Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/bd173d-6cf5-4250-aa26-4a6f717c7564/1/KIKXpS14y3aCOnvD27WQ4EQCz7U.roa
File: KIKXpS14y3aCOnvD27WQ4EQCz7U.roa (raw, json)
Hash identifier: 0mN+svQ838hRFUbhu15OP0+ChA+AQ3pEqc/nElQe2Og=
Subject key identifier: 28:82:97:A5:2D:78:CB:76:82:3A:7B:C3:DB:B5:90:E0:44:02:CF:B5
Certificate issuer: /CN=b692454c16696486cf071ed18e7976e3404909fb
Certificate serial: 0184F0F86303AAB59D329CE8523D0634709F
Authority key identifier: B6:92:45:4C:16:69:64:86:CF:07:1E:D1:8E:79:76:E3:40:49:09:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tpJFTBZpZIbPBx7Rjnl240BJCfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/bd173d-6cf5-4250-aa26-4a6f717c7564/1/KIKXpS14y3aCOnvD27WQ4EQCz7U.roa
Signing time: Thu 08 Dec 2022 09:02:00 +0000
ROA not before: Thu 08 Dec 2022 09:02:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12350
IP address blocks: 193.41.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f0:f8:63:03:aa:b5:9d:32:9c:e8:52:3d:06:34:70:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b692454c16696486cf071ed18e7976e3404909fb
Validity
Not Before: Dec 8 09:02:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=288297a52d78cb76823a7bc3dbb590e04402cfb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:97:56:da:fd:06:68:4c:22:fb:9e:2d:d4:55:
86:d2:9c:15:b3:96:1c:94:63:7c:ed:79:04:b0:8c:
34:0b:82:cf:30:5e:85:cc:11:a3:07:2a:b2:18:5a:
69:d7:50:e0:a9:e4:fe:f7:0f:b7:4c:7f:df:3d:1e:
5c:08:44:e6:d9:03:2a:34:a0:d5:33:43:86:46:3d:
23:06:2d:7d:6b:1a:1f:92:e1:82:f6:40:74:8b:e3:
e1:78:b0:f4:46:0e:96:ba:61:58:ee:6b:6b:61:a4:
f9:f8:79:05:f3:ac:e9:a9:ee:02:48:05:4f:66:55:
ab:75:e7:dd:fa:9c:22:77:a0:08:f8:f2:80:24:b5:
ef:32:d9:5f:f4:7f:38:b8:7e:e1:db:1d:84:68:c1:
7f:b6:28:a3:76:6d:a8:d7:a0:84:7c:35:aa:fd:6d:
1f:16:30:16:32:c6:00:26:de:cf:a6:51:b1:a4:f4:
d4:6e:26:06:06:fb:79:1d:f4:bc:d2:a6:15:67:10:
d0:92:b4:0a:a1:f8:02:58:67:59:bd:82:22:19:eb:
d1:08:c8:54:a8:53:45:ff:fc:84:19:be:b7:f1:73:
35:1e:20:2c:b5:77:48:e5:77:1c:7d:05:ff:c1:e6:
63:07:1a:c2:b4:d4:a6:62:40:1e:b1:fd:7b:4f:b2:
24:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:82:97:A5:2D:78:CB:76:82:3A:7B:C3:DB:B5:90:E0:44:02:CF:B5
X509v3 Authority Key Identifier:
keyid:B6:92:45:4C:16:69:64:86:CF:07:1E:D1:8E:79:76:E3:40:49:09:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tpJFTBZpZIbPBx7Rjnl240BJCfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/bd173d-6cf5-4250-aa26-4a6f717c7564/1/KIKXpS14y3aCOnvD27WQ4EQCz7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/bd173d-6cf5-4250-aa26-4a6f717c7564/1/tpJFTBZpZIbPBx7Rjnl240BJCfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.193.0/24
Signature Algorithm: sha256WithRSAEncryption
19:78:aa:07:e2:d7:d0:63:3c:c0:86:21:eb:e4:24:67:dc:d5:
a4:8a:59:60:07:b1:c7:b7:3c:35:ac:e5:da:69:3b:87:82:a4:
ca:2f:cb:c7:c9:6a:c3:b3:b3:39:d7:73:c5:4c:8b:b2:92:6b:
e2:d9:49:f6:eb:cf:4c:28:59:5d:3a:fd:31:38:fd:6c:9d:13:
33:6d:7c:66:a6:7e:e0:68:29:1d:38:32:15:29:1d:da:77:81:
af:62:1a:97:e4:f1:8f:ca:6e:ff:03:3f:fd:ed:3f:10:23:26:
d1:25:5d:3c:ed:3f:d9:c2:cb:e3:a9:d8:ca:98:48:69:e3:6c:
41:55:a5:a6:c9:a0:3b:d7:47:65:ce:09:3e:ea:0a:88:6d:e5:
7e:c2:64:0c:50:ef:31:e2:fc:6e:33:78:34:76:ee:45:42:d5:
4e:2c:2f:7f:bd:27:bc:52:34:be:bf:94:24:1c:35:9c:87:24:
3f:4e:a3:48:0c:54:5d:91:0e:c7:71:46:92:08:96:5b:72:90:
eb:4f:c2:e5:da:f9:90:78:51:95:97:ae:a7:35:48:f9:ad:03:
bf:37:6b:2e:dc:f3:de:96:b5:44:e2:a7:14:9c:bc:56:60:0c:
40:c0:ef:7e:1a:db:fc:aa:9e:2a:9f:cd:20:88:40:64:aa:a7:
89:60:ab:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTw+GMDqrWdMpzoUj0GNHCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OTI0NTRjMTY2OTY0ODZjZjA3MWVkMThlNzk3NmUzNDA0
OTA5ZmIwHhcNMjIxMjA4MDkwMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODgyOTdhNTJkNzhjYjc2ODIzYTdiYzNkYmI1OTBlMDQ0MDJjZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZdW2v0GaEwi+54t1FWG0pwVs5Yc
lGN87XkEsIw0C4LPMF6FzBGjByqyGFpp11DgqeT+9w+3TH/fPR5cCETm2QMqNKDV
M0OGRj0jBi19axofkuGC9kB0i+PheLD0Rg6WumFY7mtrYaT5+HkF86zpqe4CSAVP
ZlWrdefd+pwid6AI+PKAJLXvMtlf9H84uH7h2x2EaMF/tiijdm2o16CEfDWq/W0f
FjAWMsYAJt7PplGxpPTUbiYGBvt5HfS80qYVZxDQkrQKofgCWGdZvYIiGevRCMhU
qFNF//yEGb638XM1HiAstXdI5XccfQX/weZjBxrCtNSmYkAesf17T7IkUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCiCl6UteMt2gjp7w9u1kOBEAs+1MB8GA1UdIwQY
MBaAFLaSRUwWaWSGzwce0Y55duNASQn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHBKRlRCWnBaSWJQQng3UmpubDI0MEJKQ2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9iZDE3M2QtNmNmNS00MjUwLWFhMjYt
NGE2ZjcxN2M3NTY0LzEvS0lLWHBTMTR5M2FDT252RDI3V1E0RVFDejdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9iZDE3M2QtNmNmNS00MjUwLWFhMjYtNGE2ZjcxN2M3NTY0
LzEvdHBKRlRCWnBaSWJQQng3UmpubDI0MEJKQ2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSnBMA0G
CSqGSIb3DQEBCwUAA4IBAQAZeKoH4tfQYzzAhiHr5CRn3NWkillgB7HHtzw1rOXa
aTuHgqTKL8vHyWrDs7M513PFTIuykmvi2Un2689MKFldOv0xOP1snRMzbXxmpn7g
aCkdODIVKR3ad4GvYhqX5PGPym7/Az/97T8QIybRJV087T/ZwsvjqdjKmEhp42xB
VaWmyaA710dlzgk+6gqIbeV+wmQMUO8x4vxuM3g0du5FQtVOLC9/vSe8UjS+v5Qk
HDWchyQ/TqNIDFRdkQ7HcUaSCJZbcpDrT8Ll2vmQeFGVl66nNUj5rQO/N2su3PPe
lrVE4qcUnLxWYAxAwO9+Gtv8qp4qn80giEBkqqeJYKvz
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:30:58 2025 by rpki-client