Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/K4Gt3kglu_xZ7wKEGQFczeLfaek.roa
File: K4Gt3kglu_xZ7wKEGQFczeLfaek.roa (raw, json)
Hash identifier: 8vRZSCyn928pEIcCrHMjB2s+paySY/gviE23bnU8qv8=
Subject key identifier: 2B:81:AD:DE:48:25:BB:FC:59:EF:02:84:19:01:5C:CD:E2:DF:69:E9
Certificate issuer: /CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Certificate serial: 2D982880
Authority key identifier: 9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/K4Gt3kglu_xZ7wKEGQFczeLfaek.roa
Signing time: Sat 01 Jan 2022 04:59:19 +0000
ROA not before: Sat 01 Jan 2022 04:59:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8735
IP address blocks: 193.188.250.0/24 maxlen: 24
194.8.96.0/19 maxlen: 25
194.145.64.0/19 maxlen: 25
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 764946560 (0x2d982880)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Validity
Not Before: Jan 1 04:59:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b81adde4825bbfc59ef028419015ccde2df69e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ff:de:59:43:a6:4d:c4:cb:61:20:1b:97:ae:
3d:88:e8:a7:c3:85:40:e8:80:50:f9:d3:06:ef:e9:
38:92:16:ed:98:b5:1c:44:82:5b:41:ab:c9:d9:e6:
c1:a4:fc:80:3f:68:fd:63:43:c8:2f:0d:b4:e9:79:
bc:b8:03:a1:19:31:b7:72:3e:65:96:56:e6:f6:19:
60:97:99:52:c2:76:06:84:62:bd:8e:f3:8a:2f:b9:
84:52:e8:b1:b8:de:f5:58:d9:85:67:b9:74:8b:40:
b2:2b:10:84:f1:57:ec:09:38:08:73:ca:2a:ad:13:
9f:f3:0b:2c:41:48:43:7b:a7:69:2b:76:ba:81:bd:
23:2e:fb:39:c9:d8:9e:51:b1:7d:98:a4:dc:e4:a5:
5d:e3:0b:f1:1d:0d:95:78:78:a8:22:69:36:56:e9:
d9:77:6c:55:18:9a:3d:bd:e9:cd:3b:66:03:cf:b1:
f7:51:38:57:8b:b9:cd:46:ec:56:a4:74:80:fd:8a:
8b:7f:f3:41:2b:b3:32:8b:4e:41:7d:ad:6f:25:5c:
4f:0f:4b:4a:3a:88:2f:20:84:ab:0d:8a:e0:81:a0:
6e:29:3a:c0:95:c2:ad:93:4a:df:56:c1:83:8d:2e:
54:1e:71:f5:67:8a:80:fe:fd:3f:67:bd:7b:28:00:
dc:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:81:AD:DE:48:25:BB:FC:59:EF:02:84:19:01:5C:CD:E2:DF:69:E9
X509v3 Authority Key Identifier:
keyid:9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/K4Gt3kglu_xZ7wKEGQFczeLfaek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/nV3kkP-HTpaJzs9ybLtOL1H2xzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.188.250.0/24
194.8.96.0/19
194.145.64.0/19
Signature Algorithm: sha256WithRSAEncryption
50:a2:90:4d:db:0c:a6:e1:e9:12:ed:0a:44:6d:87:90:82:15:
c6:2b:3a:2f:5e:4f:9f:81:8e:5a:67:98:40:3b:4e:06:b6:d0:
98:4b:2f:c4:bb:6d:e2:40:15:9d:1a:cf:d1:20:13:02:ad:35:
be:18:33:4e:c1:cc:9b:01:b3:74:80:6e:15:e2:3b:e8:01:45:
c1:29:08:5c:39:b0:01:65:b7:0a:bf:8e:17:5e:b2:16:51:8a:
51:0f:d6:74:71:89:6f:94:a1:de:51:cf:0c:46:bf:8e:cf:f3:
42:8a:3c:99:03:fe:10:d5:ff:1c:01:98:dc:76:6c:f7:af:a8:
d8:fa:f5:7d:28:ae:5c:13:b7:0d:db:86:b6:69:d4:a2:37:7d:
ba:c6:6b:c6:bb:14:9f:36:a3:7d:00:31:40:16:d8:34:38:cd:
a0:fa:c7:a2:8b:ea:90:c8:c8:51:e4:63:95:9c:38:43:48:42:
c8:79:63:51:8f:8b:ba:7f:bc:0e:23:dd:b7:b6:81:e1:ec:0c:
39:4c:f8:1d:bd:17:89:9b:85:8d:38:d9:68:6b:e7:01:f5:20:
04:54:31:40:e0:1c:07:d2:23:9e:35:ef:34:5c:35:b2:02:19:
8b:ff:68:0a:cb:64:09:a2:96:3f:71:4a:82:e5:56:00:6d:da:
c2:0c:ec:96
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIELZgogDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDVkZTQ5MGZmODc0ZTk2ODljZWNmNzI2Y2JiNGUyZjUxZjZjNzMxMB4XDTIyMDEw
MTA0NTkxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmI4MWFkZGU0ODI1
YmJmYzU5ZWYwMjg0MTkwMTVjY2RlMmRmNjllOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALf/3llDpk3Ey2EgG5euPYjop8OFQOiAUPnTBu/pOJIW7Zi1
HESCW0GrydnmwaT8gD9o/WNDyC8NtOl5vLgDoRkxt3I+ZZZW5vYZYJeZUsJ2BoRi
vY7zii+5hFLosbje9VjZhWe5dItAsisQhPFX7Ak4CHPKKq0Tn/MLLEFIQ3unaSt2
uoG9Iy77OcnYnlGxfZik3OSlXeML8R0NlXh4qCJpNlbp2XdsVRiaPb3pzTtmA8+x
91E4V4u5zUbsVqR0gP2Ki3/zQSuzMotOQX2tbyVcTw9LSjqILyCEqw2K4IGgbik6
wJXCrZNK31bBg40uVB5x9WeKgP79P2e9eygA3NMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQrga3eSCW7/FnvAoQZAVzN4t9p6TAfBgNVHSMEGDAWgBSdXeSQ/4dOlonO
z3Jsu04vUfbHMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25WM2trUC1IVHBhSnpzOXliTHRPTDFIMnh6RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNzQ1YmRiLTEwNGItNDljNy05OWQ1LWNlYzMzYmExYmRmNS8x
L0s0R3Qza2dsdV94Wjd3S0VHUUZjemVMZmFlay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NzQ1YmRiLTEwNGItNDljNy05OWQ1LWNlYzMzYmExYmRmNS8xL25WM2trUC1IVHBh
SnpzOXliTHRPTDFIMnh6RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMG8+gMEBcIIYAMEBcKRQDANBgkq
hkiG9w0BAQsFAAOCAQEAUKKQTdsMpuHpEu0KRG2HkIIVxis6L15Pn4GOWmeYQDtO
BrbQmEsvxLtt4kAVnRrP0SATAq01vhgzTsHMmwGzdIBuFeI76AFFwSkIXDmwAWW3
Cr+OF16yFlGKUQ/WdHGJb5Sh3lHPDEa/js/zQoo8mQP+ENX/HAGY3HZs96+o2Pr1
fSiuXBO3DduGtmnUojd9usZrxrsUnzajfQAxQBbYNDjNoPrHoovqkMjIUeRjlZw4
Q0hCyHljUY+Lun+8DiPdt7aB4ewMOUz4Hb0XiZuFjTjZaGvnAfUgBFQxQOAcB9Ij
njXvNFw1sgIZi/9oCstkCaKWP3FKguVWAG3awgzslg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:26 2025 by rpki-client