Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/61db6b-1d73-4ec2-8be0-f37cbaf7ce5a/1/krlkceDGI50K1zgtXQh3OF4UPZ0.roa
File: krlkceDGI50K1zgtXQh3OF4UPZ0.roa (raw, json)
Hash identifier: pYafcF9yvCZDYPhHX9FtKDxvf90421QYfmbGuyJlTgw=
Subject key identifier: 92:B9:64:71:E0:C6:23:9D:0A:D7:38:2D:5D:08:77:38:5E:14:3D:9D
Certificate issuer: /CN=3a7b03913e3a285efe51cdac65f5504c87a34460
Certificate serial: 03B96A03
Authority key identifier: 3A:7B:03:91:3E:3A:28:5E:FE:51:CD:AC:65:F5:50:4C:87:A3:44:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OnsDkT46KF7-Uc2sZfVQTIejRGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/61db6b-1d73-4ec2-8be0-f37cbaf7ce5a/1/krlkceDGI50K1zgtXQh3OF4UPZ0.roa
Signing time: Sat 01 Jan 2022 09:55:23 +0000
ROA not before: Sat 01 Jan 2022 09:55:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35043
IP address blocks: 185.95.181.0/24 maxlen: 24
185.95.182.0/24 maxlen: 24
185.95.180.0/24 maxlen: 24
185.95.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62482947 (0x3b96a03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a7b03913e3a285efe51cdac65f5504c87a34460
Validity
Not Before: Jan 1 09:55:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92b96471e0c6239d0ad7382d5d0877385e143d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:88:10:70:0b:8d:87:bc:3a:e8:1e:45:db:f0:
ea:c4:b2:7d:c3:e9:e3:00:03:7c:cf:2a:2c:fa:10:
e2:2d:19:23:66:86:1b:a2:15:5a:e9:aa:00:68:05:
ba:65:37:df:05:a8:f5:d4:0a:f2:e3:6f:b5:e1:2f:
8c:ad:2d:f2:70:35:73:fc:5a:7b:32:04:41:1c:a1:
ca:bf:94:10:ee:a8:4e:fc:33:82:da:96:2c:71:e1:
94:e6:8e:4b:ef:43:a5:7f:de:50:8b:9c:e1:5c:98:
8b:cc:4e:fd:41:15:00:bc:c6:a2:c4:b1:51:fe:8f:
c7:28:e6:89:df:9a:0f:90:b8:66:de:bc:dd:7c:26:
36:2f:25:fe:a1:90:1f:61:94:c5:61:f6:83:ac:0c:
c2:6f:94:71:c6:29:8c:39:ec:ce:f9:7f:13:3c:3b:
fb:65:a9:c0:e1:a0:89:51:cf:eb:74:e0:7d:2b:ab:
81:c5:86:93:16:b3:c6:1e:99:b3:58:d3:cd:d7:8d:
ee:52:f4:4b:8b:ac:d3:0d:0c:ab:53:bc:52:15:40:
4c:b3:7c:f5:53:8c:f7:cc:aa:bd:36:5c:e0:23:47:
33:e4:81:07:84:9c:41:38:f0:d3:48:33:9d:16:52:
19:47:58:6e:a0:57:83:50:10:97:6e:c9:9c:38:8a:
a8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B9:64:71:E0:C6:23:9D:0A:D7:38:2D:5D:08:77:38:5E:14:3D:9D
X509v3 Authority Key Identifier:
keyid:3A:7B:03:91:3E:3A:28:5E:FE:51:CD:AC:65:F5:50:4C:87:A3:44:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnsDkT46KF7-Uc2sZfVQTIejRGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/61db6b-1d73-4ec2-8be0-f37cbaf7ce5a/1/krlkceDGI50K1zgtXQh3OF4UPZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/61db6b-1d73-4ec2-8be0-f37cbaf7ce5a/1/OnsDkT46KF7-Uc2sZfVQTIejRGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.180.0/22
Signature Algorithm: sha256WithRSAEncryption
71:cc:74:d1:df:25:bd:b0:14:12:7b:dc:02:46:5a:8b:62:d9:
50:48:9b:49:92:3d:10:8c:75:2f:07:90:bf:4e:17:3e:12:de:
15:2f:20:2b:97:f8:45:c8:c4:4f:20:11:3f:02:9c:df:94:fc:
b6:9f:0a:e6:79:b4:a8:88:86:57:98:71:41:09:da:f7:a1:30:
17:23:57:48:f6:1e:6b:80:3f:ac:d2:56:9a:f9:bf:82:88:0b:
1c:ff:11:e9:4f:2a:3f:63:0c:43:3a:aa:bf:90:55:47:de:86:
db:03:42:a5:97:6d:27:d7:97:0e:25:3f:5a:cb:fe:63:5d:b6:
4d:90:60:30:78:65:e8:60:bd:22:37:8e:a7:13:42:75:46:a2:
79:8e:75:53:c4:a0:81:a7:1f:18:88:e3:1d:69:89:ec:38:10:
db:5a:c7:bb:4f:33:ea:cb:d0:6f:dd:0b:4f:ee:12:2c:49:93:
27:d7:99:22:cf:b5:6e:9b:b3:1f:64:71:2d:aa:02:e1:80:28:
88:15:d0:c7:0f:8c:08:80:ca:2f:e2:bc:a2:35:4d:4a:de:15:
e3:6b:65:0e:57:67:c2:d1:aa:d5:a1:04:bb:f1:4e:53:e6:36:
aa:a3:a3:35:df:de:c2:bd:c2:24:ba:d0:6a:9c:1f:d0:db:12:
25:7f:26:4d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA7lqAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YTdiMDM5MTNlM2EyODVlZmU1MWNkYWM2NWY1NTA0Yzg3YTM0NDYwMB4XDTIyMDEw
MTA5NTUyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTJiOTY0NzFlMGM2
MjM5ZDBhZDczODJkNWQwODc3Mzg1ZTE0M2Q5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANWIEHALjYe8OugeRdvw6sSyfcPp4wADfM8qLPoQ4i0ZI2aG
G6IVWumqAGgFumU33wWo9dQK8uNvteEvjK0t8nA1c/xaezIEQRyhyr+UEO6oTvwz
gtqWLHHhlOaOS+9DpX/eUIuc4VyYi8xO/UEVALzGosSxUf6Pxyjmid+aD5C4Zt68
3XwmNi8l/qGQH2GUxWH2g6wMwm+UccYpjDnszvl/Ezw7+2WpwOGgiVHP63TgfSur
gcWGkxazxh6Zs1jTzdeN7lL0S4us0w0Mq1O8UhVATLN89VOM98yqvTZc4CNHM+SB
B4ScQTjw00gznRZSGUdYbqBXg1AQl27JnDiKqNUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSSuWRx4MYjnQrXOC1dCHc4XhQ9nTAfBgNVHSMEGDAWgBQ6ewORPjooXv5R
zaxl9VBMh6NEYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09uc0RrVDQ2S0Y3LVVjMnNaZlZRVEllalJHQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvNjFkYjZiLTFkNzMtNGVjMi04YmUwLWYzN2NiYWY3Y2U1YS8x
L2tybGtjZURHSTUwSzF6Z3RYUWgzT0Y0VVBaMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
NjFkYjZiLTFkNzMtNGVjMi04YmUwLWYzN2NiYWY3Y2U1YS8xL09uc0RrVDQ2S0Y3
LVVjMnNaZlZRVEllalJHQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlftDANBgkqhkiG9w0BAQsFAAOC
AQEAccx00d8lvbAUEnvcAkZai2LZUEibSZI9EIx1LweQv04XPhLeFS8gK5f4RcjE
TyARPwKc35T8tp8K5nm0qIiGV5hxQQna96EwFyNXSPYea4A/rNJWmvm/gogLHP8R
6U8qP2MMQzqqv5BVR96G2wNCpZdtJ9eXDiU/Wsv+Y122TZBgMHhl6GC9IjeOpxNC
dUaieY51U8SggacfGIjjHWmJ7DgQ21rHu08z6svQb90LT+4SLEmTJ9eZIs+1bpuz
H2RxLaoC4YAoiBXQxw+MCIDKL+K8ojVNSt4V42tlDldnwtGq1aEEu/FOU+Y2qqOj
Nd/ewr3CJLrQapwf0NsSJX8mTQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:57 2025 by rpki-client