Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/KMRLcn7UFHrmMOnqdd48Ws2vqXs.roa
File: KMRLcn7UFHrmMOnqdd48Ws2vqXs.roa (raw, json)
Hash identifier: E1K23hZyoYi81LTinCZ7FiibVQW9b82DOQ1eS8leg4k=
Subject key identifier: 28:C4:4B:72:7E:D4:14:7A:E6:30:E9:EA:75:DE:3C:5A:CD:AF:A9:7B
Certificate issuer: /CN=8452b03e1b01709638940d9592983cde77ecab77
Certificate serial: 06382597
Authority key identifier: 84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/KMRLcn7UFHrmMOnqdd48Ws2vqXs.roa
Signing time: Sat 01 Jan 2022 06:01:07 +0000
ROA not before: Sat 01 Jan 2022 06:01:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35297
IP address blocks: 185.249.160.0/22 maxlen: 24
5.53.112.0/21 maxlen: 24
193.239.75.101/32 maxlen: 32
193.239.72.0/22 maxlen: 24
193.239.74.64/32 maxlen: 32
91.204.212.0/22 maxlen: 24
193.238.32.0/22 maxlen: 24
178.251.104.0/21 maxlen: 24
178.251.110.0/24 maxlen: 24
77.75.144.0/21 maxlen: 24
2a02:2000:face::/48 maxlen: 48
2a02:2000:4::/48 maxlen: 48
2a02:2000::/29 maxlen: 48
2a02:2000::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104342935 (0x6382597)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8452b03e1b01709638940d9592983cde77ecab77
Validity
Not Before: Jan 1 06:01:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28c44b727ed4147ae630e9ea75de3c5acdafa97b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c7:85:5e:66:c3:08:f7:4c:02:83:b2:ef:5f:
e6:d3:b5:43:d7:28:05:73:98:e0:0c:2d:e4:55:41:
f6:b6:15:40:a4:04:c7:d8:f2:dd:e5:6c:9c:69:8d:
9e:64:1a:f8:57:6e:10:81:90:81:8a:b9:f3:8a:9f:
3a:31:46:45:27:9e:c6:55:a7:17:d0:5a:36:e9:30:
74:42:09:7c:62:59:75:10:d2:19:e5:74:b4:1e:95:
7f:5c:f4:ff:62:58:19:5e:5f:a6:29:c5:3c:c5:e7:
d2:ad:ac:ee:ec:a0:38:0c:9e:8d:e0:91:15:55:97:
11:17:a5:04:98:f3:ca:21:a8:2b:d3:26:0c:e7:41:
50:f9:40:8e:b7:37:04:9e:66:ae:a9:ae:08:e3:a2:
70:95:5f:4c:c1:b3:32:65:41:f5:0a:78:7f:94:fe:
ae:3f:18:d1:12:c7:f9:11:6d:13:f6:e9:5a:cd:c8:
6c:32:ba:04:f1:a5:25:ab:16:b1:b6:d5:ae:ba:04:
8d:78:8f:57:d4:81:76:34:a5:bc:16:63:27:d5:cf:
1b:37:cb:3c:4c:0a:d6:32:e7:80:f1:fe:72:a9:33:
46:e3:fb:92:31:53:8a:c8:88:20:48:04:2c:4e:e8:
6f:51:9e:a9:3a:db:cc:2b:5e:df:95:b5:ff:2b:7b:
d3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C4:4B:72:7E:D4:14:7A:E6:30:E9:EA:75:DE:3C:5A:CD:AF:A9:7B
X509v3 Authority Key Identifier:
keyid:84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/KMRLcn7UFHrmMOnqdd48Ws2vqXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.112.0/21
77.75.144.0/21
91.204.212.0/22
178.251.104.0/21
185.249.160.0/22
193.238.32.0/22
193.239.72.0/22
IPv6:
2a02:2000::/29
Signature Algorithm: sha256WithRSAEncryption
6d:83:7a:26:67:0d:04:8d:b9:83:e0:bb:8f:97:eb:f6:3b:6b:
f5:1e:5c:59:fd:79:91:fa:82:df:4d:0d:f6:3e:10:b0:4f:63:
21:02:98:df:86:49:17:00:c6:6e:eb:99:7d:77:f5:88:b9:93:
c1:0e:39:28:87:b8:55:12:2f:76:c9:e4:9e:83:98:c2:12:14:
6a:ed:1b:4d:73:30:ab:6a:8b:5d:3e:d0:e0:3b:49:31:90:f3:
e4:7f:28:08:fa:04:d0:30:15:ee:7c:f7:2e:d0:5c:86:4d:70:
a9:2b:58:b8:52:97:7b:c3:8e:e4:96:7c:b4:a9:12:8f:65:ca:
f0:0b:69:af:d1:e0:32:c2:27:aa:98:fd:b1:71:ca:de:80:2f:
58:20:7e:d4:b4:5e:99:22:47:2e:49:36:df:c4:c5:84:cf:5d:
59:a1:34:51:e5:4c:8f:57:94:97:fd:4d:39:94:51:78:f8:47:
6c:3a:4f:08:06:95:a8:ab:df:6a:f0:9e:05:e0:16:9d:1f:8b:
e1:b1:1b:4d:58:63:48:50:03:c5:a8:aa:80:c4:2f:a2:0a:bd:
00:ca:ea:f9:4b:cf:d6:e4:df:d2:21:a1:ae:7e:a3:9c:e9:ba:
04:0d:43:b6:1c:4f:fa:5d:bd:d0:81:9b:7a:ef:0a:db:14:f7:
61:98:17:dc
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEBjgllzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NDUyYjAzZTFiMDE3MDk2Mzg5NDBkOTU5Mjk4M2NkZTc3ZWNhYjc3MB4XDTIyMDEw
MTA2MDEwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhjNDRiNzI3ZWQ0
MTQ3YWU2MzBlOWVhNzVkZTNjNWFjZGFmYTk3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7HhV5mwwj3TAKDsu9f5tO1Q9coBXOY4Awt5FVB9rYVQKQE
x9jy3eVsnGmNnmQa+FduEIGQgYq584qfOjFGRSeexlWnF9BaNukwdEIJfGJZdRDS
GeV0tB6Vf1z0/2JYGV5fpinFPMXn0q2s7uygOAyejeCRFVWXERelBJjzyiGoK9Mm
DOdBUPlAjrc3BJ5mrqmuCOOicJVfTMGzMmVB9Qp4f5T+rj8Y0RLH+RFtE/bpWs3I
bDK6BPGlJasWsbbVrroEjXiPV9SBdjSlvBZjJ9XPGzfLPEwK1jLngPH+cqkzRuP7
kjFTisiIIEgELE7ob1GeqTrbzCte35W1/yt70/cCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBQoxEtyftQUeuYw6ep13jxaza+pezAfBgNVHSMEGDAWgBSEUrA+GwFwljiU
DZWSmDzed+yrdzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hGS3dQaHNCY0pZNGxBMlZrcGc4M25mc3EzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvMDExZjZlLWU5MjgtNGYyYi1hYTI0LTIwMGZjMjc0Y2IwMS8x
L0tNUkxjbjdVRkhybU1PbnFkZDQ4V3MydnFYcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
MDExZjZlLWU5MjgtNGYyYi1hYTI0LTIwMGZjMjc0Y2IwMS8xL2hGS3dQaHNCY0pZ
NGxBMlZrcGc4M25mc3EzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAwU1cAMEA01LkAMEAlvM1AMEA7L7
aAMEArn5oAMEAsHuIAMEAsHvSDANBAIAAjAHAwUDKgIgADANBgkqhkiG9w0BAQsF
AAOCAQEAbYN6JmcNBI25g+C7j5fr9jtr9R5cWf15kfqC300N9j4QsE9jIQKY34ZJ
FwDGbuuZfXf1iLmTwQ45KIe4VRIvdsnknoOYwhIUau0bTXMwq2qLXT7Q4DtJMZDz
5H8oCPoE0DAV7nz3LtBchk1wqStYuFKXe8OO5JZ8tKkSj2XK8Atpr9HgMsInqpj9
sXHK3oAvWCB+1LRemSJHLkk238TFhM9dWaE0UeVMj1eUl/1NOZRRePhHbDpPCAaV
qKvfavCeBeAWnR+L4bEbTVhjSFADxaiqgMQvogq9AMrq+UvP1uTf0iGhrn6jnOm6
BA1DthxP+l290IGbeu8K2xT3YZgX3A==
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:47:15 2025 by rpki-client