Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/kTR-BRUt9iojGU0TweHtmzxcjEU.roa
File: kTR-BRUt9iojGU0TweHtmzxcjEU.roa (raw, json)
Hash identifier: AR4oCBFiHdTWXwRFJPDIL0wyQZiM34xwsSKcTEg6mQU=
Subject key identifier: 91:34:7E:05:15:2D:F6:2A:23:19:4D:13:C1:E1:ED:9B:3C:5C:8C:45
Certificate issuer: /CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Certificate serial: 01878E4E31C8374FACB29829AE56A6578E89
Authority key identifier: 1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/kTR-BRUt9iojGU0TweHtmzxcjEU.roa
Signing time: Mon 17 Apr 2023 08:21:41 +0000
ROA not before: Mon 17 Apr 2023 08:21:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204316
IP address blocks: 194.145.115.0/24 maxlen: 24
2a12:dc40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:4e:31:c8:37:4f:ac:b2:98:29:ae:56:a6:57:8e:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Validity
Not Before: Apr 17 08:21:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91347e05152df62a23194d13c1e1ed9b3c5c8c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bd:d0:c4:c0:57:89:35:83:8d:df:12:71:da:
2c:0e:c3:65:12:67:ea:e3:0e:91:b6:89:73:f9:ad:
69:50:f8:e0:d0:6c:59:be:dd:3a:7f:3b:a9:26:c4:
9d:18:69:36:7f:c7:f5:1a:6c:fe:05:33:2a:c5:09:
20:2a:a6:80:92:69:75:b8:85:40:80:b0:13:73:fe:
e9:49:ce:df:5d:b0:a4:21:5b:d0:30:55:8e:f7:a6:
9b:fe:12:65:15:fa:23:3f:42:c6:26:3e:cf:8f:f9:
5c:9e:95:4c:50:d6:44:4c:b3:d7:25:bb:ee:f5:2c:
7f:40:aa:c6:3d:b0:31:9a:e2:eb:0c:c2:ee:99:72:
ac:cc:7b:63:1d:76:87:23:9b:9d:7a:23:33:78:a6:
a1:f6:b0:80:6e:0a:89:a6:1f:e7:5a:b4:cc:6a:52:
8e:2a:07:57:09:e6:21:7c:ee:e0:70:14:1e:be:45:
33:8b:43:5c:ac:46:18:91:54:ed:b5:37:3e:0d:ed:
e8:29:2e:b2:87:3e:d2:7c:52:6d:ce:f1:b1:86:54:
d6:0a:e7:ff:33:ac:6d:5b:9e:9d:60:f2:f2:ae:66:
7c:37:ce:20:b5:b1:08:5a:59:63:41:98:79:87:0a:
c8:91:68:64:bc:d9:3f:1f:a6:5e:a3:4a:e9:d2:a7:
22:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:34:7E:05:15:2D:F6:2A:23:19:4D:13:C1:E1:ED:9B:3C:5C:8C:45
X509v3 Authority Key Identifier:
keyid:1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/kTR-BRUt9iojGU0TweHtmzxcjEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.145.115.0/24
IPv6:
2a12:dc40::/48
Signature Algorithm: sha256WithRSAEncryption
98:a5:9f:3b:24:37:93:60:2f:31:93:f2:2f:53:05:c1:91:09:
cb:e3:1b:e9:03:98:c8:35:8a:11:32:d0:4b:01:6f:eb:19:0e:
c0:29:da:cb:3a:c1:8e:0a:a8:34:6e:5e:2c:78:60:49:2a:ba:
d9:1c:32:60:0c:8a:a7:cf:2f:b5:0e:5e:14:ad:e3:77:56:ec:
b1:9d:e2:d3:47:d3:3a:29:20:7a:4c:27:0d:3b:2a:5f:b5:63:
bd:3a:73:e7:32:f1:5e:19:9d:6c:8e:9e:42:5a:f8:dd:ac:e5:
86:0b:25:ad:96:70:6b:d3:8f:f4:a3:2c:18:14:ee:01:8a:9f:
c3:9e:94:17:f1:6c:16:c1:d5:3a:d5:c5:68:c2:85:b7:11:b3:
fb:7e:e8:24:af:cd:96:ad:5d:89:5c:7d:8a:2a:3b:d9:db:d6:
f5:71:cf:c6:c1:c9:1c:46:18:29:99:17:d4:bf:2e:f5:04:f6:
2b:bf:8c:9b:a7:ba:a1:d9:56:3e:f0:91:8f:4a:1f:40:27:21:
ed:b7:be:51:aa:37:57:6d:58:9e:24:3b:3e:13:45:b3:ae:19:
78:0b:80:91:11:22:26:c7:50:11:4f:36:b1:15:b5:9b:b2:31:
45:db:dd:6c:bb:57:c8:39:f8:29:02:30:13:4c:02:6b:8d:a3:
0c:1d:77:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeOTjHIN0+sspgprlamV46JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTU2MDFmZTEyMjJmODliYjNhYWFmMjY0ZjBmNmVhNzM5
MWMxMzgwHhcNMjMwNDE3MDgyMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTM0N2UwNTE1MmRmNjJhMjMxOTRkMTNjMWUxZWQ5YjNjNWM4YzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk73QxMBXiTWDjd8ScdosDsNlEmfq
4w6Rtolz+a1pUPjg0GxZvt06fzupJsSdGGk2f8f1Gmz+BTMqxQkgKqaAkml1uIVA
gLATc/7pSc7fXbCkIVvQMFWO96ab/hJlFfojP0LGJj7Pj/lcnpVMUNZETLPXJbvu
9Sx/QKrGPbAxmuLrDMLumXKszHtjHXaHI5udeiMzeKah9rCAbgqJph/nWrTMalKO
KgdXCeYhfO7gcBQevkUzi0NcrEYYkVTttTc+De3oKS6yhz7SfFJtzvGxhlTWCuf/
M6xtW56dYPLyrmZ8N84gtbEIWlljQZh5hwrIkWhkvNk/H6Zeo0rp0qciZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJE0fgUVLfYqIxlNE8Hh7Zs8XIxFMB8GA1UdIwQY
MBaAFB3lYB/hIi+Juzqq8mTw9upzkcE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYt
ZGRkNTNkNzkyOGE4LzEva1RSLUJSVXQ5aW9qR1UwVHdlSHRtenhjakVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYtZGRkNTNkNzkyOGE4
LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwpFzMA8E
AgACMAkDBwAqEtxAAAAwDQYJKoZIhvcNAQELBQADggEBAJilnzskN5NgLzGT8i9T
BcGRCcvjG+kDmMg1ihEy0EsBb+sZDsAp2ss6wY4KqDRuXix4YEkqutkcMmAMiqfP
L7UOXhSt43dW7LGd4tNH0zopIHpMJw07Kl+1Y706c+cy8V4ZnWyOnkJa+N2s5YYL
Ja2WcGvTj/SjLBgU7gGKn8OelBfxbBbB1TrVxWjChbcRs/t+6CSvzZatXYlcfYoq
O9nb1vVxz8bByRxGGCmZF9S/LvUE9iu/jJunuqHZVj7wkY9KH0AnIe23vlGqN1dt
WJ4kOz4TRbOuGXgLgJERIibHUBFPNrEVtZuyMUXb3Wy7V8g5+CkCMBNMAmuNowwd
dyo=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:34:59 2025 by rpki-client