Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/kfsVH6ygDtY_LD1XWeLjx1VD_1M.roa
File: kfsVH6ygDtY_LD1XWeLjx1VD_1M.roa (raw, json)
Hash identifier: imZwl/65T0tGyU2kw0OBUr2jZwf8W5ckCBt/qWdxqec=
Subject key identifier: 91:FB:15:1F:AC:A0:0E:D6:3F:2C:3D:57:59:E2:E3:C7:55:43:FF:53
Certificate issuer: /CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Certificate serial: 01856F26C4C1FD589F7614E799189D1BDCF7
Authority key identifier: E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/kfsVH6ygDtY_LD1XWeLjx1VD_1M.roa
Signing time: Sun 01 Jan 2023 21:04:49 +0000
ROA not before: Sun 01 Jan 2023 21:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62214
IP address blocks: 195.90.98.0/24 maxlen: 24
2a01:7d80:2400::/40 maxlen: 40
2a01:7d80:c000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:c4:c1:fd:58:9f:76:14:e7:99:18:9d:1b:dc:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Validity
Not Before: Jan 1 21:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91fb151faca00ed63f2c3d5759e2e3c75543ff53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4d:ee:2b:62:60:b2:89:76:5e:2f:13:29:b7:
a7:da:ca:16:31:e2:72:70:19:b9:fd:aa:bc:f9:cd:
7e:5d:0d:8d:1b:01:27:6f:bc:1f:60:66:eb:39:a8:
86:a5:d8:48:9e:0f:ea:ff:59:e0:93:a8:4e:ed:00:
bb:53:99:0b:74:9a:29:12:23:b1:27:ba:dc:4b:09:
fd:93:44:87:9b:23:d1:4a:15:63:41:fe:85:8a:ca:
49:a0:95:17:f5:84:67:49:fa:08:8f:cc:b7:d9:37:
0f:57:76:98:c8:5f:58:d1:7d:b2:31:96:ea:47:a4:
9a:75:58:c6:04:8e:f5:33:c0:f8:0b:9a:de:e2:ee:
6d:5a:43:5f:98:1e:63:d1:c2:05:0e:e3:27:3e:31:
b7:14:3b:f6:c1:b8:d7:76:b6:b1:5e:9d:93:fc:0d:
c4:cf:6d:bd:95:d6:9e:d1:3b:98:65:65:0f:37:3c:
c6:4f:e6:ad:10:8b:44:6f:9b:f5:82:7e:62:f1:5c:
bf:e6:0e:70:be:b2:4d:f4:2e:bb:8b:34:0c:08:32:
10:d8:fd:51:a9:fe:d9:67:ed:04:67:3e:d3:e1:64:
f8:d6:b6:63:b3:53:cc:23:2c:c1:ac:ab:bf:55:99:
f2:e7:4d:4d:b7:be:41:24:0b:3a:43:3d:49:31:0f:
03:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FB:15:1F:AC:A0:0E:D6:3F:2C:3D:57:59:E2:E3:C7:55:43:FF:53
X509v3 Authority Key Identifier:
keyid:E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/kfsVH6ygDtY_LD1XWeLjx1VD_1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.90.98.0/24
IPv6:
2a01:7d80:2400::/40
2a01:7d80:c000::/40
Signature Algorithm: sha256WithRSAEncryption
c1:7f:60:58:20:ab:2d:de:5e:1a:50:49:70:7c:b0:50:7a:9a:
48:9f:48:27:37:73:df:52:e2:e3:3e:1a:49:78:1a:6b:dd:c3:
10:2d:4a:2a:fa:95:60:a7:84:10:c9:00:2f:cd:f5:c4:79:d0:
d2:2b:86:80:63:90:7b:2a:40:4f:23:fc:68:fa:a6:20:eb:04:
ba:ba:c0:f0:27:34:60:1c:93:90:8b:37:be:4b:22:1b:74:3b:
d7:bd:dd:b4:1c:0e:c2:10:f7:37:26:e9:01:29:66:7c:72:5b:
a7:57:3d:56:24:ea:39:58:2a:30:be:82:57:ba:fb:d8:e2:3f:
fd:d7:8d:8f:e3:90:22:82:87:4d:bd:f1:a0:af:36:bb:8b:f0:
57:ba:6f:b8:81:70:14:b9:2d:f5:54:54:fb:96:81:ed:29:e1:
ef:56:64:e4:93:09:4e:58:d8:4d:34:7f:1a:38:c8:92:7a:0a:
2b:a5:1a:e4:ee:4a:fd:3e:0b:26:a0:7f:3e:f3:5c:8d:28:77:
3b:d6:fd:41:3a:19:c3:da:30:22:13:d3:a4:b2:12:4f:e7:60:
d1:50:a3:33:81:0c:ee:e7:ff:6a:58:87:39:b9:2b:f5:bc:de:
da:f6:08:8a:cd:a0:8e:72:0d:f8:a3:2e:6b:a5:1e:07:2a:56:
33:b0:be:4d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvJsTB/VifdhTnmRidG9z3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZThmNDFmNmIwMmI5M2Y4NWQxYTdiNDhiNDhjZmEzMjJm
MDg4ZjgwHhcNMjMwMTAxMjEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWZiMTUxZmFjYTAwZWQ2M2YyYzNkNTc1OWUyZTNjNzU1NDNmZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE3uK2Jgsol2Xi8TKben2soWMeJy
cBm5/aq8+c1+XQ2NGwEnb7wfYGbrOaiGpdhIng/q/1ngk6hO7QC7U5kLdJopEiOx
J7rcSwn9k0SHmyPRShVjQf6FispJoJUX9YRnSfoIj8y32TcPV3aYyF9Y0X2yMZbq
R6SadVjGBI71M8D4C5re4u5tWkNfmB5j0cIFDuMnPjG3FDv2wbjXdraxXp2T/A3E
z229ldae0TuYZWUPNzzGT+atEItEb5v1gn5i8Vy/5g5wvrJN9C67izQMCDIQ2P1R
qf7ZZ+0EZz7T4WT41rZjs1PMIyzBrKu/VZny501Nt75BJAs6Qz1JMQ8DCQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJH7FR+soA7WPyw9V1ni48dVQ/9TMB8GA1UdIwQY
MBaAFOHo9B9rArk/hdGntItIz6Mi8Ij4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUt
NTM3YTJiMGI0ZGRhLzEva2ZzVkg2eWdEdFlfTEQxWFdlTGp4MVZEXzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUtNTM3YTJiMGI0ZGRh
LzEvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAw1piMBYE
AgACMBADBgAqAX2AJAMGACoBfYDAMA0GCSqGSIb3DQEBCwUAA4IBAQDBf2BYIKst
3l4aUElwfLBQeppIn0gnN3PfUuLjPhpJeBpr3cMQLUoq+pVgp4QQyQAvzfXEedDS
K4aAY5B7KkBPI/xo+qYg6wS6usDwJzRgHJOQize+SyIbdDvXvd20HA7CEPc3JukB
KWZ8clunVz1WJOo5WCowvoJXuvvY4j/9142P45AigodNvfGgrza7i/BXum+4gXAU
uS31VFT7loHtKeHvVmTkkwlOWNhNNH8aOMiSegorpRrk7kr9PgsmoH8+81yNKHc7
1v1BOhnD2jAiE9OkshJP52DRUKMzgQzu5/9qWIc5uSv1vN7a9giKzaCOcg34oy5r
pR4HKlYzsL5N
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:13 2025 by rpki-client