Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/kwELH7hsiuvsMwsQXvrovi9zxb8.roa
File: kwELH7hsiuvsMwsQXvrovi9zxb8.roa (raw, json)
Hash identifier: UJwKkrjxPqcEd58FLnykdnWb/QoraNe/hRyqvqSdHaQ=
Subject key identifier: 93:01:0B:1F:B8:6C:8A:EB:EC:33:0B:10:5E:FA:E8:BE:2F:73:C5:BF
Certificate issuer: /CN=42b4c79a22a3fe987ef31908cd44ff81e9b1acf4
Certificate serial: 0183C119438BB752D9C51BE656DD63DDBB8E
Authority key identifier: 42:B4:C7:9A:22:A3:FE:98:7E:F3:19:08:CD:44:FF:81:E9:B1:AC:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QrTHmiKj_ph-8xkIzUT_gemxrPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/kwELH7hsiuvsMwsQXvrovi9zxb8.roa
Signing time: Mon 10 Oct 2022 08:53:21 +0000
ROA not before: Mon 10 Oct 2022 08:53:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48293
IP address blocks: 91.194.246.0/24 maxlen: 24
91.194.246.0/23 maxlen: 23
91.194.247.0/24 maxlen: 24
94.228.192.0/20 maxlen: 20
94.228.192.0/24 maxlen: 24
94.228.194.0/24 maxlen: 24
94.228.196.0/24 maxlen: 24
94.228.195.0/24 maxlen: 24
94.228.193.0/24 maxlen: 24
94.228.198.0/24 maxlen: 24
94.228.197.0/24 maxlen: 24
94.228.199.0/24 maxlen: 24
94.228.205.0/24 maxlen: 24
94.228.204.0/24 maxlen: 24
94.228.206.0/24 maxlen: 24
94.228.201.0/24 maxlen: 24
94.228.200.0/24 maxlen: 24
94.228.203.0/24 maxlen: 24
94.228.202.0/24 maxlen: 24
94.228.207.0/24 maxlen: 24
185.108.23.0/24 maxlen: 24
185.108.20.0/22 maxlen: 22
185.108.20.0/25 maxlen: 25
185.108.20.0/24 maxlen: 24
185.108.22.0/24 maxlen: 24
185.108.21.0/24 maxlen: 24
91.212.217.0/24 maxlen: 24
2a06:4180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c1:19:43:8b:b7:52:d9:c5:1b:e6:56:dd:63:dd:bb:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42b4c79a22a3fe987ef31908cd44ff81e9b1acf4
Validity
Not Before: Oct 10 08:53:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93010b1fb86c8aebec330b105efae8be2f73c5bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b4:36:c9:a3:90:a5:5f:9b:d7:80:27:48:2d:
8e:2a:4a:49:d0:d2:30:d7:93:9d:5b:84:1a:3d:19:
4d:9a:d9:50:9d:d3:c3:b5:f7:b2:43:06:72:1a:48:
6d:8e:6f:42:3b:4b:28:aa:7b:b1:71:4b:0d:73:2d:
55:66:d7:5a:d5:ce:de:74:a6:61:46:9c:08:0f:a5:
10:af:c3:de:50:c8:f8:0d:1a:31:40:3f:69:35:7d:
7f:ab:4e:eb:29:7a:00:fb:bf:2c:da:75:e6:9a:0d:
f2:ba:fc:d1:21:e6:c9:7f:6a:ac:40:d4:33:3b:d1:
3b:05:d0:09:cc:75:d4:95:48:49:9e:dc:64:b5:84:
ce:3c:9b:70:c0:95:91:2a:75:56:c5:3c:8b:3e:24:
94:be:d7:34:31:b5:71:d7:5b:5b:58:3f:ad:8d:d5:
07:c1:98:dc:d5:aa:90:14:64:67:09:43:b2:dd:ec:
23:69:fd:3c:16:e2:50:b6:49:e0:99:50:60:5b:d7:
c2:62:85:ae:58:8b:5a:db:25:b6:12:e6:85:eb:e7:
94:41:f7:1f:c2:9a:16:b1:18:6f:b0:12:04:f1:c5:
06:9d:b3:ab:f3:7e:0d:c7:3f:72:cd:a8:a8:01:2a:
36:0c:df:89:00:77:3f:1d:09:15:b8:8a:1c:88:27:
48:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:01:0B:1F:B8:6C:8A:EB:EC:33:0B:10:5E:FA:E8:BE:2F:73:C5:BF
X509v3 Authority Key Identifier:
keyid:42:B4:C7:9A:22:A3:FE:98:7E:F3:19:08:CD:44:FF:81:E9:B1:AC:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QrTHmiKj_ph-8xkIzUT_gemxrPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/kwELH7hsiuvsMwsQXvrovi9zxb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/4b911c-3d4d-42d5-9234-f288137cb500/1/QrTHmiKj_ph-8xkIzUT_gemxrPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.246.0/23
91.212.217.0/24
94.228.192.0/20
185.108.20.0/22
IPv6:
2a06:4180::/29
Signature Algorithm: sha256WithRSAEncryption
19:72:99:d3:dc:a7:22:a2:3c:a9:8d:30:ef:83:db:05:5e:51:
ae:ef:4f:ef:1b:27:63:1e:c3:68:d5:a6:51:d5:ec:fd:e3:0d:
34:34:67:1f:31:56:24:eb:fa:ff:7a:bb:2a:fa:8a:4e:f7:94:
3f:04:a3:e2:38:94:49:68:4d:c6:10:54:e5:fb:e3:82:70:f4:
f2:45:c4:83:0d:28:11:c3:af:8e:ad:86:b4:23:88:0c:fe:1a:
18:a6:98:cf:e5:ad:d5:69:13:b7:62:f5:ad:45:21:f9:7f:93:
3b:09:db:49:81:dc:e9:33:02:6e:d9:24:36:11:26:6f:09:b9:
6f:bc:0c:81:00:7c:fe:76:f5:26:3f:c7:af:49:95:46:65:e6:
4d:3e:86:aa:01:75:90:dc:63:31:4d:09:31:2b:83:8d:e4:2d:
9f:6f:0c:07:c8:d5:91:65:02:2d:59:72:8f:02:68:82:9f:3e:
81:eb:ca:00:88:57:ae:52:4a:84:f5:56:88:b3:d9:e9:bc:03:
3f:fa:35:53:c8:66:81:85:80:02:90:cd:05:91:c2:a0:57:1d:
fe:71:f2:33:71:c7:f8:b7:ce:2a:8a:85:bb:4e:7b:fb:0e:95:
63:f3:1d:e7:06:56:47:61:87:da:52:8b:e4:e4:8f:83:14:7e:
b7:25:55:30
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYPBGUOLt1LZxRvmVt1j3buOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYjRjNzlhMjJhM2ZlOTg3ZWYzMTkwOGNkNDRmZjgxZTli
MWFjZjQwHhcNMjIxMDEwMDg1MzIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzAxMGIxZmI4NmM4YWViZWMzMzBiMTA1ZWZhZThiZTJmNzNjNWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bQ2yaOQpV+b14AnSC2OKkpJ0NIw
15OdW4QaPRlNmtlQndPDtfeyQwZyGkhtjm9CO0soqnuxcUsNcy1VZtda1c7edKZh
RpwID6UQr8PeUMj4DRoxQD9pNX1/q07rKXoA+78s2nXmmg3yuvzRIebJf2qsQNQz
O9E7BdAJzHXUlUhJntxktYTOPJtwwJWRKnVWxTyLPiSUvtc0MbVx11tbWD+tjdUH
wZjc1aqQFGRnCUOy3ewjaf08FuJQtkngmVBgW9fCYoWuWIta2yW2EuaF6+eUQfcf
wpoWsRhvsBIE8cUGnbOr834Nxz9yzaioASo2DN+JAHc/HQkVuIociCdIIQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJMBCx+4bIrr7DMLEF766L4vc8W/MB8GA1UdIwQY
MBaAFEK0x5oio/6YfvMZCM1E/4Hpsaz0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXJUSG1pS2pfcGgtOHhrSXpVVF9nZW14clBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC80YjkxMWMtM2Q0ZC00MmQ1LTkyMzQt
ZjI4ODEzN2NiNTAwLzEva3dFTEg3aHNpdXZzTXdzUVh2cm92aTl6eGI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC80YjkxMWMtM2Q0ZC00MmQ1LTkyMzQtZjI4ODEzN2NiNTAw
LzEvUXJUSG1pS2pfcGgtOHhrSXpVVF9nZW14clBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW8L2AwQA
W9TZAwQEXuTAAwQCuWwUMA0EAgACMAcDBQMqBkGAMA0GCSqGSIb3DQEBCwUAA4IB
AQAZcpnT3KciojypjTDvg9sFXlGu70/vGydjHsNo1aZR1ez94w00NGcfMVYk6/r/
ersq+opO95Q/BKPiOJRJaE3GEFTl++OCcPTyRcSDDSgRw6+OrYa0I4gM/hoYppjP
5a3VaRO3YvWtRSH5f5M7CdtJgdzpMwJu2SQ2ESZvCblvvAyBAHz+dvUmP8evSZVG
ZeZNPoaqAXWQ3GMxTQkxK4ON5C2fbwwHyNWRZQItWXKPAmiCnz6B68oAiFeuUkqE
9VaIs9npvAM/+jVTyGaBhYACkM0FkcKgVx3+cfIzccf4t84qioW7Tnv7DpVj8x3n
BlZHYYfaUovk5I+DFH63JVUw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:57 2025 by rpki-client