Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/KlWkgse3Q3kL3TeDEPyUOOla0vc.roa
File: KlWkgse3Q3kL3TeDEPyUOOla0vc.roa (raw, json)
Hash identifier: PNY0EC4ajtpF9gx1mXfM9Gvxph1C11kfyg2R41W53k0=
Subject key identifier: 2A:55:A4:82:C7:B7:43:79:0B:DD:37:83:10:FC:94:38:E9:5A:D2:F7
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018A026892F1A86F397AAA7CA226B7D69229
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/KlWkgse3Q3kL3TeDEPyUOOla0vc.roa
Signing time: Thu 17 Aug 2023 07:32:02 +0000
ROA not before: Thu 17 Aug 2023 07:32:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41175
IP address blocks: 185.114.104.0/22 maxlen: 24
81.201.208.0/20 maxlen: 24
2a00:e900::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:02:68:92:f1:a8:6f:39:7a:aa:7c:a2:26:b7:d6:92:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Aug 17 07:32:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a55a482c7b743790bdd378310fc9438e95ad2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d7:b2:08:20:ff:53:80:cb:4f:eb:55:b6:3d:
d0:74:3c:c6:e0:1b:9d:a1:1f:8d:66:6c:5a:2f:d5:
b5:ff:cc:05:bc:24:1f:a5:01:34:29:d2:d8:14:1e:
6d:27:68:b6:09:10:1c:d9:38:ba:30:62:92:51:9e:
e1:1b:89:07:9d:4f:ee:6c:57:88:4c:97:03:a0:95:
b6:b9:0b:4a:c5:84:6f:aa:df:30:7a:f8:52:2a:e4:
d7:3a:75:14:13:52:b9:4a:eb:28:34:45:3b:32:34:
23:96:6d:fb:df:af:8a:7b:ed:84:1b:57:38:82:73:
35:85:93:e1:55:a8:c8:4f:be:13:78:67:6c:72:eb:
79:21:9a:64:0a:bf:c5:88:77:2c:01:ea:5e:fb:95:
89:e3:b6:ad:87:ce:8b:cf:bc:79:e9:32:d1:bc:c6:
bf:1a:a4:67:4a:0d:2e:bf:23:3f:b4:bc:66:21:79:
ff:0a:79:00:87:8c:4a:0c:8f:ef:7f:0a:13:65:ed:
56:5b:b8:f2:f4:eb:13:a7:ba:f8:cf:dc:e4:2f:6c:
b8:6f:38:c7:94:e8:a1:b7:46:c6:3e:3b:52:3c:a6:
93:04:eb:ed:88:5f:20:db:18:8a:b6:70:39:bc:2b:
aa:ce:b5:2e:3d:fc:5a:7e:4c:03:07:a7:df:e8:4d:
45:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:55:A4:82:C7:B7:43:79:0B:DD:37:83:10:FC:94:38:E9:5A:D2:F7
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/KlWkgse3Q3kL3TeDEPyUOOla0vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.201.208.0/20
185.114.104.0/22
IPv6:
2a00:e900::/29
Signature Algorithm: sha256WithRSAEncryption
50:a7:a3:c0:08:13:2e:8a:45:85:ea:2f:90:ab:42:c0:98:a3:
92:14:d6:96:80:da:54:ad:2a:54:b4:4e:64:21:f2:a7:8f:e3:
ca:25:19:26:37:a1:1c:88:7c:5d:9f:0a:eb:61:15:62:ce:ca:
0b:8f:36:45:24:0f:81:a5:dc:73:81:b0:ab:3f:61:94:61:ec:
dd:4f:41:d6:b2:aa:60:b5:95:56:b9:10:86:ae:86:56:08:c0:
d2:71:57:9a:d1:26:98:aa:54:20:a4:d8:a7:6e:b6:ed:3a:bc:
9d:71:64:44:c2:1d:a4:e8:c7:25:17:31:90:07:e0:7d:0b:49:
20:00:5f:0f:37:31:56:7d:43:65:4c:27:36:29:9f:c7:93:8f:
63:bf:8f:63:95:d5:80:0e:78:40:1d:c2:89:f0:65:9e:40:28:
9f:62:cf:6b:76:96:22:9a:37:86:e1:cd:d1:d6:0e:f5:77:a2:
ad:b7:35:3e:f5:75:cd:13:0a:15:d3:da:43:4f:5f:23:37:e5:
58:a1:6e:a2:99:bd:f7:ee:e4:5e:d4:b8:03:16:5d:44:77:ff:
8d:25:24:9b:e0:2b:4e:8f:a0:e5:f8:2b:7a:a2:f0:9f:ce:2c:
ee:d1:e4:4c:63:5c:d1:ba:68:d9:d2:0a:06:2d:20:5b:b8:cd:
85:51:3b:dd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYoCaJLxqG85eqp8oia31pIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjMwODE3MDczMjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTU1YTQ4MmM3Yjc0Mzc5MGJkZDM3ODMxMGZjOTQzOGU5NWFkMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNeyCCD/U4DLT+tVtj3QdDzG4Bud
oR+NZmxaL9W1/8wFvCQfpQE0KdLYFB5tJ2i2CRAc2Ti6MGKSUZ7hG4kHnU/ubFeI
TJcDoJW2uQtKxYRvqt8wevhSKuTXOnUUE1K5SusoNEU7MjQjlm3736+Ke+2EG1c4
gnM1hZPhVajIT74TeGdscut5IZpkCr/FiHcsAepe+5WJ47ath86Lz7x56TLRvMa/
GqRnSg0uvyM/tLxmIXn/CnkAh4xKDI/vfwoTZe1WW7jy9OsTp7r4z9zkL2y4bzjH
lOiht0bGPjtSPKaTBOvtiF8g2xiKtnA5vCuqzrUuPfxafkwDB6ff6E1FiQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCpVpILHt0N5C903gxD8lDjpWtL3MB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvS2xXa2dzZTNRM2tMM1RlREVQeVVPT2xhMHZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUcnQAwQC
uXJoMA0EAgACMAcDBQMqAOkAMA0GCSqGSIb3DQEBCwUAA4IBAQBQp6PACBMuikWF
6i+Qq0LAmKOSFNaWgNpUrSpUtE5kIfKnj+PKJRkmN6EciHxdnwrrYRVizsoLjzZF
JA+BpdxzgbCrP2GUYezdT0HWsqpgtZVWuRCGroZWCMDScVea0SaYqlQgpNinbrbt
OrydcWREwh2k6MclFzGQB+B9C0kgAF8PNzFWfUNlTCc2KZ/Hk49jv49jldWADnhA
HcKJ8GWeQCifYs9rdpYimjeG4c3R1g71d6KttzU+9XXNEwoV09pDT18jN+VYoW6i
mb337uRe1LgDFl1Ed/+NJSSb4CtOj6Dl+Ct6ovCfzizu0eRMY1zRumjZ0goGLSBb
uM2FUTvd
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:30:43 2025 by rpki-client