Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/kK0PJg3uQzBjvxBYUPCTkeI1zeI.roa
File: kK0PJg3uQzBjvxBYUPCTkeI1zeI.roa (raw, json)
Hash identifier: SW+jvptfOK/vjBl5pAO5Nv6yiuoAnTyy3CxNi3UtVe8=
Subject key identifier: 90:AD:0F:26:0D:EE:43:30:63:BF:10:58:50:F0:93:91:E2:35:CD:E2
Certificate issuer: /CN=b7ed30e96ea56b980e6b793d1a86c62dd5c0bc1f
Certificate serial: 018C581416D1E38D7CC608D8CEEFD3D871A5
Authority key identifier: B7:ED:30:E9:6E:A5:6B:98:0E:6B:79:3D:1A:86:C6:2D:D5:C0:BC:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t-0w6W6la5gOa3k9GobGLdXAvB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/kK0PJg3uQzBjvxBYUPCTkeI1zeI.roa
Signing time: Mon 11 Dec 2023 08:52:40 +0000
ROA not before: Mon 11 Dec 2023 08:52:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213208
IP address blocks: 37.200.85.0/24 maxlen: 24
2a07:5201:1::/48 maxlen: 48
2a07:5202::/48 maxlen: 48
2a07:5200::/48 maxlen: 48
2a07:5202:1::/48 maxlen: 48
2a07:5201::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:14:16:d1:e3:8d:7c:c6:08:d8:ce:ef:d3:d8:71:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7ed30e96ea56b980e6b793d1a86c62dd5c0bc1f
Validity
Not Before: Dec 11 08:52:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90ad0f260dee433063bf105850f09391e235cde2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:70:3d:10:12:3b:16:4a:b5:12:f3:3d:d0:04:
de:2b:46:0f:9c:46:86:94:2c:d0:e8:c2:fa:4f:4c:
d9:be:10:4e:f9:dc:7d:3a:de:5d:25:35:ed:18:7a:
50:e5:cd:95:da:3b:1f:25:71:eb:d6:e2:ee:62:31:
b2:4d:03:08:67:5f:68:ad:1a:f1:58:8f:f0:7f:38:
3e:8c:a3:31:43:da:b7:33:07:61:dc:85:39:13:1f:
c1:2c:a2:df:10:b6:b0:fa:3e:22:e2:a3:1f:f8:68:
16:62:d5:f8:88:8f:21:7b:c2:3d:26:ce:9e:99:4b:
e1:5d:97:05:8e:03:bc:64:d0:e1:04:d8:48:f0:d4:
0e:33:86:56:33:18:e9:79:fa:a4:cf:75:b9:e4:fa:
6e:a0:c7:95:59:48:fc:aa:ff:08:0a:49:77:c4:44:
4b:1d:0e:c1:d0:f2:d9:2b:e0:3e:c4:20:51:fe:a7:
db:ae:8e:2b:ad:51:fb:72:77:33:6e:f0:ce:88:ca:
f4:3d:aa:ba:2e:60:93:16:ab:70:9e:34:83:ed:a5:
ea:68:29:b2:8d:b2:b5:d3:fc:d4:5a:1b:72:54:b2:
3f:4b:91:46:28:3b:29:90:25:ce:9a:6b:c2:2f:25:
2a:67:a2:46:7e:b2:8b:97:4c:21:6c:3e:68:38:ab:
52:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:AD:0F:26:0D:EE:43:30:63:BF:10:58:50:F0:93:91:E2:35:CD:E2
X509v3 Authority Key Identifier:
keyid:B7:ED:30:E9:6E:A5:6B:98:0E:6B:79:3D:1A:86:C6:2D:D5:C0:BC:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t-0w6W6la5gOa3k9GobGLdXAvB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/kK0PJg3uQzBjvxBYUPCTkeI1zeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/fa79dd-0fca-4661-8864-955537cb69f2/1/t-0w6W6la5gOa3k9GobGLdXAvB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.200.85.0/24
IPv6:
2a07:5200::/48
2a07:5201::/47
2a07:5202::/47
Signature Algorithm: sha256WithRSAEncryption
42:ce:e4:22:b2:21:fe:17:23:fe:c6:af:90:02:e2:a3:a1:d5:
a0:73:ed:39:47:ea:e6:14:71:89:73:83:8e:c8:78:b7:d3:d0:
03:0e:ee:0d:c3:75:b1:c9:58:23:fe:41:a7:7a:d7:de:a8:f4:
65:f8:d5:cf:97:a5:08:7f:13:c1:0d:17:3f:62:6e:69:0d:b8:
b4:a3:c7:db:1a:d2:d3:33:bf:31:ae:ce:25:c7:82:03:69:9f:
67:2e:6d:55:b7:f6:39:8b:b7:77:af:be:24:5b:5b:9f:f8:70:
69:a8:c5:d3:b9:7f:bf:1a:e4:c7:bc:c5:01:5b:41:0b:24:91:
0f:19:fb:08:21:00:60:a5:78:f7:00:b9:cb:7a:34:a0:f7:d9:
f6:74:e8:42:b2:26:1b:1e:99:40:7e:b0:ee:61:fc:f9:cc:97:
1e:1f:6d:59:2d:c8:60:10:1d:21:39:51:8f:28:01:2e:a5:5d:
a1:10:39:aa:ec:37:24:71:d6:39:22:6a:71:7b:45:26:b6:c6:
6f:9b:37:f2:59:86:1a:3d:75:a4:a3:22:e0:ea:dd:b7:e3:a0:
8f:9a:bc:4b:2b:03:25:92:51:2d:3e:ae:f6:a3:4f:30:07:7f:
f8:e2:6c:1a:62:b1:7b:3f:3a:5f:3f:e9:e6:a7:6f:4a:a5:68:
b9:7f:69:b1
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYxYFBbR4418xgjYzu/T2HGlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZWQzMGU5NmVhNTZiOTgwZTZiNzkzZDFhODZjNjJkZDVj
MGJjMWYwHhcNMjMxMjExMDg1MjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGFkMGYyNjBkZWU0MzMwNjNiZjEwNTg1MGYwOTM5MWUyMzVjZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XA9EBI7Fkq1EvM90ATeK0YPnEaG
lCzQ6ML6T0zZvhBO+dx9Ot5dJTXtGHpQ5c2V2jsfJXHr1uLuYjGyTQMIZ19orRrx
WI/wfzg+jKMxQ9q3Mwdh3IU5Ex/BLKLfELaw+j4i4qMf+GgWYtX4iI8he8I9Js6e
mUvhXZcFjgO8ZNDhBNhI8NQOM4ZWMxjpefqkz3W55PpuoMeVWUj8qv8ICkl3xERL
HQ7B0PLZK+A+xCBR/qfbro4rrVH7cnczbvDOiMr0Paq6LmCTFqtwnjSD7aXqaCmy
jbK10/zUWhtyVLI/S5FGKDspkCXOmmvCLyUqZ6JGfrKLl0whbD5oOKtShQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJCtDyYN7kMwY78QWFDwk5HiNc3iMB8GA1UdIwQY
MBaAFLftMOlupWuYDmt5PRqGxi3VwLwfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdC0wdzZXNmxhNWdPYTNrOUdvYkdMZFhBdkI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9mYTc5ZGQtMGZjYS00NjYxLTg4NjQt
OTU1NTM3Y2I2OWYyLzEva0swUEpnM3VRekJqdnhCWVVQQ1RrZUkxemVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9mYTc5ZGQtMGZjYS00NjYxLTg4NjQtOTU1NTM3Y2I2OWYy
LzEvdC0wdzZXNmxhNWdPYTNrOUdvYkdMZFhBdkI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAJchVMCEE
AgACMBsDBwAqB1IAAAADBwEqB1IBAAADBwEqB1ICAAAwDQYJKoZIhvcNAQELBQAD
ggEBAELO5CKyIf4XI/7Gr5AC4qOh1aBz7TlH6uYUcYlzg47IeLfT0AMO7g3DdbHJ
WCP+Qad6196o9GX41c+XpQh/E8ENFz9ibmkNuLSjx9sa0tMzvzGuziXHggNpn2cu
bVW39jmLt3evviRbW5/4cGmoxdO5f78a5Me8xQFbQQskkQ8Z+wghAGClePcAuct6
NKD32fZ06EKyJhsemUB+sO5h/PnMlx4fbVktyGAQHSE5UY8oAS6lXaEQOarsNyRx
1jkianF7RSa2xm+bN/JZhho9daSjIuDq3bfjoI+avEsrAyWSUS0+rvajTzAHf/ji
bBpisXs/Ol8/6eanb0qlaLl/abE=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:35:06 2025 by rpki-client