Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/kaO10IO_af1_NaRIL_SifdVr6w8.roa
File: kaO10IO_af1_NaRIL_SifdVr6w8.roa (raw, json)
Hash identifier: gUCSPbT16KWqd2NdkugpVh2KXqXN2hr8cLvLEBHYAk0=
Subject key identifier: 91:A3:B5:D0:83:BF:69:FD:7F:35:A4:48:2F:F4:A2:7D:D5:6B:EB:0F
Certificate issuer: /CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Certificate serial: 01856AF7C7E6754106A91C61CCC13BF4401E
Authority key identifier: 9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/kaO10IO_af1_NaRIL_SifdVr6w8.roa
Signing time: Sun 01 Jan 2023 01:35:01 +0000
ROA not before: Sun 01 Jan 2023 01:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8881
IP address blocks: 193.111.212.0/24 maxlen: 24
193.111.212.0/22 maxlen: 22
2001:67c:2878::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:f7:c7:e6:75:41:06:a9:1c:61:cc:c1:3b:f4:40:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Validity
Not Before: Jan 1 01:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91a3b5d083bf69fd7f35a4482ff4a27dd56beb0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0d:b3:25:dc:93:6d:05:7b:d5:ab:33:fd:3a:
64:6d:75:aa:f4:05:4f:a5:34:bd:b3:27:a7:a2:46:
33:fa:c3:4e:0a:85:c3:03:fc:9a:e7:93:02:32:df:
ac:03:05:a0:a4:e9:6d:5e:aa:99:90:57:ce:32:a8:
94:47:18:d1:64:87:73:26:89:10:81:e9:60:86:5c:
2c:8b:9d:c4:28:44:82:d3:0b:e1:61:53:c1:2e:7d:
81:df:45:3d:12:da:0f:24:e0:48:84:53:d6:60:66:
f9:ab:a0:5d:10:31:c4:cd:b6:1d:fd:f4:c2:50:01:
bb:ce:6e:a5:a7:0b:a1:4b:1e:e1:27:a5:f5:fd:14:
43:2a:36:be:67:61:9d:05:7e:e2:37:53:29:81:63:
69:fe:ab:d4:d3:46:59:1e:bf:5a:98:da:82:94:2d:
9b:16:f2:5e:32:42:87:cd:fc:0d:22:62:77:64:6a:
a0:08:5a:0f:38:a2:38:7f:bd:d8:44:89:83:9f:9e:
f2:55:34:24:77:72:84:f3:e7:cb:e8:61:fa:6e:0a:
70:7b:4f:3e:ec:60:3b:a6:50:e7:5c:a7:5b:59:92:
ea:7b:1c:dd:9b:59:e5:61:80:58:f8:55:32:10:e4:
b1:e6:23:29:31:51:9f:7f:8b:69:c0:ee:a8:96:0f:
1a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A3:B5:D0:83:BF:69:FD:7F:35:A4:48:2F:F4:A2:7D:D5:6B:EB:0F
X509v3 Authority Key Identifier:
keyid:9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/kaO10IO_af1_NaRIL_SifdVr6w8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.212.0/22
IPv6:
2001:67c:2878::/48
Signature Algorithm: sha256WithRSAEncryption
50:7a:dd:f8:6c:1f:17:31:7c:84:ed:bb:1b:91:cd:f7:e2:5f:
2c:b4:91:e8:7a:6a:f1:ff:05:e4:80:b8:50:3b:b1:78:91:ee:
26:e7:6c:d4:75:d5:a9:8a:9e:b5:f0:c1:cf:77:56:06:8b:6c:
0b:d9:6f:89:db:8c:26:98:5a:02:71:b7:5d:16:d2:ba:21:26:
14:72:14:39:2d:ed:5e:a8:17:23:ae:b6:8d:f8:2d:af:2c:88:
63:19:fc:5c:72:85:8b:2a:6a:af:48:3b:c9:9f:f1:1f:a0:13:
45:3f:85:34:fa:dc:14:1b:67:c1:31:e9:04:27:f1:8c:f2:6b:
e7:a2:68:e3:ef:5e:54:68:29:79:b7:be:36:b9:dd:f8:e4:bf:
ec:98:df:6b:b9:d1:e9:8d:33:79:1a:4e:08:a9:97:f8:c2:0b:
cc:0d:a3:f2:f1:a4:d2:50:63:1b:09:81:70:f3:2a:6f:20:e7:
3b:94:2b:d9:61:d2:41:cb:12:c1:88:41:e8:5a:3f:f2:7c:2a:
c3:68:56:99:88:e6:0d:aa:f6:ca:a2:51:1e:19:fa:18:7d:6e:
7c:60:7e:58:f9:e3:2c:cc:39:22:85:23:94:32:40:a3:3b:f2:
72:60:3b:cb:54:39:19:41:ef:02:85:1e:52:a8:86:fe:ef:ee:
34:3f:c3:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVq98fmdUEGqRxhzME79EAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTA1ZjJlNjdhMWU2MDRiM2Y5NjNjZTRjMzY3ZDE5NThi
ZDRiNzgwHhcNMjMwMTAxMDEzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWEzYjVkMDgzYmY2OWZkN2YzNWE0NDgyZmY0YTI3ZGQ1NmJlYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA2zJdyTbQV71asz/TpkbXWq9AVP
pTS9syenokYz+sNOCoXDA/ya55MCMt+sAwWgpOltXqqZkFfOMqiURxjRZIdzJokQ
gelghlwsi53EKESC0wvhYVPBLn2B30U9EtoPJOBIhFPWYGb5q6BdEDHEzbYd/fTC
UAG7zm6lpwuhSx7hJ6X1/RRDKja+Z2GdBX7iN1MpgWNp/qvU00ZZHr9amNqClC2b
FvJeMkKHzfwNImJ3ZGqgCFoPOKI4f73YRImDn57yVTQkd3KE8+fL6GH6bgpwe08+
7GA7plDnXKdbWZLqexzdm1nlYYBY+FUyEOSx5iMpMVGff4tpwO6olg8a2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJGjtdCDv2n9fzWkSC/0on3Va+sPMB8GA1UdIwQY
MBaAFJ5QXy5noeYEs/ljzkw2fRlYvUt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAt
MDg1NDI0NTRkMTZiLzEva2FPMTBJT19hZjFfTmFSSUxfU2lmZFZyNnc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAtMDg1NDI0NTRkMTZi
LzEvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwW/UMA8E
AgACMAkDBwAgAQZ8KHgwDQYJKoZIhvcNAQELBQADggEBAFB63fhsHxcxfITtuxuR
zffiXyy0keh6avH/BeSAuFA7sXiR7ibnbNR11amKnrXwwc93VgaLbAvZb4nbjCaY
WgJxt10W0rohJhRyFDkt7V6oFyOuto34La8siGMZ/FxyhYsqaq9IO8mf8R+gE0U/
hTT63BQbZ8Ex6QQn8Yzya+eiaOPvXlRoKXm3vja53fjkv+yY32u50emNM3kaTgip
l/jCC8wNo/LxpNJQYxsJgXDzKm8g5zuUK9lh0kHLEsGIQehaP/J8KsNoVpmI5g2q
9sqiUR4Z+hh9bnxgflj54yzMOSKFI5QyQKM78nJgO8tUORlB7wKFHlKohv7v7jQ/
wzE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:53:55 2025 by rpki-client