Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/kLFiMi1YpfBGVKB3LVMVXwFvulA.roa
File: kLFiMi1YpfBGVKB3LVMVXwFvulA.roa (raw, json)
Hash identifier: RCkQ8IDvotFoxQH+BsnEmIgmVhmNTZA4JplebnZmhs4=
Subject key identifier: 90:B1:62:32:2D:58:A5:F0:46:54:A0:77:2D:53:15:5F:01:6F:BA:50
Certificate issuer: /CN=1ea559d8bf6ac2d868d0665ad57d2c6ac1472193
Certificate serial: 069C6FC5
Authority key identifier: 1E:A5:59:D8:BF:6A:C2:D8:68:D0:66:5A:D5:7D:2C:6A:C1:47:21:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqVZ2L9qwtho0GZa1X0sasFHIZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/kLFiMi1YpfBGVKB3LVMVXwFvulA.roa
Signing time: Sat 01 Jan 2022 07:00:47 +0000
ROA not before: Sat 01 Jan 2022 07:00:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 559
IP address blocks: 148.196.0.0/16 maxlen: 16
157.26.0.0/16 maxlen: 16
192.135.150.0/23 maxlen: 24
192.135.152.0/21 maxlen: 21
192.135.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110915525 (0x69c6fc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ea559d8bf6ac2d868d0665ad57d2c6ac1472193
Validity
Not Before: Jan 1 07:00:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90b162322d58a5f04654a0772d53155f016fba50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:51:58:86:37:cf:90:c3:09:a8:27:91:74:19:
fd:82:9e:b5:df:56:dc:69:79:f5:27:29:b9:c5:89:
77:0b:14:61:4e:8a:3f:24:22:f9:f7:91:8c:86:34:
3a:4f:2a:a8:5d:44:ef:b4:ca:08:b9:36:1e:03:c0:
00:64:7d:d5:72:5b:ea:43:f8:24:2b:36:1b:af:cf:
a0:0d:43:77:70:f7:a4:19:9e:15:02:4f:2f:5c:76:
20:29:88:4b:c1:1a:22:1f:cc:d6:f4:1d:c1:6d:00:
53:66:dd:38:8a:8c:1c:57:c4:64:c9:3f:e2:95:e7:
c3:45:95:63:0a:1a:5b:1c:c8:04:62:17:a5:ce:f3:
3c:b3:10:cc:83:58:23:7e:d1:85:ba:20:6b:42:70:
0c:81:c9:8f:66:02:da:dc:f2:c1:88:a1:ac:d9:10:
22:2d:c5:19:8e:90:cc:4c:d5:4e:fa:6e:8b:04:b7:
6f:7e:79:af:66:10:a1:ef:70:de:0c:d1:52:f8:7f:
f1:26:d3:00:00:14:8b:61:8c:59:78:1f:b5:0d:ed:
72:a6:47:d6:a9:13:1d:f5:f6:f9:0f:ef:a2:fd:05:
8d:02:a1:93:d8:6b:89:7d:73:b2:55:34:43:cb:95:
a2:d5:f5:5b:ef:91:c5:8e:d1:1e:f3:63:a0:ee:70:
29:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B1:62:32:2D:58:A5:F0:46:54:A0:77:2D:53:15:5F:01:6F:BA:50
X509v3 Authority Key Identifier:
keyid:1E:A5:59:D8:BF:6A:C2:D8:68:D0:66:5A:D5:7D:2C:6A:C1:47:21:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqVZ2L9qwtho0GZa1X0sasFHIZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/kLFiMi1YpfBGVKB3LVMVXwFvulA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/4fb785-fff1-43a3-afd1-5ffcc46ae7b5/1/HqVZ2L9qwtho0GZa1X0sasFHIZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.196.0.0/16
157.26.0.0/16
192.135.150.0-192.135.159.255
Signature Algorithm: sha256WithRSAEncryption
32:0c:b3:f9:07:8a:93:d0:49:8e:cb:a4:50:36:27:35:d5:46:
34:e8:9a:5e:f5:5d:04:d0:0a:fb:e1:d6:2d:d0:3f:88:ac:d6:
68:be:2d:52:67:09:c6:9b:48:09:c1:a7:6c:ba:36:57:41:aa:
c0:d2:a5:76:33:ba:b0:1d:ce:d1:81:60:81:2c:72:f1:07:cc:
c9:f7:18:46:f6:55:ed:c1:75:51:f0:6e:21:d9:8a:41:d7:bd:
2b:57:be:30:d5:f5:e2:81:f5:c7:1a:53:9f:90:e8:e6:04:ec:
25:a5:e2:1a:7a:e0:56:eb:fe:78:a5:ee:14:8f:e9:54:08:c2:
e0:16:53:4a:51:78:bd:e4:b8:fd:cd:ba:73:99:2c:72:16:e6:
d8:72:6e:89:2f:07:91:c6:f7:56:6f:da:3f:72:44:11:b6:44:
b2:da:67:0b:71:69:11:56:0a:4a:60:19:cd:cd:57:93:9a:e8:
f0:4c:fa:c9:c0:14:11:3d:99:0d:65:5d:89:1d:b7:d7:60:df:
7a:cc:9f:db:31:c4:0d:69:e1:ac:78:d7:ab:47:95:0c:a9:b9:
98:58:17:f4:63:bf:a3:68:65:e2:af:d1:55:f3:4d:01:a3:2f:
ce:af:f8:cd:50:4c:46:e5:a7:29:20:4a:f4:4b:11:a4:08:58:
2b:82:4d:33
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBpxvxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZWE1NTlkOGJmNmFjMmQ4NjhkMDY2NWFkNTdkMmM2YWMxNDcyMTkzMB4XDTIyMDEw
MTA3MDA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTBiMTYyMzIyZDU4
YTVmMDQ2NTRhMDc3MmQ1MzE1NWYwMTZmYmE1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIpRWIY3z5DDCagnkXQZ/YKetd9W3Gl59ScpucWJdwsUYU6K
PyQi+feRjIY0Ok8qqF1E77TKCLk2HgPAAGR91XJb6kP4JCs2G6/PoA1Dd3D3pBme
FQJPL1x2ICmIS8EaIh/M1vQdwW0AU2bdOIqMHFfEZMk/4pXnw0WVYwoaWxzIBGIX
pc7zPLMQzINYI37Rhboga0JwDIHJj2YC2tzywYihrNkQIi3FGY6QzEzVTvpuiwS3
b355r2YQoe9w3gzRUvh/8SbTAAAUi2GMWXgftQ3tcqZH1qkTHfX2+Q/vov0FjQKh
k9hriX1zslU0Q8uVotX1W++RxY7RHvNjoO5wKS8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSQsWIyLVil8EZUoHctUxVfAW+6UDAfBgNVHSMEGDAWgBQepVnYv2rC2GjQ
ZlrVfSxqwUchkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hxVloyTDlxd3RobzBHWmExWDBzYXNGSElaTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTgvNGZiNzg1LWZmZjEtNDNhMy1hZmQxLTVmZmNjNDZhZTdiNS8x
L2tMRmlNaTFZcGZCR1ZLQjNMVk1WWHdGdnVsQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgv
NGZiNzg1LWZmZjEtNDNhMy1hZmQxLTVmZmNjNDZhZTdiNS8xL0hxVloyTDlxd3Ro
bzBHWmExWDBzYXNGSElaTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMDAJTEAwMAnRowDAMEAcCHlgMEBcCH
gDANBgkqhkiG9w0BAQsFAAOCAQEAMgyz+QeKk9BJjsukUDYnNdVGNOiaXvVdBNAK
++HWLdA/iKzWaL4tUmcJxptICcGnbLo2V0GqwNKldjO6sB3O0YFggSxy8QfMyfcY
RvZV7cF1UfBuIdmKQde9K1e+MNX14oH1xxpTn5Do5gTsJaXiGnrgVuv+eKXuFI/p
VAjC4BZTSlF4veS4/c26c5kschbm2HJuiS8Hkcb3Vm/aP3JEEbZEstpnC3FpEVYK
SmAZzc1Xk5ro8Ez6ycAUET2ZDWVdiR2312Dfesyf2zHEDWnhrHjXq0eVDKm5mFgX
9GO/o2hl4q/RVfNNAaMvzq/4zVBMRuWnKSBK9EsRpAhYK4JNMw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:42 2025 by rpki-client