Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/38ec76-e6a9-4327-b322-50f1a8585f09/1/kslhBl1WGpvWsv2D5WUCQxKp4po.roa
File: kslhBl1WGpvWsv2D5WUCQxKp4po.roa (raw, json)
Hash identifier: X1kmHsv6oMwKyoRqNj1DoYl1WI3QJEQira3s64x6dc0=
Subject key identifier: 92:C9:61:06:5D:56:1A:9B:D6:B2:FD:83:E5:65:02:43:12:A9:E2:9A
Certificate issuer: /CN=14efbd1d5e1ac735f6f23509cf2a0eb4a1f9b4e9
Certificate serial: 01856C1CA7F5B886C555C7F1548A3B78D7AC
Authority key identifier: 14:EF:BD:1D:5E:1A:C7:35:F6:F2:35:09:CF:2A:0E:B4:A1:F9:B4:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FO-9HV4axzX28jUJzyoOtKH5tOk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/38ec76-e6a9-4327-b322-50f1a8585f09/1/kslhBl1WGpvWsv2D5WUCQxKp4po.roa
Signing time: Sun 01 Jan 2023 06:54:55 +0000
ROA not before: Sun 01 Jan 2023 06:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42093
IP address blocks: 193.169.68.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a7:f5:b8:86:c5:55:c7:f1:54:8a:3b:78:d7:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14efbd1d5e1ac735f6f23509cf2a0eb4a1f9b4e9
Validity
Not Before: Jan 1 06:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92c961065d561a9bd6b2fd83e565024312a9e29a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3d:23:0c:69:17:1b:e8:9c:65:9f:55:a9:5c:
a1:4d:24:b2:ef:f5:b8:45:fb:7a:4b:34:5c:a0:6a:
e5:78:23:65:cd:05:33:62:02:6b:ad:4a:45:f5:b2:
5f:70:e4:cd:db:85:d1:ac:3c:84:bb:43:00:7b:35:
c3:04:16:fc:63:c9:3f:59:72:70:e9:5c:f2:5c:70:
89:1a:8c:d0:4e:2e:31:12:34:4e:7e:02:94:c5:b2:
d3:1a:37:84:ed:ca:91:8e:eb:b1:8b:97:a5:99:e7:
9e:b3:90:03:55:27:03:bd:a9:2c:68:4c:6c:71:f0:
7c:0a:db:de:cf:0a:65:c8:ad:3b:df:5e:51:bb:24:
a6:51:7c:e3:1b:e5:0f:95:ac:b6:2b:7a:e2:9a:c3:
a0:7a:7f:3e:f5:97:a6:d5:40:02:6b:cf:86:27:c5:
e2:7e:74:e4:4a:ea:fc:89:5c:e3:aa:da:1d:1e:14:
94:eb:93:95:d2:dc:1b:f9:af:b3:b9:67:e1:85:29:
91:fc:fe:ea:69:63:eb:06:39:20:01:a8:db:3a:b6:
58:2b:19:e4:bf:c6:77:58:f5:0b:88:0f:46:4d:2b:
7e:3d:c9:7e:ed:cf:cf:d9:b3:1d:64:a3:0a:ec:bb:
d5:1e:14:2c:96:69:d0:fa:5c:df:38:f6:dc:46:cb:
46:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:C9:61:06:5D:56:1A:9B:D6:B2:FD:83:E5:65:02:43:12:A9:E2:9A
X509v3 Authority Key Identifier:
keyid:14:EF:BD:1D:5E:1A:C7:35:F6:F2:35:09:CF:2A:0E:B4:A1:F9:B4:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FO-9HV4axzX28jUJzyoOtKH5tOk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/38ec76-e6a9-4327-b322-50f1a8585f09/1/kslhBl1WGpvWsv2D5WUCQxKp4po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/38ec76-e6a9-4327-b322-50f1a8585f09/1/FO-9HV4axzX28jUJzyoOtKH5tOk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.68.0/23
Signature Algorithm: sha256WithRSAEncryption
96:04:9c:62:99:51:f5:25:c4:30:97:6e:21:4b:7f:d2:be:99:
a7:b9:8b:22:74:f6:dd:0b:42:54:9e:29:ac:cd:3f:0e:e8:5e:
72:a4:0f:16:c1:fd:df:7e:17:d9:2c:55:98:4f:d3:2a:54:34:
35:48:9e:cf:3e:05:7b:59:82:73:87:e5:b3:d9:ef:cf:b6:6d:
55:3b:62:1c:7e:91:d5:77:f3:26:71:ec:62:a6:52:8a:7c:ab:
38:32:4e:91:be:d3:6a:77:f5:e5:c0:80:f7:6f:63:27:40:a0:
fc:79:d6:96:81:ce:43:5f:52:c3:d1:83:4e:f7:3a:da:df:26:
67:53:b6:36:0d:ea:64:9f:59:36:1e:ce:96:7e:d7:91:fa:81:
15:e2:e3:d8:be:60:78:fd:66:1e:10:e5:6b:3d:fc:6d:c7:c7:
ba:11:19:ed:6d:66:7d:45:31:9b:13:54:ba:da:6e:1c:b8:ec:
33:01:b6:cb:ef:c8:5c:50:7f:a1:5f:2f:e8:c9:72:48:df:49:
90:ad:5c:c3:45:7a:65:4c:d6:82:ff:8d:19:43:bf:35:3f:20:
47:e1:ce:06:18:18:0c:fc:ba:3f:11:71:a6:55:b4:6f:84:62:
79:63:89:e2:b5:4c:05:95:cf:ee:7d:8e:70:39:e9:93:6d:a6:
1b:02:12:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsHKf1uIbFVcfxVIo7eNesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZWZiZDFkNWUxYWM3MzVmNmYyMzUwOWNmMmEwZWI0YTFm
OWI0ZTkwHhcNMjMwMTAxMDY1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmM5NjEwNjVkNTYxYTliZDZiMmZkODNlNTY1MDI0MzEyYTllMjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqT0jDGkXG+icZZ9VqVyhTSSy7/W4
Rft6SzRcoGrleCNlzQUzYgJrrUpF9bJfcOTN24XRrDyEu0MAezXDBBb8Y8k/WXJw
6VzyXHCJGozQTi4xEjROfgKUxbLTGjeE7cqRjuuxi5elmeees5ADVScDvaksaExs
cfB8CtvezwplyK07315RuySmUXzjG+UPlay2K3rimsOgen8+9Zem1UACa8+GJ8Xi
fnTkSur8iVzjqtodHhSU65OV0twb+a+zuWfhhSmR/P7qaWPrBjkgAajbOrZYKxnk
v8Z3WPULiA9GTSt+Pcl+7c/P2bMdZKMK7LvVHhQslmnQ+lzfOPbcRstGdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJLJYQZdVhqb1rL9g+VlAkMSqeKaMB8GA1UdIwQY
MBaAFBTvvR1eGsc19vI1Cc8qDrSh+bTpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk8tOUhWNGF4elgyOGpVSnp5b090S0g1dE9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8zOGVjNzYtZTZhOS00MzI3LWIzMjIt
NTBmMWE4NTg1ZjA5LzEva3NsaEJsMVdHcHZXc3YyRDVXVUNReEtwNHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8zOGVjNzYtZTZhOS00MzI3LWIzMjItNTBmMWE4NTg1ZjA5
LzEvRk8tOUhWNGF4elgyOGpVSnp5b090S0g1dE9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwalEMA0G
CSqGSIb3DQEBCwUAA4IBAQCWBJximVH1JcQwl24hS3/SvpmnuYsidPbdC0JUnims
zT8O6F5ypA8Wwf3ffhfZLFWYT9MqVDQ1SJ7PPgV7WYJzh+Wz2e/Ptm1VO2IcfpHV
d/MmcexiplKKfKs4Mk6RvtNqd/XlwID3b2MnQKD8edaWgc5DX1LD0YNO9zra3yZn
U7Y2Depkn1k2Hs6WfteR+oEV4uPYvmB4/WYeEOVrPfxtx8e6ERntbWZ9RTGbE1S6
2m4cuOwzAbbL78hcUH+hXy/oyXJI30mQrVzDRXplTNaC/40ZQ781PyBH4c4GGBgM
/Lo/EXGmVbRvhGJ5Y4nitUwFlc/ufY5wOemTbaYbAhJR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:08 2025 by rpki-client