Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/KIQjo3EQjCxgINtKLv83rPqZgoU.roa
File: KIQjo3EQjCxgINtKLv83rPqZgoU.roa (raw, json)
Hash identifier: Hi9OCiXhaHzkMu9d7AfH2INWJ0Vcudp4zCKT+jWA7+k=
Subject key identifier: 28:84:23:A3:71:10:8C:2C:60:20:DB:4A:2E:FF:37:AC:FA:99:82:85
Certificate issuer: /CN=4f030205fa365e9f49ff4ea7506df912d5ed8360
Certificate serial: 01856E8B1ED6B90D92647D8FA9A13FABC79F
Authority key identifier: 4F:03:02:05:FA:36:5E:9F:49:FF:4E:A7:50:6D:F9:12:D5:ED:83:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TwMCBfo2Xp9J_06nUG35EtXtg2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/KIQjo3EQjCxgINtKLv83rPqZgoU.roa
Signing time: Sun 01 Jan 2023 18:14:49 +0000
ROA not before: Sun 01 Jan 2023 18:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35667
IP address blocks: 94.143.216.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:1e:d6:b9:0d:92:64:7d:8f:a9:a1:3f:ab:c7:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f030205fa365e9f49ff4ea7506df912d5ed8360
Validity
Not Before: Jan 1 18:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=288423a371108c2c6020db4a2eff37acfa998285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:87:70:b6:d1:ec:f3:07:aa:22:45:a3:06:fd:
db:78:fe:ae:a8:05:e9:c3:39:85:fd:6e:d0:d2:0a:
eb:27:3d:37:b6:19:c1:45:09:75:0b:4c:54:54:f8:
d6:3e:e9:19:f4:eb:c9:23:26:67:8a:27:20:81:5f:
9d:82:07:e5:37:ff:b4:db:28:9f:14:43:0e:55:10:
94:5c:a7:c9:d2:1a:7f:2c:96:c9:c6:ca:67:f3:02:
82:e4:1f:fa:cf:a8:3c:d3:ff:cf:1a:2e:d2:ac:d0:
3b:ef:40:c2:d6:e4:ed:21:b3:ee:d9:d8:2c:dd:d7:
99:9e:c9:84:ab:24:71:07:37:e8:58:24:15:a5:fd:
9b:3e:d5:49:01:92:95:4b:42:39:8f:2e:32:bb:30:
f4:67:1b:35:54:07:5b:dc:d9:8d:43:57:10:00:51:
2a:83:37:e0:d1:64:86:0d:de:56:26:ec:7f:e1:64:
f2:b4:2e:eb:1b:36:dd:90:1a:d6:17:be:ae:65:03:
f8:bb:54:81:c6:07:28:97:59:c8:9d:f3:29:e8:d4:
e8:da:36:2a:5b:3a:23:9c:e0:0e:98:eb:ff:f2:dc:
a4:68:d0:bc:21:7f:56:5a:ee:e1:a7:b6:16:19:1c:
db:64:ec:10:93:76:30:f4:9c:fa:79:c6:50:0b:e8:
0f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:84:23:A3:71:10:8C:2C:60:20:DB:4A:2E:FF:37:AC:FA:99:82:85
X509v3 Authority Key Identifier:
keyid:4F:03:02:05:FA:36:5E:9F:49:FF:4E:A7:50:6D:F9:12:D5:ED:83:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TwMCBfo2Xp9J_06nUG35EtXtg2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/KIQjo3EQjCxgINtKLv83rPqZgoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/TwMCBfo2Xp9J_06nUG35EtXtg2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.216.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:4e:8d:6a:c8:91:12:ff:d9:fd:dd:ec:ae:6b:35:cb:55:8f:
09:84:ef:d3:64:ba:c0:0f:de:d7:09:bc:dd:4d:78:36:4c:5d:
3d:3a:d9:63:f4:b4:9d:75:a1:1b:fd:b5:2c:7c:41:2d:9c:e4:
1f:7e:c5:00:88:43:c7:5a:21:f0:ea:1f:ce:54:f5:2b:d6:79:
3b:89:9b:9d:c3:20:6e:c9:6c:fd:6b:ef:eb:49:be:c0:9e:52:
ff:86:8c:c8:ca:ca:4b:f5:fd:e4:1d:5a:bf:df:6c:5a:62:7b:
6c:10:f6:96:28:d0:fe:92:4d:51:3b:b8:7b:b8:3e:97:2b:f9:
f5:ee:80:99:c3:e9:24:bb:96:22:dc:b3:6d:76:67:d5:79:f5:
0c:d9:4b:0c:a9:01:86:b2:c6:25:2b:a0:33:c4:83:47:ef:6b:
fe:d3:47:65:36:75:0e:8c:a6:48:b2:be:44:52:97:6e:71:b9:
b1:84:19:1a:6e:0a:7f:51:40:b2:60:56:48:8b:74:2b:97:a5:
15:34:a9:a4:82:fb:4d:da:4b:e6:7e:05:29:9e:02:27:4e:6f:
de:d2:65:5d:ef:b5:0f:8d:55:80:30:2b:cb:2a:ea:82:f0:d4:
54:3a:23:33:28:28:c5:54:94:d4:56:58:46:e1:91:77:fb:9f:
63:2c:16:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuix7WuQ2SZH2PqaE/q8efMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMDMwMjA1ZmEzNjVlOWY0OWZmNGVhNzUwNmRmOTEyZDVl
ZDgzNjAwHhcNMjMwMTAxMTgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg0MjNhMzcxMTA4YzJjNjAyMGRiNGEyZWZmMzdhY2ZhOTk4Mjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYdwttHs8weqIkWjBv3beP6uqAXp
wzmF/W7Q0grrJz03thnBRQl1C0xUVPjWPukZ9OvJIyZniicggV+dggflN/+02yif
FEMOVRCUXKfJ0hp/LJbJxspn8wKC5B/6z6g80//PGi7SrNA770DC1uTtIbPu2dgs
3deZnsmEqyRxBzfoWCQVpf2bPtVJAZKVS0I5jy4yuzD0Zxs1VAdb3NmNQ1cQAFEq
gzfg0WSGDd5WJux/4WTytC7rGzbdkBrWF76uZQP4u1SBxgcol1nInfMp6NTo2jYq
WzojnOAOmOv/8tykaNC8IX9WWu7hp7YWGRzbZOwQk3Yw9Jz6ecZQC+gPpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCiEI6NxEIwsYCDbSi7/N6z6mYKFMB8GA1UdIwQY
MBaAFE8DAgX6Nl6fSf9Op1Bt+RLV7YNgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHdNQ0JmbzJYcDlKXzA2blVHMzVFdFh0ZzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8zYzhkYTUtYThlOS00YTRmLTgxNjgt
M2NlNjExY2I2Nzk5LzEvS0lRam8zRVFqQ3hnSU50S0x2ODNyUHFaZ29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8zYzhkYTUtYThlOS00YTRmLTgxNjgtM2NlNjExY2I2Nzk5
LzEvVHdNQ0JmbzJYcDlKXzA2blVHMzVFdFh0ZzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXo/YMA0G
CSqGSIb3DQEBCwUAA4IBAQBrTo1qyJES/9n93eyuazXLVY8JhO/TZLrAD97XCbzd
TXg2TF09Otlj9LSddaEb/bUsfEEtnOQffsUAiEPHWiHw6h/OVPUr1nk7iZudwyBu
yWz9a+/rSb7AnlL/hozIyspL9f3kHVq/32xaYntsEPaWKND+kk1RO7h7uD6XK/n1
7oCZw+kku5Yi3LNtdmfVefUM2UsMqQGGssYlK6AzxINH72v+00dlNnUOjKZIsr5E
UpducbmxhBkabgp/UUCyYFZIi3Qrl6UVNKmkgvtN2kvmfgUpngInTm/e0mVd77UP
jVWAMCvLKuqC8NRUOiMzKCjFVJTUVlhG4ZF3+59jLBaS
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:10:32 2025 by rpki-client