Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/ATFkCkp-wJllLwmIbbqHRyKnGlE.roa
File: ATFkCkp-wJllLwmIbbqHRyKnGlE.roa (raw, json)
Hash identifier: CagolYGLAHrJAFJNUY1V3QNL689URVKsRt0Znsk25UA=
Subject key identifier: 01:31:64:0A:4A:7E:C0:99:65:2F:09:88:6D:BA:87:47:22:A7:1A:51
Certificate issuer: /CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Certificate serial: 01856AF7C87FE47472905525F2D4442EC824
Authority key identifier: 9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/ATFkCkp-wJllLwmIbbqHRyKnGlE.roa
Signing time: Sun 01 Jan 2023 01:35:01 +0000
ROA not before: Sun 01 Jan 2023 01:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50030
IP address blocks: 193.111.212.0/22 maxlen: 24
2001:678:9b0::/48 maxlen: 48
2001:678:9c0::/48 maxlen: 48
2001:67c:2878::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:f7:c8:7f:e4:74:72:90:55:25:f2:d4:44:2e:c8:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Validity
Not Before: Jan 1 01:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0131640a4a7ec099652f09886dba874722a71a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:91:de:19:ab:ad:c2:57:18:99:6e:60:46:00:
cb:b6:90:ad:4d:cd:9b:b8:8a:bd:d2:a8:7f:7a:58:
47:3d:fc:c1:da:32:17:a0:a1:5e:69:b5:d4:34:75:
a9:f6:b5:2e:d5:57:89:10:73:18:c2:3c:2e:ac:2b:
22:70:4d:57:2e:8a:99:bf:49:92:7e:0e:53:9b:e1:
45:8a:2c:58:90:b7:8a:3a:e7:54:16:54:da:0f:a7:
5d:be:dc:ff:5f:41:98:87:1e:53:5a:3b:a3:2d:8e:
27:c6:4a:98:95:1f:ac:79:b8:10:c4:25:34:a5:5e:
f8:3f:d1:ee:74:93:84:54:a5:25:0d:b4:14:ec:4e:
e7:b4:37:7a:f2:e9:eb:3d:36:ea:ce:39:08:7c:04:
6d:cf:60:fe:b7:53:db:80:11:98:c8:b1:cf:43:3e:
7f:66:fc:10:a9:7e:7a:75:1d:c0:d5:de:91:63:00:
8d:57:d1:88:eb:46:d8:d9:1a:94:f5:7b:22:93:fd:
e5:c6:61:a1:55:26:33:7a:4f:88:9f:69:91:74:2a:
87:10:30:fd:b4:f8:29:3d:93:4b:98:3d:e0:3a:21:
5e:03:b6:7a:6d:56:2e:bc:c4:46:57:69:74:fb:9a:
cd:9b:fa:86:78:07:7c:5b:34:a2:cc:e8:83:72:50:
59:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:31:64:0A:4A:7E:C0:99:65:2F:09:88:6D:BA:87:47:22:A7:1A:51
X509v3 Authority Key Identifier:
keyid:9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/ATFkCkp-wJllLwmIbbqHRyKnGlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.212.0/22
IPv6:
2001:678:9b0::/48
2001:678:9c0::/48
2001:67c:2878::/48
Signature Algorithm: sha256WithRSAEncryption
8e:ca:43:65:e4:de:c6:f6:66:5e:78:3e:f8:eb:fa:ef:15:12:
33:62:80:df:b2:b5:b1:73:f9:cf:02:73:8e:dd:05:85:c3:b1:
d0:ca:f5:c3:6e:8e:d2:19:ad:de:2a:88:8d:4d:06:7f:cf:57:
6b:d0:16:8e:ee:6e:e2:40:c3:31:af:bb:b5:66:58:14:6c:38:
a5:6c:22:12:cb:5c:a8:c7:f7:54:ef:b7:fc:29:fa:d4:44:62:
0b:25:33:11:26:97:15:4d:11:ea:7c:d1:dd:55:56:9b:7d:12:
a3:19:f6:2d:1f:eb:09:cd:3c:ce:26:73:63:21:bc:5d:45:1d:
6c:f4:d4:72:1a:7b:ca:dc:2a:d3:c7:c6:dc:1f:55:82:09:02:
01:b5:88:bc:d8:46:92:c7:90:ab:4f:a5:b8:de:f2:ad:b9:a3:
1b:ec:b6:de:ea:cb:97:cc:79:90:c1:2d:b2:88:0d:d7:70:c1:
b6:7e:3f:40:b0:5e:e5:c6:57:94:4e:82:82:d3:45:f1:fe:5a:
8d:17:d1:67:fc:d5:78:d4:e7:7f:58:3c:54:47:e3:95:40:61:
78:57:b9:ba:cc:bf:f8:c5:ac:d9:b3:1c:29:36:fa:20:8d:b2:
6c:43:db:95:45:24:40:e3:82:ac:8f:80:d6:8a:bf:db:8f:03:
f9:66:2a:36
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVq98h/5HRykFUl8tRELsgkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTA1ZjJlNjdhMWU2MDRiM2Y5NjNjZTRjMzY3ZDE5NThi
ZDRiNzgwHhcNMjMwMTAxMDEzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTMxNjQwYTRhN2VjMDk5NjUyZjA5ODg2ZGJhODc0NzIyYTcxYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJHeGautwlcYmW5gRgDLtpCtTc2b
uIq90qh/elhHPfzB2jIXoKFeabXUNHWp9rUu1VeJEHMYwjwurCsicE1XLoqZv0mS
fg5Tm+FFiixYkLeKOudUFlTaD6ddvtz/X0GYhx5TWjujLY4nxkqYlR+sebgQxCU0
pV74P9HudJOEVKUlDbQU7E7ntDd68unrPTbqzjkIfARtz2D+t1PbgBGYyLHPQz5/
ZvwQqX56dR3A1d6RYwCNV9GI60bY2RqU9Xsik/3lxmGhVSYzek+In2mRdCqHEDD9
tPgpPZNLmD3gOiFeA7Z6bVYuvMRGV2l0+5rNm/qGeAd8WzSizOiDclBZiwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFAExZApKfsCZZS8JiG26h0cipxpRMB8GA1UdIwQY
MBaAFJ5QXy5noeYEs/ljzkw2fRlYvUt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAt
MDg1NDI0NTRkMTZiLzEvQVRGa0NrcC13SmxsTHdtSWJicUhSeUtuR2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAtMDg1NDI0NTRkMTZi
LzEvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQCwW/UMCEE
AgACMBsDBwAgAQZ4CbADBwAgAQZ4CcADBwAgAQZ8KHgwDQYJKoZIhvcNAQELBQAD
ggEBAI7KQ2Xk3sb2Zl54Pvjr+u8VEjNigN+ytbFz+c8Cc47dBYXDsdDK9cNujtIZ
rd4qiI1NBn/PV2vQFo7ubuJAwzGvu7VmWBRsOKVsIhLLXKjH91Tvt/wp+tREYgsl
MxEmlxVNEep80d1VVpt9EqMZ9i0f6wnNPM4mc2MhvF1FHWz01HIae8rcKtPHxtwf
VYIJAgG1iLzYRpLHkKtPpbje8q25oxvstt7qy5fMeZDBLbKIDddwwbZ+P0CwXuXG
V5ROgoLTRfH+Wo0X0Wf81XjU539YPFRH45VAYXhXubrMv/jFrNmzHCk2+iCNsmxD
25VFJEDjgqyPgNaKv9uPA/lmKjY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:48 2025 by rpki-client