Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/6ef146-dac6-4ea5-be58-4ee69a777bbe/1/klY15CcnFOyUjwmKzv4tkSErHVw.roa
File: klY15CcnFOyUjwmKzv4tkSErHVw.roa (raw, json)
Hash identifier: AoKRx/TwtHCQ3lD6jbKG8hDvujnpDNfwGKPx+tvaXM8=
Subject key identifier: 92:56:35:E4:27:27:14:EC:94:8F:09:8A:CE:FE:2D:91:21:2B:1D:5C
Certificate issuer: /CN=8e5dc732ca2834973547c780e1c3a5ab47805be0
Certificate serial: 01857246ABF9A7B0FA7029723E22CDAA3587
Authority key identifier: 8E:5D:C7:32:CA:28:34:97:35:47:C7:80:E1:C3:A5:AB:47:80:5B:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jl3HMsooNJc1R8eA4cOlq0eAW-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/6ef146-dac6-4ea5-be58-4ee69a777bbe/1/klY15CcnFOyUjwmKzv4tkSErHVw.roa
Signing time: Mon 02 Jan 2023 11:38:32 +0000
ROA not before: Mon 02 Jan 2023 11:38:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207492
IP address blocks: 94.231.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ab:f9:a7:b0:fa:70:29:72:3e:22:cd:aa:35:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e5dc732ca2834973547c780e1c3a5ab47805be0
Validity
Not Before: Jan 2 11:38:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=925635e4272714ec948f098acefe2d91212b1d5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f5:2e:2e:6d:c8:4b:29:41:5c:81:64:b3:3b:
35:82:56:c7:ee:ef:52:2b:21:59:36:ef:e7:e1:6d:
47:fc:68:e9:09:f8:01:b6:40:30:47:21:9f:20:fb:
f4:df:59:25:3b:10:96:c1:61:75:1d:05:5a:43:48:
be:35:cb:48:4e:63:1d:e2:d6:1a:16:14:c9:75:61:
c7:95:e6:59:ce:50:46:50:56:2f:53:cd:95:1e:7c:
94:d5:19:64:66:a5:b4:9c:87:38:44:fe:0a:3f:df:
68:31:f5:56:9e:9d:da:5a:6a:bf:7d:c2:cb:c5:ad:
aa:b0:67:23:25:69:b6:2a:5f:14:c5:f2:af:21:c1:
f8:26:4a:27:e7:8c:69:20:90:78:02:b3:36:ad:dc:
6b:35:04:00:9e:b8:ad:ec:96:93:dd:ae:22:28:dc:
06:1c:a7:dd:42:d9:b4:98:09:21:33:e9:1d:97:8a:
ee:06:b5:d3:4f:36:d5:82:1b:42:40:22:32:cb:31:
2d:03:0f:ce:04:18:b6:9b:78:93:99:ea:c0:60:93:
f3:cd:00:2a:04:a2:40:17:b9:ff:c9:2c:f7:76:c0:
0b:4d:b6:b1:1f:c5:a2:fd:ef:ed:26:9d:15:74:af:
4d:07:f5:92:c2:46:07:c3:07:df:9e:5e:01:d1:d7:
39:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:56:35:E4:27:27:14:EC:94:8F:09:8A:CE:FE:2D:91:21:2B:1D:5C
X509v3 Authority Key Identifier:
keyid:8E:5D:C7:32:CA:28:34:97:35:47:C7:80:E1:C3:A5:AB:47:80:5B:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jl3HMsooNJc1R8eA4cOlq0eAW-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/6ef146-dac6-4ea5-be58-4ee69a777bbe/1/klY15CcnFOyUjwmKzv4tkSErHVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/6ef146-dac6-4ea5-be58-4ee69a777bbe/1/jl3HMsooNJc1R8eA4cOlq0eAW-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.194.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:63:aa:87:5a:62:28:58:46:e9:34:0d:10:60:d6:ec:cb:ec:
41:5d:77:52:f3:81:92:c4:e1:af:59:fe:c9:e0:d7:31:45:19:
38:18:28:1f:a4:3e:09:32:c4:8b:18:b1:75:b9:90:71:f0:9e:
d9:b7:be:0a:d1:81:21:99:e6:7d:a2:6e:21:62:c1:2c:b5:13:
34:68:41:90:dd:ff:18:ed:e1:19:3e:89:98:db:85:5f:d6:af:
38:df:86:b8:20:15:c0:a6:1b:5c:ab:bb:7d:66:8d:ec:19:03:
ab:e8:01:2b:bf:b5:7d:5c:8d:e7:34:6e:0c:4f:24:56:14:93:
98:91:5c:13:90:76:c6:91:e1:bc:5a:1b:b3:a7:c9:0f:df:98:
ce:83:92:37:f8:0e:91:d7:56:06:34:7e:13:6b:5d:3f:6d:80:
e4:e8:f2:23:e2:57:29:de:86:db:d4:df:c4:0b:71:64:ae:bc:
be:71:ec:5a:e2:e9:1c:c7:38:38:c4:89:75:4d:ec:fa:2a:3d:
52:f4:a6:19:4e:3e:93:48:bd:77:32:b0:d3:d4:e5:ae:79:3a:
64:7c:ae:95:98:fd:b1:99:a7:69:23:44:ff:c4:3d:60:09:9b:
1b:87:af:40:69:7a:aa:36:0c:ca:75:c4:48:3f:ff:85:13:3b:
ba:0b:b3:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRqv5p7D6cClyPiLNqjWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNWRjNzMyY2EyODM0OTczNTQ3Yzc4MGUxYzNhNWFiNDc4
MDViZTAwHhcNMjMwMTAyMTEzODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjU2MzVlNDI3MjcxNGVjOTQ4ZjA5OGFjZWZlMmQ5MTIxMmIxZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfUuLm3ISylBXIFkszs1glbH7u9S
KyFZNu/n4W1H/GjpCfgBtkAwRyGfIPv031klOxCWwWF1HQVaQ0i+NctITmMd4tYa
FhTJdWHHleZZzlBGUFYvU82VHnyU1RlkZqW0nIc4RP4KP99oMfVWnp3aWmq/fcLL
xa2qsGcjJWm2Kl8UxfKvIcH4Jkon54xpIJB4ArM2rdxrNQQAnrit7JaT3a4iKNwG
HKfdQtm0mAkhM+kdl4ruBrXTTzbVghtCQCIyyzEtAw/OBBi2m3iTmerAYJPzzQAq
BKJAF7n/ySz3dsALTbaxH8Wi/e/tJp0VdK9NB/WSwkYHwwffnl4B0dc5cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJWNeQnJxTslI8Jis7+LZEhKx1cMB8GA1UdIwQY
MBaAFI5dxzLKKDSXNUfHgOHDpatHgFvgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamwzSE1zb29OSmMxUjhlQTRjT2xxMGVBVy1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy82ZWYxNDYtZGFjNi00ZWE1LWJlNTgt
NGVlNjlhNzc3YmJlLzEva2xZMTVDY25GT3lVandtS3p2NHRrU0VySFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy82ZWYxNDYtZGFjNi00ZWE1LWJlNTgtNGVlNjlhNzc3YmJl
LzEvamwzSE1zb29OSmMxUjhlQTRjT2xxMGVBVy1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXufCMA0G
CSqGSIb3DQEBCwUAA4IBAQC7Y6qHWmIoWEbpNA0QYNbsy+xBXXdS84GSxOGvWf7J
4NcxRRk4GCgfpD4JMsSLGLF1uZBx8J7Zt74K0YEhmeZ9om4hYsEstRM0aEGQ3f8Y
7eEZPomY24Vf1q8434a4IBXAphtcq7t9Zo3sGQOr6AErv7V9XI3nNG4MTyRWFJOY
kVwTkHbGkeG8Whuzp8kP35jOg5I3+A6R11YGNH4Ta10/bYDk6PIj4lcp3obb1N/E
C3Fkrry+cexa4ukcxzg4xIl1Tez6Kj1S9KYZTj6TSL13MrDT1OWueTpkfK6VmP2x
madpI0T/xD1gCZsbh69AaXqqNgzKdcRIP/+FEzu6C7Nm
-----END CERTIFICATE-----
Generated at Wed Apr 23 09:25:28 2025 by rpki-client