Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/f45bda-786e-41e9-8323-ba4926e965e8/1/KfdGqvQbQ-Q2UaxLD6XM9JXdNYw.roa
File: KfdGqvQbQ-Q2UaxLD6XM9JXdNYw.roa (raw, json)
Hash identifier: s5CeuH8IHonE9WzW2EufeBpCnQSmKJufqWI+tcUdcjA=
Subject key identifier: 29:F7:46:AA:F4:1B:43:E4:36:51:AC:4B:0F:A5:CC:F4:95:DD:35:8C
Certificate issuer: /CN=2067f30a0d90d2d172992e9aea6f739d01b28792
Certificate serial: 01879DF79FDA3BB7A554BD9DCA5D5BB4E5E3
Authority key identifier: 20:67:F3:0A:0D:90:D2:D1:72:99:2E:9A:EA:6F:73:9D:01:B2:87:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IGfzCg2Q0tFymS6a6m9znQGyh5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/f45bda-786e-41e9-8323-ba4926e965e8/1/KfdGqvQbQ-Q2UaxLD6XM9JXdNYw.roa
Signing time: Thu 20 Apr 2023 09:21:03 +0000
ROA not before: Thu 20 Apr 2023 09:21:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198283
IP address blocks: 194.8.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9d:f7:9f:da:3b:b7:a5:54:bd:9d:ca:5d:5b:b4:e5:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2067f30a0d90d2d172992e9aea6f739d01b28792
Validity
Not Before: Apr 20 09:21:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29f746aaf41b43e43651ac4b0fa5ccf495dd358c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4d:a0:88:c8:4d:52:d6:87:63:df:e0:ed:f9:
64:f4:fc:0c:11:4d:7a:d0:c7:f2:8f:73:c8:12:8e:
30:29:71:66:ff:a4:47:4a:c6:0b:d9:4d:05:c5:e5:
58:ed:2a:f2:a1:6c:5f:ae:67:53:17:0f:01:ef:16:
99:b8:32:9e:2c:f7:3e:4b:52:9b:ed:42:ad:c8:0d:
6e:79:ea:2b:f9:42:f5:4f:44:07:cd:61:4f:e9:a3:
c4:16:75:a0:2f:32:ca:74:7b:bb:3e:6c:31:5e:d4:
68:8d:26:37:27:f4:db:01:05:5e:19:d3:5e:e9:93:
65:69:9c:c3:6b:46:b3:8e:33:1b:43:56:25:98:c8:
9c:0d:80:56:9e:0e:9a:e8:d3:6f:b8:bc:d7:8e:c1:
a4:aa:1c:3b:6a:44:d2:b1:ee:a0:39:c4:bd:cc:b9:
4f:f8:d5:10:26:32:b1:e4:01:e2:10:b4:3b:c9:56:
08:81:91:2c:c1:6e:e0:2f:74:a5:6d:10:63:8b:55:
f5:76:57:e7:1a:71:24:e8:cf:62:76:48:66:dd:ef:
9b:7e:4e:35:d4:b4:df:d3:4b:7b:2f:1d:dd:f0:ef:
76:e3:f8:6e:c0:06:b4:b8:6d:08:72:e8:2c:e1:f0:
b7:6e:74:bf:b0:06:70:f7:af:d1:9c:1e:be:28:0b:
75:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F7:46:AA:F4:1B:43:E4:36:51:AC:4B:0F:A5:CC:F4:95:DD:35:8C
X509v3 Authority Key Identifier:
keyid:20:67:F3:0A:0D:90:D2:D1:72:99:2E:9A:EA:6F:73:9D:01:B2:87:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IGfzCg2Q0tFymS6a6m9znQGyh5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/f45bda-786e-41e9-8323-ba4926e965e8/1/KfdGqvQbQ-Q2UaxLD6XM9JXdNYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/f45bda-786e-41e9-8323-ba4926e965e8/1/IGfzCg2Q0tFymS6a6m9znQGyh5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.4.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:ad:fb:6f:50:bd:58:0a:72:e4:07:d2:29:95:ec:24:8b:e2:
45:6a:bc:22:4b:de:04:8b:33:f1:84:c2:30:6b:bb:42:03:c5:
a6:50:2f:2d:5f:3d:2a:85:ef:e7:e1:33:75:68:eb:7e:f2:10:
2d:34:fa:69:d5:1d:d7:fd:00:74:88:a0:cf:5a:38:79:8c:c3:
c3:6c:62:ea:e0:7e:29:3f:f4:b9:55:fb:42:0c:30:1e:84:0c:
ec:ae:a1:09:ac:78:2d:ba:84:e7:e3:7f:f0:ba:a7:f9:d7:59:
9d:d5:e2:b0:be:2e:eb:85:1a:8e:59:34:c7:38:3b:7b:65:fc:
18:ef:e8:79:33:8f:48:18:a4:17:ab:b3:54:ea:d3:a1:1b:b9:
49:22:b3:5e:98:61:05:bb:08:98:95:c5:52:d8:70:a6:bf:0a:
60:bb:b4:44:7a:ce:d2:8c:4b:18:34:e1:02:03:25:70:63:60:
03:40:9c:33:48:46:16:01:7c:93:71:fc:15:9f:5d:70:75:6f:
48:ef:04:af:b9:1c:7a:c5:2c:63:cb:a7:4c:b4:d9:03:48:66:
3d:00:3e:3e:b9:2f:d3:6d:e2:84:d8:64:49:df:ee:d0:7b:60:
6e:bd:fb:c1:ed:0b:46:12:51:e1:80:b8:be:b8:ae:09:c6:16:
30:ac:45:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYed95/aO7elVL2dyl1btOXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNjdmMzBhMGQ5MGQyZDE3Mjk5MmU5YWVhNmY3MzlkMDFi
Mjg3OTIwHhcNMjMwNDIwMDkyMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWY3NDZhYWY0MWI0M2U0MzY1MWFjNGIwZmE1Y2NmNDk1ZGQzNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU2giMhNUtaHY9/g7flk9PwMEU16
0Mfyj3PIEo4wKXFm/6RHSsYL2U0FxeVY7SryoWxfrmdTFw8B7xaZuDKeLPc+S1Kb
7UKtyA1ueeor+UL1T0QHzWFP6aPEFnWgLzLKdHu7PmwxXtRojSY3J/TbAQVeGdNe
6ZNlaZzDa0azjjMbQ1YlmMicDYBWng6a6NNvuLzXjsGkqhw7akTSse6gOcS9zLlP
+NUQJjKx5AHiELQ7yVYIgZEswW7gL3SlbRBji1X1dlfnGnEk6M9idkhm3e+bfk41
1LTf00t7Lx3d8O924/huwAa0uG0Icugs4fC3bnS/sAZw96/RnB6+KAt1+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCn3Rqr0G0PkNlGsSw+lzPSV3TWMMB8GA1UdIwQY
MBaAFCBn8woNkNLRcpkumupvc50BsoeSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUdmekNnMlEwdEZ5bVM2YTZtOXpuUUd5aDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mNDViZGEtNzg2ZS00MWU5LTgzMjMt
YmE0OTI2ZTk2NWU4LzEvS2ZkR3F2UWJRLVEyVWF4TEQ2WE05SlhkTll3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mNDViZGEtNzg2ZS00MWU5LTgzMjMtYmE0OTI2ZTk2NWU4
LzEvSUdmekNnMlEwdEZ5bVM2YTZtOXpuUUd5aDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwggEMA0G
CSqGSIb3DQEBCwUAA4IBAQDCrftvUL1YCnLkB9Iplewki+JFarwiS94EizPxhMIw
a7tCA8WmUC8tXz0qhe/n4TN1aOt+8hAtNPpp1R3X/QB0iKDPWjh5jMPDbGLq4H4p
P/S5VftCDDAehAzsrqEJrHgtuoTn43/wuqf511md1eKwvi7rhRqOWTTHODt7ZfwY
7+h5M49IGKQXq7NU6tOhG7lJIrNemGEFuwiYlcVS2HCmvwpgu7REes7SjEsYNOEC
AyVwY2ADQJwzSEYWAXyTcfwVn11wdW9I7wSvuRx6xSxjy6dMtNkDSGY9AD4+uS/T
beKE2GRJ3+7Qe2BuvfvB7QtGElHhgLi+uK4JxhYwrEX7
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:06:48 2025 by rpki-client