Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/531d2b-e170-49a5-8404-92f73f56fc62/1/KDJIiJEKDLqmHJaJQ6pVmd16b_U.roa
File: KDJIiJEKDLqmHJaJQ6pVmd16b_U.roa (raw, json)
Hash identifier: A/EfRpnqVwdqdKqXu1fSuTQ+mty7fWCul6GrucxYEiU=
Subject key identifier: 28:32:48:88:91:0A:0C:BA:A6:1C:96:89:43:AA:55:99:DD:7A:6F:F5
Certificate issuer: /CN=7ffc82585df69b7c94b16a61932ffc8b6e335156
Certificate serial: 01856CAF0B5DF4DE46EBD6D596276024D2AF
Authority key identifier: 7F:FC:82:58:5D:F6:9B:7C:94:B1:6A:61:93:2F:FC:8B:6E:33:51:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f_yCWF32m3yUsWphky_8i24zUVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/531d2b-e170-49a5-8404-92f73f56fc62/1/KDJIiJEKDLqmHJaJQ6pVmd16b_U.roa
Signing time: Sun 01 Jan 2023 09:34:48 +0000
ROA not before: Sun 01 Jan 2023 09:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212587
IP address blocks: 194.31.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:0b:5d:f4:de:46:eb:d6:d5:96:27:60:24:d2:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ffc82585df69b7c94b16a61932ffc8b6e335156
Validity
Not Before: Jan 1 09:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28324888910a0cbaa61c968943aa5599dd7a6ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:87:cb:78:cb:d3:fa:f0:79:af:b8:40:43:d4:
0b:15:2b:09:39:86:73:1d:55:67:8f:a2:65:fa:81:
d8:09:fc:c7:0c:8d:d0:ca:a5:0d:4a:cf:2a:f1:4a:
d2:27:ad:3b:56:28:aa:2a:b1:7d:6a:38:da:49:c5:
65:f3:fd:91:1a:a5:19:df:58:4d:7c:b3:3e:59:da:
82:4f:b8:3e:ac:78:67:ce:17:b0:62:9a:8f:09:00:
64:68:12:82:59:03:31:52:16:78:ab:62:aa:49:26:
e1:3d:7b:27:b5:8f:14:a7:da:7d:85:f3:49:2e:ed:
2a:23:c1:97:e6:3e:fc:40:5f:ac:21:8e:f6:e4:90:
e5:54:2a:a5:ba:b0:bc:47:14:36:a5:e2:bf:c9:1f:
8a:c4:34:37:dd:8c:d4:c4:c8:49:54:52:ad:f2:ea:
a1:a7:f6:23:4a:1e:98:ef:49:3a:3d:cf:9f:28:84:
cf:d2:4d:5e:18:0c:78:53:53:95:0d:26:57:00:91:
de:12:e6:6a:84:10:96:8e:b9:ae:52:2c:36:10:9a:
a0:30:e6:5b:09:3b:f5:81:82:9b:51:ac:f6:41:7a:
27:24:1e:bd:f6:92:98:59:74:27:66:5e:04:6f:26:
65:21:8a:12:eb:4b:b5:08:8c:9b:24:98:2b:1e:8f:
84:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:32:48:88:91:0A:0C:BA:A6:1C:96:89:43:AA:55:99:DD:7A:6F:F5
X509v3 Authority Key Identifier:
keyid:7F:FC:82:58:5D:F6:9B:7C:94:B1:6A:61:93:2F:FC:8B:6E:33:51:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f_yCWF32m3yUsWphky_8i24zUVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/531d2b-e170-49a5-8404-92f73f56fc62/1/KDJIiJEKDLqmHJaJQ6pVmd16b_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/531d2b-e170-49a5-8404-92f73f56fc62/1/f_yCWF32m3yUsWphky_8i24zUVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.16.0/20
Signature Algorithm: sha256WithRSAEncryption
32:a0:7e:88:f7:fa:32:8e:2d:4d:58:32:cc:14:9d:1c:1d:a7:
a6:fc:16:45:9c:c8:57:65:68:60:b2:16:9c:d9:9d:a1:62:1b:
d3:e0:b0:e8:f4:00:87:6a:d8:eb:e0:b9:49:f6:76:04:90:f0:
8d:49:54:14:be:e3:c4:83:52:04:75:14:c8:23:e2:a4:94:07:
6e:80:97:fe:ea:e4:fb:4e:e5:76:4a:8a:1d:e2:6a:70:a5:34:
e3:d2:20:21:91:8c:5a:12:37:29:e0:43:43:21:d8:20:72:a5:
fd:a4:2b:8f:b1:49:90:6b:cc:54:22:a5:fb:72:d1:d5:a4:18:
32:94:b2:64:5f:d8:65:04:f0:d6:3e:4b:9d:b8:99:71:c7:b6:
73:9f:8b:8d:cc:ff:4a:79:a9:80:5f:7f:f0:0d:ff:1f:74:e8:
a7:c4:1d:b5:c7:ed:7b:a6:53:09:fa:47:99:fb:9e:e2:0e:55:
09:58:19:c0:e0:f1:ef:84:35:c4:e7:2b:38:5b:0e:3d:61:3e:
a1:e8:aa:4a:15:f6:52:0e:85:42:da:cf:53:88:d4:56:a1:71:
d0:a0:59:49:c4:fe:59:ff:85:cc:49:a0:3b:a2:db:e2:46:d4:
c4:fb:d1:6f:89:d4:f5:c4:46:cb:58:da:b9:7e:e4:98:cc:13:
0b:18:d4:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrwtd9N5G69bVlidgJNKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmZmM4MjU4NWRmNjliN2M5NGIxNmE2MTkzMmZmYzhiNmUz
MzUxNTYwHhcNMjMwMTAxMDkzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODMyNDg4ODkxMGEwY2JhYTYxYzk2ODk0M2FhNTU5OWRkN2E2ZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYfLeMvT+vB5r7hAQ9QLFSsJOYZz
HVVnj6Jl+oHYCfzHDI3QyqUNSs8q8UrSJ607ViiqKrF9ajjaScVl8/2RGqUZ31hN
fLM+WdqCT7g+rHhnzhewYpqPCQBkaBKCWQMxUhZ4q2KqSSbhPXsntY8Up9p9hfNJ
Lu0qI8GX5j78QF+sIY725JDlVCqlurC8RxQ2peK/yR+KxDQ33YzUxMhJVFKt8uqh
p/YjSh6Y70k6Pc+fKITP0k1eGAx4U1OVDSZXAJHeEuZqhBCWjrmuUiw2EJqgMOZb
CTv1gYKbUaz2QXonJB699pKYWXQnZl4EbyZlIYoS60u1CIybJJgrHo+EXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgySIiRCgy6phyWiUOqVZndem/1MB8GA1UdIwQY
MBaAFH/8glhd9pt8lLFqYZMv/ItuM1FWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZl95Q1dGMzJtM3lVc1dwaGt5XzhpMjR6VVZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC81MzFkMmItZTE3MC00OWE1LTg0MDQt
OTJmNzNmNTZmYzYyLzEvS0RKSWlKRUtETHFtSEphSlE2cFZtZDE2Yl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC81MzFkMmItZTE3MC00OWE1LTg0MDQtOTJmNzNmNTZmYzYy
LzEvZl95Q1dGMzJtM3lVc1dwaGt5XzhpMjR6VVZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwh8QMA0G
CSqGSIb3DQEBCwUAA4IBAQAyoH6I9/oyji1NWDLMFJ0cHaem/BZFnMhXZWhgshac
2Z2hYhvT4LDo9ACHatjr4LlJ9nYEkPCNSVQUvuPEg1IEdRTII+KklAdugJf+6uT7
TuV2Sood4mpwpTTj0iAhkYxaEjcp4ENDIdggcqX9pCuPsUmQa8xUIqX7ctHVpBgy
lLJkX9hlBPDWPkuduJlxx7Zzn4uNzP9KeamAX3/wDf8fdOinxB21x+17plMJ+keZ
+57iDlUJWBnA4PHvhDXE5ys4Ww49YT6h6KpKFfZSDoVC2s9TiNRWoXHQoFlJxP5Z
/4XMSaA7otviRtTE+9FvidT1xEbLWNq5fuSYzBMLGNSJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:25 2025 by rpki-client