Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/kLNCCx6OY8WG00qbyJeUR3Raxd0.roa
File: kLNCCx6OY8WG00qbyJeUR3Raxd0.roa (raw, json)
Hash identifier: HtblTUida1uBvuwctcdHJekvM0m+x8ad6KoqR4RWWMA=
Subject key identifier: 90:B3:42:0B:1E:8E:63:C5:86:D3:4A:9B:C8:97:94:47:74:5A:C5:DD
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 09542670
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/kLNCCx6OY8WG00qbyJeUR3Raxd0.roa
Signing time: Sat 01 Jan 2022 07:57:36 +0000
ROA not before: Sat 01 Jan 2022 07:57:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8737
IP address blocks: 195.121.128.0/17 maxlen: 17
195.121.64.0/18 maxlen: 18
213.75.0.0/17 maxlen: 17
213.75.0.0/16 maxlen: 16
213.75.128.0/17 maxlen: 17
195.121.0.0/17 maxlen: 17
195.121.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156509808 (0x9542670)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 07:57:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90b3420b1e8e63c586d34a9bc8979447745ac5dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:84:22:7d:71:bb:30:09:15:a5:c1:84:e8:c3:
1d:35:dd:4c:8c:e3:34:c5:22:00:0f:82:45:26:f3:
ab:ae:7e:ba:c0:aa:ae:03:de:29:86:46:66:68:68:
6b:50:7a:e4:c1:34:7e:b2:63:ae:85:25:c0:bf:d4:
d6:6b:18:a3:5c:c4:bc:51:df:0d:ea:07:4a:2d:bb:
56:61:17:a3:f6:30:ba:93:9a:4c:e7:54:04:88:cc:
0d:68:93:85:d8:24:b4:02:ab:75:e9:29:d6:55:8e:
d1:bd:73:89:e9:37:52:a6:b0:a7:92:15:33:c7:b1:
8e:d4:81:f5:a9:f9:3b:f5:70:77:40:ba:8c:4e:42:
b2:a0:ad:f7:18:32:47:75:89:26:a5:c9:23:1d:75:
3e:bf:84:34:d5:33:93:66:56:be:fe:6e:2c:8f:9c:
af:52:5c:bf:be:ca:7f:6d:f4:04:19:5c:b2:8c:e5:
68:4e:aa:44:b7:28:6f:7d:a3:71:ad:66:6a:3f:cc:
ab:d9:0f:6e:74:85:0f:c1:40:f6:ea:04:27:05:a8:
9b:7e:95:07:53:ff:94:d7:2f:89:4a:36:60:de:0e:
31:ed:1e:a0:0e:43:29:31:a5:97:4f:a4:57:27:f0:
cb:33:37:c6:bb:73:a4:5e:b4:1c:35:f0:f3:25:44:
75:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B3:42:0B:1E:8E:63:C5:86:D3:4A:9B:C8:97:94:47:74:5A:C5:DD
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/kLNCCx6OY8WG00qbyJeUR3Raxd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.121.0.0/16
213.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
53:01:9c:5a:b9:d2:81:3e:75:38:ab:8a:d5:24:a4:91:51:e7:
a8:79:3e:3d:96:30:69:30:ac:ed:b6:96:a0:54:72:46:67:db:
cd:33:3f:b4:f6:b2:f7:1c:fb:10:d0:90:50:a8:1c:a5:e1:4a:
b8:e8:79:10:39:4f:b3:72:b9:09:4f:ea:de:83:ab:0f:e3:d9:
99:34:40:63:3c:77:23:69:40:4f:ba:24:ac:8e:8c:f3:c5:db:
21:f5:50:ce:a3:94:46:05:17:88:22:fe:a6:15:57:4e:20:58:
9a:bc:45:c5:5f:07:7c:c0:0e:97:b5:da:9c:98:22:94:30:5e:
69:23:d7:88:e7:68:f3:f5:54:64:e1:d3:ce:a3:73:e2:1f:e5:
f4:47:28:d6:19:12:58:f0:57:01:27:61:8a:93:a1:8e:8c:15:
53:44:64:7f:0d:d8:10:1a:9d:50:0e:6c:01:2e:42:db:2d:1d:
e3:fe:5f:7a:d8:0f:69:29:21:c8:dd:dd:69:77:83:16:ea:b3:
05:69:3c:28:35:42:34:16:8f:70:4f:c2:a3:ba:a8:88:d9:7f:
15:2e:9f:a6:61:f6:50:8b:65:c6:b4:f4:99:94:8e:4e:f2:21:
20:36:97:fd:93:52:23:82:ae:19:2b:95:65:6a:36:53:25:d0:
10:d4:31:f6
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIECVQmcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWVlZDQwOTEzODNkOWVkNDA1NmQ5ZjRlZmY3ZDI2MjJkZGNlMjA1MB4XDTIyMDEw
MTA3NTczNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTBiMzQyMGIxZThl
NjNjNTg2ZDM0YTliYzg5Nzk0NDc3NDVhYzVkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOEIn1xuzAJFaXBhOjDHTXdTIzjNMUiAA+CRSbzq65+usCq
rgPeKYZGZmhoa1B65ME0frJjroUlwL/U1msYo1zEvFHfDeoHSi27VmEXo/YwupOa
TOdUBIjMDWiThdgktAKrdekp1lWO0b1ziek3Uqawp5IVM8exjtSB9an5O/Vwd0C6
jE5CsqCt9xgyR3WJJqXJIx11Pr+ENNUzk2ZWvv5uLI+cr1Jcv77Kf230BBlcsozl
aE6qRLcob32jca1maj/Mq9kPbnSFD8FA9uoEJwWom36VB1P/lNcviUo2YN4OMe0e
oA5DKTGll0+kVyfwyzM3xrtzpF60HDXw8yVEdakCAwEAAaOCAg0wggIJMB0GA1Ud
DgQWBBSQs0ILHo5jxYbTSpvIl5RHdFrF3TAfBgNVHSMEGDAWgBSB7tQJE4PZ7UBW
2fTv99JiLdziBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dlN1VDUk9EMmUxQVZ0bjA3X2ZTWWkzYzRnVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvNGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJhMS8x
L2tMTkNDeDZPWThXRzAwcWJ5SmVVUjNSYXhkMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
NGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJhMS8xL2dlN1VDUk9EMmUx
QVZ0bjA3X2ZTWWkzYzRnVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAj
BggrBgEFBQcBBwEB/wQUMBIwEAQCAAEwCgMDAMN5AwMA1UswDQYJKoZIhvcNAQEL
BQADggEBAFMBnFq50oE+dTiritUkpJFR56h5Pj2WMGkwrO22lqBUckZn280zP7T2
svcc+xDQkFCoHKXhSrjoeRA5T7NyuQlP6t6Dqw/j2Zk0QGM8dyNpQE+6JKyOjPPF
2yH1UM6jlEYFF4gi/qYVV04gWJq8RcVfB3zADpe12pyYIpQwXmkj14jnaPP1VGTh
086jc+If5fRHKNYZEljwVwEnYYqToY6MFVNEZH8N2BAanVAObAEuQtstHeP+X3rY
D2kpIcjd3Wl3gxbqswVpPCg1QjQWj3BPwqO6qIjZfxUun6Zh9lCLZca09JmUjk7y
ISA2l/2TUiOCrhkrlWVqNlMl0BDUMfY=
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:00:41 2025 by rpki-client