Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/2d3607-be58-4a05-9d68-e84f3b4927ad/1/KrDlH9KfFWkpKXSPgeNaO_YxwNU.roa
File: KrDlH9KfFWkpKXSPgeNaO_YxwNU.roa (raw, json)
Hash identifier: 8aXCYsKVBUkWonIKaeLGXdJVpJU6AdtAojGAKQGZIoc=
Subject key identifier: 2A:B0:E5:1F:D2:9F:15:69:29:29:74:8F:81:E3:5A:3B:F6:31:C0:D5
Certificate issuer: /CN=1792582aa0b18d6073592f121a6e563fec424672
Certificate serial: 018B8CD64AB3B37E9AE92566A03F4D383770
Authority key identifier: 17:92:58:2A:A0:B1:8D:60:73:59:2F:12:1A:6E:56:3F:EC:42:46:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5JYKqCxjWBzWS8SGm5WP-xCRnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/2d3607-be58-4a05-9d68-e84f3b4927ad/1/KrDlH9KfFWkpKXSPgeNaO_YxwNU.roa
Signing time: Wed 01 Nov 2023 21:42:15 +0000
ROA not before: Wed 01 Nov 2023 21:42:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51631
IP address blocks: 185.94.31.0/24 maxlen: 24
2a13:2301::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:d6:4a:b3:b3:7e:9a:e9:25:66:a0:3f:4d:38:37:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1792582aa0b18d6073592f121a6e563fec424672
Validity
Not Before: Nov 1 21:42:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ab0e51fd29f15692929748f81e35a3bf631c0d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:87:2b:b2:a2:42:fc:6d:06:96:07:fd:a6:7d:
7e:ed:e2:5d:da:ec:f4:48:da:9d:4c:6f:10:03:a7:
00:d8:45:c2:54:76:15:b1:4e:c6:08:f1:06:6c:c4:
32:a9:6d:0b:56:20:ae:1b:b3:55:47:3a:4e:04:09:
9c:cb:47:fd:85:0c:ec:e9:f8:72:a9:b9:69:03:8d:
15:2e:90:05:e8:f6:93:5d:44:65:de:4a:6b:27:72:
32:33:b3:20:7c:84:25:13:8d:3e:83:b6:e7:b3:04:
5a:60:d9:f9:b4:2e:bc:61:b1:b5:e9:6c:12:e0:53:
7c:7a:fd:82:a7:2e:38:d6:12:65:30:8b:2d:2c:fe:
19:d9:6b:80:96:52:77:5c:4c:8c:6a:1f:ca:e9:ae:
ec:96:50:71:09:4e:75:c8:0c:4b:a8:7a:36:6f:b6:
20:79:d2:08:aa:cd:68:54:ae:e5:45:e7:cd:34:de:
01:2f:43:9e:4b:6f:02:ad:35:db:f1:54:ee:d3:53:
06:ae:c9:ba:7c:bc:99:e2:e0:85:d8:48:f3:07:67:
6f:cc:37:09:a9:44:fe:f1:64:14:1f:92:e2:f4:36:
35:78:51:b5:2c:2a:4b:78:00:28:da:7a:b2:ac:ef:
71:a1:65:33:df:ae:e8:37:48:7a:f8:15:e2:a6:17:
da:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B0:E5:1F:D2:9F:15:69:29:29:74:8F:81:E3:5A:3B:F6:31:C0:D5
X509v3 Authority Key Identifier:
keyid:17:92:58:2A:A0:B1:8D:60:73:59:2F:12:1A:6E:56:3F:EC:42:46:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5JYKqCxjWBzWS8SGm5WP-xCRnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2d3607-be58-4a05-9d68-e84f3b4927ad/1/KrDlH9KfFWkpKXSPgeNaO_YxwNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2d3607-be58-4a05-9d68-e84f3b4927ad/1/F5JYKqCxjWBzWS8SGm5WP-xCRnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.31.0/24
IPv6:
2a13:2301::/48
Signature Algorithm: sha256WithRSAEncryption
4b:e2:50:3a:70:c4:4f:8d:56:6d:a1:a4:d1:2e:ff:4b:c5:31:
37:f0:52:de:82:2d:99:09:e1:b4:58:c3:ee:3c:8e:c3:c2:0c:
8d:7c:bc:4d:dd:bb:f8:10:cd:03:a0:0b:46:d7:eb:90:22:1c:
ec:18:36:2b:02:3d:d9:a2:fb:7f:30:42:f1:51:a6:0d:b5:ab:
e2:59:2a:7e:4c:60:b6:94:d3:f3:27:f0:d7:0c:70:d1:f3:7c:
d0:b1:26:15:e4:4a:5d:c7:9c:a3:02:4b:bf:4e:9e:a1:26:fd:
7e:c6:a1:f4:b3:e4:a8:95:8c:2d:c0:9e:fc:d9:80:b1:aa:f4:
e6:c8:55:fb:b8:45:d1:3f:09:ad:de:9f:bc:8a:90:30:75:2a:
36:2f:8c:d3:43:10:28:f8:b8:21:52:e3:73:4b:01:35:ba:b0:
76:63:20:3c:15:93:20:3b:7e:c4:53:4d:87:da:b3:71:ed:73:
ab:ff:a7:3b:b5:8b:cc:3a:a0:ae:00:c7:42:65:ea:6f:a7:aa:
5a:c0:27:6f:ec:a4:62:1a:0c:71:5c:40:04:a6:c4:96:97:24:
d6:51:9e:f7:b5:e1:70:43:46:c1:16:1d:f7:5a:c8:be:14:52:
54:86:6d:74:77:69:a4:c5:1b:5c:63:fe:4b:89:d3:f0:5d:48:
21:c1:86:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuM1kqzs36a6SVmoD9NODdwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTI1ODJhYTBiMThkNjA3MzU5MmYxMjFhNmU1NjNmZWM0
MjQ2NzIwHhcNMjMxMTAxMjE0MjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWIwZTUxZmQyOWYxNTY5MjkyOTc0OGY4MWUzNWEzYmY2MzFjMGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIcrsqJC/G0Glgf9pn1+7eJd2uz0
SNqdTG8QA6cA2EXCVHYVsU7GCPEGbMQyqW0LViCuG7NVRzpOBAmcy0f9hQzs6fhy
qblpA40VLpAF6PaTXURl3kprJ3IyM7MgfIQlE40+g7bnswRaYNn5tC68YbG16WwS
4FN8ev2Cpy441hJlMIstLP4Z2WuAllJ3XEyMah/K6a7sllBxCU51yAxLqHo2b7Yg
edIIqs1oVK7lRefNNN4BL0OeS28CrTXb8VTu01MGrsm6fLyZ4uCF2EjzB2dvzDcJ
qUT+8WQUH5Li9DY1eFG1LCpLeAAo2nqyrO9xoWUz367oN0h6+BXiphfaowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCqw5R/SnxVpKSl0j4HjWjv2McDVMB8GA1UdIwQY
MBaAFBeSWCqgsY1gc1kvEhpuVj/sQkZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVKWUtxQ3hqV0J6V1M4U0dtNVdQLXhDUm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8yZDM2MDctYmU1OC00YTA1LTlkNjgt
ZTg0ZjNiNDkyN2FkLzEvS3JEbEg5S2ZGV2twS1hTUGdlTmFPX1l4d05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8yZDM2MDctYmU1OC00YTA1LTlkNjgtZTg0ZjNiNDkyN2Fk
LzEvRjVKWUtxQ3hqV0J6V1M4U0dtNVdQLXhDUm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuV4fMA8E
AgACMAkDBwAqEyMBAAAwDQYJKoZIhvcNAQELBQADggEBAEviUDpwxE+NVm2hpNEu
/0vFMTfwUt6CLZkJ4bRYw+48jsPCDI18vE3du/gQzQOgC0bX65AiHOwYNisCPdmi
+38wQvFRpg21q+JZKn5MYLaU0/Mn8NcMcNHzfNCxJhXkSl3HnKMCS79OnqEm/X7G
ofSz5KiVjC3AnvzZgLGq9ObIVfu4RdE/Ca3en7yKkDB1KjYvjNNDECj4uCFS43NL
ATW6sHZjIDwVkyA7fsRTTYfas3Htc6v/pzu1i8w6oK4Ax0Jl6m+nqlrAJ2/spGIa
DHFcQASmxJaXJNZRnve14XBDRsEWHfdayL4UUlSGbXR3aaTFG1xj/kuJ0/BdSCHB
htg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:10 2025 by rpki-client