Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/klCpypS0IdNhjRnsZxc-s2XKPyA.roa
File: klCpypS0IdNhjRnsZxc-s2XKPyA.roa (raw, json)
Hash identifier: dUXcpSMCS7jJGgtUtDjc3bN7A+Dl68i9OR4qLXmzfhw=
Subject key identifier: 92:50:A9:CA:94:B4:21:D3:61:8D:19:EC:67:17:3E:B3:65:CA:3F:20
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0187C6AF79F3DEDD353C78DB5A2DA99DD8FA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/klCpypS0IdNhjRnsZxc-s2XKPyA.roa
Signing time: Fri 28 Apr 2023 07:06:41 +0000
ROA not before: Fri 28 Apr 2023 07:06:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44547
IP address blocks: 81.168.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c6:af:79:f3:de:dd:35:3c:78:db:5a:2d:a9:9d:d8:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 28 07:06:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9250a9ca94b421d3618d19ec67173eb365ca3f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5b:f8:df:91:5f:ff:50:91:b5:b5:6e:34:85:
c5:46:b6:94:4d:82:7c:ac:7a:7a:94:5d:48:77:02:
f9:00:08:f6:b7:1e:d7:3c:16:af:20:e7:ee:29:d1:
d4:10:73:35:10:d1:03:61:f9:97:b5:99:2a:0c:3a:
d2:47:30:63:e7:93:0b:b6:93:46:a5:52:d3:ff:bd:
81:1b:8f:e8:da:55:f1:7b:67:11:07:41:69:25:7e:
61:ea:ac:dc:12:b3:5f:ef:e0:c2:df:a8:c3:8b:1c:
1b:75:4f:48:87:77:1f:e6:97:7e:72:34:e7:8a:4d:
ee:4e:9d:65:62:4c:af:13:49:15:a3:18:bf:73:64:
3f:9f:84:61:fe:e0:3e:95:d9:b8:20:a7:ea:83:08:
7e:f4:6e:cd:df:e5:2e:6a:e3:ff:9b:a6:dd:b8:f0:
af:80:08:36:ab:24:08:70:be:23:30:92:0d:fa:7e:
d5:0b:00:c4:f3:ea:76:1b:ec:da:e0:4e:06:6f:1c:
b4:1a:21:85:32:72:8e:35:c9:c6:89:9e:9f:29:d9:
52:ff:0a:20:b2:58:7d:67:98:72:fc:84:7d:ab:21:
e6:58:1e:2f:2d:e9:1c:b2:6e:7a:8c:a3:1b:a7:a9:
da:59:93:fd:df:fc:24:f8:41:71:26:be:18:01:38:
ce:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:50:A9:CA:94:B4:21:D3:61:8D:19:EC:67:17:3E:B3:65:CA:3F:20
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/klCpypS0IdNhjRnsZxc-s2XKPyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.116.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:ed:ec:c9:dc:34:17:28:e4:56:33:e1:77:c9:65:47:d0:aa:
8e:ae:c8:8e:d7:74:57:2d:d5:f0:a4:f0:0a:c9:d4:a5:f9:e4:
ef:4e:64:93:ee:c0:0d:91:4d:76:1a:ec:8d:4a:a0:d7:dd:6e:
2f:10:c6:28:25:41:53:16:38:37:36:12:58:47:b4:0e:5e:45:
7b:2c:cb:ae:3e:e6:6c:49:3e:7f:da:57:0b:71:ff:57:6d:f7:
2f:08:bc:f2:ae:ea:a8:b7:94:b7:f4:28:88:1a:af:db:6a:e6:
e6:15:81:6f:f9:e3:5d:59:de:64:a4:38:2d:e0:89:9e:b5:5f:
e7:22:88:56:2e:c3:ea:5e:b4:bd:6b:01:2b:dd:36:7f:ed:b6:
65:20:d8:ad:49:a8:07:73:a2:47:eb:ef:5b:8c:51:7d:7c:76:
a8:2c:2a:45:32:04:81:04:08:0d:7a:76:26:fd:61:d7:e1:0f:
67:35:88:fa:9d:70:cb:66:48:eb:5b:47:17:6d:da:db:aa:48:
6e:04:7a:a7:fa:a5:16:e3:9d:29:dc:68:94:ee:e1:f7:78:ac:
98:04:d4:04:9d:fc:5d:00:e3:48:39:a5:34:43:54:6d:41:77:
47:d7:58:0b:5b:a9:76:35:e7:b1:4f:0f:1b:3b:e3:5f:b4:9a:
87:dc:6d:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfGr3nz3t01PHjbWi2pndj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNDI4MDcwNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjUwYTljYTk0YjQyMWQzNjE4ZDE5ZWM2NzE3M2ViMzY1Y2EzZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilv435Ff/1CRtbVuNIXFRraUTYJ8
rHp6lF1IdwL5AAj2tx7XPBavIOfuKdHUEHM1ENEDYfmXtZkqDDrSRzBj55MLtpNG
pVLT/72BG4/o2lXxe2cRB0FpJX5h6qzcErNf7+DC36jDixwbdU9Ih3cf5pd+cjTn
ik3uTp1lYkyvE0kVoxi/c2Q/n4Rh/uA+ldm4IKfqgwh+9G7N3+UuauP/m6bduPCv
gAg2qyQIcL4jMJIN+n7VCwDE8+p2G+za4E4Gbxy0GiGFMnKONcnGiZ6fKdlS/wog
slh9Z5hy/IR9qyHmWB4vLekcsm56jKMbp6naWZP93/wk+EFxJr4YATjOOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJQqcqUtCHTYY0Z7GcXPrNlyj8gMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEva2xDcHlwUzBJZE5oalJuc1p4Yy1zMlhLUHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah0MA0G
CSqGSIb3DQEBCwUAA4IBAQCl7ezJ3DQXKORWM+F3yWVH0KqOrsiO13RXLdXwpPAK
ydSl+eTvTmST7sANkU12GuyNSqDX3W4vEMYoJUFTFjg3NhJYR7QOXkV7LMuuPuZs
ST5/2lcLcf9XbfcvCLzyruqot5S39CiIGq/baubmFYFv+eNdWd5kpDgt4ImetV/n
IohWLsPqXrS9awEr3TZ/7bZlINitSagHc6JH6+9bjFF9fHaoLCpFMgSBBAgNenYm
/WHX4Q9nNYj6nXDLZkjrW0cXbdrbqkhuBHqn+qUW450p3GiU7uH3eKyYBNQEnfxd
AONIOaU0Q1RtQXdH11gLW6l2NeexTw8bO+NftJqH3G29
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:00 2025 by rpki-client