Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/ed5e15-4f14-49e6-a6dd-45351f9dbb52/1/PKyeUu6aYGkUUryghGiOzeczRXk.roa
File: PKyeUu6aYGkUUryghGiOzeczRXk.roa (raw, json)
Hash identifier: SD4HTUhJtEqfLzYRsayv4z4qzvuGat3b2jkEl8dSJ94=
Subject key identifier: 3C:AC:9E:52:EE:9A:60:69:14:52:BC:A0:84:68:8E:CD:E7:33:45:79
Certificate issuer: /CN=fd6369271b6d13a6aedcaa23ebb29e29b796a46b
Certificate serial: 01856C4A6ADF4486513C9C69EF8C9D19F461
Authority key identifier: FD:63:69:27:1B:6D:13:A6:AE:DC:AA:23:EB:B2:9E:29:B7:96:A4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_WNpJxttE6au3Koj67KeKbeWpGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/ed5e15-4f14-49e6-a6dd-45351f9dbb52/1/PKyeUu6aYGkUUryghGiOzeczRXk.roa
Signing time: Sun 01 Jan 2023 07:44:54 +0000
ROA not before: Sun 01 Jan 2023 07:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 194.55.3.0/24 maxlen: 24
194.55.2.0/24 maxlen: 24
194.55.2.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:6a:df:44:86:51:3c:9c:69:ef:8c:9d:19:f4:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd6369271b6d13a6aedcaa23ebb29e29b796a46b
Validity
Not Before: Jan 1 07:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cac9e52ee9a60691452bca084688ecde7334579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6c:a7:36:9d:8d:56:e7:3e:bd:ff:0d:e4:30:
8c:00:07:89:68:7f:f3:a4:83:f5:43:fb:b8:1e:47:
71:7e:29:a0:61:e3:63:df:a6:e9:3e:ff:86:ef:1d:
b2:b3:04:f6:47:39:19:88:d5:05:2d:9a:d6:ce:16:
df:1b:d3:ed:b2:04:42:59:32:c1:42:07:bf:e2:e3:
a4:73:96:33:e2:7c:3d:ca:b2:fe:14:94:f0:46:6a:
7f:17:0f:c4:bd:e6:24:7d:5a:c2:2d:c2:75:33:45:
89:9b:49:e2:54:82:62:e2:b1:32:43:62:19:59:30:
16:74:46:67:cf:94:f0:31:92:ac:b0:a0:31:5d:0f:
33:3e:83:7f:c9:94:ac:5e:62:a8:26:04:63:47:18:
b6:24:5f:98:1f:05:86:cd:3a:d8:52:90:b0:c1:fd:
b8:8c:79:19:2d:2a:34:85:c7:25:4c:8c:30:0d:bf:
1b:32:34:bf:30:23:68:98:38:d2:fa:0a:74:c1:57:
a4:a9:6c:44:b9:80:4a:32:87:d8:52:fa:d8:80:e3:
ac:9e:da:26:b6:76:17:50:09:c1:d8:6f:33:22:bd:
48:6c:b5:39:7a:4b:50:c8:33:c5:c9:12:31:bd:7d:
ef:ac:c9:de:d2:f2:e2:b9:86:3b:ef:01:62:18:88:
35:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:AC:9E:52:EE:9A:60:69:14:52:BC:A0:84:68:8E:CD:E7:33:45:79
X509v3 Authority Key Identifier:
keyid:FD:63:69:27:1B:6D:13:A6:AE:DC:AA:23:EB:B2:9E:29:B7:96:A4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_WNpJxttE6au3Koj67KeKbeWpGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ed5e15-4f14-49e6-a6dd-45351f9dbb52/1/PKyeUu6aYGkUUryghGiOzeczRXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ed5e15-4f14-49e6-a6dd-45351f9dbb52/1/_WNpJxttE6au3Koj67KeKbeWpGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.2.0/23
Signature Algorithm: sha256WithRSAEncryption
75:e3:c6:ed:61:4e:5a:ef:50:cf:87:35:06:48:a9:c2:09:85:
af:e1:5c:1f:59:74:6a:2e:85:12:bb:5c:e8:73:68:61:44:a8:
25:ba:67:d6:70:aa:de:2b:53:ef:83:51:32:e6:60:ff:40:b5:
5c:3c:96:76:80:d0:90:11:06:a2:73:d1:a3:64:e2:ed:08:2f:
5c:e5:97:5c:9c:45:a2:dc:59:5f:99:64:47:31:29:a8:cb:67:
a7:16:7a:ab:7b:1f:74:30:4c:39:e1:48:e4:a4:24:69:49:b7:
9d:19:83:a5:07:86:47:f4:7d:1d:3f:d8:57:19:ef:e8:67:95:
8d:c7:29:fa:4a:44:44:6c:1c:d0:5f:ed:fc:37:3d:5e:7a:5e:
a9:c6:22:1c:12:98:ed:1d:b2:c6:61:1b:01:d4:e3:11:ec:43:
3b:e2:36:4f:45:82:79:40:90:ce:1d:00:83:22:ae:f2:8c:39:
fd:a3:eb:02:6b:0e:c0:4c:1f:47:e1:4e:09:fe:3a:71:fd:d8:
7c:88:58:b1:b9:da:93:21:5d:7a:d2:e6:dd:df:f5:2c:60:bb:
f7:20:ea:05:c3:bd:18:47:81:28:aa:cf:1c:a2:37:7e:59:69:
e5:ac:b6:2c:80:08:18:44:82:af:f2:e8:ea:c2:ce:d0:ea:9c:
64:eb:ed:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSmrfRIZRPJxp74ydGfRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNjM2OTI3MWI2ZDEzYTZhZWRjYWEyM2ViYjI5ZTI5Yjc5
NmE0NmIwHhcNMjMwMTAxMDc0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2FjOWU1MmVlOWE2MDY5MTQ1MmJjYTA4NDY4OGVjZGU3MzM0NTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWynNp2NVuc+vf8N5DCMAAeJaH/z
pIP1Q/u4HkdxfimgYeNj36bpPv+G7x2yswT2RzkZiNUFLZrWzhbfG9PtsgRCWTLB
Qge/4uOkc5Yz4nw9yrL+FJTwRmp/Fw/EveYkfVrCLcJ1M0WJm0niVIJi4rEyQ2IZ
WTAWdEZnz5TwMZKssKAxXQ8zPoN/yZSsXmKoJgRjRxi2JF+YHwWGzTrYUpCwwf24
jHkZLSo0hcclTIwwDb8bMjS/MCNomDjS+gp0wVekqWxEuYBKMofYUvrYgOOsntom
tnYXUAnB2G8zIr1IbLU5ektQyDPFyRIxvX3vrMne0vLiuYY77wFiGIg13QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDysnlLummBpFFK8oIRojs3nM0V5MB8GA1UdIwQY
MBaAFP1jaScbbROmrtyqI+uynim3lqRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1dOcEp4dHRFNmF1M0tvajY3S2VLYmVXcEdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9lZDVlMTUtNGYxNC00OWU2LWE2ZGQt
NDUzNTFmOWRiYjUyLzEvUEt5ZVV1NmFZR2tVVXJ5Z2hHaU96ZWN6UlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9lZDVlMTUtNGYxNC00OWU2LWE2ZGQtNDUzNTFmOWRiYjUy
LzEvX1dOcEp4dHRFNmF1M0tvajY3S2VLYmVXcEdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwjcCMA0G
CSqGSIb3DQEBCwUAA4IBAQB148btYU5a71DPhzUGSKnCCYWv4VwfWXRqLoUSu1zo
c2hhRKglumfWcKreK1Pvg1Ey5mD/QLVcPJZ2gNCQEQaic9GjZOLtCC9c5ZdcnEWi
3FlfmWRHMSmoy2enFnqrex90MEw54UjkpCRpSbedGYOlB4ZH9H0dP9hXGe/oZ5WN
xyn6SkREbBzQX+38Nz1eel6pxiIcEpjtHbLGYRsB1OMR7EM74jZPRYJ5QJDOHQCD
Iq7yjDn9o+sCaw7ATB9H4U4J/jpx/dh8iFixudqTIV160ubd3/UsYLv3IOoFw70Y
R4Eoqs8cojd+WWnlrLYsgAgYRIKv8ujqws7Q6pxk6+2Y
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:17:24 2025 by rpki-client