Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/458501-acab-42ed-8a6a-7bebbb70c050/1/k8eUTiE4nD07yUzA120iPufp_qk.roa
File: k8eUTiE4nD07yUzA120iPufp_qk.roa (raw, json)
Hash identifier: ky9wcPhmJVjkyacalFZcB9gD8rg5FGLpylqYAvWdaaM=
Subject key identifier: 93:C7:94:4E:21:38:9C:3D:3B:C9:4C:C0:D7:6D:22:3E:E7:E9:FE:A9
Certificate issuer: /CN=a8604356c7501ae2104b2cced3cedc5dbdc1163b
Certificate serial: 018B4A953D0C960A7C70DB52C7B664A562DC
Authority key identifier: A8:60:43:56:C7:50:1A:E2:10:4B:2C:CE:D3:CE:DC:5D:BD:C1:16:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGBDVsdQGuIQSyzO087cXb3BFjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/458501-acab-42ed-8a6a-7bebbb70c050/1/k8eUTiE4nD07yUzA120iPufp_qk.roa
Signing time: Fri 20 Oct 2023 00:56:16 +0000
ROA not before: Fri 20 Oct 2023 00:56:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51765
IP address blocks: 185.94.32.0/22 maxlen: 22
185.68.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4a:95:3d:0c:96:0a:7c:70:db:52:c7:b6:64:a5:62:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8604356c7501ae2104b2cced3cedc5dbdc1163b
Validity
Not Before: Oct 20 00:56:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93c7944e21389c3d3bc94cc0d76d223ee7e9fea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:52:86:b6:ae:b3:44:cd:ce:25:50:c6:5f:3a:
80:af:6a:88:17:ae:d4:e7:eb:16:77:34:82:54:cf:
7e:13:df:0e:d8:ed:18:24:c9:18:4a:48:7e:05:43:
32:8c:c0:da:ae:dd:3c:f2:68:dc:ab:73:7c:48:2d:
c8:cb:4a:0e:e7:cd:f6:f2:b3:c5:7e:f4:f4:8e:36:
10:97:4f:cc:2f:13:93:8a:7e:dd:7e:b6:72:8d:8d:
7a:c6:10:5d:d8:db:a2:3d:f8:1d:96:2d:a5:60:4f:
e1:c1:92:1a:64:74:c5:0d:71:a8:c5:93:d3:52:16:
32:70:d5:2a:a4:38:37:32:95:43:11:74:20:c5:18:
36:bb:d8:3a:c3:f2:8d:6b:65:bb:b5:03:86:3b:70:
ee:36:98:1d:16:96:ee:ad:f9:67:f1:5c:0c:f3:de:
fb:d5:91:29:cb:95:43:91:d6:87:ca:11:24:11:b4:
a4:1a:36:3d:c7:85:93:ab:7c:92:e8:38:6c:92:06:
ea:a1:8d:f5:5d:d2:85:03:dc:77:99:56:13:87:8a:
1a:a5:54:3e:a1:5a:6e:0b:3c:0d:e2:b3:ae:c1:df:
5b:05:e4:e1:1e:5a:19:0d:04:a0:55:44:08:dc:ad:
de:03:5d:a1:be:27:a4:2b:d4:47:f0:f7:0e:a7:eb:
4b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:C7:94:4E:21:38:9C:3D:3B:C9:4C:C0:D7:6D:22:3E:E7:E9:FE:A9
X509v3 Authority Key Identifier:
keyid:A8:60:43:56:C7:50:1A:E2:10:4B:2C:CE:D3:CE:DC:5D:BD:C1:16:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGBDVsdQGuIQSyzO087cXb3BFjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/458501-acab-42ed-8a6a-7bebbb70c050/1/k8eUTiE4nD07yUzA120iPufp_qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/458501-acab-42ed-8a6a-7bebbb70c050/1/qGBDVsdQGuIQSyzO087cXb3BFjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.152.0/22
185.94.32.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:f5:46:10:35:d8:9d:bb:76:af:1f:a6:d0:56:00:5d:80:b8:
0f:70:40:4d:d5:bf:ee:e4:0a:e4:7a:74:f4:45:87:5e:ed:48:
01:a2:6b:9d:bf:aa:91:a7:25:3e:48:31:6c:0a:13:3d:d9:a1:
e7:29:35:87:5c:8b:53:8f:1b:3b:09:94:af:18:87:13:f0:d7:
ce:0b:f9:1e:66:25:4d:ba:f5:7c:3c:1b:9e:76:ec:82:f1:83:
6a:84:ed:a3:4a:df:16:bb:5f:2b:74:ea:34:fc:41:4e:a0:b3:
12:41:83:1f:82:91:df:ba:5b:5a:c2:d7:0c:a6:7c:04:d4:a5:
91:d2:ac:bb:87:91:99:60:1a:45:39:da:27:c3:11:b5:d0:af:
68:a3:c8:96:15:16:c7:30:c6:c6:3f:9e:e8:b1:b9:24:62:cb:
b3:d8:21:0b:c0:bd:17:cc:31:fc:03:e4:4c:d7:84:17:0a:fc:
88:7d:97:fa:e2:c6:02:de:1c:8d:f3:31:1a:43:c7:1f:be:39:
7b:a0:df:8f:6d:e9:ab:41:a6:7f:f6:be:8a:96:6e:33:3d:40:
5f:d3:2a:47:7a:37:39:5a:7f:9b:af:50:2b:b1:59:97:f8:a9:
d1:9b:4e:ef:e7:cc:3f:34:35:75:45:a7:c9:38:75:87:82:92:
de:f8:ef:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtKlT0Mlgp8cNtSx7ZkpWLcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjA0MzU2Yzc1MDFhZTIxMDRiMmNjZWQzY2VkYzVkYmRj
MTE2M2IwHhcNMjMxMDIwMDA1NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2M3OTQ0ZTIxMzg5YzNkM2JjOTRjYzBkNzZkMjIzZWU3ZTlmZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVKGtq6zRM3OJVDGXzqAr2qIF67U
5+sWdzSCVM9+E98O2O0YJMkYSkh+BUMyjMDart088mjcq3N8SC3Iy0oO58328rPF
fvT0jjYQl0/MLxOTin7dfrZyjY16xhBd2NuiPfgdli2lYE/hwZIaZHTFDXGoxZPT
UhYycNUqpDg3MpVDEXQgxRg2u9g6w/KNa2W7tQOGO3DuNpgdFpburfln8VwM8977
1ZEpy5VDkdaHyhEkEbSkGjY9x4WTq3yS6DhskgbqoY31XdKFA9x3mVYTh4oapVQ+
oVpuCzwN4rOuwd9bBeThHloZDQSgVUQI3K3eA12hviekK9RH8PcOp+tLLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJPHlE4hOJw9O8lMwNdtIj7n6f6pMB8GA1UdIwQY
MBaAFKhgQ1bHUBriEEssztPO3F29wRY7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdCRFZzZFFHdUlRU3l6TzA4N2NYYjNCRmpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80NTg1MDEtYWNhYi00MmVkLThhNmEt
N2JlYmJiNzBjMDUwLzEvazhlVVRpRTRuRDA3eVV6QTEyMGlQdWZwX3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80NTg1MDEtYWNhYi00MmVkLThhNmEtN2JlYmJiNzBjMDUw
LzEvcUdCRFZzZFFHdUlRU3l6TzA4N2NYYjNCRmpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUSYAwQC
uV4gMA0GCSqGSIb3DQEBCwUAA4IBAQCM9UYQNdidu3avH6bQVgBdgLgPcEBN1b/u
5ArkenT0RYde7UgBomudv6qRpyU+SDFsChM92aHnKTWHXItTjxs7CZSvGIcT8NfO
C/keZiVNuvV8PBueduyC8YNqhO2jSt8Wu18rdOo0/EFOoLMSQYMfgpHfultawtcM
pnwE1KWR0qy7h5GZYBpFOdonwxG10K9oo8iWFRbHMMbGP57osbkkYsuz2CELwL0X
zDH8A+RM14QXCvyIfZf64sYC3hyN8zEaQ8cfvjl7oN+PbemrQaZ/9r6Klm4zPUBf
0ypHejc5Wn+br1ArsVmX+KnRm07v58w/NDV1RafJOHWHgpLe+O+x
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:56:17 2025 by rpki-client