Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Kc2RsIc0Z8DPApjAfTQnKY8kg7k.roa
File: Kc2RsIc0Z8DPApjAfTQnKY8kg7k.roa (raw, json)
Hash identifier: 1CU2oFmrFFQZEf2iK5tAUyF6cqDM1t5XGDAqDPn2t40=
Subject key identifier: 29:CD:91:B0:87:34:67:C0:CF:02:98:C0:7D:34:27:29:8F:24:83:B9
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185061715116F4B3E9A1885BA4A7C2C1936
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Kc2RsIc0Z8DPApjAfTQnKY8kg7k.roa
Signing time: Mon 12 Dec 2022 11:27:33 +0000
ROA not before: Mon 12 Dec 2022 11:27:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20663
IP address blocks: 213.154.187.0/24 maxlen: 24
213.154.190.0/23 maxlen: 23
213.154.189.0/24 maxlen: 24
213.154.188.0/24 maxlen: 24
213.154.163.0/24 maxlen: 24
213.154.162.0/24 maxlen: 24
213.154.166.0/24 maxlen: 24
213.154.161.0/24 maxlen: 24
213.154.165.0/24 maxlen: 24
213.154.160.0/24 maxlen: 24
213.154.164.0/24 maxlen: 24
213.154.160.0/21 maxlen: 21
213.154.167.0/24 maxlen: 24
213.154.171.0/24 maxlen: 24
213.154.172.0/23 maxlen: 23
213.154.169.0/24 maxlen: 24
213.154.168.0/24 maxlen: 24
213.154.176.0/23 maxlen: 23
213.154.179.0/24 maxlen: 24
213.154.174.0/24 maxlen: 24
213.154.178.0/24 maxlen: 24
213.154.178.0/23 maxlen: 23
213.154.186.0/24 maxlen: 24
213.154.181.0/24 maxlen: 24
213.154.185.0/24 maxlen: 24
213.154.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:17:15:11:6f:4b:3e:9a:18:85:ba:4a:7c:2c:19:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 11:27:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29cd91b0873467c0cf0298c07d3427298f2483b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:71:f3:e9:ed:67:c2:bd:e8:50:a2:38:2d:2a:
cc:97:ac:35:fc:8c:08:a0:be:15:aa:16:7f:be:bc:
ef:2a:30:5c:53:ea:67:46:d7:43:32:7b:99:b4:bf:
ca:42:98:d0:0d:6c:96:8c:9f:85:1e:d2:0a:4d:5d:
ea:33:8c:ca:d8:dd:2c:16:f8:85:6e:cd:83:10:87:
68:07:a9:93:1d:e0:c7:e3:e4:d9:eb:0e:7e:41:12:
83:da:e1:80:11:05:9d:fb:5c:e2:19:8c:85:91:80:
b8:c5:d6:a0:9d:8b:82:56:1d:b6:8d:ac:ed:dc:ff:
60:6f:44:05:0d:f2:13:d9:95:9e:1a:51:d4:cb:af:
b1:99:c1:ff:15:57:68:9a:1a:f0:1a:a0:d7:a7:39:
f2:79:24:72:29:83:b0:e7:97:f3:6f:fd:9c:a6:2d:
3b:26:bb:1c:37:b3:d5:dc:8f:6c:39:57:4c:f4:52:
04:db:dd:58:85:b8:4b:df:c3:49:04:44:78:ec:b8:
ac:0f:a8:d8:57:a7:ff:1c:7e:cb:48:51:3f:3f:4d:
b3:13:d6:ac:f6:5e:ef:f7:6f:91:ea:2f:a3:64:a6:
6e:05:59:d5:30:85:3f:60:36:6e:d0:76:18:dd:11:
4f:cb:77:b5:8a:24:f6:49:59:54:3d:17:c4:12:13:
99:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:CD:91:B0:87:34:67:C0:CF:02:98:C0:7D:34:27:29:8F:24:83:B9
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Kc2RsIc0Z8DPApjAfTQnKY8kg7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.154.160.0-213.154.169.255
213.154.171.0-213.154.174.255
213.154.176.0-213.154.181.255
213.154.185.0-213.154.191.255
Signature Algorithm: sha256WithRSAEncryption
27:3e:75:41:b2:ec:bf:c0:48:f2:f8:2f:90:c5:01:8f:b0:41:
be:0d:4e:ad:d4:0a:e7:82:c4:e3:3b:64:8c:32:55:15:72:7e:
d9:d9:a5:93:bd:13:33:d1:b5:8b:0e:26:61:c2:2d:83:ee:8d:
17:6a:4b:92:8d:a4:4b:b4:e7:cd:9d:98:ad:c8:b6:4e:0e:da:
d8:fe:f3:b8:b8:52:06:a7:8e:4b:a0:cc:d3:20:72:83:cd:17:
14:e0:88:09:14:bc:b7:99:e3:65:08:e4:27:1a:f8:cf:ed:4e:
40:db:bf:51:64:98:7d:ca:7e:11:fb:03:4b:ee:ad:bf:8c:28:
b8:83:55:f9:09:90:f0:29:f5:7f:13:0b:8e:2a:73:af:4e:f8:
10:48:3f:b4:62:5f:38:a4:66:22:98:2d:2e:f3:0d:aa:ae:fc:
30:12:95:82:34:cc:48:ee:1c:74:7b:43:c3:26:3f:69:e8:c1:
77:21:a6:89:9e:4c:28:15:87:97:d7:8d:ee:76:08:66:97:c9:
4a:95:2b:b8:9c:26:aa:c5:d1:15:27:a4:e6:d6:7b:ff:45:9b:
c6:f9:33:03:c0:50:ed:f8:ee:ee:78:fe:5f:24:3b:94:79:b7:
b1:a3:e9:f7:bb:42:e9:56:c2:c2:e9:14:16:b9:36:55:13:96:
df:9d:74:4e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYUGFxURb0s+mhiFukp8LBk2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTEyNzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWNkOTFiMDg3MzQ2N2MwY2YwMjk4YzA3ZDM0MjcyOThmMjQ4M2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXHz6e1nwr3oUKI4LSrMl6w1/IwI
oL4VqhZ/vrzvKjBcU+pnRtdDMnuZtL/KQpjQDWyWjJ+FHtIKTV3qM4zK2N0sFviF
bs2DEIdoB6mTHeDH4+TZ6w5+QRKD2uGAEQWd+1ziGYyFkYC4xdagnYuCVh22jazt
3P9gb0QFDfIT2ZWeGlHUy6+xmcH/FVdomhrwGqDXpznyeSRyKYOw55fzb/2cpi07
JrscN7PV3I9sOVdM9FIE291YhbhL38NJBER47LisD6jYV6f/HH7LSFE/P02zE9as
9l7v92+R6i+jZKZuBVnVMIU/YDZu0HYY3RFPy3e1iiT2SVlUPRfEEhOZawIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCnNkbCHNGfAzwKYwH00JymPJIO5MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvS2MyUnNJYzBaOERQQXBqQWZUUW5LWThrZzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBAXVmqAD
BAHVmqgwDAMEANWaqwMEANWarjAMAwQE1ZqwAwQB1Zq0MAwDBADVmrkDBAbVmoAw
DQYJKoZIhvcNAQELBQADggEBACc+dUGy7L/ASPL4L5DFAY+wQb4NTq3UCueCxOM7
ZIwyVRVyftnZpZO9EzPRtYsOJmHCLYPujRdqS5KNpEu0582dmK3Itk4O2tj+87i4
UganjkugzNMgcoPNFxTgiAkUvLeZ42UI5Cca+M/tTkDbv1FkmH3KfhH7A0vurb+M
KLiDVfkJkPAp9X8TC44qc69O+BBIP7RiXzikZiKYLS7zDaqu/DASlYI0zEjuHHR7
Q8MmP2nowXchpomeTCgVh5fXje52CGaXyUqVK7icJqrF0RUnpObWe/9Fm8b5MwPA
UO347u54/l8kO5R5t7Gj6fe7QulWwsLpFBa5NlUTlt+ddE4=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:38:32 2025 by rpki-client