:16:b8:18:
79:39:70:e8:4f:be:ac:1b:72:89:8e:64:bd:9d:35:
cd:68:0f:a7:76:36:ca:eb:61:33:b6:2c:c5:81:ff:
ff:1b:fe:db:8d:27:7a:bd:a7:be:49:ba:d8:98:39:
49:ca:0d:fb:ac:a6:94:cf:9e:2c:c1:02:26:1b:8c:
a4:ec:c7:31:d2:92:08:85:f8:71:55:95:97:5b:bd:
e1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:74:B8:A6:09:34:37:61:33:E2:29:2C:36:B1:46:B7:A0:CF:90:24
X509v3 Authority Key Identifier:
keyid:DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/KnS4pgk0N2Ez4iksNrFGt6DPkCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.248.0/21
82.112.160.0/21
185.124.212.0/22
193.227.160.0/19
213.175.160.0/19
IPv6:
2a06:b540::/29
Signature Algorithm: sha256WithRSAEncryption
2b:9c:a5:ec:1e:0b:bb:12:f5:b1:33:93:7c:22:a6:28:ba:b3:
9a:f6:d5:c1:b5:8f:fe:6f:29:fb:39:32:43:f3:6a:75:53:d0:
7b:e6:f0:b6:84:0d:b2:b8:44:56:88:3c:d5:be:69:96:24:8d:
f2:af:59:1f:f7:e2:25:de:60:be:aa:33:06:e3:c4:b0:d2:da:
77:0a:a5:04:3f:5d:62:96:fc:bc:10:e6:a0:b1:ce:cd:f0:1b:
cd:16:08:0b:8a:95:e1:f3:70:55:f7:78:ed:aa:cd:d2:95:ef:
59:4a:7d:19:c8:30:5e:d1:91:8a:68:fb:d4:71:96:c6:ce:70:
f1:8e:8f:e3:bf:bd:58:3d:ae:79:57:0e:17:1f:41:b9:70:2c:
d2:1d:c7:b0:d5:77:0b:f6:ca:71:a9:01:1d:59:9e:aa:ae:29:
8b:31:ed:01:3f:18:1c:5b:a9:d5:21:d5:d6:f8:d5:ce:ae:f2:
9f:27:c8:bd:fa:88:e3:92:a0:28:49:9e:93:05:80:36:21:8e:
b9:67:57:16:97:18:1f:e2:45:8d:d8:26:57:f0:7f:01:78:3f:
df:63:cc:f0:a2:45:21:4d:ab:78:ce:47:4a:11:39:ff:54:c7:
d6:b5:07:5b:03:69:19:09:2a:94:5d:2e:81:91:71:a0:8f:98:
89:10:42:ab
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYiAYrLWCdstV1JwY4lmB/3WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI2NjNjNDVkN2JjMjcyNGQxNjg0ODUwODc1ODFlMTQ0
NDhmYjYwHhcNMjMwNjAzMDgzMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTc0YjhhNjA5MzQzNzYxMzNlMjI5MmMzNmIxNDZiN2EwY2Y5MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nL50RLaww+3RSXr8pLRr4a3ZrM4
3kS5bFsPCq1aR/rqNkGZsk3ecKLN/O1T61j4D6+xlKjhX6/AnUJus0FPtopKuRKg
4KyBWXSDg4zXI0hGqy2PbqBuAC3BBq8OZ/0Dh7yuG9n+FGH1vnZhglgGAp9BD6/R
X8ak+CvRWnP95XbvL1aOiz1HfKqtKxSFIoN6FegZi6WGmxryAp22ONTwChmIINBh
AncF5eVW/blV5FgWuBh5OXDoT76sG3KJjmS9nTXNaA+ndjbK62EztizFgf//G/7b
jSd6vae+SbrYmDlJyg37rKaUz54swQImG4yk7Mcx0pIIhfhxVZWXW73hmwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCp0uKYJNDdhM+IpLDaxRregz5AkMB8GA1UdIwQY
MBaAFN0LZjxF17wnJNFoSFCHWB4URI+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F0bVBFWFh2Q2NrMFdoSVVJZFlIaFJFajdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9lZGMyMzgtNGMwYS00NmVkLWJjMjQt
M2I5ZTNjOGEyZmNhLzEvS25TNHBnazBOMkV6NGlrc05yRkd0NkRQa0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9lZGMyMzgtNGMwYS00NmVkLWJjMjQtM2I5ZTNjOGEyZmNh
LzEvM1F0bVBFWFh2Q2NrMFdoSVVJZFlIaFJFajdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJdH4AwQD
UnCgAwQCuXzUAwQFweOgAwQF1a+gMA0EAgACMAcDBQMqBrVAMA0GCSqGSIb3DQEB
CwUAA4IBAQArnKXsHgu7EvWxM5N8IqYourOa9tXBtY/+byn7OTJD82p1U9B75vC2
hA2yuERWiDzVvmmWJI3yr1kf9+Il3mC+qjMG48Sw0tp3CqUEP11ilvy8EOagsc7N
8BvNFggLipXh83BV93jtqs3Sle9ZSn0ZyDBe0ZGKaPvUcZbGznDxjo/jv71YPa55
Vw4XH0G5cCzSHcew1XcL9spxqQEdWZ6qrimLMe0BPxgcW6nVIdXW+NXOrvKfJ8i9
+ojjkqAoSZ6TBYA2IY65Z1cWlxgf4kWN2CZX8H8BeD/fY8zwokUhTat4zkdKETn/
VMfWtQdbA2kZCSqUXS6BkXGgj5iJEEKr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:09 2025 by rpki-client