Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/KPepsoVDhvSpmY9KhunFXvej4V4.roa
File: KPepsoVDhvSpmY9KhunFXvej4V4.roa (raw, json)
Hash identifier: VwLAg2B1ESsgEEHPELti3bjwd2g445eAkwb5IVvG+GA=
Subject key identifier: 28:F7:A9:B2:85:43:86:F4:A9:99:8F:4A:86:E9:C5:5E:F7:A3:E1:5E
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018A17DF23665166B17EC17B13CC39908179
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/KPepsoVDhvSpmY9KhunFXvej4V4.roa
Signing time: Mon 21 Aug 2023 11:33:34 +0000
ROA not before: Mon 21 Aug 2023 11:33:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57829
IP address blocks: 195.78.37.0/24 maxlen: 24
185.114.104.0/22 maxlen: 24
185.56.212.0/22 maxlen: 24
81.201.208.0/20 maxlen: 24
45.137.208.0/22 maxlen: 24
2a00:e900::/29 maxlen: 48
2a01:4400::/32 maxlen: 48
2a02:5120::/32 maxlen: 48
2a0b:fd82::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:df:23:66:51:66:b1:7e:c1:7b:13:cc:39:90:81:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Aug 21 11:33:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28f7a9b2854386f4a9998f4a86e9c55ef7a3e15e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f3:39:47:20:10:67:55:8a:5f:16:30:11:b2:
b6:d1:4e:54:93:c3:28:0a:aa:22:ef:68:fe:45:b6:
bc:08:b4:7f:62:f3:6f:31:dc:ca:87:94:53:c9:95:
d4:71:b9:52:22:a7:85:6c:27:1d:fa:1a:7b:c1:a5:
e7:c9:98:01:8f:f1:d9:5a:60:2d:28:42:aa:82:69:
58:1c:b8:dc:6b:b1:e9:e9:5a:8f:6b:84:f3:7a:c0:
7a:89:80:61:8e:68:c5:c4:01:96:20:84:5f:c5:dd:
84:e9:02:3a:61:e4:d8:79:08:64:e5:8f:42:cd:c3:
73:2d:7f:b6:aa:5e:b6:90:8c:5f:b4:6f:f0:92:1f:
54:87:50:3d:21:3a:4d:46:fb:9b:89:01:f3:4f:95:
b3:d6:a7:87:1c:de:8e:c1:70:aa:1e:62:b5:38:30:
08:9d:9b:63:39:2f:7a:3c:71:d0:e5:f2:f1:61:9e:
27:73:9f:8c:f8:2b:b8:56:d8:d0:20:5a:41:84:d1:
84:2f:c0:b5:29:d1:c4:60:81:e6:39:4a:12:3f:ae:
94:11:a1:ed:55:16:ee:fc:57:b5:ea:c9:ce:19:f6:
76:65:95:79:76:87:8b:2c:c1:2b:15:3a:67:34:67:
86:8e:2b:81:1e:e3:42:91:23:ba:d5:8b:a0:29:3d:
3a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F7:A9:B2:85:43:86:F4:A9:99:8F:4A:86:E9:C5:5E:F7:A3:E1:5E
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/KPepsoVDhvSpmY9KhunFXvej4V4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.208.0/22
81.201.208.0/20
185.56.212.0/22
185.114.104.0/22
195.78.37.0/24
IPv6:
2a00:e900::/29
2a01:4400::/32
2a02:5120::/32
2a0b:fd82::/32
Signature Algorithm: sha256WithRSAEncryption
2c:56:cd:9b:07:63:c5:c7:02:d8:d9:45:67:e6:9f:da:4d:18:
26:b9:ff:15:0b:bf:a5:e6:dc:25:9e:9e:ac:40:4e:2f:69:48:
e4:d7:d2:0f:c1:7d:a2:25:ba:e5:b8:30:95:de:52:7a:07:b7:
3c:55:a4:11:3f:5f:a4:9d:a3:1b:ff:20:df:36:28:a4:74:e1:
aa:2b:c3:cf:fd:ba:be:69:1c:44:94:a3:8f:75:bf:07:3e:52:
bc:e9:d1:f1:9d:fb:54:24:f8:4b:91:91:a0:f8:52:51:c3:5a:
92:54:42:e8:bf:d6:bd:48:2a:2c:52:84:db:59:d9:a3:f0:91:
c1:9e:60:cb:3e:98:5f:1a:54:08:64:bb:2d:99:12:37:4a:bd:
3f:1f:13:81:30:52:bf:bb:0e:44:64:58:a7:75:1c:12:ea:1b:
c7:06:e3:a5:77:7a:4b:24:29:44:6d:3b:07:45:86:0f:e0:0c:
9a:a5:5e:2c:d6:8c:3f:94:5e:ec:69:69:56:f6:ed:69:34:94:
c2:36:b3:eb:c4:b0:a3:b9:81:30:03:2b:e7:8c:91:41:2c:d1:
f8:f9:f8:d8:2b:f0:b6:4b:37:d6:87:87:d6:35:a8:87:61:b4:
bb:9d:99:e7:bf:0a:b3:c9:36:27:ab:83:28:2e:68:91:dc:f2:
cc:9c:8f:8a
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYoX3yNmUWaxfsF7E8w5kIF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjMwODIxMTEzMzM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGY3YTliMjg1NDM4NmY0YTk5OThmNGE4NmU5YzU1ZWY3YTNlMTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofM5RyAQZ1WKXxYwEbK20U5Uk8Mo
Cqoi72j+Rba8CLR/YvNvMdzKh5RTyZXUcblSIqeFbCcd+hp7waXnyZgBj/HZWmAt
KEKqgmlYHLjca7Hp6VqPa4TzesB6iYBhjmjFxAGWIIRfxd2E6QI6YeTYeQhk5Y9C
zcNzLX+2ql62kIxftG/wkh9Uh1A9ITpNRvubiQHzT5Wz1qeHHN6OwXCqHmK1ODAI
nZtjOS96PHHQ5fLxYZ4nc5+M+Cu4VtjQIFpBhNGEL8C1KdHEYIHmOUoSP66UEaHt
VRbu/Fe16snOGfZ2ZZV5doeLLMErFTpnNGeGjiuBHuNCkSO61YugKT06zwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFCj3qbKFQ4b0qZmPSobpxV73o+FeMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvS1BlcHNvVkRodlNwbVk5S2h1bkZYdmVqNFY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAkBAIAATAeAwQCLYnQAwQE
UcnQAwQCuTjUAwQCuXJoAwQAw04lMCIEAgACMBwDBQMqAOkAAwUAKgFEAAMFACoC
USADBQAqC/2CMA0GCSqGSIb3DQEBCwUAA4IBAQAsVs2bB2PFxwLY2UVn5p/aTRgm
uf8VC7+l5twlnp6sQE4vaUjk19IPwX2iJbrluDCV3lJ6B7c8VaQRP1+knaMb/yDf
NiikdOGqK8PP/bq+aRxElKOPdb8HPlK86dHxnftUJPhLkZGg+FJRw1qSVELov9a9
SCosUoTbWdmj8JHBnmDLPphfGlQIZLstmRI3Sr0/HxOBMFK/uw5EZFindRwS6hvH
BuOld3pLJClEbTsHRYYP4AyapV4s1ow/lF7saWlW9u1pNJTCNrPrxLCjuYEwAyvn
jJFBLNH4+fjYK/C2SzfWh4fWNaiHYbS7nZnnvwqzyTYnq4MoLmiR3PLMnI+K
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:51 2025 by rpki-client