Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/95f965-270a-4c70-a690-2d7baf882674/1/mK1kiipmsr4LhpDGdHQXkDGHFYk.roa
File: mK1kiipmsr4LhpDGdHQXkDGHFYk.roa (raw, json)
Hash identifier: OdDzMI6l8ZTUxdq3tjxWEAhZLMT3yb1s6HvOE6jPmfg=
Subject key identifier: 98:AD:64:8A:2A:66:B2:BE:0B:86:90:C6:74:74:17:90:31:87:15:89
Certificate issuer: /CN=8a5b629a46985888ff14bfa9d7dcb1eb526600a6
Certificate serial: 0189203855A65DEF6E69498669EC537425C5
Authority key identifier: 8A:5B:62:9A:46:98:58:88:FF:14:BF:A9:D7:DC:B1:EB:52:66:00:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iltimkaYWIj_FL-p19yx61JmAKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/95f965-270a-4c70-a690-2d7baf882674/1/mK1kiipmsr4LhpDGdHQXkDGHFYk.roa
Signing time: Tue 04 Jul 2023 09:25:10 +0000
ROA not before: Tue 04 Jul 2023 09:25:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208861
IP address blocks: 194.152.56.0/24 maxlen: 24
81.161.102.0/23 maxlen: 23
2a13:59c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:38:55:a6:5d:ef:6e:69:49:86:69:ec:53:74:25:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a5b629a46985888ff14bfa9d7dcb1eb526600a6
Validity
Not Before: Jul 4 09:25:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98ad648a2a66b2be0b8690c67474179031871589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0c:9a:87:d8:9f:cb:e2:eb:02:c2:fd:62:1a:
31:72:64:7a:7d:07:16:43:23:83:aa:d3:bd:5c:aa:
61:c3:28:a2:a9:24:57:5a:7b:97:cb:37:37:c0:ee:
97:1f:ae:f3:cf:2a:bb:09:c1:7e:08:20:f1:52:5c:
02:63:9e:08:7c:b6:f7:a3:63:4e:79:cf:d0:e5:f0:
cb:0e:42:40:2f:19:8a:3c:35:bf:2f:2c:38:56:a9:
cb:21:f0:a6:4b:30:39:3a:2b:e1:bc:f1:15:a9:6e:
78:18:c1:c0:68:6e:11:be:1a:1b:06:0e:e6:6a:de:
f8:25:27:c7:9d:b6:6e:63:ab:7b:2f:8e:9a:be:37:
44:ab:ba:f3:5d:51:ab:a3:41:03:69:85:0a:ef:b3:
f5:b6:6d:5a:20:15:db:11:ad:81:d3:23:7e:72:83:
b8:11:1d:8c:c4:5a:02:d7:5c:f1:53:51:a9:1a:6d:
c3:03:fd:2c:ca:9f:99:50:9f:6c:0d:78:c2:e8:a4:
d6:7b:6e:f1:3d:04:ad:af:af:87:31:f0:23:31:6c:
d8:ea:55:86:24:c9:da:0b:1a:29:ab:3b:34:d5:85:
0b:57:5a:68:6f:23:64:85:19:77:b3:48:70:59:a9:
32:61:39:28:13:73:c6:56:b5:94:77:9b:72:9b:35:
2c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AD:64:8A:2A:66:B2:BE:0B:86:90:C6:74:74:17:90:31:87:15:89
X509v3 Authority Key Identifier:
keyid:8A:5B:62:9A:46:98:58:88:FF:14:BF:A9:D7:DC:B1:EB:52:66:00:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iltimkaYWIj_FL-p19yx61JmAKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/95f965-270a-4c70-a690-2d7baf882674/1/mK1kiipmsr4LhpDGdHQXkDGHFYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/95f965-270a-4c70-a690-2d7baf882674/1/iltimkaYWIj_FL-p19yx61JmAKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.102.0/23
194.152.56.0/24
IPv6:
2a13:59c0::/32
Signature Algorithm: sha256WithRSAEncryption
25:d5:0a:15:0e:67:94:68:96:d5:0a:89:d6:56:cb:41:be:78:
d9:47:1e:f1:69:37:87:48:59:03:26:3a:2a:75:87:95:07:04:
92:f2:c3:18:95:ef:05:be:2d:3b:85:61:15:44:a5:7a:54:37:
58:c6:06:c3:eb:6e:06:88:dd:99:31:cb:77:18:63:47:1c:93:
f9:11:a3:8f:b6:1f:d5:6c:ee:a4:f8:39:01:4a:c8:f0:0e:4e:
29:30:3b:5d:ea:b6:1f:f3:16:de:a4:4c:d2:f8:87:04:84:dd:
54:46:c8:a6:db:93:65:1a:46:7c:a6:35:4b:bc:e6:40:01:07:
30:2d:8b:99:7b:9b:cf:ae:46:08:21:c3:37:45:06:34:8d:59:
8c:cd:45:fd:ed:c7:df:02:8f:29:e1:c9:82:25:c3:ea:e0:ef:
96:2c:b2:21:6e:8d:34:f6:58:b7:8a:89:e8:ce:44:8f:39:3a:
36:d0:09:0d:63:4c:e0:99:e2:02:84:6d:05:7e:79:fb:1b:3a:
be:6d:cb:ab:7d:4f:ed:d5:09:84:67:aa:f9:89:ff:4e:52:fd:
21:be:23:63:09:a3:8e:35:e0:c1:d0:0f:38:cd:3f:e8:e0:8e:
7a:67:29:89:9d:54:b2:3f:d5:a5:93:c4:84:30:30:c0:fb:b9:
95:ad:9c:71
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYkgOFWmXe9uaUmGaexTdCXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNWI2MjlhNDY5ODU4ODhmZjE0YmZhOWQ3ZGNiMWViNTI2
NjAwYTYwHhcNMjMwNzA0MDkyNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFkNjQ4YTJhNjZiMmJlMGI4NjkwYzY3NDc0MTc5MDMxODcxNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQyah9ify+LrAsL9YhoxcmR6fQcW
QyODqtO9XKphwyiiqSRXWnuXyzc3wO6XH67zzyq7CcF+CCDxUlwCY54IfLb3o2NO
ec/Q5fDLDkJALxmKPDW/Lyw4VqnLIfCmSzA5OivhvPEVqW54GMHAaG4RvhobBg7m
at74JSfHnbZuY6t7L46avjdEq7rzXVGro0EDaYUK77P1tm1aIBXbEa2B0yN+coO4
ER2MxFoC11zxU1GpGm3DA/0syp+ZUJ9sDXjC6KTWe27xPQStr6+HMfAjMWzY6lWG
JMnaCxopqzs01YULV1pobyNkhRl3s0hwWakyYTkoE3PGVrWUd5tymzUs9QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJitZIoqZrK+C4aQxnR0F5AxhxWJMB8GA1UdIwQY
MBaAFIpbYppGmFiI/xS/qdfcsetSZgCmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWx0aW1rYVlXSWpfRkwtcDE5eXg2MUptQUtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85NWY5NjUtMjcwYS00YzcwLWE2OTAt
MmQ3YmFmODgyNjc0LzEvbUsxa2lpcG1zcjRMaHBER2RIUVhrREdIRllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85NWY5NjUtMjcwYS00YzcwLWE2OTAtMmQ3YmFmODgyNjc0
LzEvaWx0aW1rYVlXSWpfRkwtcDE5eXg2MUptQUtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBUaFmAwQA
wpg4MA0EAgACMAcDBQAqE1nAMA0GCSqGSIb3DQEBCwUAA4IBAQAl1QoVDmeUaJbV
ConWVstBvnjZRx7xaTeHSFkDJjoqdYeVBwSS8sMYle8Fvi07hWEVRKV6VDdYxgbD
624GiN2ZMct3GGNHHJP5EaOPth/VbO6k+DkBSsjwDk4pMDtd6rYf8xbepEzS+IcE
hN1URsim25NlGkZ8pjVLvOZAAQcwLYuZe5vPrkYIIcM3RQY0jVmMzUX97cffAo8p
4cmCJcPq4O+WLLIhbo009li3ionozkSPOTo20AkNY0zgmeIChG0Ffnn7Gzq+bcur
fU/t1QmEZ6r5if9OUv0hviNjCaOONeDB0A84zT/o4I56ZymJnVSyP9Wlk8SEMDDA
+7mVrZxx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:04 2025 by rpki-client