Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/c5ccd8-8f0d-4862-86aa-d979ece93285/1/KKELbdkCjzk1eykD8Yo8jUctsmY.roa
File: KKELbdkCjzk1eykD8Yo8jUctsmY.roa (raw, json)
Hash identifier: iU0zVSxHs8SE25Iwtnv8o7J9zOdEunJgJJBlBWTjt3c=
Subject key identifier: 28:A1:0B:6D:D9:02:8F:39:35:7B:29:03:F1:8A:3C:8D:47:2D:B2:66
Certificate issuer: /CN=4d3b82290c2e8090924a9efd9c517ca14a5c3704
Certificate serial: 01856D38664425471DBB359532EAD336A372
Authority key identifier: 4D:3B:82:29:0C:2E:80:90:92:4A:9E:FD:9C:51:7C:A1:4A:5C:37:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TTuCKQwugJCSSp79nFF8oUpcNwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/c5ccd8-8f0d-4862-86aa-d979ece93285/1/KKELbdkCjzk1eykD8Yo8jUctsmY.roa
Signing time: Sun 01 Jan 2023 12:04:50 +0000
ROA not before: Sun 01 Jan 2023 12:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196733
IP address blocks: 93.89.64.0/21 maxlen: 21
93.89.72.0/21 maxlen: 21
193.109.134.0/23 maxlen: 23
2a01:ad80::/32 maxlen: 32
2a01:ad80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:66:44:25:47:1d:bb:35:95:32:ea:d3:36:a3:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d3b82290c2e8090924a9efd9c517ca14a5c3704
Validity
Not Before: Jan 1 12:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28a10b6dd9028f39357b2903f18a3c8d472db266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:27:48:5f:1a:fe:63:49:49:9e:01:db:55:0d:
e2:e7:66:99:23:6d:c4:98:f1:cb:f2:6b:1c:73:eb:
41:07:27:e5:23:d9:9e:db:2c:ec:15:dd:df:84:e8:
86:09:cb:6c:cf:68:6e:d6:9e:32:48:e6:ae:3a:ab:
13:0d:62:4f:0d:c8:a9:66:93:a9:81:4d:24:c7:85:
45:4a:44:2a:d4:78:a2:82:1f:6c:38:b6:c5:22:2f:
7a:a8:63:13:d0:dc:09:b8:fd:42:e5:83:26:27:bb:
a4:94:58:ad:c4:18:4c:0b:b9:ec:6f:0c:38:3b:a3:
4c:e5:28:7e:47:04:ce:7a:4c:26:14:ac:54:0a:65:
80:29:fd:ad:20:5a:fc:31:12:74:52:21:e5:c7:c5:
ed:5a:9d:98:21:ff:60:15:39:1d:e1:4f:64:a6:3b:
b3:8d:9d:c2:ed:65:ac:9e:d0:1a:c9:32:79:11:88:
c4:39:61:0d:c5:bb:1e:82:78:a5:13:24:ab:2f:14:
d7:f8:b5:05:28:14:bf:35:6a:c1:88:94:13:0e:e9:
ee:0f:eb:df:86:02:5f:49:7d:56:6e:82:16:c2:34:
71:bb:f9:d2:33:d2:41:a1:50:ee:82:6b:f2:19:56:
f6:8b:28:f7:cb:a1:7e:3a:8e:69:06:3a:ea:a0:15:
10:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A1:0B:6D:D9:02:8F:39:35:7B:29:03:F1:8A:3C:8D:47:2D:B2:66
X509v3 Authority Key Identifier:
keyid:4D:3B:82:29:0C:2E:80:90:92:4A:9E:FD:9C:51:7C:A1:4A:5C:37:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TTuCKQwugJCSSp79nFF8oUpcNwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/c5ccd8-8f0d-4862-86aa-d979ece93285/1/KKELbdkCjzk1eykD8Yo8jUctsmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/c5ccd8-8f0d-4862-86aa-d979ece93285/1/TTuCKQwugJCSSp79nFF8oUpcNwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.64.0/20
193.109.134.0/23
IPv6:
2a01:ad80::/32
Signature Algorithm: sha256WithRSAEncryption
40:29:72:29:48:d7:36:9f:bb:53:3d:f8:58:50:78:6d:00:f5:
e3:33:75:f3:9f:9a:5d:26:cb:1a:45:68:db:eb:5f:b9:b1:d8:
8f:d9:33:bb:2a:e7:af:a1:66:c9:31:a1:7d:23:00:25:46:48:
ee:0d:df:8c:1f:10:cc:8e:f0:69:71:64:f4:2a:c7:9d:65:ee:
5d:73:81:f7:e8:df:e0:0b:f4:e4:b8:37:9b:bc:9e:c4:bd:ad:
ce:7a:f2:67:3e:86:85:4e:db:c0:8d:97:29:33:c1:d9:05:4b:
22:f0:b1:32:db:55:57:5f:bd:01:49:1e:aa:a4:7c:d1:e4:72:
21:9e:6f:4b:fd:3b:f8:cf:95:cb:74:3b:bd:1e:a2:db:49:66:
37:a6:58:15:e4:59:14:74:97:e0:c6:31:cf:a4:a5:58:79:7e:
8c:fe:5d:66:cc:84:eb:82:23:96:80:ad:16:35:53:f6:60:70:
2d:85:2f:d9:4c:22:e5:17:a6:49:ab:b4:ef:e5:31:bd:ed:f1:
ef:f5:9d:03:77:aa:b9:ff:49:bf:b6:8a:d2:0a:54:84:12:20:
1d:59:30:6d:a7:ea:fe:b8:0c:08:2f:ac:f1:ff:be:6a:21:0a:
4f:02:2e:c0:7e:7b:eb:01:d1:09:4d:5a:0c:b4:b5:0b:54:14:
13:17:25:27
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtOGZEJUcduzWVMurTNqNyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkM2I4MjI5MGMyZTgwOTA5MjRhOWVmZDljNTE3Y2ExNGE1
YzM3MDQwHhcNMjMwMTAxMTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGExMGI2ZGQ5MDI4ZjM5MzU3YjI5MDNmMThhM2M4ZDQ3MmRiMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSdIXxr+Y0lJngHbVQ3i52aZI23E
mPHL8mscc+tBByflI9me2yzsFd3fhOiGCctsz2hu1p4ySOauOqsTDWJPDcipZpOp
gU0kx4VFSkQq1Hiigh9sOLbFIi96qGMT0NwJuP1C5YMmJ7uklFitxBhMC7nsbww4
O6NM5Sh+RwTOekwmFKxUCmWAKf2tIFr8MRJ0UiHlx8XtWp2YIf9gFTkd4U9kpjuz
jZ3C7WWsntAayTJ5EYjEOWENxbsegnilEySrLxTX+LUFKBS/NWrBiJQTDunuD+vf
hgJfSX1WboIWwjRxu/nSM9JBoVDugmvyGVb2iyj3y6F+Oo5pBjrqoBUQBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCihC23ZAo85NXspA/GKPI1HLbJmMB8GA1UdIwQY
MBaAFE07gikMLoCQkkqe/ZxRfKFKXDcEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFR1Q0tRd3VnSkNTU3A3OW5GRjhvVXBjTndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9jNWNjZDgtOGYwZC00ODYyLTg2YWEt
ZDk3OWVjZTkzMjg1LzEvS0tFTGJka0NqemsxZXlrRDhZbzhqVWN0c21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9jNWNjZDgtOGYwZC00ODYyLTg2YWEtZDk3OWVjZTkzMjg1
LzEvVFR1Q0tRd3VnSkNTU3A3OW5GRjhvVXBjTndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEXVlAAwQB
wW2GMA0EAgACMAcDBQAqAa2AMA0GCSqGSIb3DQEBCwUAA4IBAQBAKXIpSNc2n7tT
PfhYUHhtAPXjM3Xzn5pdJssaRWjb61+5sdiP2TO7KuevoWbJMaF9IwAlRkjuDd+M
HxDMjvBpcWT0KsedZe5dc4H36N/gC/TkuDebvJ7Eva3OevJnPoaFTtvAjZcpM8HZ
BUsi8LEy21VXX70BSR6qpHzR5HIhnm9L/Tv4z5XLdDu9HqLbSWY3plgV5FkUdJfg
xjHPpKVYeX6M/l1mzITrgiOWgK0WNVP2YHAthS/ZTCLlF6ZJq7Tv5TG97fHv9Z0D
d6q5/0m/torSClSEEiAdWTBtp+r+uAwIL6zx/75qIQpPAi7AfnvrAdEJTVoMtLUL
VBQTFyUn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:25 2025 by rpki-client