Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/5db5a3-a5e6-46c8-aa8e-251f5dce7e4d/1/KgpoP0I3RoonLEhxOMP2Y2vlu3Y.roa
File: KgpoP0I3RoonLEhxOMP2Y2vlu3Y.roa (raw, json)
Hash identifier: Oz6ea+qW6e5vVHpWKc+TaQvfFNGTzSIGHXMmfK+BSio=
Subject key identifier: 2A:0A:68:3F:42:37:46:8A:27:2C:48:71:38:C3:F6:63:6B:E5:BB:76
Certificate issuer: /CN=76aa51f2014fa0fd7117069d88a679f1670c32a4
Certificate serial: 01856FE701C59C7C1E81A35B96E5C943E795
Authority key identifier: 76:AA:51:F2:01:4F:A0:FD:71:17:06:9D:88:A6:79:F1:67:0C:32:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqpR8gFPoP1xFwadiKZ58WcMMqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/5db5a3-a5e6-46c8-aa8e-251f5dce7e4d/1/KgpoP0I3RoonLEhxOMP2Y2vlu3Y.roa
Signing time: Mon 02 Jan 2023 00:34:48 +0000
ROA not before: Mon 02 Jan 2023 00:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20559
IP address blocks: 91.234.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:01:c5:9c:7c:1e:81:a3:5b:96:e5:c9:43:e7:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76aa51f2014fa0fd7117069d88a679f1670c32a4
Validity
Not Before: Jan 2 00:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a0a683f4237468a272c487138c3f6636be5bb76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e7:54:4a:86:21:20:68:3c:6d:ad:12:e0:28:
1f:08:83:a2:07:01:70:fb:6a:c7:fa:59:b5:e4:80:
41:e7:f7:40:c8:f7:92:f1:05:dd:d3:3f:f5:a8:c4:
21:e5:ee:27:93:e3:67:2c:6c:6b:ba:3b:13:3e:0e:
5e:10:68:d5:15:15:52:94:13:c8:ed:4c:42:e1:a2:
91:1f:40:31:7a:b0:01:64:0b:ba:ad:f2:88:29:c1:
f0:40:cd:41:08:b2:d7:76:4c:76:e8:ca:36:ce:1e:
7f:e2:46:ac:75:d5:07:1b:fd:13:cc:6b:13:14:3a:
ff:4d:eb:36:5f:60:20:dd:75:1a:8e:9a:0d:56:20:
7e:37:47:f9:6a:e8:ff:e7:d3:04:04:a1:d7:77:77:
6c:ea:a9:7c:26:18:2a:10:c4:1a:c3:86:7f:eb:bb:
ff:4b:8f:17:d9:41:1e:ad:3a:69:23:be:ec:b0:1c:
9d:a6:5b:da:e7:3d:de:eb:45:55:4a:16:d3:6a:44:
fb:b2:0a:af:ff:63:bd:a7:e0:a4:06:5c:94:0d:99:
9e:26:84:05:d7:64:99:ee:09:44:05:cb:fe:c9:64:
bb:77:13:ee:ac:ba:fb:73:72:85:ff:78:66:69:94:
2b:76:61:fd:a3:12:98:ed:60:04:14:15:cc:66:4e:
d8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0A:68:3F:42:37:46:8A:27:2C:48:71:38:C3:F6:63:6B:E5:BB:76
X509v3 Authority Key Identifier:
keyid:76:AA:51:F2:01:4F:A0:FD:71:17:06:9D:88:A6:79:F1:67:0C:32:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqpR8gFPoP1xFwadiKZ58WcMMqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5db5a3-a5e6-46c8-aa8e-251f5dce7e4d/1/KgpoP0I3RoonLEhxOMP2Y2vlu3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5db5a3-a5e6-46c8-aa8e-251f5dce7e4d/1/dqpR8gFPoP1xFwadiKZ58WcMMqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.193.0/24
Signature Algorithm: sha256WithRSAEncryption
93:f9:66:0b:86:71:7b:ca:a3:bf:b6:cf:25:c7:50:c6:c6:c5:
7e:00:43:7a:fd:8f:ee:2c:81:8b:64:9c:11:47:42:f1:9d:bd:
c3:4d:d4:bd:f7:59:15:be:25:07:2c:59:d0:ac:9b:66:32:94:
d5:c7:03:76:2d:89:15:c7:51:3b:83:02:32:03:2f:d0:88:02:
aa:c6:f7:8f:2e:cf:93:2b:96:30:70:c8:71:75:53:4e:b0:d5:
da:d2:58:ab:20:00:3f:d6:7f:70:d0:27:48:68:89:92:47:17:
dc:6c:95:6c:2b:7a:49:12:7d:09:7f:9d:91:cb:cd:b4:8a:a3:
c5:d1:52:6e:32:db:99:6e:3a:8e:9d:3f:43:3d:ec:2f:9d:73:
f8:ab:76:51:6e:23:03:56:36:7e:38:13:a3:d5:d9:36:04:0f:
5c:89:dc:70:f3:d8:03:c1:ad:d5:20:de:33:43:b1:2b:22:5a:
5d:23:59:94:15:f2:1c:00:07:ed:0c:8a:a1:71:e2:5c:85:14:
f0:17:1e:f2:e8:f9:15:0e:3e:14:56:06:46:7d:41:0a:95:c9:
b3:7b:db:d9:9c:cb:5e:03:ad:75:6e:1a:80:0e:4b:b5:e8:c4:
50:1f:08:bd:80:7a:39:23:d8:21:72:e1:db:d9:78:9f:ec:38:
95:b9:b3:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5wHFnHwegaNbluXJQ+eVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YWE1MWYyMDE0ZmEwZmQ3MTE3MDY5ZDg4YTY3OWYxNjcw
YzMyYTQwHhcNMjMwMTAyMDAzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBhNjgzZjQyMzc0NjhhMjcyYzQ4NzEzOGMzZjY2MzZiZTViYjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+dUSoYhIGg8ba0S4CgfCIOiBwFw
+2rH+lm15IBB5/dAyPeS8QXd0z/1qMQh5e4nk+NnLGxrujsTPg5eEGjVFRVSlBPI
7UxC4aKRH0AxerABZAu6rfKIKcHwQM1BCLLXdkx26Mo2zh5/4kasddUHG/0TzGsT
FDr/Tes2X2Ag3XUajpoNViB+N0f5auj/59MEBKHXd3ds6ql8JhgqEMQaw4Z/67v/
S48X2UEerTppI77ssBydplva5z3e60VVShbTakT7sgqv/2O9p+CkBlyUDZmeJoQF
12SZ7glEBcv+yWS7dxPurLr7c3KF/3hmaZQrdmH9oxKY7WAEFBXMZk7YwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoKaD9CN0aKJyxIcTjD9mNr5bt2MB8GA1UdIwQY
MBaAFHaqUfIBT6D9cRcGnYimefFnDDKkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFwUjhnRlBvUDF4RndhZGlLWjU4V2NNTXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81ZGI1YTMtYTVlNi00NmM4LWFhOGUt
MjUxZjVkY2U3ZTRkLzEvS2dwb1AwSTNSb29uTEVoeE9NUDJZMnZsdTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81ZGI1YTMtYTVlNi00NmM4LWFhOGUtMjUxZjVkY2U3ZTRk
LzEvZHFwUjhnRlBvUDF4RndhZGlLWjU4V2NNTXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+rBMA0G
CSqGSIb3DQEBCwUAA4IBAQCT+WYLhnF7yqO/ts8lx1DGxsV+AEN6/Y/uLIGLZJwR
R0Lxnb3DTdS991kVviUHLFnQrJtmMpTVxwN2LYkVx1E7gwIyAy/QiAKqxvePLs+T
K5YwcMhxdVNOsNXa0lirIAA/1n9w0CdIaImSRxfcbJVsK3pJEn0Jf52Ry820iqPF
0VJuMtuZbjqOnT9DPewvnXP4q3ZRbiMDVjZ+OBOj1dk2BA9cidxw89gDwa3VIN4z
Q7ErIlpdI1mUFfIcAAftDIqhceJchRTwFx7y6PkVDj4UVgZGfUEKlcmze9vZnMte
A611bhqADku16MRQHwi9gHo5I9ghcuHb2Xif7DiVubNJ
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:29:41 2025 by rpki-client