Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ca9f2c-526e-453f-8b32-60feecea9aa4/1/k1phqEYC3a0qAsDhWORYzf6wmqc.roa
File: k1phqEYC3a0qAsDhWORYzf6wmqc.roa (raw, json)
Hash identifier: y52QhvhXwcmJ38DzSjlgPZjDW2GcSDAKFSXjg7fnkeY=
Subject key identifier: 93:5A:61:A8:46:02:DD:AD:2A:02:C0:E1:58:E4:58:CD:FE:B0:9A:A7
Certificate issuer: /CN=984503d4d18140b92aa8923193101d0f3eafe2c3
Certificate serial: 01856B8A15A2721AA1C4090163F1C0806B8E
Authority key identifier: 98:45:03:D4:D1:81:40:B9:2A:A8:92:31:93:10:1D:0F:3E:AF:E2:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mEUD1NGBQLkqqJIxkxAdDz6v4sM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ca9f2c-526e-453f-8b32-60feecea9aa4/1/k1phqEYC3a0qAsDhWORYzf6wmqc.roa
Signing time: Sun 01 Jan 2023 04:14:49 +0000
ROA not before: Sun 01 Jan 2023 04:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52183
IP address blocks: 193.5.117.0/24 maxlen: 24
193.5.116.0/24 maxlen: 24
193.5.118.0/24 maxlen: 24
193.5.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:15:a2:72:1a:a1:c4:09:01:63:f1:c0:80:6b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=984503d4d18140b92aa8923193101d0f3eafe2c3
Validity
Not Before: Jan 1 04:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=935a61a84602ddad2a02c0e158e458cdfeb09aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:86:64:6e:16:01:f9:3e:bf:63:9e:0a:8e:e7:
07:89:d7:7f:bf:bb:b3:86:7e:3f:77:1e:9b:ad:f4:
52:3c:e7:c0:0a:97:74:89:c3:f4:cb:b9:b3:51:0e:
45:7c:0b:de:9f:d7:52:02:47:6e:cd:c9:0b:1d:ee:
ce:30:60:d1:7a:5b:36:0d:ad:a9:6a:fd:9e:bd:de:
fc:d9:85:90:c4:e2:76:2f:a2:4f:fc:ca:d4:70:85:
06:01:92:fa:af:11:bd:86:a6:4e:7a:85:49:df:c3:
59:a1:5d:4d:c2:c4:2b:e7:70:b7:69:16:ae:2c:34:
a9:17:c2:95:b8:29:41:fc:86:2b:55:d3:2e:73:cf:
d0:0c:2f:63:1a:d2:cb:22:a7:51:f9:83:8d:a1:4e:
81:90:ed:17:95:ce:8f:8e:da:12:89:54:96:0f:b1:
21:7c:3f:76:49:2d:95:4f:4e:ec:0d:4e:27:38:9c:
78:0b:b9:e6:5f:15:5b:8e:24:4d:60:ce:3d:e8:ca:
7d:89:58:2a:1e:0d:b1:c4:5c:2a:b1:87:0a:1f:40:
25:4d:0e:34:09:47:78:0e:ab:07:ed:99:38:00:61:
e5:e8:76:88:29:58:19:ef:4f:f9:b8:60:e3:76:1d:
b4:ab:e9:bc:b4:3e:31:5c:49:99:70:0a:c6:29:3e:
36:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:5A:61:A8:46:02:DD:AD:2A:02:C0:E1:58:E4:58:CD:FE:B0:9A:A7
X509v3 Authority Key Identifier:
keyid:98:45:03:D4:D1:81:40:B9:2A:A8:92:31:93:10:1D:0F:3E:AF:E2:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mEUD1NGBQLkqqJIxkxAdDz6v4sM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ca9f2c-526e-453f-8b32-60feecea9aa4/1/k1phqEYC3a0qAsDhWORYzf6wmqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ca9f2c-526e-453f-8b32-60feecea9aa4/1/mEUD1NGBQLkqqJIxkxAdDz6v4sM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.116.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:28:fa:7e:3b:77:28:49:1f:7a:24:f9:71:1c:6e:b9:cd:f4:
42:c2:e2:c1:cb:b5:34:12:5d:f0:f4:b9:08:f0:98:90:55:f1:
00:c9:6c:2f:2b:6b:28:44:b3:cf:02:cb:b4:e6:6c:69:a9:4e:
f5:fb:df:a1:6a:bb:f1:42:fd:65:bb:df:c0:97:f7:b7:4d:50:
cf:7a:10:04:39:8b:bc:39:9f:0a:99:67:aa:da:1e:f2:85:f3:
4e:a0:42:63:76:fb:03:48:57:e3:3a:f2:6a:a2:31:63:67:e6:
7d:8a:97:92:b4:eb:0d:da:32:e1:5f:fa:03:a2:6a:25:4b:ec:
bb:53:eb:8d:ce:7d:7d:59:0a:73:fe:46:12:34:ce:0d:43:c5:
a0:36:7a:8f:cd:75:98:c4:88:3e:1e:f1:9f:c4:90:bd:2d:11:
e0:b7:52:fb:ff:61:ca:de:ba:72:c6:c1:51:74:ee:45:a9:af:
27:03:0a:2a:50:fb:60:ff:71:07:11:00:64:87:2b:ba:57:49:
08:34:85:03:19:16:ec:92:9a:25:d6:7e:bb:57:b3:24:93:66:
06:fe:26:c2:5a:3a:50:f6:8a:c9:e3:2e:7e:6b:c7:96:7f:1d:
31:06:96:60:82:7c:58:1e:1a:14:14:6a:e0:e6:4f:51:0c:38:
c4:88:70:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrihWichqhxAkBY/HAgGuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NDUwM2Q0ZDE4MTQwYjkyYWE4OTIzMTkzMTAxZDBmM2Vh
ZmUyYzMwHhcNMjMwMTAxMDQxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzVhNjFhODQ2MDJkZGFkMmEwMmMwZTE1OGU0NThjZGZlYjA5YWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloZkbhYB+T6/Y54KjucHidd/v7uz
hn4/dx6brfRSPOfACpd0icP0y7mzUQ5FfAven9dSAkduzckLHe7OMGDRels2Da2p
av2evd782YWQxOJ2L6JP/MrUcIUGAZL6rxG9hqZOeoVJ38NZoV1NwsQr53C3aRau
LDSpF8KVuClB/IYrVdMuc8/QDC9jGtLLIqdR+YONoU6BkO0Xlc6PjtoSiVSWD7Eh
fD92SS2VT07sDU4nOJx4C7nmXxVbjiRNYM496Mp9iVgqHg2xxFwqsYcKH0AlTQ40
CUd4DqsH7Zk4AGHl6HaIKVgZ70/5uGDjdh20q+m8tD4xXEmZcArGKT42+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJNaYahGAt2tKgLA4VjkWM3+sJqnMB8GA1UdIwQY
MBaAFJhFA9TRgUC5KqiSMZMQHQ8+r+LDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUVVRDFOR0JRTGtxcUpJeGt4QWREejZ2NHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jYTlmMmMtNTI2ZS00NTNmLThiMzIt
NjBmZWVjZWE5YWE0LzEvazFwaHFFWUMzYTBxQXNEaFdPUll6ZjZ3bXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jYTlmMmMtNTI2ZS00NTNmLThiMzItNjBmZWVjZWE5YWE0
LzEvbUVVRDFOR0JRTGtxcUpJeGt4QWREejZ2NHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwQV0MA0G
CSqGSIb3DQEBCwUAA4IBAQAaKPp+O3coSR96JPlxHG65zfRCwuLBy7U0El3w9LkI
8JiQVfEAyWwvK2soRLPPAsu05mxpqU71+9+harvxQv1lu9/Al/e3TVDPehAEOYu8
OZ8KmWeq2h7yhfNOoEJjdvsDSFfjOvJqojFjZ+Z9ipeStOsN2jLhX/oDomolS+y7
U+uNzn19WQpz/kYSNM4NQ8WgNnqPzXWYxIg+HvGfxJC9LRHgt1L7/2HK3rpyxsFR
dO5Fqa8nAwoqUPtg/3EHEQBkhyu6V0kINIUDGRbskpol1n67V7Mkk2YG/ibCWjpQ
9orJ4y5+a8eWfx0xBpZggnxYHhoUFGrg5k9RDDjEiHCI
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:26:40 2025 by rpki-client