Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/iKl5R7cbDgZTZ2gaxm6Ucg3IxkU.roa
File: iKl5R7cbDgZTZ2gaxm6Ucg3IxkU.roa (raw, json)
Hash identifier: uJ8Y2Q8NiLLFgLOZoPVrjVV8xskDMzzSuO7Vt8K6ATs=
Subject key identifier: 88:A9:79:47:B7:1B:0E:06:53:67:68:1A:C6:6E:94:72:0D:C8:C6:45
Certificate issuer: /CN=90f25e6a6893f466d2695e90670c047443643701
Certificate serial: 338FCB9D
Authority key identifier: 90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/iKl5R7cbDgZTZ2gaxm6Ucg3IxkU.roa
Signing time: Sat 01 Jan 2022 04:52:48 +0000
ROA not before: Sat 01 Jan 2022 04:52:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33915
IP address blocks: 94.168.64.0/18 maxlen: 18
94.168.0.0/18 maxlen: 18
94.168.0.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 865061789 (0x338fcb9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f25e6a6893f466d2695e90670c047443643701
Validity
Not Before: Jan 1 04:52:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88a97947b71b0e065367681ac66e94720dc8c645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:78:c7:f5:ba:76:3c:50:ba:6f:6d:c9:3d:94:
a6:7c:10:82:d0:3b:03:40:28:8f:4f:3b:61:cc:a5:
49:98:a7:ce:91:89:17:4e:54:81:59:2b:2c:a4:a0:
50:4e:82:5e:22:19:fb:ef:2e:6b:c5:96:42:5c:6c:
89:c2:b2:74:65:f4:4a:43:3b:75:cf:ac:01:3d:dc:
c9:39:ca:92:03:2b:0a:c1:ab:9a:95:ba:66:13:7e:
bc:81:37:30:d4:c1:91:15:d0:be:b9:1f:60:03:3f:
16:5e:17:40:31:8d:d5:8e:53:f5:32:3b:02:00:30:
99:4f:ea:b0:61:1d:8c:61:c9:3f:54:a6:60:d3:e6:
5e:5f:9c:f9:e5:68:81:f1:e8:24:a7:a1:e7:1b:30:
69:74:51:20:79:35:4c:22:20:4a:08:b3:dd:13:9e:
3d:01:3e:fc:37:0a:10:c1:ce:76:0e:e0:4e:1b:64:
e9:4b:d2:eb:d3:60:31:11:81:34:24:51:9c:6a:70:
85:37:9d:2c:60:8f:e0:b8:eb:b4:83:1d:ba:2f:2c:
b3:ce:0a:f7:5e:97:41:cd:ff:4a:2c:63:7e:b5:f5:
cc:11:ee:a5:00:18:d9:49:e3:b9:73:8b:df:e4:7b:
4f:fc:15:ae:77:65:e5:c9:67:7a:ad:5b:d2:0e:a6:
52:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A9:79:47:B7:1B:0E:06:53:67:68:1A:C6:6E:94:72:0D:C8:C6:45
X509v3 Authority Key Identifier:
keyid:90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/iKl5R7cbDgZTZ2gaxm6Ucg3IxkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.168.0.0/17
Signature Algorithm: sha256WithRSAEncryption
4f:78:ab:8d:e5:0a:94:66:dd:48:07:52:7d:31:86:3b:bd:4b:
b1:5c:84:05:cb:ac:0f:c3:b9:6c:15:46:ae:2d:c8:97:0b:d2:
9f:90:3b:ef:79:62:4a:67:e4:f1:22:5e:8c:04:85:16:c8:61:
7b:62:a5:8e:cb:62:57:36:29:a5:26:21:97:6a:9c:cc:c3:c7:
7e:7c:24:54:39:78:36:b0:f4:da:bf:e5:7a:e6:30:1c:e8:67:
07:31:95:e8:bc:67:52:41:88:73:f6:f3:13:f7:dc:6f:94:37:
2f:85:d6:56:6a:de:ea:ff:01:22:c6:3a:b9:ca:6f:ac:35:67:
89:5f:78:96:d5:2d:de:50:91:de:18:06:6e:19:f1:b9:a7:eb:
0f:8d:64:4e:63:81:87:10:42:2d:cb:ff:d6:82:6e:2a:c6:25:
9f:70:d4:5e:b8:a0:b5:60:30:cc:16:c8:c1:5d:ea:1e:d0:b3:
2d:0e:4d:22:e2:83:6b:b8:1f:24:c2:a6:bd:bd:2e:e2:e0:fa:
01:08:14:a8:dd:4a:03:ce:91:b5:42:8c:26:90:a6:0e:85:60:
2f:e0:d4:5f:85:ba:c4:76:fb:d3:f4:46:68:6f:97:f5:8d:8e:
53:6f:cb:9f:fa:6b:d3:5d:f9:e1:03:0e:df:3a:9e:d8:f2:97:
2e:8e:08:53
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEM4/LnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGYyNWU2YTY4OTNmNDY2ZDI2OTVlOTA2NzBjMDQ3NDQzNjQzNzAxMB4XDTIyMDEw
MTA0NTI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODhhOTc5NDdiNzFi
MGUwNjUzNjc2ODFhYzY2ZTk0NzIwZGM4YzY0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJ4x/W6djxQum9tyT2UpnwQgtA7A0Aoj087YcylSZinzpGJ
F05UgVkrLKSgUE6CXiIZ++8ua8WWQlxsicKydGX0SkM7dc+sAT3cyTnKkgMrCsGr
mpW6ZhN+vIE3MNTBkRXQvrkfYAM/Fl4XQDGN1Y5T9TI7AgAwmU/qsGEdjGHJP1Sm
YNPmXl+c+eVogfHoJKeh5xswaXRRIHk1TCIgSgiz3ROePQE+/DcKEMHOdg7gThtk
6UvS69NgMRGBNCRRnGpwhTedLGCP4LjrtIMdui8ss84K916XQc3/SixjfrX1zBHu
pQAY2UnjuXOL3+R7T/wVrndl5clneq1b0g6mUgkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSIqXlHtxsOBlNnaBrGbpRyDcjGRTAfBgNVHSMEGDAWgBSQ8l5qaJP0ZtJp
XpBnDAR0Q2Q3ATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tQSmVhbWlUOUdiU2FWNlFad3dFZEVOa053RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMDRiMTYyLTcwOTktNDA0ZC04MzkxLTNiMGI0YjhhMjk4My8x
L2lLbDVSN2NiRGdaVFoyZ2F4bTZVY2czSXhrVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MDRiMTYyLTcwOTktNDA0ZC04MzkxLTNiMGI0YjhhMjk4My8xL2tQSmVhbWlUOUdi
U2FWNlFad3dFZEVOa053RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB16oADANBgkqhkiG9w0BAQsFAAOC
AQEAT3irjeUKlGbdSAdSfTGGO71LsVyEBcusD8O5bBVGri3IlwvSn5A773liSmfk
8SJejASFFshhe2KljstiVzYppSYhl2qczMPHfnwkVDl4NrD02r/leuYwHOhnBzGV
6LxnUkGIc/bzE/fcb5Q3L4XWVmre6v8BIsY6ucpvrDVniV94ltUt3lCR3hgGbhnx
uafrD41kTmOBhxBCLcv/1oJuKsYln3DUXrigtWAwzBbIwV3qHtCzLQ5NIuKDa7gf
JMKmvb0u4uD6AQgUqN1KA86RtUKMJpCmDoVgL+DUX4W6xHb70/RGaG+X9Y2OU2/L
n/pr01354QMO3zqe2PKXLo4IUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:00 2024 by rpki-client on console-fra.rpki-client.org