Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/kemtnBk0trSYZvgkJwyZ1UsqRI0.roa
File: kemtnBk0trSYZvgkJwyZ1UsqRI0.roa (raw, json)
Hash identifier: XKzrGsohcFxn7ZDiIHNHY1Q55KD44nb3Lx4e7HiqqTY=
Subject key identifier: 91:E9:AD:9C:19:34:B6:B4:98:66:F8:24:27:0C:99:D5:4B:2A:44:8D
Certificate issuer: /CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Certificate serial: 01836917749F19BC354CE2221120DA7C1540
Authority key identifier: 8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/kemtnBk0trSYZvgkJwyZ1UsqRI0.roa
Signing time: Fri 23 Sep 2022 06:44:48 +0000
ROA not before: Fri 23 Sep 2022 06:44:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198440
IP address blocks: 185.102.148.0/22 maxlen: 22
37.48.224.0/24 maxlen: 24
37.48.229.0/24 maxlen: 24
37.48.230.0/24 maxlen: 24
188.74.64.0/19 maxlen: 24
217.168.248.0/21 maxlen: 21
2a05:87c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:69:17:74:9f:19:bc:35:4c:e2:22:11:20:da:7c:15:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Validity
Not Before: Sep 23 06:44:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91e9ad9c1934b6b49866f824270c99d54b2a448d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:25:b0:5e:55:0e:b0:46:69:b4:af:d9:09:41:
8c:11:9b:d7:94:85:dc:f9:d2:96:b6:76:a5:9b:4a:
74:59:57:2f:1c:37:29:ff:b7:af:c6:9a:9e:6d:5e:
9c:c9:9f:60:8d:d3:7d:ea:37:be:27:b2:52:93:48:
0b:77:36:af:6b:50:f5:71:48:f8:70:ee:26:19:62:
b6:3a:41:15:e2:bc:87:6a:5a:f9:17:cd:05:34:5a:
78:87:8f:f6:75:8e:4f:e8:79:fb:1d:ac:c2:65:55:
82:48:7e:5c:39:53:1d:c3:37:8a:67:5d:9d:85:41:
70:41:4d:f6:06:c7:fd:fd:7c:d0:a5:76:5b:73:73:
31:b6:37:d2:a4:5b:2f:d0:3d:47:64:9f:51:c1:12:
a9:5d:4a:5b:1a:f8:c1:a6:71:85:15:80:42:7e:89:
1d:b5:8e:27:85:49:2d:3a:dc:b9:d7:49:f7:de:28:
db:a8:f8:b3:59:94:e8:d6:2e:c4:3f:1f:94:f2:95:
7a:35:13:ee:45:73:e7:ee:51:ac:58:f0:3b:fb:f8:
78:37:d1:fc:43:15:87:f3:13:40:d1:e7:9d:bd:64:
52:e6:bf:40:58:e2:d8:08:57:1f:70:6a:20:49:5d:
bc:c7:9d:0f:ad:da:5d:5a:c5:be:19:c4:fe:85:8e:
d6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E9:AD:9C:19:34:B6:B4:98:66:F8:24:27:0C:99:D5:4B:2A:44:8D
X509v3 Authority Key Identifier:
keyid:8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/kemtnBk0trSYZvgkJwyZ1UsqRI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/jBhqVuqEwTxidoqdF7rhM87fEEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.48.224.0/24
37.48.229.0-37.48.230.255
185.102.148.0/22
188.74.64.0/19
217.168.248.0/21
IPv6:
2a05:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
72:a4:56:5c:66:6d:cb:eb:3f:c0:94:4e:6b:79:85:f5:ba:48:
fe:c1:05:cc:b3:08:59:f7:18:d8:d9:66:a8:32:6a:ed:79:63:
37:33:9e:d7:98:80:c4:a0:0e:10:75:1b:0a:3e:53:2e:14:86:
ff:b8:9a:bb:e6:a6:22:1c:26:34:34:57:28:9e:19:7f:2b:98:
1d:87:95:f9:de:8a:f4:e3:fc:9a:20:aa:66:16:af:f7:50:fe:
73:21:07:b6:c0:cd:64:7f:87:a3:7b:4b:cd:aa:a6:8d:70:dc:
f1:39:65:67:e0:c6:b1:d4:14:b0:e9:63:2c:e5:4b:c6:23:b8:
42:65:77:83:ac:39:08:92:6b:96:04:13:f4:fb:91:2e:57:b1:
ad:72:db:89:cc:bb:ab:78:c3:49:ca:28:e6:e5:9f:b8:68:8a:
66:93:5f:52:35:d8:67:06:c5:63:a4:98:bd:d2:f6:cb:c5:59:
9c:60:6f:5b:7f:8b:fa:22:cc:e5:2a:d3:67:00:3f:4a:f9:af:
11:3a:96:49:2f:db:53:c7:a2:fe:dc:a2:ff:b1:ac:26:ae:1d:
f5:c1:53:69:29:c7:5a:8b:eb:4d:ac:ec:7b:ab:b3:03:28:da:
02:f3:50:b0:9c:4e:b6:e3:2a:8f:fc:e2:3d:cc:bf:50:56:2f:
c6:1c:49:1d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYNpF3SfGbw1TOIiESDafBVAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMTg2YTU2ZWE4NGMxM2M2Mjc2OGE5ZDE3YmFlMTMzY2Vk
ZjEwNDUwHhcNMjIwOTIzMDY0NDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWU5YWQ5YzE5MzRiNmI0OTg2NmY4MjQyNzBjOTlkNTRiMmE0NDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSWwXlUOsEZptK/ZCUGMEZvXlIXc
+dKWtnalm0p0WVcvHDcp/7evxpqebV6cyZ9gjdN96je+J7JSk0gLdzava1D1cUj4
cO4mGWK2OkEV4ryHalr5F80FNFp4h4/2dY5P6Hn7HazCZVWCSH5cOVMdwzeKZ12d
hUFwQU32Bsf9/XzQpXZbc3MxtjfSpFsv0D1HZJ9RwRKpXUpbGvjBpnGFFYBCfokd
tY4nhUktOty510n33ijbqPizWZTo1i7EPx+U8pV6NRPuRXPn7lGsWPA7+/h4N9H8
QxWH8xNA0eedvWRS5r9AWOLYCFcfcGogSV28x50PrdpdWsW+GcT+hY7WLwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJHprZwZNLa0mGb4JCcMmdVLKkSNMB8GA1UdIwQY
MBaAFIwYalbqhME8YnaKnRe64TPO3xBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2Qt
MjA5MmFmNjQ3MDcwLzEva2VtdG5CazB0clNZWnZna0p3eVoxVXNxUkkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2QtMjA5MmFmNjQ3MDcw
LzEvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQAJTDgMAwD
BAAlMOUDBAAlMOYDBAK5ZpQDBAW8SkADBAPZqPgwDQQCAAIwBwMFAyoFh8AwDQYJ
KoZIhvcNAQELBQADggEBAHKkVlxmbcvrP8CUTmt5hfW6SP7BBcyzCFn3GNjZZqgy
au15YzcznteYgMSgDhB1Gwo+Uy4Uhv+4mrvmpiIcJjQ0VyieGX8rmB2HlfneivTj
/JogqmYWr/dQ/nMhB7bAzWR/h6N7S82qpo1w3PE5ZWfgxrHUFLDpYyzlS8YjuEJl
d4OsOQiSa5YEE/T7kS5Xsa1y24nMu6t4w0nKKObln7hoimaTX1I12GcGxWOkmL3S
9svFWZxgb1t/i/oizOUq02cAP0r5rxE6lkkv21PHov7cov+xrCauHfXBU2kpx1qL
602s7HurswMo2gLzULCcTrbjKo/84j3Mv1BWL8YcSR0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:00 2025 by rpki-client