Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/kebwHLBeSeGU_1zBPtR37ZpIvag.roa
File: kebwHLBeSeGU_1zBPtR37ZpIvag.roa (raw, json)
Hash identifier: d6d9v2Qv19VwbzXG46ETIDzJ2Z6RNCLAAG94Z6bWUmM=
Subject key identifier: 91:E6:F0:1C:B0:5E:49:E1:94:FF:5C:C1:3E:D4:77:ED:9A:48:BD:A8
Certificate issuer: /CN=758e823cf274d3810ce05c1d1bf5eef95cb211dc
Certificate serial: 075C3DA6
Authority key identifier: 75:8E:82:3C:F2:74:D3:81:0C:E0:5C:1D:1B:F5:EE:F9:5C:B2:11:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dY6CPPJ004EM4FwdG_Xu-VyyEdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/kebwHLBeSeGU_1zBPtR37ZpIvag.roa
Signing time: Sat 01 Jan 2022 08:05:59 +0000
ROA not before: Sat 01 Jan 2022 08:05:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39384
IP address blocks: 185.118.112.0/22 maxlen: 24
45.154.64.0/22 maxlen: 24
185.240.248.0/22 maxlen: 24
2a0d:3b80::/29 maxlen: 32
2a03:6420::/32 maxlen: 32
2a0f:c700::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123485606 (0x75c3da6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=758e823cf274d3810ce05c1d1bf5eef95cb211dc
Validity
Not Before: Jan 1 08:05:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91e6f01cb05e49e194ff5cc13ed477ed9a48bda8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e6:4a:df:78:63:b6:9c:7a:95:4e:e3:72:b8:
c9:a4:64:cc:6a:08:38:3f:7f:83:89:6f:0d:bc:2d:
b3:39:7b:23:a2:b7:6d:69:8e:f0:0d:9d:7c:ff:97:
ab:da:e4:ca:b6:7d:4d:69:a2:36:86:95:f3:01:d9:
e4:94:84:da:5e:7a:49:86:57:88:eb:16:ae:de:fa:
a0:ee:6e:c9:3f:38:23:8d:f4:9f:40:db:cf:7e:f4:
07:33:77:07:7e:5a:3f:fa:97:65:b7:5b:32:f0:cc:
0f:86:07:64:fd:1c:d3:57:a5:a4:7d:6b:ef:56:55:
6b:90:c6:82:74:a9:21:75:e9:cb:57:ff:2a:db:d8:
fe:82:96:73:22:33:11:08:6b:dc:54:99:78:69:06:
8c:9b:aa:c5:eb:ac:32:fb:2c:e6:32:55:9b:6f:2a:
ad:b7:2e:1e:ca:a1:46:59:30:f2:96:6e:8c:a3:1e:
fd:6e:0e:6b:9f:4c:48:79:88:71:74:20:b8:bc:a4:
1c:cc:e7:90:e4:4c:35:91:f8:80:35:16:da:f2:41:
03:c6:50:d7:e1:23:d3:76:ff:0e:95:7c:22:8e:0d:
64:eb:1b:ef:8b:19:ea:a0:a5:5d:25:90:51:e2:cb:
a1:ea:40:36:6f:59:43:20:3d:c5:12:6e:2a:2a:43:
b2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E6:F0:1C:B0:5E:49:E1:94:FF:5C:C1:3E:D4:77:ED:9A:48:BD:A8
X509v3 Authority Key Identifier:
keyid:75:8E:82:3C:F2:74:D3:81:0C:E0:5C:1D:1B:F5:EE:F9:5C:B2:11:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dY6CPPJ004EM4FwdG_Xu-VyyEdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/kebwHLBeSeGU_1zBPtR37ZpIvag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/dY6CPPJ004EM4FwdG_Xu-VyyEdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.64.0/22
185.118.112.0/22
185.240.248.0/22
IPv6:
2a03:6420::/32
2a0d:3b80::/29
2a0f:c700::/29
Signature Algorithm: sha256WithRSAEncryption
de:d9:d3:da:74:c4:b2:96:d8:a3:f8:b0:3a:db:2f:ce:03:62:
05:53:2f:55:34:6e:48:f8:df:75:7d:58:14:14:de:42:ea:dd:
bf:09:d7:56:a2:f6:94:e5:eb:9d:27:53:fc:00:9d:8d:10:29:
f1:3f:6a:16:41:92:2a:79:95:73:2f:34:8a:39:c6:8d:0e:e9:
a6:8e:19:19:6a:ff:80:69:80:58:93:e0:66:70:07:68:25:f3:
a9:a2:f2:0d:12:58:8c:c2:8e:10:41:f8:13:95:01:c0:30:cd:
89:bf:28:e9:94:7b:fa:d2:b9:f4:b4:4e:5b:f8:c7:88:1b:4b:
63:2a:c6:e9:97:7f:a9:0b:65:a0:62:f4:ce:c8:a2:eb:df:76:
ff:91:dc:4b:11:31:1d:81:ce:2c:f7:9d:18:fd:31:4e:75:bd:
ad:ee:40:77:1c:ed:85:69:6a:cb:1c:74:9c:45:5b:cc:c3:3c:
20:7c:ef:bd:d8:15:de:d8:61:32:55:e4:16:33:cd:77:b4:50:
78:ec:3f:a2:fe:93:3d:84:5f:3c:cf:d2:74:c4:bb:06:69:1f:
bc:e8:fd:c7:ec:c4:12:ff:4f:69:39:5a:c1:ad:cc:95:e7:39:
95:cd:06:3b:4e:41:79:b5:52:f1:85:79:56:28:ea:39:f9:1b:
d5:27:9e:10
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEB1w9pjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NThlODIzY2YyNzRkMzgxMGNlMDVjMWQxYmY1ZWVmOTVjYjIxMWRjMB4XDTIyMDEw
MTA4MDU1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFlNmYwMWNiMDVl
NDllMTk0ZmY1Y2MxM2VkNDc3ZWQ5YTQ4YmRhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHmSt94Y7acepVO43K4yaRkzGoIOD9/g4lvDbwtszl7I6K3
bWmO8A2dfP+Xq9rkyrZ9TWmiNoaV8wHZ5JSE2l56SYZXiOsWrt76oO5uyT84I430
n0Dbz370BzN3B35aP/qXZbdbMvDMD4YHZP0c01elpH1r71ZVa5DGgnSpIXXpy1f/
KtvY/oKWcyIzEQhr3FSZeGkGjJuqxeusMvss5jJVm28qrbcuHsqhRlkw8pZujKMe
/W4Oa59MSHmIcXQguLykHMznkORMNZH4gDUW2vJBA8ZQ1+Ej03b/DpV8Io4NZOsb
74sZ6qClXSWQUeLLoepANm9ZQyA9xRJuKipDsvsCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBSR5vAcsF5J4ZT/XME+1Hftmki9qDAfBgNVHSMEGDAWgBR1joI88nTTgQzg
XB0b9e75XLIR3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RZNkNQUEowMDRFTTRGd2RHX1h1LVZ5eUVkdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNDNkNjllLWI2OGQtNDE0OS04YjI5LTAzZGI4YjM2ZDMxOS8x
L2tlYndITEJlU2VHVV8xekJQdFIzN1pwSXZhZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NDNkNjllLWI2OGQtNDE0OS04YjI5LTAzZGI4YjM2ZDMxOS8xL2RZNkNQUEowMDRF
TTRGd2RHX1h1LVZ5eUVkdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwGAQCAAEwEgMEAi2aQAMEArl2cAMEArnw+DAbBAIA
AjAVAwUAKgNkIAMFAyoNO4ADBQMqD8cAMA0GCSqGSIb3DQEBCwUAA4IBAQDe2dPa
dMSyltij+LA62y/OA2IFUy9VNG5I+N91fVgUFN5C6t2/CddWovaU5eudJ1P8AJ2N
ECnxP2oWQZIqeZVzLzSKOcaNDummjhkZav+AaYBYk+BmcAdoJfOpovINEliMwo4Q
QfgTlQHAMM2JvyjplHv60rn0tE5b+MeIG0tjKsbpl3+pC2WgYvTOyKLr33b/kdxL
ETEdgc4s950Y/TFOdb2t7kB3HO2FaWrLHHScRVvMwzwgfO+92BXe2GEyVeQWM813
tFB47D+i/pM9hF88z9J0xLsGaR+86P3H7MQS/09pOVrBrcyV5zmVzQY7TkF5tVLx
hXlWKOo5+RvVJ54Q
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:37:58 2025 by rpki-client