Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/KX4CqcXNvXmhqmlbRCGexJsZXls.roa
File: KX4CqcXNvXmhqmlbRCGexJsZXls.roa (raw, json)
Hash identifier: vmUlEBD5zuHf5Q0LRrx55av1vmNL3CdnX51PGQ4MAsU=
Subject key identifier: 29:7E:02:A9:C5:CD:BD:79:A1:AA:69:5B:44:21:9E:C4:9B:19:5E:5B
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0186C1E40B4EF9BF593A63466CF02472158A
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/KX4CqcXNvXmhqmlbRCGexJsZXls.roa
Signing time: Wed 08 Mar 2023 15:43:13 +0000
ROA not before: Wed 08 Mar 2023 15:43:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58305
IP address blocks: 198.105.124.0/23 maxlen: 24
45.43.64.0/19 maxlen: 24
45.43.74.0/23 maxlen: 24
45.43.80.0/22 maxlen: 24
198.105.96.0/19 maxlen: 24
198.105.116.0/23 maxlen: 24
155.254.32.0/22 maxlen: 24
155.254.32.0/19 maxlen: 24
155.254.48.0/23 maxlen: 23
155.254.63.0/24 maxlen: 24
155.254.61.0/24 maxlen: 24
107.161.160.0/24 maxlen: 24
107.161.165.0/24 maxlen: 24
107.161.166.0/24 maxlen: 24
107.161.161.0/24 maxlen: 24
107.161.162.0/24 maxlen: 24
107.161.163.0/24 maxlen: 24
107.161.164.0/24 maxlen: 24
107.161.167.0/24 maxlen: 24
107.161.172.0/24 maxlen: 24
107.161.168.0/24 maxlen: 24
107.161.169.0/24 maxlen: 24
107.161.170.0/24 maxlen: 24
107.161.171.0/24 maxlen: 24
107.181.128.0/19 maxlen: 24
162.220.240.0/24 maxlen: 24
162.220.242.0/24 maxlen: 24
162.220.240.0/21 maxlen: 24
162.220.241.0/24 maxlen: 24
113.20.156.0/22 maxlen: 24
107.161.173.0/24 maxlen: 24
162.217.248.0/24 maxlen: 24
162.217.249.0/24 maxlen: 24
162.217.250.0/24 maxlen: 24
162.217.251.0/24 maxlen: 24
2a05:9f40::/29 maxlen: 48
2a07:9944:20::/48 maxlen: 48
2a07:9944:40::/48 maxlen: 48
2a07:9942:39d7::/48 maxlen: 48
2a07:9944:1111::/48 maxlen: 48
2a07:9944:2222::/48 maxlen: 48
2a07:9940::/29 maxlen: 48
2a07:9944:10::/48 maxlen: 48
2a07:9944:30::/48 maxlen: 48
2a02:2ca7:2e::/48 maxlen: 48
2a07:9942:39d6::/48 maxlen: 48
2a02:2ca0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c1:e4:0b:4e:f9:bf:59:3a:63:46:6c:f0:24:72:15:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Mar 8 15:43:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=297e02a9c5cdbd79a1aa695b44219ec49b195e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d5:de:4d:63:cc:d3:60:6f:80:29:bb:61:b5:
47:b9:66:1a:9c:3d:9d:df:72:2e:c8:97:49:65:07:
55:25:74:93:97:be:45:83:6b:ae:a5:c0:25:03:6a:
a1:b3:f5:a8:94:cd:86:21:24:15:85:74:42:fd:d3:
08:f5:e7:43:7b:b4:05:d2:fc:74:84:80:4f:47:15:
89:e6:05:32:04:77:69:07:7d:c7:34:f1:44:33:16:
e3:aa:d3:db:e2:96:31:40:03:8a:6e:e8:2c:c3:ad:
38:8a:51:78:94:6d:af:79:98:8d:b6:90:e9:67:fa:
cb:5e:67:13:9f:77:70:78:43:4b:19:32:31:0c:30:
72:19:27:4c:19:79:ef:56:da:e0:98:06:8e:58:54:
b6:e0:6e:ac:29:e3:29:06:ca:02:c2:70:02:9c:76:
ae:27:34:59:10:7b:86:4a:bb:eb:c9:96:49:ba:d2:
26:c0:a0:59:fa:47:a0:a3:df:95:24:54:a6:bf:fd:
60:a8:30:f7:7c:cb:81:ed:61:78:fb:f8:e9:50:d3:
56:01:85:ce:f8:a2:0b:76:97:32:59:fb:7f:45:ad:
ca:03:c5:a0:03:0f:28:e6:b9:5f:f9:a2:fc:2f:4d:
72:31:5b:84:8e:93:a4:9b:2f:11:9b:2d:f9:2f:54:
02:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:7E:02:A9:C5:CD:BD:79:A1:AA:69:5B:44:21:9E:C4:9B:19:5E:5B
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/KX4CqcXNvXmhqmlbRCGexJsZXls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/19
107.161.160.0-107.161.173.255
107.181.128.0/19
113.20.156.0/22
155.254.32.0/19
162.217.248.0/22
162.220.240.0/21
198.105.96.0/19
IPv6:
2a02:2ca0::/29
2a05:9f40::/29
2a07:9940::/29
Signature Algorithm: sha256WithRSAEncryption
21:cc:e5:9c:4e:f4:9f:55:17:16:39:a7:68:4b:86:27:42:14:
79:cf:7e:ce:9a:27:62:f6:36:b9:3e:1f:c9:ea:6b:a7:ca:9e:
8a:76:53:26:a6:51:f6:75:9a:a4:26:b0:54:e8:c2:c8:68:06:
5f:1a:2c:23:e8:13:38:82:62:aa:ef:63:42:29:7b:e9:73:b0:
ae:58:73:ee:51:98:09:c6:7c:c2:8f:a4:01:96:d0:e2:b4:89:
a1:b2:1f:22:b0:bd:a2:5c:8a:e9:64:7d:b4:81:c5:c4:31:22:
ee:43:14:c5:f3:08:29:97:3a:86:64:5e:00:48:61:ce:34:02:
59:43:16:bc:89:dd:c2:f7:aa:83:49:0b:c7:b1:99:e3:9a:e9:
66:c1:7f:f1:83:ae:65:0c:2a:35:09:da:44:a5:d9:1c:df:86:
25:8b:33:2f:14:4d:cc:ff:d4:65:5f:d3:5a:69:d4:eb:fe:94:
68:51:f9:0e:0f:62:c7:55:33:01:2a:55:a6:90:42:2e:e8:d9:
26:4e:86:c7:7b:88:ec:ca:75:3d:a1:01:e5:59:01:d6:64:23:
6c:fe:d5:ec:01:35:0a:25:cf:48:e7:06:73:26:86:cf:93:f1:
8f:6c:b9:6d:38:c7:06:dc:2a:2f:a4:f7:30:56:1b:de:82:97:
14:6c:89:91
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYbB5AtO+b9ZOmNGbPAkchWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwMzA4MTU0MzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTdlMDJhOWM1Y2RiZDc5YTFhYTY5NWI0NDIxOWVjNDliMTk1ZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdXeTWPM02BvgCm7YbVHuWYanD2d
33IuyJdJZQdVJXSTl75Fg2uupcAlA2qhs/WolM2GISQVhXRC/dMI9edDe7QF0vx0
hIBPRxWJ5gUyBHdpB33HNPFEMxbjqtPb4pYxQAOKbugsw604ilF4lG2veZiNtpDp
Z/rLXmcTn3dweENLGTIxDDByGSdMGXnvVtrgmAaOWFS24G6sKeMpBsoCwnACnHau
JzRZEHuGSrvryZZJutImwKBZ+kego9+VJFSmv/1gqDD3fMuB7WF4+/jpUNNWAYXO
+KILdpcyWft/Ra3KA8WgAw8o5rlf+aL8L01yMVuEjpOkmy8Rmy35L1QCvwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFCl+AqnFzb15oappW0QhnsSbGV5bMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvS1g0Q3FjWE52WG1ocW1sYlJDR2V4SnNaWGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTA+BAIAATA4AwQFLStAMAwD
BAVroaADBAFroawDBAVrtYADBAJxFJwDBAWb/iADBAKi2fgDBAOi3PADBAXGaWAw
GwQCAAIwFQMFAyoCLKADBQMqBZ9AAwUDKgeZQDANBgkqhkiG9w0BAQsFAAOCAQEA
IczlnE70n1UXFjmnaEuGJ0IUec9+zponYvY2uT4fyeprp8qeinZTJqZR9nWapCaw
VOjCyGgGXxosI+gTOIJiqu9jQil76XOwrlhz7lGYCcZ8wo+kAZbQ4rSJobIfIrC9
olyK6WR9tIHFxDEi7kMUxfMIKZc6hmReAEhhzjQCWUMWvIndwveqg0kLx7GZ45rp
ZsF/8YOuZQwqNQnaRKXZHN+GJYszLxRNzP/UZV/TWmnU6/6UaFH5Dg9ix1UzASpV
ppBCLujZJk6Gx3uI7Mp1PaEB5VkB1mQjbP7V7AE1CiXPSOcGcyaGz5Pxj2y5bTjH
BtwqL6T3MFYb3oKXFGyJkQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:38 2025 by rpki-client