Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/7a8f3f-304c-4a26-aeca-18bdfe8cc0cd/1/KJ-YlLFakMCUDm5B7LXsTMuY93o.roa
File: KJ-YlLFakMCUDm5B7LXsTMuY93o.roa (raw, json)
Hash identifier: CuUxVsi7ICUyPDFXEWmN7gA8S98FLL/7lBYp2uiA+2M=
Subject key identifier: 28:9F:98:94:B1:5A:90:C0:94:0E:6E:41:EC:B5:EC:4C:CB:98:F7:7A
Certificate issuer: /CN=bc663c6e779dae9bdb046854f189fe8c5c3c32e1
Certificate serial: 038D1B
Authority key identifier: BC:66:3C:6E:77:9D:AE:9B:DB:04:68:54:F1:89:FE:8C:5C:3C:32:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vGY8bnedrpvbBGhU8Yn-jFw8MuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/7a8f3f-304c-4a26-aeca-18bdfe8cc0cd/1/KJ-YlLFakMCUDm5B7LXsTMuY93o.roa
Signing time: Tue 28 Jun 2022 05:03:20 +0000
ROA not before: Tue 28 Jun 2022 05:03:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47586
IP address blocks: 109.235.184.0/21 maxlen: 24
37.77.108.0/22 maxlen: 24
158.58.128.0/21 maxlen: 24
146.19.211.0/24 maxlen: 24
80.249.204.0/22 maxlen: 24
185.30.116.0/22 maxlen: 24
93.190.16.0/21 maxlen: 24
2a00:b160::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 232731 (0x38d1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc663c6e779dae9bdb046854f189fe8c5c3c32e1
Validity
Not Before: Jun 28 05:03:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=289f9894b15a90c0940e6e41ecb5ec4ccb98f77a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f4:3b:c3:a3:e4:d2:bb:16:86:bc:c9:ab:24:
2c:36:fd:f7:a5:27:48:1d:d4:10:80:cb:4e:23:a8:
fa:10:8c:ce:2e:8d:e0:b5:61:6c:8f:6a:ad:4a:9f:
33:34:36:35:53:d2:4e:aa:37:be:7a:2d:b1:85:92:
4c:f4:4a:60:4e:09:0b:04:91:1a:55:b6:e0:7b:91:
9f:48:29:69:b2:58:a4:58:a5:8c:52:1c:4f:06:23:
84:a6:ad:a1:fd:e6:0f:88:11:22:d4:3b:d1:21:69:
b0:4a:6f:b1:3c:a8:8e:a7:94:ab:c4:b1:7f:43:6c:
da:5d:f8:97:78:3b:33:e2:71:b1:1f:71:38:24:1d:
a9:99:fb:3d:39:67:1a:c0:57:95:36:38:0c:5b:2a:
82:2e:53:0f:86:bb:f0:5c:d5:51:9e:67:74:5d:15:
af:a9:bc:9e:b5:b3:f9:fe:cb:87:49:1b:2b:59:2a:
61:c6:93:77:35:3e:ee:95:b6:2f:82:2c:1c:35:87:
6a:c6:3e:1a:b8:9f:ac:96:9d:ba:af:a7:98:dc:2a:
d9:71:b0:8e:c8:8a:0a:6b:ae:b0:d4:6b:69:bc:a3:
d1:fe:79:3e:60:aa:d7:5b:00:2b:8b:99:5c:6f:3c:
58:3c:19:e5:45:71:10:b5:95:8d:47:12:46:fa:37:
bc:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9F:98:94:B1:5A:90:C0:94:0E:6E:41:EC:B5:EC:4C:CB:98:F7:7A
X509v3 Authority Key Identifier:
keyid:BC:66:3C:6E:77:9D:AE:9B:DB:04:68:54:F1:89:FE:8C:5C:3C:32:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vGY8bnedrpvbBGhU8Yn-jFw8MuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/7a8f3f-304c-4a26-aeca-18bdfe8cc0cd/1/KJ-YlLFakMCUDm5B7LXsTMuY93o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/7a8f3f-304c-4a26-aeca-18bdfe8cc0cd/1/vGY8bnedrpvbBGhU8Yn-jFw8MuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.108.0/22
80.249.204.0/22
93.190.16.0/21
109.235.184.0/21
146.19.211.0/24
158.58.128.0/21
185.30.116.0/22
IPv6:
2a00:b160::/32
Signature Algorithm: sha256WithRSAEncryption
74:f8:b8:51:7f:94:fa:07:7f:40:31:b0:d3:5f:2a:f5:2c:7d:
57:44:74:9b:cf:35:e5:d7:e3:2a:ef:94:87:d0:4d:87:88:74:
9b:bd:65:e7:3f:25:d2:5d:1a:fb:2f:06:d5:4b:ac:31:ea:e2:
86:25:9d:4a:25:fb:80:55:88:83:3c:5f:cd:e1:7e:8a:6d:26:
0a:46:7f:b1:95:10:89:56:1b:09:1a:75:cb:ba:38:f4:6f:a1:
df:d8:bf:af:cc:fe:59:c6:7c:96:a3:d4:56:0a:11:ee:3d:d0:
a3:67:50:9e:04:93:f4:e3:fb:4c:d7:f0:86:03:6e:3f:68:86:
d2:5a:26:8f:00:cb:90:d1:33:31:a3:74:9e:6c:dd:09:ee:6f:
22:e0:fe:66:e2:0c:45:16:9b:87:c3:b3:5f:c5:42:b3:d1:fe:
1b:72:56:b5:69:00:82:6b:0d:96:66:36:83:8a:a6:b4:2c:39:
95:5a:5e:4a:72:4b:42:08:69:6c:df:01:1e:02:01:30:4b:3a:
1c:bb:e7:d5:28:64:ea:f5:e2:a8:db:91:ed:dc:5b:0a:95:58:
3e:b3:9c:1d:90:47:55:43:2d:12:a0:f4:d1:10:d4:2c:2a:75:
f7:aa:57:66:6a:f1:0b:51:89:8e:52:6d:96:50:97:13:1c:5a:
14:f7:64:8d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIDA40bMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJj
NjYzYzZlNzc5ZGFlOWJkYjA0Njg1NGYxODlmZThjNWMzYzMyZTEwHhcNMjIwNjI4
MDUwMzIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyODlmOTg5NGIxNWE5
MGMwOTQwZTZlNDFlY2I1ZWM0Y2NiOThmNzdhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgfQ7w6Pk0rsWhrzJqyQsNv33pSdIHdQQgMtOI6j6EIzOLo3g
tWFsj2qtSp8zNDY1U9JOqje+ei2xhZJM9EpgTgkLBJEaVbbge5GfSClpslikWKWM
UhxPBiOEpq2h/eYPiBEi1DvRIWmwSm+xPKiOp5SrxLF/Q2zaXfiXeDsz4nGxH3E4
JB2pmfs9OWcawFeVNjgMWyqCLlMPhrvwXNVRnmd0XRWvqbyetbP5/suHSRsrWSph
xpN3NT7ulbYvgiwcNYdqxj4auJ+slp26r6eY3CrZcbCOyIoKa66w1GtpvKPR/nk+
YKrXWwAri5lcbzxYPBnlRXEQtZWNRxJG+je8MQIDAQABo4ICPDCCAjgwHQYDVR0O
BBYEFCifmJSxWpDAlA5uQey17EzLmPd6MB8GA1UdIwQYMBaAFLxmPG53na6b2wRo
VPGJ/oxcPDLhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dkdZOGJuZWRycHZiQkdoVThZbi1qRnc4TXVFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jNy83YThmM2YtMzA0Yy00YTI2LWFlY2EtMThiZGZlOGNjMGNkLzEv
S0otWWxMRmFrTUNVRG01QjdMWHNUTXVZOTNvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy83
YThmM2YtMzA0Yy00YTI2LWFlY2EtMThiZGZlOGNjMGNkLzEvdkdZOGJuZWRycHZi
QkdoVThZbi1qRnc4TXVFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFIG
CCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCJU1sAwQCUPnMAwQDXb4QAwQDbeu4
AwQAkhPTAwQDnjqAAwQCuR50MA0EAgACMAcDBQAqALFgMA0GCSqGSIb3DQEBCwUA
A4IBAQB0+LhRf5T6B39AMbDTXyr1LH1XRHSbzzXl1+Mq75SH0E2HiHSbvWXnPyXS
XRr7LwbVS6wx6uKGJZ1KJfuAVYiDPF/N4X6KbSYKRn+xlRCJVhsJGnXLujj0b6Hf
2L+vzP5ZxnyWo9RWChHuPdCjZ1CeBJP04/tM1/CGA24/aIbSWiaPAMuQ0TMxo3Se
bN0J7m8i4P5m4gxFFpuHw7NfxUKz0f4bcla1aQCCaw2WZjaDiqa0LDmVWl5KcktC
CGls3wEeAgEwSzocu+fVKGTq9eKo25Ht3FsKlVg+s5wdkEdVQy0SoPTRENQsKnX3
qldmavELUYmOUm2WUJcTHFoU92SN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:44 2025 by rpki-client