Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/Ks027x8jn_daeiMlWHrGeHTtrCY.roa
File: Ks027x8jn_daeiMlWHrGeHTtrCY.roa (raw, json)
Hash identifier: XIGvDwjZWG77Z3DWz3MlJ+x9b3t72jX2XWyb/ODiMlo=
Subject key identifier: 2A:CD:36:EF:1F:23:9F:F7:5A:7A:23:25:58:7A:C6:78:74:ED:AC:26
Certificate issuer: /CN=d73492e4d25c3bbd0c5e20c5a85ecb22ec97360a
Certificate serial: 01865BD95DC297C1852A245CFD54AA86FFB5
Authority key identifier: D7:34:92:E4:D2:5C:3B:BD:0C:5E:20:C5:A8:5E:CB:22:EC:97:36:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zSS5NJcO70MXiDFqF7LIuyXNgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/Ks027x8jn_daeiMlWHrGeHTtrCY.roa
Signing time: Thu 16 Feb 2023 20:10:17 +0000
ROA not before: Thu 16 Feb 2023 20:10:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208715
IP address blocks: 37.140.252.0/24 maxlen: 25
194.61.128.0/24 maxlen: 24
194.61.128.0/22 maxlen: 24
194.61.129.0/24 maxlen: 24
185.200.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5b:d9:5d:c2:97:c1:85:2a:24:5c:fd:54:aa:86:ff:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d73492e4d25c3bbd0c5e20c5a85ecb22ec97360a
Validity
Not Before: Feb 16 20:10:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2acd36ef1f239ff75a7a2325587ac67874edac26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:36:1c:5f:99:bc:45:78:f5:ec:bd:cf:20:92:
e6:60:45:d0:ec:0c:5a:93:16:84:d3:91:fa:99:78:
e0:71:dc:ee:ae:b6:4e:af:4b:67:19:d7:9e:87:50:
4c:85:b6:eb:9f:1d:38:e2:bd:00:00:f6:3b:2c:91:
8a:72:66:ca:cb:39:2c:bc:17:2c:3b:aa:43:78:84:
c0:94:95:09:6f:05:7d:69:c9:01:b2:bc:f8:cb:8d:
d5:ff:fa:86:26:89:28:a1:63:a8:a3:25:9f:c6:29:
e8:74:35:6b:2d:3a:0b:87:0a:49:22:a7:cf:0d:b3:
82:fb:f1:d6:f6:29:18:79:aa:11:2b:eb:6e:1c:94:
de:24:ce:35:32:8e:a6:59:a5:81:89:e2:bf:43:78:
f5:26:24:99:b9:42:2e:b5:5a:f1:e8:fe:a6:e9:2b:
8e:fc:75:7b:e1:ee:79:17:f0:09:71:bb:d4:24:84:
1c:f1:cf:a1:17:49:65:d4:69:77:16:2a:2f:03:dc:
bd:c6:96:1d:c9:ae:33:b0:29:d1:92:42:90:f5:da:
9d:c8:ee:6d:cb:da:f6:e9:06:79:5d:ff:27:09:1c:
e2:e3:e9:08:4d:55:41:b1:64:ef:ec:50:f9:b9:93:
5b:fa:a4:5c:ad:ee:83:04:41:ef:05:db:d8:13:59:
57:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CD:36:EF:1F:23:9F:F7:5A:7A:23:25:58:7A:C6:78:74:ED:AC:26
X509v3 Authority Key Identifier:
keyid:D7:34:92:E4:D2:5C:3B:BD:0C:5E:20:C5:A8:5E:CB:22:EC:97:36:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zSS5NJcO70MXiDFqF7LIuyXNgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/Ks027x8jn_daeiMlWHrGeHTtrCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/09aa61-87d7-4f53-9818-dec21eefa38b/1/1zSS5NJcO70MXiDFqF7LIuyXNgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.252.0/24
185.200.132.0/22
194.61.128.0/22
Signature Algorithm: sha256WithRSAEncryption
00:c6:28:31:82:17:59:56:d0:fd:2a:1f:57:39:d2:6a:b0:0b:
9f:76:3a:5d:65:8f:27:62:8b:55:32:d5:ed:12:ef:0c:d1:75:
44:8b:86:61:96:cf:7b:0b:cf:8d:92:4a:91:0c:ba:2a:00:14:
2c:b6:aa:8a:d0:d7:c5:08:b1:46:09:4a:e6:be:1c:a6:1c:53:
94:44:8b:18:9d:d0:85:c4:02:66:30:be:52:c7:05:e0:7a:01:
f4:1f:a1:eb:a2:18:60:26:9b:ec:cc:a7:e8:3c:82:71:05:59:
5f:33:fc:e3:72:fc:2e:7a:4c:f5:c7:c5:97:ca:c6:63:3c:79:
2d:ad:3b:cd:a2:91:e3:a6:81:b5:9b:2e:2a:3a:6c:8e:17:60:
0c:04:e5:f4:50:0a:fe:98:06:6c:e7:73:d6:e5:60:a9:3b:92:
d8:b2:09:90:7d:8a:93:af:82:1f:fa:66:50:35:48:79:5b:b6:
25:ae:04:9a:13:ce:ce:27:72:2c:fc:91:3c:d6:4d:f0:44:de:
b0:74:d1:d4:65:e6:3f:21:3f:68:77:dc:ef:ad:1d:37:50:bc:
d8:21:bc:d6:05:b9:e8:49:27:23:16:a4:88:98:ac:68:d1:80:
a2:16:af:93:92:22:d9:04:6b:54:b4:09:ca:2f:03:52:11:ef:
5a:8e:32:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZb2V3Cl8GFKiRc/VSqhv+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MzQ5MmU0ZDI1YzNiYmQwYzVlMjBjNWE4NWVjYjIyZWM5
NzM2MGEwHhcNMjMwMjE2MjAxMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWNkMzZlZjFmMjM5ZmY3NWE3YTIzMjU1ODdhYzY3ODc0ZWRhYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzYcX5m8RXj17L3PIJLmYEXQ7Axa
kxaE05H6mXjgcdzurrZOr0tnGdeeh1BMhbbrnx044r0AAPY7LJGKcmbKyzksvBcs
O6pDeITAlJUJbwV9ackBsrz4y43V//qGJokooWOooyWfxinodDVrLToLhwpJIqfP
DbOC+/HW9ikYeaoRK+tuHJTeJM41Mo6mWaWBieK/Q3j1JiSZuUIutVrx6P6m6SuO
/HV74e55F/AJcbvUJIQc8c+hF0ll1Gl3FiovA9y9xpYdya4zsCnRkkKQ9dqdyO5t
y9r26QZ5Xf8nCRzi4+kITVVBsWTv7FD5uZNb+qRcre6DBEHvBdvYE1lXxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCrNNu8fI5/3WnojJVh6xnh07awmMB8GA1UdIwQY
MBaAFNc0kuTSXDu9DF4gxaheyyLslzYKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXpTUzVOSmNPNzBNWGlERnFGN0xJdXlYTmdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8wOWFhNjEtODdkNy00ZjUzLTk4MTgt
ZGVjMjFlZWZhMzhiLzEvS3MwMjd4OGpuX2RhZWlNbFdIckdlSFR0ckNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8wOWFhNjEtODdkNy00ZjUzLTk4MTgtZGVjMjFlZWZhMzhi
LzEvMXpTUzVOSmNPNzBNWGlERnFGN0xJdXlYTmdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJYz8AwQC
uciEAwQCwj2AMA0GCSqGSIb3DQEBCwUAA4IBAQAAxigxghdZVtD9Kh9XOdJqsAuf
djpdZY8nYotVMtXtEu8M0XVEi4Zhls97C8+NkkqRDLoqABQstqqK0NfFCLFGCUrm
vhymHFOURIsYndCFxAJmML5SxwXgegH0H6HrohhgJpvszKfoPIJxBVlfM/zjcvwu
ekz1x8WXysZjPHktrTvNopHjpoG1my4qOmyOF2AMBOX0UAr+mAZs53PW5WCpO5LY
sgmQfYqTr4If+mZQNUh5W7YlrgSaE87OJ3Is/JE81k3wRN6wdNHUZeY/IT9od9zv
rR03ULzYIbzWBbnoSScjFqSImKxo0YCiFq+TkiLZBGtUtAnKLwNSEe9ajjLy
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:02:18 2025 by rpki-client