Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/KrQL5Gye7Fl3vwtBWvuhwNpGW78.roa
File: KrQL5Gye7Fl3vwtBWvuhwNpGW78.roa (raw, json)
Hash identifier: pAhLdHQR88VswUCnG4NJaBIUB1J5Ps508t6Ub0etKPk=
Subject key identifier: 2A:B4:0B:E4:6C:9E:EC:59:77:BF:0B:41:5A:FB:A1:C0:DA:46:5B:BF
Certificate issuer: /CN=a3698b01053911607edb2a76090a6aced95a3ed5
Certificate serial: 01856E01F0AF3F720CF74332756847D8F888
Authority key identifier: A3:69:8B:01:05:39:11:60:7E:DB:2A:76:09:0A:6A:CE:D9:5A:3E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2mLAQU5EWB-2yp2CQpqztlaPtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/KrQL5Gye7Fl3vwtBWvuhwNpGW78.roa
Signing time: Sun 01 Jan 2023 15:44:58 +0000
ROA not before: Sun 01 Jan 2023 15:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 194.61.224.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:f0:af:3f:72:0c:f7:43:32:75:68:47:d8:f8:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3698b01053911607edb2a76090a6aced95a3ed5
Validity
Not Before: Jan 1 15:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ab40be46c9eec5977bf0b415afba1c0da465bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d2:67:ee:d2:a3:30:db:9b:23:28:69:92:35:
ba:89:3b:5e:98:ec:9d:99:76:49:59:c2:d6:81:e5:
c4:c7:b1:0e:55:6e:3b:5f:f2:9c:b4:72:61:1c:23:
0f:d8:9d:91:c7:0c:81:e3:90:a0:bb:23:38:5c:a9:
b7:ee:e8:aa:27:47:27:57:c9:31:e3:14:5e:1f:12:
6c:fd:ef:9e:af:65:b3:5e:29:1c:02:b7:ff:58:84:
a8:93:4a:4c:4d:ae:3b:19:14:b7:dc:d9:70:41:10:
ec:3e:d6:93:35:0e:99:bc:79:bf:88:95:53:ef:32:
63:ca:e7:39:a7:5a:95:0b:db:71:ed:7e:89:36:f9:
19:37:97:1d:06:e0:14:aa:1d:ec:6e:4f:f1:26:74:
92:5a:63:ec:71:53:38:00:49:68:b4:1f:64:86:8f:
0f:3d:46:e5:71:e7:d4:24:40:d2:cf:d0:b8:0c:ef:
4b:9b:cf:4d:ab:40:08:fd:c5:a4:6c:cd:36:53:d2:
16:f3:86:fd:60:10:ad:96:dc:37:be:01:82:9a:26:
1f:eb:74:a4:0b:c2:12:9c:7f:74:7c:47:9c:52:01:
82:d4:ca:d0:58:b0:41:ed:bf:e4:1a:62:97:22:f9:
7e:e9:26:79:00:96:a2:80:ca:46:73:bb:09:21:c5:
04:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B4:0B:E4:6C:9E:EC:59:77:BF:0B:41:5A:FB:A1:C0:DA:46:5B:BF
X509v3 Authority Key Identifier:
keyid:A3:69:8B:01:05:39:11:60:7E:DB:2A:76:09:0A:6A:CE:D9:5A:3E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2mLAQU5EWB-2yp2CQpqztlaPtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/KrQL5Gye7Fl3vwtBWvuhwNpGW78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/o2mLAQU5EWB-2yp2CQpqztlaPtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.224.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:b0:0c:13:db:b6:ab:3a:e4:0d:6b:d9:01:59:d1:d0:2c:22:
c1:1e:6c:ba:05:99:90:87:7e:b6:41:0b:5b:f1:ff:c3:06:8f:
73:d9:1b:26:0b:2b:4a:93:51:e7:f0:0e:18:74:c0:04:68:fd:
22:ea:f8:aa:bb:fb:9f:38:18:3f:0a:74:bf:9d:5a:7a:25:a7:
9a:9a:af:bc:a8:ca:61:16:7c:16:c7:bc:9e:9b:ba:75:6f:24:
f8:a9:78:86:22:f4:c6:37:2b:75:01:d4:91:64:05:60:08:f1:
24:14:30:af:28:46:0b:0d:af:d1:c1:11:a1:a4:0f:67:d5:8e:
78:f3:11:12:9c:c3:c0:6a:c1:2e:a1:f7:ee:d2:65:0b:5f:49:
05:12:ec:02:9b:45:e3:a9:fa:09:12:50:91:5d:62:b1:31:8a:
f0:e8:b6:e0:f6:f2:2a:3a:1d:01:d8:87:be:e8:11:58:4e:b5:
7b:1d:b2:13:34:5d:f9:fd:2f:9c:08:5a:8b:df:cc:f9:5e:4f:
bf:96:f5:f9:58:b9:82:41:d8:e3:d2:75:5c:01:f1:03:a2:ea:
7b:03:75:34:ab:b9:29:3a:ce:af:32:04:91:6c:df:85:df:e7:
01:6a:27:d4:33:af:06:77:6d:34:1d:76:0c:f6:2d:73:d8:d1:
93:4a:b8:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAfCvP3IM90MydWhH2PiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjk4YjAxMDUzOTExNjA3ZWRiMmE3NjA5MGE2YWNlZDk1
YTNlZDUwHhcNMjMwMTAxMTU0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWI0MGJlNDZjOWVlYzU5NzdiZjBiNDE1YWZiYTFjMGRhNDY1YmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodJn7tKjMNubIyhpkjW6iTtemOyd
mXZJWcLWgeXEx7EOVW47X/KctHJhHCMP2J2RxwyB45CguyM4XKm37uiqJ0cnV8kx
4xReHxJs/e+er2WzXikcArf/WISok0pMTa47GRS33NlwQRDsPtaTNQ6ZvHm/iJVT
7zJjyuc5p1qVC9tx7X6JNvkZN5cdBuAUqh3sbk/xJnSSWmPscVM4AElotB9kho8P
PUblcefUJEDSz9C4DO9Lm89Nq0AI/cWkbM02U9IW84b9YBCtltw3vgGCmiYf63Sk
C8ISnH90fEecUgGC1MrQWLBB7b/kGmKXIvl+6SZ5AJaigMpGc7sJIcUEbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCq0C+RsnuxZd78LQVr7ocDaRlu/MB8GA1UdIwQY
MBaAFKNpiwEFORFgftsqdgkKas7ZWj7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJtTEFRVTVFV0ItMnlwMkNRcHF6dGxhUHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS84MWQ2OGEtNTM2Yy00NDQyLWI4NTIt
YmJkMzExMTg2OTUwLzEvS3JRTDVHeWU3Rmwzdnd0Qld2dWh3TnBHVzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS84MWQ2OGEtNTM2Yy00NDQyLWI4NTItYmJkMzExMTg2OTUw
LzEvbzJtTEFRVTVFV0ItMnlwMkNRcHF6dGxhUHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwj3gMA0G
CSqGSIb3DQEBCwUAA4IBAQChsAwT27arOuQNa9kBWdHQLCLBHmy6BZmQh362QQtb
8f/DBo9z2RsmCytKk1Hn8A4YdMAEaP0i6viqu/ufOBg/CnS/nVp6Jaeamq+8qMph
FnwWx7yem7p1byT4qXiGIvTGNyt1AdSRZAVgCPEkFDCvKEYLDa/RwRGhpA9n1Y54
8xESnMPAasEuoffu0mULX0kFEuwCm0XjqfoJElCRXWKxMYrw6Lbg9vIqOh0B2Ie+
6BFYTrV7HbITNF35/S+cCFqL38z5Xk+/lvX5WLmCQdjj0nVcAfEDoup7A3U0q7kp
Os6vMgSRbN+F3+cBaifUM68Gd200HXYM9i1z2NGTSrhn
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:30:27 2025 by rpki-client