Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/KV4uWbm1U1BpLbd-342XRCoHs88.roa
File: KV4uWbm1U1BpLbd-342XRCoHs88.roa (raw, json)
Hash identifier: 5haU/Ke2yyFYULgQQ9ul+yyY9+BiKqkHjgAS0+7hYwE=
Subject key identifier: 29:5E:2E:59:B9:B5:53:50:69:2D:B7:7E:DF:8D:97:44:2A:07:B3:CF
Certificate issuer: /CN=9907c7b89656dd339cb98fb7c2b0371c5926a641
Certificate serial: 0DF03E3B
Authority key identifier: 99:07:C7:B8:96:56:DD:33:9C:B9:8F:B7:C2:B0:37:1C:59:26:A6:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mQfHuJZW3TOcuY-3wrA3HFkmpkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/KV4uWbm1U1BpLbd-342XRCoHs88.roa
Signing time: Sat 01 Jan 2022 10:57:11 +0000
ROA not before: Sat 01 Jan 2022 10:57:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29092
IP address blocks: 195.47.241.0/24 maxlen: 24
193.164.151.0/24 maxlen: 24
195.66.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 233848379 (0xdf03e3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9907c7b89656dd339cb98fb7c2b0371c5926a641
Validity
Not Before: Jan 1 10:57:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=295e2e59b9b55350692db77edf8d97442a07b3cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:57:77:44:46:4c:a1:0b:08:78:50:3f:e3:87:
4b:b2:b8:2d:f8:6f:21:b7:52:c8:ef:9a:30:d6:a1:
66:0a:83:c5:55:c8:5a:a4:f1:73:dc:33:6f:a9:0c:
41:44:ff:50:05:59:21:13:19:bd:bf:e5:d9:d8:d7:
db:74:10:69:e4:c6:b8:93:c4:e5:37:71:81:c7:44:
ad:1d:9a:b7:94:03:41:73:6c:bb:8d:6a:1c:46:e1:
b8:c1:18:13:b5:e5:75:ae:6f:a9:2f:ac:43:22:eb:
a4:a9:0d:1c:e1:dd:24:1d:92:11:36:54:84:65:79:
18:63:87:d2:12:7a:40:b8:77:af:ac:5d:fd:b9:d2:
59:68:23:4f:4d:61:fe:24:ba:fc:a1:3f:40:1c:5b:
7d:7b:a6:2b:59:67:ad:c3:f3:15:95:be:17:c0:1c:
68:cb:d1:c1:e8:66:80:51:f1:a6:b9:77:6b:6a:89:
fb:c1:e3:39:c6:fa:b7:09:d5:c2:0e:b8:3c:7e:33:
31:39:78:c0:16:b8:12:76:00:0f:f4:db:81:8a:83:
a2:8a:6e:55:b2:74:34:31:3a:8e:13:a1:fa:f6:e5:
58:d1:d0:b1:8a:18:91:18:a5:ad:9e:30:c2:9d:f1:
c4:cf:75:5f:a0:6d:57:d3:bd:42:97:bd:3a:2b:30:
83:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5E:2E:59:B9:B5:53:50:69:2D:B7:7E:DF:8D:97:44:2A:07:B3:CF
X509v3 Authority Key Identifier:
keyid:99:07:C7:B8:96:56:DD:33:9C:B9:8F:B7:C2:B0:37:1C:59:26:A6:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mQfHuJZW3TOcuY-3wrA3HFkmpkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/KV4uWbm1U1BpLbd-342XRCoHs88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/mQfHuJZW3TOcuY-3wrA3HFkmpkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.164.151.0/24
195.47.241.0/24
195.66.119.0/24
Signature Algorithm: sha256WithRSAEncryption
72:a1:ec:15:96:96:81:a3:a8:61:31:c3:06:8c:fc:77:56:a2:
8e:8e:a9:6e:4f:dd:dd:b1:03:8d:35:05:73:85:86:da:b8:aa:
7f:7e:d1:c1:3d:d0:36:0c:f4:3f:53:14:51:f5:30:47:f7:1c:
59:7c:a5:2a:84:22:e9:a6:50:01:6b:ea:3e:a8:22:20:a1:01:
23:15:26:12:d9:53:2c:61:2a:7b:b0:2f:50:23:68:5a:b2:e0:
01:ae:f8:0d:e9:1e:c5:7c:40:45:f0:07:1e:2e:61:34:ee:1e:
27:4c:8b:bb:d9:a2:6d:84:ef:49:86:7e:47:76:a0:5f:23:76:
f8:75:bd:1d:d1:aa:85:95:5a:ef:91:a0:bb:7c:5d:75:6c:00:
c2:b5:dc:de:42:96:4e:91:18:ab:8a:e8:0c:18:d4:57:93:a8:
42:fd:8c:a2:a4:3a:9d:9b:5d:5b:bf:d9:13:b0:40:c2:3a:d1:
47:96:e3:1b:d5:37:69:25:18:43:bb:fa:bb:bc:b9:35:57:99:
42:60:1a:10:c8:77:b2:d4:79:e7:e9:8d:10:86:3f:04:a6:bb:
49:b2:60:23:47:d7:d1:b5:1e:eb:c7:1c:a5:ed:1d:5d:5b:08:
8c:cc:fa:f9:df:83:19:9a:21:39:46:37:ef:b1:5e:7c:8e:e6:
90:94:38:54
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDfA+OzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTA3YzdiODk2NTZkZDMzOWNiOThmYjdjMmIwMzcxYzU5MjZhNjQxMB4XDTIyMDEw
MTEwNTcxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk1ZTJlNTliOWI1
NTM1MDY5MmRiNzdlZGY4ZDk3NDQyYTA3YjNjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZXd0RGTKELCHhQP+OHS7K4LfhvIbdSyO+aMNahZgqDxVXI
WqTxc9wzb6kMQUT/UAVZIRMZvb/l2djX23QQaeTGuJPE5TdxgcdErR2at5QDQXNs
u41qHEbhuMEYE7Xlda5vqS+sQyLrpKkNHOHdJB2SETZUhGV5GGOH0hJ6QLh3r6xd
/bnSWWgjT01h/iS6/KE/QBxbfXumK1lnrcPzFZW+F8AcaMvRwehmgFHxprl3a2qJ
+8HjOcb6twnVwg64PH4zMTl4wBa4EnYAD/TbgYqDoopuVbJ0NDE6jhOh+vblWNHQ
sYoYkRilrZ4wwp3xxM91X6BtV9O9Qpe9Oiswg9sCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQpXi5ZubVTUGktt37fjZdEKgezzzAfBgNVHSMEGDAWgBSZB8e4llbdM5y5
j7fCsDccWSamQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21RZkh1SlpXM1RPY3VZLTN3ckEzSEZrbXBrRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvN2RkMjg5LTZjYjUtNDM3MS04NDZjLTkzZGVjNzM1ZjcxNy8x
L0tWNHVXYm0xVTFCcExiZC0zNDJYUkNvSHM4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
N2RkMjg5LTZjYjUtNDM3MS04NDZjLTkzZGVjNzM1ZjcxNy8xL21RZkh1SlpXM1RP
Y3VZLTN3ckEzSEZrbXBrRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMGklwMEAMMv8QMEAMNCdzANBgkq
hkiG9w0BAQsFAAOCAQEAcqHsFZaWgaOoYTHDBoz8d1aijo6pbk/d3bEDjTUFc4WG
2riqf37RwT3QNgz0P1MUUfUwR/ccWXylKoQi6aZQAWvqPqgiIKEBIxUmEtlTLGEq
e7AvUCNoWrLgAa74DekexXxARfAHHi5hNO4eJ0yLu9mibYTvSYZ+R3agXyN2+HW9
HdGqhZVa75Ggu3xddWwAwrXc3kKWTpEYq4roDBjUV5OoQv2MoqQ6nZtdW7/ZE7BA
wjrRR5bjG9U3aSUYQ7v6u7y5NVeZQmAaEMh3stR55+mNEIY/BKa7SbJgI0fX0bUe
68ccpe0dXVsIjMz6+d+DGZohOUY377FefI7mkJQ4VA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 05:14:38 2025 by rpki-client