Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kqlckMVaGrycJbXSEKyY0UJc0KM.roa
File: kqlckMVaGrycJbXSEKyY0UJc0KM.roa (raw, json)
Hash identifier: xXirwYVf3xbri0+JHEM0B99+MIg25oGWPwHzI5LLzX8=
Subject key identifier: 92:A9:5C:90:C5:5A:1A:BC:9C:25:B5:D2:10:AC:98:D1:42:5C:D0:A3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01840EE13B06F371C4F72D38B7DBF2BAA0E0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kqlckMVaGrycJbXSEKyY0UJc0KM.roa
Signing time: Tue 25 Oct 2022 11:22:32 +0000
ROA not before: Tue 25 Oct 2022 11:22:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197540
IP address blocks: 194.87.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0e:e1:3b:06:f3:71:c4:f7:2d:38:b7:db:f2:ba:a0:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 25 11:22:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92a95c90c55a1abc9c25b5d210ac98d1425cd0a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:eb:78:3f:a8:f0:0a:71:a4:98:82:78:f9:1e:
71:42:c3:77:a5:74:de:b1:0e:16:25:70:92:95:90:
9a:ab:13:ba:32:71:82:03:9c:51:1f:44:b6:35:09:
c8:97:5b:57:f0:6c:21:52:e1:16:7f:35:40:ff:8c:
1c:c4:0c:16:d2:e8:73:49:48:be:6d:1a:00:fe:fd:
97:27:ae:7d:1a:32:be:45:22:cc:67:1f:cc:b5:cc:
24:d7:4e:29:d8:e0:fc:72:48:17:ec:4d:d0:6c:c6:
b2:bd:bf:a4:1b:58:11:85:1f:7e:5c:e6:6f:f7:25:
4d:54:35:fd:13:ac:1f:76:8b:4b:94:b3:46:8a:d2:
31:48:33:7e:7b:aa:4c:70:12:07:bb:aa:03:47:16:
92:76:79:df:02:07:c7:c1:e4:ba:89:1c:df:16:83:
b5:15:54:d1:77:0a:7f:6e:a0:25:f9:96:36:2d:bf:
57:2e:39:28:f6:a8:0f:cb:7d:dd:95:76:d2:bc:8c:
2a:5a:4c:92:d4:44:e3:f6:7b:b1:49:ff:e8:f6:c6:
a0:59:a9:8b:82:b2:c8:70:f7:34:2b:0e:05:76:fa:
fd:51:b7:3e:70:3c:15:70:8b:d5:ee:73:2b:93:f3:
9f:46:7f:4c:99:32:e0:2a:9d:d9:66:e1:5b:e4:e5:
de:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A9:5C:90:C5:5A:1A:BC:9C:25:B5:D2:10:AC:98:D1:42:5C:D0:A3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kqlckMVaGrycJbXSEKyY0UJc0KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.224.0/24
Signature Algorithm: sha256WithRSAEncryption
86:32:2c:08:e8:d2:bc:62:77:a8:68:0d:58:4e:14:2b:1a:17:
12:d7:28:47:d2:dd:ff:69:00:a1:0e:9a:b5:7d:b4:e7:d2:11:
33:0c:66:c5:f2:c1:07:3e:f2:ea:8f:73:f5:fe:8a:be:0b:97:
64:70:f0:0a:30:da:c4:e7:ee:b4:a3:f0:70:04:6d:5f:48:87:
17:22:5a:57:24:cf:c6:17:24:bd:ad:f0:4d:7a:57:4f:8c:9a:
6f:d0:47:eb:13:f2:c8:a9:bf:86:b6:ab:2b:86:43:0b:d8:d2:
5a:a4:4f:1c:9a:9a:4e:01:56:72:45:fa:e5:23:27:40:06:ee:
68:66:e0:a4:83:d7:82:06:f2:52:3d:1b:fb:4d:51:4a:c8:d3:
10:ac:fe:80:5b:a3:7e:82:57:f6:dd:68:99:bf:8e:7b:d2:1a:
39:4e:f5:91:29:af:bc:d6:cc:1b:02:84:6c:26:a7:6c:16:96:
d0:85:2e:dd:90:37:a7:ab:86:be:4a:e6:08:91:88:69:14:8a:
30:46:76:94:83:5f:e9:67:24:f8:19:e4:09:98:b6:9f:91:97:
8d:09:89:0d:19:e3:e0:6b:e2:9d:a2:f9:9e:26:0f:ca:3a:a0:
75:8b:40:64:c6:c9:55:af:03:7e:ef:48:5e:2d:c7:60:3d:5e:
32:9b:e9:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQO4TsG83HE9y04t9vyuqDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDI1MTEyMjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmE5NWM5MGM1NWExYWJjOWMyNWI1ZDIxMGFjOThkMTQyNWNkMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApet4P6jwCnGkmIJ4+R5xQsN3pXTe
sQ4WJXCSlZCaqxO6MnGCA5xRH0S2NQnIl1tX8GwhUuEWfzVA/4wcxAwW0uhzSUi+
bRoA/v2XJ659GjK+RSLMZx/Mtcwk104p2OD8ckgX7E3QbMayvb+kG1gRhR9+XOZv
9yVNVDX9E6wfdotLlLNGitIxSDN+e6pMcBIHu6oDRxaSdnnfAgfHweS6iRzfFoO1
FVTRdwp/bqAl+ZY2Lb9XLjko9qgPy33dlXbSvIwqWkyS1ETj9nuxSf/o9sagWamL
grLIcPc0Kw4Fdvr9Ubc+cDwVcIvV7nMrk/OfRn9MmTLgKp3ZZuFb5OXeEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJKpXJDFWhq8nCW10hCsmNFCXNCjMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva3FsY2tNVmFHcnljSmJYU0VLeVkwVUpjMEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlfgMA0G
CSqGSIb3DQEBCwUAA4IBAQCGMiwI6NK8YneoaA1YThQrGhcS1yhH0t3/aQChDpq1
fbTn0hEzDGbF8sEHPvLqj3P1/oq+C5dkcPAKMNrE5+60o/BwBG1fSIcXIlpXJM/G
FyS9rfBNeldPjJpv0EfrE/LIqb+GtqsrhkML2NJapE8cmppOAVZyRfrlIydABu5o
ZuCkg9eCBvJSPRv7TVFKyNMQrP6AW6N+glf23WiZv4570ho5TvWRKa+81swbAoRs
JqdsFpbQhS7dkDenq4a+SuYIkYhpFIowRnaUg1/pZyT4GeQJmLafkZeNCYkNGePg
a+KdovmeJg/KOqB1i0BkxslVrwN+70heLcdgPV4ym+nl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:10 2023 by rpki-client on console-fra.rpki-client.org