Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/KSTWDxWc-B14M7bXaSpN5hXXXwg.roa
File: KSTWDxWc-B14M7bXaSpN5hXXXwg.roa (raw, json)
Hash identifier: ofgj/ZztilQT4NWPjRUJJw88FMX/KjKF4BkKS5oKgGg=
Subject key identifier: 29:24:D6:0F:15:9C:F8:1D:78:33:B6:D7:69:2A:4D:E6:15:D7:5F:08
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 33D82BEC
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/KSTWDxWc-B14M7bXaSpN5hXXXwg.roa
Signing time: Sat 01 Jan 2022 04:55:30 +0000
ROA not before: Sat 01 Jan 2022 04:55:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8456
IP address blocks: 95.183.228.0/24 maxlen: 24
193.140.192.0/24 maxlen: 24
193.140.193.0/24 maxlen: 24
193.140.194.0/24 maxlen: 24
193.140.196.0/22 maxlen: 22
193.140.196.0/24 maxlen: 24
193.140.195.0/24 maxlen: 24
193.140.200.0/22 maxlen: 22
193.140.203.0/24 maxlen: 24
193.140.204.0/22 maxlen: 22
193.140.208.0/21 maxlen: 21
79.123.179.0/24 maxlen: 24
79.123.178.0/24 maxlen: 24
79.123.176.0/23 maxlen: 23
79.123.181.0/24 maxlen: 24
79.123.180.0/24 maxlen: 24
79.123.183.0/24 maxlen: 24
79.123.182.0/24 maxlen: 24
193.255.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 869805036 (0x33d82bec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 04:55:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2924d60f159cf81d7833b6d7692a4de615d75f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:94:c4:d6:d9:61:5c:02:16:bb:67:4e:8b:30:
35:ad:3e:38:88:72:ab:0d:af:4f:f3:55:01:1a:89:
9f:4b:7c:44:8f:d9:c4:7b:7e:77:06:dc:ab:57:a2:
fc:c5:30:20:58:3a:d9:38:fc:51:69:8d:b3:6c:84:
3f:d9:2b:0c:10:d9:2d:5f:de:45:18:f6:50:c5:24:
12:b2:ba:c5:88:ab:d0:21:43:16:1b:55:d7:87:cb:
11:66:d9:24:0e:9e:3d:1b:e9:9b:0a:93:72:00:4d:
b5:c9:c8:e6:ec:78:c0:7b:41:83:c9:a8:79:52:b0:
a6:99:08:4b:5d:37:c5:f1:5e:5f:8c:02:8c:c4:73:
f5:04:92:56:d0:ee:06:fe:99:0e:e5:bb:f2:b5:55:
7a:c1:2a:03:d0:68:2b:5b:90:3d:55:5a:ee:b5:31:
28:d5:24:e6:23:dd:af:32:f9:59:49:b3:e2:66:31:
f5:72:bf:c5:9b:21:b1:bc:d6:75:03:41:8f:67:57:
be:23:54:62:df:3b:f9:f4:ea:c7:12:9d:5c:97:6e:
d8:59:e7:fe:53:e8:91:2a:c3:a2:b5:7e:29:46:35:
6e:f8:4c:40:a9:04:17:24:4f:8f:dc:aa:f4:27:a5:
31:a5:99:47:ff:f8:38:8d:0d:5f:06:d1:bc:8b:ff:
f8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:24:D6:0F:15:9C:F8:1D:78:33:B6:D7:69:2A:4D:E6:15:D7:5F:08
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/KSTWDxWc-B14M7bXaSpN5hXXXwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.123.176.0/21
95.183.228.0/24
193.140.192.0-193.140.215.255
193.255.30.0/24
Signature Algorithm: sha256WithRSAEncryption
46:1e:56:57:20:38:e5:ff:ff:23:9d:8d:aa:50:3c:bd:b1:2c:
dc:b0:fa:9a:f7:7c:67:41:4f:32:b1:1b:80:9c:15:90:eb:b8:
c3:fa:41:05:01:4f:d4:6a:d7:30:25:b6:1e:6b:3a:3a:57:34:
f8:85:e8:30:76:e6:5a:0f:4c:18:ac:77:02:80:77:75:61:39:
d3:a5:5f:f3:40:4f:ef:f6:6f:a1:35:9a:48:79:f5:24:97:b6:
74:78:83:84:0a:e0:52:a3:c6:e0:e1:e8:0b:b7:38:4e:b4:13:
e5:f4:63:2a:af:36:63:44:4e:8b:0f:9d:3c:c9:97:e9:03:92:
e9:7f:e4:0f:ad:06:71:02:16:a1:d0:02:07:04:ec:09:fd:68:
3c:8a:b4:f0:80:c3:4e:cd:47:c7:e5:9d:41:68:88:98:3f:3c:
dc:c5:87:47:2d:94:01:b8:f8:9d:99:05:e2:eb:b9:d6:50:90:
3f:d6:92:d8:11:bf:47:ce:26:c5:df:74:87:87:39:ef:57:b9:
46:30:ec:a9:56:dd:a4:b0:c3:01:8e:d1:5f:f2:bc:b8:c0:33:
9a:92:4a:8e:eb:88:67:c4:76:41:d9:8c:0d:3d:8a:0c:2f:1a:
77:d5:54:18:e6:b9:f8:c6:10:42:45:0a:84:1a:82:2c:11:08:
41:af:38:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEM9gr7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NzUxOGQxODA5MjNhN2YzYzAwNjUzZWMxMmJjNzAyYjk1YWFiOTA3MB4XDTIyMDEw
MTA0NTUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkyNGQ2MGYxNTlj
ZjgxZDc4MzNiNmQ3NjkyYTRkZTYxNWQ3NWYwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALCUxNbZYVwCFrtnToswNa0+OIhyqw2vT/NVARqJn0t8RI/Z
xHt+dwbcq1ei/MUwIFg62Tj8UWmNs2yEP9krDBDZLV/eRRj2UMUkErK6xYir0CFD
FhtV14fLEWbZJA6ePRvpmwqTcgBNtcnI5ux4wHtBg8moeVKwppkIS103xfFeX4wC
jMRz9QSSVtDuBv6ZDuW78rVVesEqA9BoK1uQPVVa7rUxKNUk5iPdrzL5WUmz4mYx
9XK/xZshsbzWdQNBj2dXviNUYt87+fTqxxKdXJdu2Fnn/lPokSrDorV+KUY1bvhM
QKkEFyRPj9yq9CelMaWZR//4OI0NXwbRvIv/+AMCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQpJNYPFZz4HXgzttdpKk3mFddfCDAfBgNVHSMEGDAWgBQ3UY0YCSOn88AG
U+wSvHArlaq5BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L04xR05HQWtqcF9QQUJsUHNFcnh3SzVXcXVRYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvZjgwZWYzLTlmMGItNGJkMS04MDE4LTU5NjcxOTIwZmI2MC8x
L0tTVFdEeFdjLUIxNE03YlhhU3BONWhYWFh3Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
ZjgwZWYzLTlmMGItNGJkMS04MDE4LTU5NjcxOTIwZmI2MC8xL04xR05HQWtqcF9Q
QUJsUHNFcnh3SzVXcXVRYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEA097sAMEAF+35DAMAwQGwYzAAwQD
wYzQAwQAwf8eMA0GCSqGSIb3DQEBCwUAA4IBAQBGHlZXIDjl//8jnY2qUDy9sSzc
sPqa93xnQU8ysRuAnBWQ67jD+kEFAU/UatcwJbYeazo6VzT4hegwduZaD0wYrHcC
gHd1YTnTpV/zQE/v9m+hNZpIefUkl7Z0eIOECuBSo8bg4egLtzhOtBPl9GMqrzZj
RE6LD508yZfpA5Lpf+QPrQZxAhah0AIHBOwJ/Wg8irTwgMNOzUfH5Z1BaIiYPzzc
xYdHLZQBuPidmQXi67nWUJA/1pLYEb9HzibF33SHhznvV7lGMOypVt2ksMMBjtFf
8ry4wDOakkqO64hnxHZB2YwNPYoMLxp31VQY5rn4xhBCRQqEGoIsEQhBrzgO
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:03:51 2025 by rpki-client