Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/krKYoO_dI6AKFAN7kB8KgwCz7i4.roa
File: krKYoO_dI6AKFAN7kB8KgwCz7i4.roa (raw, json)
Hash identifier: lLpR8priy0bOjaRYTU9Pom+JOK7EZYF01aOkkK7ciVM=
Subject key identifier: 92:B2:98:A0:EF:DD:23:A0:0A:14:03:7B:90:1F:0A:83:00:B3:EE:2E
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 0135102B
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/krKYoO_dI6AKFAN7kB8KgwCz7i4.roa
Signing time: Sat 01 Jan 2022 10:01:56 +0000
ROA not before: Sat 01 Jan 2022 10:01:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60571
IP address blocks: 194.104.148.0/24 maxlen: 24
2a06:1c4::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20254763 (0x135102b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: Jan 1 10:01:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92b298a0efdd23a00a14037b901f0a8300b3ee2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:57:6b:78:d9:6b:27:7f:b8:69:42:a4:0d:3f:
3f:cc:04:2e:18:2c:39:77:e3:f4:39:bb:af:3d:4e:
9b:60:16:ad:6d:06:54:7e:9f:b7:ce:e2:88:03:2b:
e6:9d:fa:3e:63:97:3d:f2:3c:76:bc:a5:e0:8e:9c:
ca:83:19:c2:26:84:62:01:e1:ac:a7:bf:ae:e8:65:
4c:20:50:06:6a:13:64:23:db:e2:3d:d0:e6:d8:26:
49:b0:56:66:4a:5e:8e:da:47:ae:60:e2:bb:44:99:
a3:9c:de:6b:fd:29:2e:2a:2c:4e:72:12:41:7f:02:
01:19:57:84:f2:4d:bf:d5:96:eb:2d:da:5a:b2:00:
d8:59:0d:12:90:bb:93:2f:de:80:fe:1c:c7:8d:81:
d6:36:17:00:14:ef:a6:5a:29:05:6f:31:45:e8:2e:
d8:f7:cb:ea:e8:80:45:c4:cc:4d:f7:e7:9f:87:bf:
19:d5:dc:94:e3:82:0e:76:13:4c:d6:16:08:6c:07:
63:44:75:f3:13:fa:50:1c:68:09:68:27:f4:09:3a:
40:b0:09:40:4c:fc:06:8c:8b:07:32:a1:be:b9:2f:
fe:2d:dc:5f:d0:cc:bc:59:aa:d5:16:02:9e:49:28:
f7:fa:d1:aa:e3:30:89:51:32:a8:1a:5e:5d:f0:9c:
f7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B2:98:A0:EF:DD:23:A0:0A:14:03:7B:90:1F:0A:83:00:B3:EE:2E
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/krKYoO_dI6AKFAN7kB8KgwCz7i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.148.0/24
IPv6:
2a06:1c4::/32
Signature Algorithm: sha256WithRSAEncryption
1a:e5:37:b0:cd:95:b0:27:4f:02:f6:36:fe:e0:c3:a0:71:c0:
c3:34:23:63:1d:36:b5:5d:3c:2f:67:a5:7e:fb:cd:10:7b:d7:
e3:05:b5:4d:af:da:8e:de:e0:a7:af:cd:0d:ba:9b:37:4c:06:
b2:ca:46:34:58:f8:3f:84:58:9a:f6:2e:a2:74:e0:32:f6:2e:
0d:5d:a1:27:1d:c5:26:dc:11:88:fa:fa:39:1a:15:1f:c5:12:
ee:09:33:82:39:99:01:ba:67:99:e4:bd:c6:2e:0b:27:39:4b:
e7:b8:d9:b1:e4:51:eb:b8:b6:b6:13:32:d9:18:13:8e:f2:41:
0d:8c:01:ed:2f:30:3d:ef:ae:0d:37:04:1c:d1:40:1b:d7:3b:
8d:31:51:8b:19:bb:f4:f7:2d:b1:0a:87:35:df:c8:94:15:8b:
ad:a3:6b:59:56:d5:b0:bb:7c:ee:51:f9:f9:7c:67:73:40:b4:
ec:d5:5b:14:6f:63:37:e9:3e:b4:1f:16:22:6d:46:fb:e6:d5:
05:2f:da:3e:77:3d:36:b7:7f:6a:33:11:c0:88:ed:91:ec:e4:
66:a2:a2:b5:a3:79:20:da:32:f3:ba:97:ab:47:c6:1e:b0:9d:
76:8e:82:69:93:ee:ee:80:cb:74:ac:e6:5b:f2:b6:86:94:10:
dd:30:1a:a1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEATUQKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZGQ1OTZjMWVhN2VjYmIxYmUxNzc3ZmMwZDM4ZWQwNmNhNDBlYWJlMB4XDTIyMDEw
MTEwMDE1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTJiMjk4YTBlZmRk
MjNhMDBhMTQwMzdiOTAxZjBhODMwMGIzZWUyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpXa3jZayd/uGlCpA0/P8wELhgsOXfj9Dm7rz1Om2AWrW0G
VH6ft87iiAMr5p36PmOXPfI8dryl4I6cyoMZwiaEYgHhrKe/ruhlTCBQBmoTZCPb
4j3Q5tgmSbBWZkpejtpHrmDiu0SZo5zea/0pLiosTnISQX8CARlXhPJNv9WW6y3a
WrIA2FkNEpC7ky/egP4cx42B1jYXABTvplopBW8xRegu2PfL6uiARcTMTffnn4e/
GdXclOOCDnYTTNYWCGwHY0R18xP6UBxoCWgn9Ak6QLAJQEz8BoyLBzKhvrkv/i3c
X9DMvFmq1RYCnkko9/rRquMwiVEyqBpeXfCc928CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSSspig790joAoUA3uQHwqDALPuLjAfBgNVHSMEGDAWgBQt1ZbB6n7Lsb4X
d/wNOO0GykDqvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xkV1d3ZXAteTdHLUYzZjhEVGp0QnNwQTZyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMzYzZWNjLTJhYTEtNDI4MS05NWIxLThiMGZjMDc4NThkNi8x
L2tyS1lvT19kSTZBS0ZBTjdrQjhLZ3dDejdpNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MzYzZWNjLTJhYTEtNDI4MS05NWIxLThiMGZjMDc4NThkNi8xL0xkV1d3ZXAteTdH
LUYzZjhEVGp0QnNwQTZyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMJolDANBAIAAjAHAwUAKgYBxDAN
BgkqhkiG9w0BAQsFAAOCAQEAGuU3sM2VsCdPAvY2/uDDoHHAwzQjYx02tV08L2el
fvvNEHvX4wW1Ta/ajt7gp6/NDbqbN0wGsspGNFj4P4RYmvYuonTgMvYuDV2hJx3F
JtwRiPr6ORoVH8US7gkzgjmZAbpnmeS9xi4LJzlL57jZseRR67i2thMy2RgTjvJB
DYwB7S8wPe+uDTcEHNFAG9c7jTFRixm79PctsQqHNd/IlBWLraNrWVbVsLt87lH5
+Xxnc0C07NVbFG9jN+k+tB8WIm1G++bVBS/aPnc9Nrd/ajMRwIjtkezkZqKitaN5
INoy87qXq0fGHrCddo6CaZPu7oDLdKzmW/K2hpQQ3TAaoQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:56:25 2025 by rpki-client