Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/Kwi5kbuufn00clLs6LLcoeBFAa0.roa
File: Kwi5kbuufn00clLs6LLcoeBFAa0.roa (raw, json)
Hash identifier: QnTGnNOr90P6T9SLO/+HeW7FpHFq6EnByWumDcj/xKQ=
Subject key identifier: 2B:08:B9:91:BB:AE:7E:7D:34:72:52:EC:E8:B2:DC:A1:E0:45:01:AD
Certificate issuer: /CN=a4f8436003d37602026b65531755ca8fcd31bed2
Certificate serial: 11E130C7
Authority key identifier: A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/Kwi5kbuufn00clLs6LLcoeBFAa0.roa
Signing time: Wed 29 Jun 2022 09:33:02 +0000
ROA not before: Wed 29 Jun 2022 09:33:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31027
IP address blocks: 82.192.160.0/19 maxlen: 19
130.185.128.0/20 maxlen: 20
212.98.96.0/24 maxlen: 24
62.12.32.0/20 maxlen: 20
5.179.80.0/20 maxlen: 20
62.12.48.0/21 maxlen: 21
80.88.128.0/20 maxlen: 20
62.116.192.0/19 maxlen: 19
5.56.144.0/20 maxlen: 20
46.32.156.0/22 maxlen: 22
77.233.224.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 299970759 (0x11e130c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f8436003d37602026b65531755ca8fcd31bed2
Validity
Not Before: Jun 29 09:33:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b08b991bbae7e7d347252ece8b2dca1e04501ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5a:ae:d1:a2:95:a8:7f:7d:ca:70:ea:d3:21:
57:30:fd:cc:28:3c:1e:aa:0a:7e:59:37:ff:ad:b8:
a2:74:70:1e:2f:51:14:a8:0d:5e:91:da:35:7f:41:
6b:9b:ec:f1:d4:f6:01:a7:60:ef:a0:6d:74:e3:45:
21:5d:30:66:98:07:cc:ed:8e:a1:00:ba:0a:e7:37:
1c:f5:84:90:ba:58:98:c3:e5:5a:22:28:e2:f3:e3:
f7:08:43:80:7e:68:ca:42:7f:f8:47:7e:ff:5a:37:
6e:34:ff:2c:f4:40:84:c4:8d:40:37:72:48:2b:19:
09:14:98:14:a6:7a:61:2c:62:db:28:21:97:92:9b:
35:ae:58:30:1e:28:c9:54:02:0d:bb:77:d7:78:a1:
5c:a0:6d:27:50:4f:d1:1d:83:99:25:29:1e:93:ea:
27:d1:e7:b9:09:5f:02:b3:a8:fe:41:ab:25:1c:f6:
37:31:af:dc:3c:92:54:5c:1e:90:bd:a2:47:e6:d1:
9a:f0:99:99:2d:fe:f4:86:d9:2f:e3:63:31:a6:65:
93:56:f4:f2:7b:86:c2:ed:5c:6b:71:ce:7f:90:5b:
b8:7a:ea:be:55:2a:6b:ac:19:1e:d6:d8:61:ac:b7:
4a:ea:db:9e:cd:3c:96:17:77:5a:9d:56:f6:31:69:
98:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:08:B9:91:BB:AE:7E:7D:34:72:52:EC:E8:B2:DC:A1:E0:45:01:AD
X509v3 Authority Key Identifier:
keyid:A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/Kwi5kbuufn00clLs6LLcoeBFAa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.144.0/20
5.179.80.0/20
46.32.156.0/22
62.12.32.0-62.12.55.255
62.116.192.0/19
77.233.224.0/19
80.88.128.0/20
82.192.160.0/19
130.185.128.0/20
212.98.96.0/24
Signature Algorithm: sha256WithRSAEncryption
19:b9:98:98:6a:5a:42:cc:a3:c9:c5:64:da:09:7f:40:3e:f9:
ac:85:06:4f:31:bd:27:b7:fd:3a:90:d7:ec:28:29:f0:95:ee:
73:7f:0f:b6:5c:83:67:21:41:f1:6f:12:6f:28:f6:6b:89:65:
6a:94:bc:ec:2c:88:04:cd:76:bc:a9:e3:43:6a:82:d0:94:28:
20:24:bd:0c:df:18:96:d7:d5:20:73:cd:f2:11:e4:a4:8d:31:
f1:36:ff:0c:6a:f4:85:0e:d0:36:b9:d8:99:54:30:b0:00:82:
23:43:53:8d:a7:e4:b1:73:bb:38:f7:ac:68:03:09:bd:73:88:
e0:42:a9:e0:9b:c0:f9:79:82:d5:b4:f9:7c:27:48:0c:2a:e8:
cf:05:9b:b9:e3:da:e1:ed:d2:e8:40:b7:e1:4e:f7:21:2f:42:
ed:90:bb:b5:9b:46:09:28:f5:6a:88:8d:9d:bb:73:ea:e9:7d:
19:58:be:d2:b1:a4:aa:8c:14:2d:79:3c:a1:60:9f:24:c4:ed:
ca:e6:2a:f4:a0:47:db:49:6f:11:27:73:71:4e:2c:5e:65:b5:
07:df:60:26:1b:b0:8e:a1:54:00:ee:96:33:8b:7c:1e:97:a0:
52:28:e6:55:d5:d9:a2:83:da:8c:b1:b7:1d:8d:30:11:f1:f8:
41:ea:34:99
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEEeEwxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NGY4NDM2MDAzZDM3NjAyMDI2YjY1NTMxNzU1Y2E4ZmNkMzFiZWQyMB4XDTIyMDYy
OTA5MzMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmIwOGI5OTFiYmFl
N2U3ZDM0NzI1MmVjZThiMmRjYTFlMDQ1MDFhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1artGilah/fcpw6tMhVzD9zCg8HqoKflk3/624onRwHi9R
FKgNXpHaNX9Ba5vs8dT2Aadg76BtdONFIV0wZpgHzO2OoQC6Cuc3HPWEkLpYmMPl
WiIo4vPj9whDgH5oykJ/+Ed+/1o3bjT/LPRAhMSNQDdySCsZCRSYFKZ6YSxi2ygh
l5KbNa5YMB4oyVQCDbt313ihXKBtJ1BP0R2DmSUpHpPqJ9HnuQlfArOo/kGrJRz2
NzGv3DySVFwekL2iR+bRmvCZmS3+9IbZL+NjMaZlk1b08nuGwu1ca3HOf5BbuHrq
vlUqa6wZHtbYYay3Surbns08lhd3Wp1W9jFpmOECAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBQrCLmRu65+fTRyUuzostyh4EUBrTAfBgNVHSMEGDAWgBSk+ENgA9N2AgJr
ZVMXVcqPzTG+0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BQaERZQVBUZGdJQ2EyVlRGMVhLajgweHZ0SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvNTE1NjA4LTUwMTItNGE0MC1iMzI0LTI3YmY4M2NkZWQ2Yi8x
L0t3aTVrYnV1Zm4wMGNsTHM2TExjb2VCRkFhMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
NTE1NjA4LTUwMTItNGE0MC1iMzI0LTI3YmY4M2NkZWQ2Yi8xL3BQaERZQVBUZGdJ
Q2EyVlRGMVhLajgweHZ0SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEBAU4kAMEBAWzUAMEAi4gnDAMAwQF
PgwgAwQDPgwwAwQFPnTAAwQFTengAwQEUFiAAwQFUsCgAwQEgrmAAwQA1GJgMA0G
CSqGSIb3DQEBCwUAA4IBAQAZuZiYalpCzKPJxWTaCX9APvmshQZPMb0nt/06kNfs
KCnwle5zfw+2XINnIUHxbxJvKPZriWVqlLzsLIgEzXa8qeNDaoLQlCggJL0M3xiW
19Ugc83yEeSkjTHxNv8MavSFDtA2udiZVDCwAIIjQ1ONp+Sxc7s496xoAwm9c4jg
Qqngm8D5eYLVtPl8J0gMKujPBZu549rh7dLoQLfhTvchL0LtkLu1m0YJKPVqiI2d
u3Pq6X0ZWL7SsaSqjBQteTyhYJ8kxO3K5ir0oEfbSW8RJ3NxTixeZbUH32AmG7CO
oVQA7pYzi3wel6BSKOZV1dmig9qMsbcdjTAR8fhB6jSZ
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:42:39 2025 by rpki-client