Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/kwL_chKc5JI2Hnr1759cDFYIfFY.roa
File: kwL_chKc5JI2Hnr1759cDFYIfFY.roa (raw, json)
Hash identifier: VpkltsPzk/VosFJDABM22KN5kYfnDyMpn/3WmVj+xNA=
Subject key identifier: 93:02:FF:72:12:9C:E4:92:36:1E:7A:F5:EF:9F:5C:0C:56:08:7C:56
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 01865F42C89B81F0F73397B789253D0C5AE4
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/kwL_chKc5JI2Hnr1759cDFYIfFY.roa
Signing time: Fri 17 Feb 2023 12:04:17 +0000
ROA not before: Fri 17 Feb 2023 12:04:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207021
IP address blocks: 2001:678:20::/48 maxlen: 48
2a02:850:ffe5::/48 maxlen: 48
2a02:850:ffe0::/48 maxlen: 48
2001:67c:1bc::/48 maxlen: 48
2a02:850:ffe6::/48 maxlen: 48
2a02:850:ffe7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:42:c8:9b:81:f0:f7:33:97:b7:89:25:3d:0c:5a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Feb 17 12:04:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9302ff72129ce492361e7af5ef9f5c0c56087c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5b:22:c4:a3:7c:6c:20:98:07:dd:5c:9d:e6:
cb:1c:35:6a:9d:b3:ae:34:51:2b:62:25:b1:33:21:
e3:37:ff:24:eb:97:0a:9a:73:dc:fd:f7:69:84:8b:
39:5f:1d:c5:70:53:41:fc:2e:50:35:33:50:66:a7:
1d:19:30:56:60:41:46:44:3e:d7:e8:9a:fd:e1:04:
2e:01:f4:c0:1e:c3:b9:41:0a:85:09:32:a2:a8:08:
e7:e8:2e:49:7e:3c:45:8a:5a:89:d0:3d:98:c6:b2:
47:c6:da:36:21:74:ba:9d:3e:3a:ce:65:23:e4:27:
79:6e:86:f0:83:e3:7e:60:96:a0:d4:e7:b1:af:80:
a9:e4:aa:9b:7a:59:35:48:01:5e:99:72:f9:85:4e:
d4:d0:e4:68:64:df:22:e0:a0:82:c4:30:2d:c6:80:
fc:1a:a7:04:a8:c0:a3:62:6e:41:8c:54:86:de:80:
c8:75:2d:6b:f6:04:ed:99:ec:8c:6c:7d:cb:1e:73:
42:af:f9:f4:c8:45:03:e8:fb:fe:cb:b5:7e:91:6c:
43:21:c0:ee:23:18:f0:b5:cf:48:53:b1:39:de:29:
53:a4:45:01:a5:76:40:de:9c:91:9b:b3:c0:de:f4:
75:34:98:7b:6e:e7:05:30:7f:b8:12:3a:3a:82:57:
69:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:02:FF:72:12:9C:E4:92:36:1E:7A:F5:EF:9F:5C:0C:56:08:7C:56
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/kwL_chKc5JI2Hnr1759cDFYIfFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:20::/48
2001:67c:1bc::/48
2a02:850:ffe0::/48
2a02:850:ffe5::-2a02:850:ffe7:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7e:7d:cf:0b:71:b2:d1:d0:53:c5:d1:cb:1e:28:66:a4:16:57:
52:2f:bd:32:fc:4a:c5:9c:eb:a8:62:84:72:a0:a9:2c:8e:01:
37:ee:1b:f8:d1:a9:38:95:e8:32:7d:e1:d9:40:39:fb:3c:09:
dd:1e:7d:96:02:80:4b:6d:ff:aa:4c:a9:d8:4b:e8:84:af:21:
8c:ff:9b:c5:c7:1d:01:36:e7:89:48:a6:6f:f3:1f:4d:bb:ae:
a0:d0:b7:02:0c:d4:ba:d2:dd:f4:42:bb:d7:bf:0e:cf:55:bb:
34:d7:76:65:6d:64:58:f7:0b:33:bb:aa:1b:2c:ed:3b:4b:50:
8c:d2:a1:59:2d:db:96:a8:c5:69:da:2c:f8:bf:ba:72:02:96:
c8:8d:a5:ff:3e:62:56:e8:f4:d0:fc:a5:c1:c0:e9:26:1f:a5:
36:72:11:e5:17:ab:95:0c:f9:6f:25:05:f7:24:b4:a6:eb:cb:
5b:6a:d5:9a:8f:26:bd:b5:33:ef:1c:9a:ff:7a:ea:d0:c5:fa:
d3:00:21:fd:b3:62:ff:5d:f1:04:ec:1d:c4:e1:28:11:bb:22:
7d:1a:55:5a:92:ec:d7:0f:fd:a9:b9:12:84:2a:5c:32:7e:6c:
2a:8a:26:0a:20:88:d7:41:f1:54:b6:b0:83:55:7a:4e:b3:30:
2c:24:bf:99
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYZfQsibgfD3M5e3iSU9DFrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjMwMjE3MTIwNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzAyZmY3MjEyOWNlNDkyMzYxZTdhZjVlZjlmNWMwYzU2MDg3YzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1sixKN8bCCYB91cnebLHDVqnbOu
NFErYiWxMyHjN/8k65cKmnPc/fdphIs5Xx3FcFNB/C5QNTNQZqcdGTBWYEFGRD7X
6Jr94QQuAfTAHsO5QQqFCTKiqAjn6C5JfjxFilqJ0D2YxrJHxto2IXS6nT46zmUj
5Cd5bobwg+N+YJag1Oexr4Cp5Kqbelk1SAFemXL5hU7U0ORoZN8i4KCCxDAtxoD8
GqcEqMCjYm5BjFSG3oDIdS1r9gTtmeyMbH3LHnNCr/n0yEUD6Pv+y7V+kWxDIcDu
Ixjwtc9IU7E53ilTpEUBpXZA3pyRm7PA3vR1NJh7bucFMH+4Ejo6gldpdQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJMC/3ISnOSSNh569e+fXAxWCHxWMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEva3dMX2NoS2M1SkkySG5yMTc1OWNERllJZkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvAwcAIAEGeAAg
AwcAIAEGfAG8AwcAKgIIUP/gMBIDBwAqAghQ/+UDBwMqAghQ/+AwDQYJKoZIhvcN
AQELBQADggEBAH59zwtxstHQU8XRyx4oZqQWV1IvvTL8SsWc66hihHKgqSyOATfu
G/jRqTiV6DJ94dlAOfs8Cd0efZYCgEtt/6pMqdhL6ISvIYz/m8XHHQE254lIpm/z
H027rqDQtwIM1LrS3fRCu9e/Ds9VuzTXdmVtZFj3CzO7qhss7TtLUIzSoVkt25ao
xWnaLPi/unIClsiNpf8+Ylbo9ND8pcHA6SYfpTZyEeUXq5UM+W8lBfcktKbry1tq
1ZqPJr21M+8cmv966tDF+tMAIf2zYv9d8QTsHcThKBG7In0aVVqS7NcP/am5EoQq
XDJ+bCqKJgogiNdB8VS2sINVek6zMCwkv5k=
-----END CERTIFICATE-----
Generated at Thu Jun 12 10:07:05 2025 by rpki-client