Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/KhZtTOff60Rmzajn31_Eqp07Yhg.roa
File: KhZtTOff60Rmzajn31_Eqp07Yhg.roa (raw, json)
Hash identifier: +LX8HXJdvLX8AWn1fXRnm7hd1HhbTZCuDXA7A4HCGyM=
Subject key identifier: 2A:16:6D:4C:E7:DF:EB:44:66:CD:A8:E7:DF:5F:C4:AA:9D:3B:62:18
Certificate issuer: /CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Certificate serial: 018BD540855084575F82E00D80A538C1FA9C
Authority key identifier: FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/KhZtTOff60Rmzajn31_Eqp07Yhg.roa
Signing time: Wed 15 Nov 2023 23:10:57 +0000
ROA not before: Wed 15 Nov 2023 23:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49219
IP address blocks: 185.155.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d5:40:85:50:84:57:5f:82:e0:0d:80:a5:38:c1:fa:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Validity
Not Before: Nov 15 23:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a166d4ce7dfeb4466cda8e7df5fc4aa9d3b6218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:de:cf:b9:0f:d7:6b:48:e2:38:62:5d:0c:32:
ce:96:8d:44:57:d1:e1:79:6c:cc:59:c8:73:c3:89:
56:16:05:90:b2:90:49:48:3a:cf:0d:b5:fd:cc:d1:
cb:6a:50:e6:8b:f7:85:62:e4:aa:40:4d:19:a3:01:
86:3f:f7:43:0d:ff:ae:45:c1:33:8a:f3:94:d5:91:
e8:fa:3c:e9:e1:8a:a5:84:63:ee:dc:55:e3:79:ce:
80:cc:75:d8:91:2b:0d:e5:52:cb:f8:6f:e3:9f:ae:
f2:b4:57:c6:21:61:18:47:67:21:83:4d:0c:f2:73:
ba:2d:94:79:af:bf:08:68:e2:f5:60:45:15:ec:7d:
76:fc:8a:6d:1e:8e:3a:6d:be:09:68:96:f8:4a:d0:
d8:9c:63:4a:2b:20:36:dc:92:18:43:e5:e5:99:2a:
ab:6f:63:66:51:13:9c:f1:49:07:ea:b4:b6:bf:94:
a4:78:e1:0c:44:ec:00:92:64:74:f4:02:72:3d:b2:
bb:24:c4:ec:6d:12:e2:87:39:08:b0:20:53:1b:23:
92:60:2f:92:78:21:82:82:ad:ae:91:09:a1:c0:d5:
52:ef:79:3d:61:e6:e4:1d:c2:d7:b3:c3:9f:61:19:
72:c2:b8:5a:ee:c9:16:a6:cb:c8:63:74:95:7f:dc:
37:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:16:6D:4C:E7:DF:EB:44:66:CD:A8:E7:DF:5F:C4:AA:9D:3B:62:18
X509v3 Authority Key Identifier:
keyid:FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/KhZtTOff60Rmzajn31_Eqp07Yhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.142.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:cf:34:51:d5:75:33:be:5b:be:3d:c0:7d:b5:23:10:1e:a3:
66:49:e2:13:1b:70:ea:25:c4:7e:07:cd:48:84:9f:4e:9e:b4:
71:76:ec:f0:9e:86:4d:61:c8:9f:e5:39:cc:95:b0:f9:9c:5e:
c6:c6:73:58:a0:94:ec:74:f8:6e:a3:46:43:28:e5:71:71:c7:
8e:25:15:5e:9b:97:fb:f0:7d:e2:9a:42:84:91:1b:8e:e5:51:
b1:17:32:72:2b:68:db:16:a7:cc:e0:7b:ea:72:24:9b:36:ed:
a0:eb:e1:f4:d6:e3:0f:b5:79:21:38:84:75:cb:46:92:b6:92:
14:1e:6b:50:55:f3:e3:44:93:df:80:d7:42:2c:29:06:92:bd:
a9:26:6e:94:5d:eb:8e:65:fe:38:fb:be:33:d1:8f:c0:48:46:
ce:52:e9:b7:2b:6c:69:2f:f9:e3:7b:67:89:a0:03:ff:52:6c:
d4:6e:af:65:10:30:42:c6:e6:0b:7f:11:b8:24:a3:20:4f:fb:
f4:6f:49:6a:10:cd:a4:90:16:7c:bf:c4:0e:dc:ba:ed:2a:88:
08:f1:d2:29:ac:cc:a3:d0:29:60:b4:22:6d:f6:e5:88:b9:9e:
5b:51:5c:63:86:8e:7e:c8:d4:21:d3:79:61:63:5f:1e:28:c8:
62:ad:ee:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvVQIVQhFdfguANgKU4wfqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYTk4YjFkMGVjY2NjNGY2ZmYxYTdlN2RiODRiNGJiMmY1
NWIwOGQwHhcNMjMxMTE1MjMxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE2NmQ0Y2U3ZGZlYjQ0NjZjZGE4ZTdkZjVmYzRhYTlkM2I2MjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd7PuQ/Xa0jiOGJdDDLOlo1EV9Hh
eWzMWchzw4lWFgWQspBJSDrPDbX9zNHLalDmi/eFYuSqQE0ZowGGP/dDDf+uRcEz
ivOU1ZHo+jzp4YqlhGPu3FXjec6AzHXYkSsN5VLL+G/jn67ytFfGIWEYR2chg00M
8nO6LZR5r78IaOL1YEUV7H12/IptHo46bb4JaJb4StDYnGNKKyA23JIYQ+XlmSqr
b2NmUROc8UkH6rS2v5SkeOEMROwAkmR09AJyPbK7JMTsbRLihzkIsCBTGyOSYC+S
eCGCgq2ukQmhwNVS73k9YebkHcLXs8OfYRlywrha7skWpsvIY3SVf9w3bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoWbUzn3+tEZs2o599fxKqdO2IYMB8GA1UdIwQY
MBaAFPypix0OzMxPb/Gn59uEtLsvVbCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0ttTEhRN016RTl2OGFmbjI0UzB1eTlWc0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85NzFlNzMtZmE4My00NTc5LTg1MzIt
NThmMGYzMjVjMmI4LzEvS2hadFRPZmY2MFJtemFqbjMxX0VxcDA3WWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85NzFlNzMtZmE4My00NTc5LTg1MzItNThmMGYzMjVjMmI4
LzEvX0ttTEhRN016RTl2OGFmbjI0UzB1eTlWc0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZuOMA0G
CSqGSIb3DQEBCwUAA4IBAQCmzzRR1XUzvlu+PcB9tSMQHqNmSeITG3DqJcR+B81I
hJ9OnrRxduzwnoZNYcif5TnMlbD5nF7GxnNYoJTsdPhuo0ZDKOVxcceOJRVem5f7
8H3imkKEkRuO5VGxFzJyK2jbFqfM4HvqciSbNu2g6+H01uMPtXkhOIR1y0aStpIU
HmtQVfPjRJPfgNdCLCkGkr2pJm6UXeuOZf44+74z0Y/ASEbOUum3K2xpL/nje2eJ
oAP/UmzUbq9lEDBCxuYLfxG4JKMgT/v0b0lqEM2kkBZ8v8QO3LrtKogI8dIprMyj
0ClgtCJt9uWIuZ5bUVxjho5+yNQh03lhY18eKMhire6m
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:44 2025 by rpki-client