Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/KC_EeWNN55MeV3GCrW5YxnvWLtc.roa
File: KC_EeWNN55MeV3GCrW5YxnvWLtc.roa (raw, json)
Hash identifier: LPaM2bKfXDB4FkCNbKgcRT00z/mHKROIlw1gkPAZlwc=
Subject key identifier: 28:2F:C4:79:63:4D:E7:93:1E:57:71:82:AD:6E:58:C6:7B:D6:2E:D7
Certificate issuer: /CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Certificate serial: 08B08EA2
Authority key identifier: 3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/KC_EeWNN55MeV3GCrW5YxnvWLtc.roa
Signing time: Sat 01 Jan 2022 15:05:17 +0000
ROA not before: Sat 01 Jan 2022 15:05:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51255
IP address blocks: 45.9.194.0/24 maxlen: 27
2a0e:1101::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145788578 (0x8b08ea2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Validity
Not Before: Jan 1 15:05:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=282fc479634de7931e577182ad6e58c67bd62ed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:cd:21:5c:5a:44:16:45:7a:87:27:cf:7c:ca:
69:0b:86:59:4a:a3:80:40:32:c2:4f:30:71:bd:12:
26:76:99:94:83:75:f0:ed:e8:df:0b:73:c2:63:73:
9d:8b:f6:ab:4d:4f:f3:a0:80:f1:37:9f:15:03:2f:
bf:d6:00:f5:fd:8e:7d:fc:87:42:99:85:1c:a9:6c:
cf:64:98:59:de:68:44:ae:e0:c0:db:88:6a:8d:ba:
e7:5b:7a:49:ea:e4:da:4f:ea:0f:52:86:b1:b8:88:
c6:7c:7d:55:5e:c0:bd:17:0e:79:5f:83:17:49:03:
6b:f1:9d:fe:ba:e6:fb:ca:96:1b:97:9f:16:b9:9d:
77:02:1c:fd:cd:87:cf:97:74:d4:68:2a:90:a9:be:
ff:ba:89:bc:7d:40:ae:4d:dc:99:cd:23:12:ab:0d:
90:01:1b:db:74:c0:59:3b:ce:7a:72:5b:d8:24:4c:
b1:b7:e9:3b:62:c4:51:b5:38:58:13:e0:4d:38:e5:
03:b8:e7:7d:3c:48:6f:9f:91:60:b0:65:e1:f1:f0:
21:46:12:ff:4e:2d:91:50:42:55:8a:59:99:7a:4e:
10:3a:22:a9:be:8b:05:54:27:30:c0:67:08:3e:70:
a2:01:cb:7a:1c:bf:31:fb:f6:8b:01:68:01:8c:fc:
5d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:2F:C4:79:63:4D:E7:93:1E:57:71:82:AD:6E:58:C6:7B:D6:2E:D7
X509v3 Authority Key Identifier:
keyid:3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/KC_EeWNN55MeV3GCrW5YxnvWLtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.194.0/24
IPv6:
2a0e:1101::/44
Signature Algorithm: sha256WithRSAEncryption
aa:e9:7c:3e:a0:a4:3e:93:cd:64:1b:b8:8a:f7:f5:7c:86:01:
86:52:35:83:d9:64:ca:68:db:16:e6:e6:f8:d4:8f:15:df:43:
3d:6d:bc:41:72:4f:e3:ca:9a:b9:80:86:bd:c9:1e:32:78:2e:
94:7b:53:d1:bf:58:a0:01:0c:70:5e:e3:1e:20:a0:71:55:1b:
a2:92:25:85:e2:b2:38:08:17:3f:c2:e7:4a:22:37:4d:9b:9e:
5f:93:b9:2b:02:0c:0f:8d:aa:07:51:72:d6:63:4c:ee:e9:b0:
64:7e:53:66:b2:09:62:93:46:c5:8f:37:2b:b3:ed:ac:88:40:
0f:a7:fe:15:b6:03:32:ac:41:c7:cf:b9:1f:7d:f3:87:15:9c:
31:40:e7:eb:fe:4a:59:48:68:b9:c5:d3:29:bb:dc:cf:69:14:
fa:15:a2:87:96:1f:60:30:02:0e:87:f6:fe:36:b5:31:9a:8d:
36:df:89:3e:13:16:70:e4:42:d8:db:b5:dd:15:a1:04:75:49:
0c:06:a4:0c:36:31:51:6e:e6:15:15:65:da:b3:63:e6:52:66:
24:09:43:80:26:b8:8b:e2:fc:39:0f:25:94:3b:61:8e:15:4f:
21:88:3a:22:8a:47:88:17:7f:2e:40:5d:29:a2:b5:e8:f9:80:
d0:10:93:3b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECLCOojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWNhNTA4NThhMTg1NmZmYTAyZTkxMzU2ZjE0MjM2ZTdjMzhiODVhMB4XDTIyMDEw
MTE1MDUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjgyZmM0Nzk2MzRk
ZTc5MzFlNTc3MTgyYWQ2ZTU4YzY3YmQ2MmVkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO3NIVxaRBZFeocnz3zKaQuGWUqjgEAywk8wcb0SJnaZlIN1
8O3o3wtzwmNznYv2q01P86CA8TefFQMvv9YA9f2OffyHQpmFHKlsz2SYWd5oRK7g
wNuIao2651t6Serk2k/qD1KGsbiIxnx9VV7AvRcOeV+DF0kDa/Gd/rrm+8qWG5ef
FrmddwIc/c2Hz5d01GgqkKm+/7qJvH1Ark3cmc0jEqsNkAEb23TAWTvOenJb2CRM
sbfpO2LEUbU4WBPgTTjlA7jnfTxIb5+RYLBl4fHwIUYS/04tkVBCVYpZmXpOEDoi
qb6LBVQnMMBnCD5wogHLehy/Mfv2iwFoAYz8XbsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQoL8R5Y03nkx5XcYKtbljGe9Yu1zAfBgNVHSMEGDAWgBQ6ylCFihhW/6Au
kTVvFCNufDi4WjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09zcFFoWW9ZVnYtZ0xwRTFieFFqYm53NHVGby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMTJiOTM3LTg5MGQtNDdiNS1hMDQxLTMzMWQ3ZmM3N2JkNC8x
L0tDX0VlV05ONTVNZVYzR0NyVzVZeG52V0x0Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MTJiOTM3LTg5MGQtNDdiNS1hMDQxLTMzMWQ3ZmM3N2JkNC8xL09zcFFoWW9ZVnYt
Z0xwRTFieFFqYm53NHVGby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAC0JwjAPBAIAAjAJAwcEKg4RAQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCq6Xw+oKQ+k81kG7iK9/V8hgGGUjWD2WTKaNsW
5ub41I8V30M9bbxBck/jypq5gIa9yR4yeC6Ue1PRv1igAQxwXuMeIKBxVRuikiWF
4rI4CBc/wudKIjdNm55fk7krAgwPjaoHUXLWY0zu6bBkflNmsglik0bFjzcrs+2s
iEAPp/4VtgMyrEHHz7kfffOHFZwxQOfr/kpZSGi5xdMpu9zPaRT6FaKHlh9gMAIO
h/b+NrUxmo0234k+ExZw5ELY27XdFaEEdUkMBqQMNjFRbuYVFWXas2PmUmYkCUOA
JriL4vw5DyWUO2GOFU8hiDoiikeIF38uQF0porXo+YDQEJM7
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:00:47 2025 by rpki-client