Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/0547bb-4408-491e-90a0-fa709a23ac74/1/ikRfAcrllHdpGNlC7JHnKF87QOE.roa
File: ikRfAcrllHdpGNlC7JHnKF87QOE.roa (raw, json)
Hash identifier: ylLhLB8QQKH++WPKmsou2ujPs+VoAK2hu2NEw6sYGKw=
Subject key identifier: 8A:44:5F:01:CA:E5:94:77:69:18:D9:42:EC:91:E7:28:5F:3B:40:E1
Certificate issuer: /CN=93fe8a95e5529d78e72047d4e35d1a7e9ad5c11a
Certificate serial: 01856C781FA4E9695C4B2B89F38931B8BFA1
Authority key identifier: 93:FE:8A:95:E5:52:9D:78:E7:20:47:D4:E3:5D:1A:7E:9A:D5:C1:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k_6KleVSnXjnIEfU410afprVwRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/0547bb-4408-491e-90a0-fa709a23ac74/1/ikRfAcrllHdpGNlC7JHnKF87QOE.roa
Signing time: Sun 01 Jan 2023 08:34:49 +0000
ROA not before: Sun 01 Jan 2023 08:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62336
IP address blocks: 185.193.44.0/24 maxlen: 24
212.122.128.0/19 maxlen: 19
2a10:fcc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:1f:a4:e9:69:5c:4b:2b:89:f3:89:31:b8:bf:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93fe8a95e5529d78e72047d4e35d1a7e9ad5c11a
Validity
Not Before: Jan 1 08:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a445f01cae594776918d942ec91e7285f3b40e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d8:20:6b:5d:19:15:70:bf:31:ec:2c:3e:f5:
b5:82:bd:ac:f5:3a:b0:09:22:d4:d9:e9:04:d0:60:
e6:c5:b9:fe:6e:21:f9:ca:8d:49:7c:c0:be:89:2f:
8a:aa:fa:49:da:f0:af:bb:61:4a:84:de:77:e6:1b:
36:76:8b:d0:3e:f8:a4:94:f6:31:19:41:ac:2f:a9:
36:7c:70:06:5a:9a:fe:61:e5:bf:08:35:8f:4f:e4:
2c:57:8a:3c:11:65:45:91:25:a8:8f:97:10:44:43:
7e:c1:43:91:e6:ad:04:01:f2:64:d5:4b:28:69:f9:
65:2e:62:a5:7b:7c:4a:0a:dd:85:9a:d2:67:7e:12:
b1:60:49:c9:d9:a8:1e:75:53:c4:54:75:52:09:d7:
b9:d2:7b:be:71:bf:46:1c:ba:6d:72:d5:ad:83:08:
c7:6a:8b:86:30:90:c5:e6:17:19:fd:eb:b8:40:cd:
c5:f6:cf:b8:ff:34:01:fd:d2:ee:b6:57:fc:c6:48:
5a:0b:61:8e:80:94:b4:00:14:14:b9:4e:51:da:5f:
8d:75:14:17:46:c1:73:78:13:58:37:33:b6:72:5c:
cb:2b:40:f2:7c:c0:42:09:c7:4d:86:a9:cb:0a:66:
83:f2:b2:bb:ea:85:82:ba:15:0d:e8:20:a9:35:e0:
fc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:44:5F:01:CA:E5:94:77:69:18:D9:42:EC:91:E7:28:5F:3B:40:E1
X509v3 Authority Key Identifier:
keyid:93:FE:8A:95:E5:52:9D:78:E7:20:47:D4:E3:5D:1A:7E:9A:D5:C1:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k_6KleVSnXjnIEfU410afprVwRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0547bb-4408-491e-90a0-fa709a23ac74/1/ikRfAcrllHdpGNlC7JHnKF87QOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0547bb-4408-491e-90a0-fa709a23ac74/1/k_6KleVSnXjnIEfU410afprVwRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.44.0/24
212.122.128.0/19
IPv6:
2a10:fcc0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:94:dc:4e:16:4f:55:19:29:36:b5:d4:50:77:1f:c6:79:7b:
96:de:18:f2:bf:11:79:84:f0:d3:b2:3d:15:a8:72:81:b3:88:
92:62:e2:7a:e5:f3:52:cb:48:fb:1d:47:35:52:10:ea:49:45:
b3:27:c9:51:b4:e5:d0:22:b8:9f:57:cd:24:a9:bf:63:4f:ec:
8d:d0:c4:a0:49:a8:44:7b:b5:bf:95:5f:78:a2:c6:8b:37:d2:
d8:0c:0c:d2:f3:84:11:35:a9:87:ce:84:40:04:d6:51:1c:38:
81:3f:af:63:7c:8c:16:44:28:ac:c4:56:0e:77:30:6c:3e:2e:
d4:20:ed:23:ee:56:e3:da:62:a4:ec:a2:55:c6:8b:a1:32:94:
26:63:03:ab:19:88:25:81:21:79:26:26:23:a3:17:3d:7c:42:
eb:40:40:8d:c4:dd:d7:a0:f7:98:31:4c:13:ac:54:35:a7:1a:
3c:d4:63:e4:3a:1a:fa:c6:d3:ff:37:ae:52:e7:45:40:81:67:
ef:9c:a0:b3:7e:74:39:dd:cb:39:8f:1d:17:57:a6:4e:97:66:
64:a5:cc:bb:56:e4:63:09:82:5a:bb:da:a7:ad:d7:88:2a:9b:
de:fc:38:77:d1:1b:d8:71:26:a6:1d:a7:38:e8:a6:cd:92:ab:
08:29:30:3c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVseB+k6WlcSyuJ84kxuL+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZmU4YTk1ZTU1MjlkNzhlNzIwNDdkNGUzNWQxYTdlOWFk
NWMxMWEwHhcNMjMwMTAxMDgzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQ0NWYwMWNhZTU5NDc3NjkxOGQ5NDJlYzkxZTcyODVmM2I0MGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtgga10ZFXC/MewsPvW1gr2s9Tqw
CSLU2ekE0GDmxbn+biH5yo1JfMC+iS+KqvpJ2vCvu2FKhN535hs2dovQPviklPYx
GUGsL6k2fHAGWpr+YeW/CDWPT+QsV4o8EWVFkSWoj5cQREN+wUOR5q0EAfJk1Uso
afllLmKle3xKCt2FmtJnfhKxYEnJ2agedVPEVHVSCde50nu+cb9GHLptctWtgwjH
aouGMJDF5hcZ/eu4QM3F9s+4/zQB/dLutlf8xkhaC2GOgJS0ABQUuU5R2l+NdRQX
RsFzeBNYNzO2clzLK0DyfMBCCcdNhqnLCmaD8rK76oWCuhUN6CCpNeD8pQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIpEXwHK5ZR3aRjZQuyR5yhfO0DhMB8GA1UdIwQY
MBaAFJP+ipXlUp145yBH1ONdGn6a1cEaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva182S2xlVlNuWGpuSUVmVTQxMGFmcHJWd1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wNTQ3YmItNDQwOC00OTFlLTkwYTAt
ZmE3MDlhMjNhYzc0LzEvaWtSZkFjcmxsSGRwR05sQzdKSG5LRjg3UU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wNTQ3YmItNDQwOC00OTFlLTkwYTAtZmE3MDlhMjNhYzc0
LzEva182S2xlVlNuWGpuSUVmVTQxMGFmcHJWd1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAucEsAwQF
1HqAMA0EAgACMAcDBQMqEPzAMA0GCSqGSIb3DQEBCwUAA4IBAQBLlNxOFk9VGSk2
tdRQdx/GeXuW3hjyvxF5hPDTsj0VqHKBs4iSYuJ65fNSy0j7HUc1UhDqSUWzJ8lR
tOXQIrifV80kqb9jT+yN0MSgSahEe7W/lV94osaLN9LYDAzS84QRNamHzoRABNZR
HDiBP69jfIwWRCisxFYOdzBsPi7UIO0j7lbj2mKk7KJVxouhMpQmYwOrGYglgSF5
JiYjoxc9fELrQECNxN3XoPeYMUwTrFQ1pxo81GPkOhr6xtP/N65S50VAgWfvnKCz
fnQ53cs5jx0XV6ZOl2Zkpcy7VuRjCYJau9qnrdeIKpve/Dh30RvYcSamHac46KbN
kqsIKTA8
-----END CERTIFICATE-----
Generated at Thu Apr 17 04:17:17 2025 by rpki-client