Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/KmlsLRu95q7WPd9AWjpNS2AxQT4.roa
File: KmlsLRu95q7WPd9AWjpNS2AxQT4.roa (raw, json)
Hash identifier: 5ZCZTWNK/MDbcoUpsVHC2/Icz5rYqW46EXEpmAUvymE=
Subject key identifier: 2A:69:6C:2D:1B:BD:E6:AE:D6:3D:DF:40:5A:3A:4D:4B:60:31:41:3E
Certificate issuer: /CN=2be53d340a8bf47c1bf34d3255e102efb181ad19
Certificate serial: 0189F427CEFBEF69F5504E23327B6E40FED7
Authority key identifier: 2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K-U9NAqL9Hwb800yVeEC77GBrRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/KmlsLRu95q7WPd9AWjpNS2AxQT4.roa
Signing time: Mon 14 Aug 2023 13:06:36 +0000
ROA not before: Mon 14 Aug 2023 13:06:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12703
IP address blocks: 185.68.112.0/23 maxlen: 23
46.236.0.0/18 maxlen: 18
185.68.114.0/23 maxlen: 23
178.236.144.0/20 maxlen: 20
89.151.64.0/18 maxlen: 18
81.29.64.0/19 maxlen: 19
2a02:16f8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f4:27:ce:fb:ef:69:f5:50:4e:23:32:7b:6e:40:fe:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2be53d340a8bf47c1bf34d3255e102efb181ad19
Validity
Not Before: Aug 14 13:06:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a696c2d1bbde6aed63ddf405a3a4d4b6031413e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9c:9f:71:dd:a5:be:99:88:e7:fe:7f:21:77:
38:4e:f0:23:0d:fa:d7:99:72:cf:7d:21:60:29:86:
1b:8f:f4:9f:b8:33:a0:2b:48:a4:7c:27:de:b4:eb:
06:b4:9d:56:c4:81:4f:df:ae:ef:20:2e:4a:95:4a:
02:70:79:f9:fb:de:9b:7e:f1:28:0a:bd:e3:a4:77:
1c:05:79:50:e9:14:77:3f:33:bc:6a:a2:7c:58:a9:
d6:c1:4b:31:6a:4a:1e:ab:32:57:cc:df:94:ba:be:
f8:9e:90:5f:f8:ff:be:7c:ef:17:95:67:70:91:96:
f0:9b:ca:95:99:98:31:25:79:89:6f:8d:82:58:92:
4d:da:12:63:e1:6a:c9:b4:55:65:0b:38:1f:28:c0:
7f:c9:16:a6:a9:55:85:b1:f9:61:4d:c4:dc:d4:5f:
ca:7e:32:92:44:da:68:17:bc:e8:1a:e5:ff:7c:60:
2c:9c:da:87:e2:9e:23:20:77:41:20:6a:df:1e:db:
22:c4:93:44:f8:db:b1:39:b7:ec:e1:e3:87:b1:e0:
fb:84:06:37:49:0a:2b:55:ba:6c:19:8e:05:4d:82:
b8:ae:55:21:13:d1:55:ca:3c:4f:62:e0:0c:be:5b:
bb:07:6c:94:32:7e:79:be:05:41:0e:27:8f:09:ee:
25:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:69:6C:2D:1B:BD:E6:AE:D6:3D:DF:40:5A:3A:4D:4B:60:31:41:3E
X509v3 Authority Key Identifier:
keyid:2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K-U9NAqL9Hwb800yVeEC77GBrRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/KmlsLRu95q7WPd9AWjpNS2AxQT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/K-U9NAqL9Hwb800yVeEC77GBrRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.0.0/18
81.29.64.0/19
89.151.64.0/18
178.236.144.0/20
185.68.112.0/22
IPv6:
2a02:16f8::/32
Signature Algorithm: sha256WithRSAEncryption
00:52:80:b1:8b:bf:a4:ea:a5:f7:33:b4:4f:5a:bd:06:68:33:
8e:0b:b3:4f:63:90:6d:d6:4c:64:a7:2a:b6:a5:b9:84:0a:87:
ed:ab:ad:4a:02:85:18:f7:15:5a:0c:23:df:43:47:6e:46:f6:
d4:15:71:21:a3:33:4e:fe:ec:bb:10:c9:09:65:0d:b9:a9:37:
2a:4e:48:a4:30:20:5c:fe:23:5f:bf:43:b8:89:21:65:d4:ae:
de:ec:72:d0:55:d5:a6:bb:c7:7e:7a:8b:1a:0f:16:06:9b:05:
91:ae:e5:bf:a0:3b:ed:a7:6b:bf:3e:d3:f5:60:2a:27:fd:4e:
bb:69:13:46:45:a0:95:cc:ea:0a:ba:27:58:33:6b:91:fa:e2:
33:42:e7:d5:3f:07:6a:aa:87:8b:5c:60:e2:08:19:f2:fd:64:
0e:8b:52:68:34:55:5d:2a:61:d0:17:05:3a:a1:86:19:a4:8b:
7a:0f:f1:38:f3:15:b9:3e:e3:14:b5:57:60:62:c7:06:63:7e:
32:15:0e:d0:32:54:b3:29:b6:f5:5e:3f:f7:04:ed:f1:da:ee:
86:a1:33:e6:fb:95:12:9b:00:f2:86:cb:c6:5b:3d:b4:f5:72:
9a:fb:b5:50:d9:b9:db:79:55:36:2a:f5:ef:95:24:15:a6:2a:
91:53:46:12
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYn0J87772n1UE4jMntuQP7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiZTUzZDM0MGE4YmY0N2MxYmYzNGQzMjU1ZTEwMmVmYjE4
MWFkMTkwHhcNMjMwODE0MTMwNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTY5NmMyZDFiYmRlNmFlZDYzZGRmNDA1YTNhNGQ0YjYwMzE0MTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5yfcd2lvpmI5/5/IXc4TvAjDfrX
mXLPfSFgKYYbj/SfuDOgK0ikfCfetOsGtJ1WxIFP367vIC5KlUoCcHn5+96bfvEo
Cr3jpHccBXlQ6RR3PzO8aqJ8WKnWwUsxakoeqzJXzN+Uur74npBf+P++fO8XlWdw
kZbwm8qVmZgxJXmJb42CWJJN2hJj4WrJtFVlCzgfKMB/yRamqVWFsflhTcTc1F/K
fjKSRNpoF7zoGuX/fGAsnNqH4p4jIHdBIGrfHtsixJNE+NuxObfs4eOHseD7hAY3
SQorVbpsGY4FTYK4rlUhE9FVyjxPYuAMvlu7B2yUMn55vgVBDiePCe4l9wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCppbC0bveau1j3fQFo6TUtgMUE+MB8GA1UdIwQY
MBaAFCvlPTQKi/R8G/NNMlXhAu+xga0ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSy1VOU5BcUw5SHdiODAweVZlRUM3N0dCclJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mNzI1NjItNDVmNS00MDE5LTgzYTEt
NzRmMGMzZTY2M2NiLzEvS21sc0xSdTk1cTdXUGQ5QVdqcE5TMkF4UVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9mNzI1NjItNDVmNS00MDE5LTgzYTEtNzRmMGMzZTY2M2Ni
LzEvSy1VOU5BcUw5SHdiODAweVZlRUM3N0dCclJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGLuwAAwQF
UR1AAwQGWZdAAwQEsuyQAwQCuURwMA0EAgACMAcDBQAqAhb4MA0GCSqGSIb3DQEB
CwUAA4IBAQAAUoCxi7+k6qX3M7RPWr0GaDOOC7NPY5Bt1kxkpyq2pbmECoftq61K
AoUY9xVaDCPfQ0duRvbUFXEhozNO/uy7EMkJZQ25qTcqTkikMCBc/iNfv0O4iSFl
1K7e7HLQVdWmu8d+eosaDxYGmwWRruW/oDvtp2u/PtP1YCon/U67aRNGRaCVzOoK
uidYM2uR+uIzQufVPwdqqoeLXGDiCBny/WQOi1JoNFVdKmHQFwU6oYYZpIt6D/E4
8xW5PuMUtVdgYscGY34yFQ7QMlSzKbb1Xj/3BO3x2u6GoTPm+5USmwDyhsvGWz20
9XKa+7VQ2bnbeVU2KvXvlSQVpiqRU0YS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:19 2025 by rpki-client