Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/AKCfJFKjcU-Eu5_pHrBVgWy7HnY.roa
File: AKCfJFKjcU-Eu5_pHrBVgWy7HnY.roa (raw, json)
Hash identifier: TZYAzXM2Vfw9lpG4GTCwit0NOHcdSoA/OnD8++G2xiw=
Subject key identifier: 00:A0:9F:24:52:A3:71:4F:84:BB:9F:E9:1E:B0:55:81:6C:BB:1E:76
Certificate issuer: /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial: 0183F9F5B151FD2FDF51380C117D76D5CC6C
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/AKCfJFKjcU-Eu5_pHrBVgWy7HnY.roa
Signing time: Fri 21 Oct 2022 09:52:51 +0000
ROA not before: Fri 21 Oct 2022 09:52:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14178
IP address blocks: 194.31.98.0/24 maxlen: 24
162.12.206.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f9:f5:b1:51:fd:2f:df:51:38:0c:11:7d:76:d5:cc:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Validity
Not Before: Oct 21 09:52:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00a09f2452a3714f84bb9fe91eb055816cbb1e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7c:2e:27:e0:dc:12:c0:7c:05:9e:7c:fc:05:
c2:43:31:95:b2:8d:43:8d:6e:a6:18:a2:d8:1e:8f:
56:3e:3e:f3:81:ff:9f:07:f5:cb:93:66:da:46:4d:
0e:e7:91:97:f3:c6:1f:db:34:d0:d8:1c:bf:c9:d9:
7c:c7:8c:96:98:2f:14:a7:49:63:dd:5c:c4:9d:b2:
6b:3e:1b:7f:a3:c7:72:87:47:d3:09:a0:dd:28:57:
b5:5c:10:a8:6c:ba:4c:30:3a:25:10:ce:91:9e:cf:
4f:30:ec:2f:b2:b0:2f:e4:41:96:3e:ca:f7:e9:06:
fa:4c:f7:71:9d:6f:6a:1d:15:71:45:ac:e0:37:66:
72:66:1b:d5:bd:9a:40:3c:84:03:e1:05:27:02:d1:
b7:0f:23:a9:78:a4:b0:1b:c4:ca:c6:90:66:d5:b8:
2b:0f:37:18:35:e2:a3:3d:f8:e6:09:c7:2d:8d:4b:
c7:e0:46:be:18:b4:80:9c:bd:90:eb:95:e8:2e:be:
f5:82:b7:2d:97:64:57:c2:1b:09:61:75:46:f6:a1:
39:da:21:b1:1e:93:8f:07:88:c5:68:05:7d:d6:39:
23:4d:81:3a:4d:a9:4c:12:69:34:41:99:57:18:78:
5c:85:48:44:a7:cf:4a:cb:1d:cc:00:ec:d5:93:3d:
48:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:A0:9F:24:52:A3:71:4F:84:BB:9F:E9:1E:B0:55:81:6C:BB:1E:76
X509v3 Authority Key Identifier:
keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/AKCfJFKjcU-Eu5_pHrBVgWy7HnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
162.12.206.0/23
194.31.98.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:10:2d:c1:5f:79:32:9a:a7:e0:b2:66:7c:01:bc:0e:d3:d7:
08:48:58:13:4d:97:91:ec:7e:a9:ba:c2:0e:28:ab:0c:81:1a:
44:2f:8c:33:68:fc:d0:92:b2:be:17:ea:8c:64:fe:d2:96:c1:
49:c9:22:1d:5a:32:bb:db:8a:30:ac:ad:8a:e0:39:af:ea:1b:
74:09:49:8c:17:d5:0c:4c:9b:94:a3:7a:66:cd:a5:38:3b:c6:
81:4a:e7:4c:bd:5e:80:53:77:40:cb:e5:de:d6:28:2d:1b:f7:
28:6a:d2:ad:36:d5:b3:31:26:bb:fa:b6:03:fc:60:08:ca:4d:
5f:0f:a0:d0:aa:6d:ea:82:8a:cd:f6:99:db:06:fa:40:3a:31:
40:7c:93:a9:3b:06:c7:88:39:4e:d1:9f:d0:a9:6c:d0:3b:66:
d4:2a:37:6a:7d:15:23:ab:41:3a:90:15:2f:20:8b:22:23:7d:
04:40:96:a6:a3:a6:f9:f2:de:e6:85:7e:03:08:45:26:00:4f:
cf:51:d4:b5:ad:67:d7:e9:a7:03:66:3f:ea:f2:bb:18:1e:a6:
98:46:cc:ea:f1:14:9a:d5:e9:5c:8d:d5:b8:2d:cd:e5:10:25:
8d:ee:ff:0d:1c:0f:6d:c4:6e:77:13:9b:95:a5:26:d9:04:df:
20:b5:fa:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYP59bFR/S/fUTgMEX121cxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZlZmZiNTc2ZTQxMWRlNTExODcxZGMxZTBiZDdhMjBl
MmM0ZDcwHhcNMjIxMDIxMDk1MjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGEwOWYyNDUyYTM3MTRmODRiYjlmZTkxZWIwNTU4MTZjYmIxZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHwuJ+DcEsB8BZ58/AXCQzGVso1D
jW6mGKLYHo9WPj7zgf+fB/XLk2baRk0O55GX88Yf2zTQ2By/ydl8x4yWmC8Up0lj
3VzEnbJrPht/o8dyh0fTCaDdKFe1XBCobLpMMDolEM6Rns9PMOwvsrAv5EGWPsr3
6Qb6TPdxnW9qHRVxRazgN2ZyZhvVvZpAPIQD4QUnAtG3DyOpeKSwG8TKxpBm1bgr
DzcYNeKjPfjmCcctjUvH4Ea+GLSAnL2Q65XoLr71grctl2RXwhsJYXVG9qE52iGx
HpOPB4jFaAV91jkjTYE6TalMEmk0QZlXGHhchUhEp89Kyx3MAOzVkz1IKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFACgnyRSo3FPhLuf6R6wVYFsux52MB8GA1UdIwQY
MBaAFEJP7/tXbkEd5RGHHcHgvXog4sTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjct
ODMxZjdlNmY1Y2NkLzEvQUtDZkpGS2pjVS1FdTVfcEhyQlZnV3k3SG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjctODMxZjdlNmY1Y2Nk
LzEvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBogzOAwQA
wh9iMA0GCSqGSIb3DQEBCwUAA4IBAQCcEC3BX3kymqfgsmZ8AbwO09cISFgTTZeR
7H6pusIOKKsMgRpEL4wzaPzQkrK+F+qMZP7SlsFJySIdWjK724owrK2K4Dmv6ht0
CUmMF9UMTJuUo3pmzaU4O8aBSudMvV6AU3dAy+Xe1igtG/coatKtNtWzMSa7+rYD
/GAIyk1fD6DQqm3qgorN9pnbBvpAOjFAfJOpOwbHiDlO0Z/QqWzQO2bUKjdqfRUj
q0E6kBUvIIsiI30EQJamo6b58t7mhX4DCEUmAE/PUdS1rWfX6acDZj/q8rsYHqaY
Rszq8RSa1elcjdW4Lc3lECWN7v8NHA9txG53E5uVpSbZBN8gtfpy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:20 2025 by rpki-client