Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/F8354tCLi4elHcmLzWzAWY6RuVQ.roa
File: F8354tCLi4elHcmLzWzAWY6RuVQ.roa (raw, json)
Hash identifier: QqOMGoMgyEnUNxdko+rHW6vvMr4a7oiwzG7uIrkqGEk=
Subject key identifier: 17:CD:F9:E2:D0:8B:8B:87:A5:1D:C9:8B:CD:6C:C0:59:8E:91:B9:54
Certificate issuer: /CN=4e426c87dfbcc552dc790fec3ed1cde7a8f886e9
Certificate serial: 0186D576B9C654E0E869481D533A74436DFB
Authority key identifier: 4E:42:6C:87:DF:BC:C5:52:DC:79:0F:EC:3E:D1:CD:E7:A8:F8:86:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TkJsh9-8xVLceQ_sPtHN56j4huk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/F8354tCLi4elHcmLzWzAWY6RuVQ.roa
Signing time: Sun 12 Mar 2023 10:56:13 +0000
ROA not before: Sun 12 Mar 2023 10:56:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48197
IP address blocks: 94.127.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d5:76:b9:c6:54:e0:e8:69:48:1d:53:3a:74:43:6d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e426c87dfbcc552dc790fec3ed1cde7a8f886e9
Validity
Not Before: Mar 12 10:56:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17cdf9e2d08b8b87a51dc98bcd6cc0598e91b954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:44:03:53:59:8c:0c:b6:6b:32:21:60:ca:b5:
ae:9c:47:82:57:34:e9:39:2a:ff:07:e6:ad:55:64:
e4:81:dc:bb:4c:dc:2b:9c:8a:43:2f:2e:df:bb:dc:
33:67:5d:d0:20:68:52:a4:bd:cb:90:f6:a5:31:2c:
9e:ff:b0:53:f0:e2:1a:19:07:c4:56:d0:f5:2c:a4:
c2:99:a1:3b:92:72:e7:ef:4b:24:3c:82:98:26:f3:
2e:69:39:70:ff:f0:7b:b2:20:1a:fa:8c:47:f3:94:
3d:ff:87:de:b8:d3:27:c6:63:4f:62:ca:9a:74:57:
9f:70:df:f4:d5:ed:3c:eb:7f:00:24:d3:00:6c:62:
b2:01:d1:12:18:5a:6b:de:0d:2b:6e:7f:db:2e:27:
61:af:73:e9:e3:21:53:1d:2c:ed:9d:ca:80:d6:8a:
8b:dc:57:d1:05:94:94:0e:8b:b9:9c:61:80:c6:d1:
47:a6:d0:90:9d:54:c8:c4:b3:15:2b:8b:d7:8b:ca:
f3:fa:90:4d:21:3b:f0:5d:cf:93:9e:1b:d4:34:54:
29:32:ba:4f:a6:70:20:37:b2:e5:5a:6e:25:0d:e3:
8b:c6:03:c5:d6:89:60:0f:d6:5f:23:db:cf:df:36:
b1:e6:5a:60:61:12:23:9e:c8:61:07:a1:01:2f:01:
49:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:CD:F9:E2:D0:8B:8B:87:A5:1D:C9:8B:CD:6C:C0:59:8E:91:B9:54
X509v3 Authority Key Identifier:
keyid:4E:42:6C:87:DF:BC:C5:52:DC:79:0F:EC:3E:D1:CD:E7:A8:F8:86:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkJsh9-8xVLceQ_sPtHN56j4huk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/F8354tCLi4elHcmLzWzAWY6RuVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/TkJsh9-8xVLceQ_sPtHN56j4huk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.158.0/24
Signature Algorithm: sha256WithRSAEncryption
92:71:e2:f7:fa:ad:2c:17:2c:e0:32:66:ea:58:1a:3c:d7:5b:
b8:f4:09:88:64:cf:ff:61:bc:a3:07:02:f4:5e:a5:bc:83:e0:
d2:fa:b9:23:96:65:11:41:40:56:cd:91:bc:d6:21:ac:46:bb:
74:1f:e2:0a:1c:cd:1b:33:37:45:ae:16:59:85:98:03:11:d6:
28:b2:f1:75:85:82:95:13:2d:bc:46:fa:b0:10:20:f7:31:cb:
f2:de:98:86:22:ce:45:ea:14:2b:c5:ff:71:cd:03:d1:70:ab:
67:45:80:d4:97:d4:2b:8f:7f:3a:3e:3f:a1:05:d4:4d:de:44:
d4:8b:e5:3e:e8:13:38:aa:89:68:d2:bc:15:3c:02:a7:95:0b:
2b:df:82:07:de:73:3b:79:bd:8d:78:44:34:bf:f0:46:04:1f:
42:32:28:1f:13:3d:af:13:7e:12:e5:32:01:81:06:b1:b1:62:
aa:44:9a:8a:58:fa:3e:00:95:e3:cf:b9:ea:f3:b4:b3:ce:33:
ff:ea:b5:38:ec:12:f2:70:93:1e:9d:39:39:bc:c9:00:cc:fa:
95:ba:82:cd:e7:e9:64:46:14:2f:ae:4d:3a:d7:e1:c3:0f:c4:
d9:c1:44:bc:67:70:72:b6:20:53:0f:a2:9f:f9:a6:89:9a:0b:
84:ea:8b:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbVdrnGVODoaUgdUzp0Q237MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDI2Yzg3ZGZiY2M1NTJkYzc5MGZlYzNlZDFjZGU3YThm
ODg2ZTkwHhcNMjMwMzEyMTA1NjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2NkZjllMmQwOGI4Yjg3YTUxZGM5OGJjZDZjYzA1OThlOTFiOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUQDU1mMDLZrMiFgyrWunEeCVzTp
OSr/B+atVWTkgdy7TNwrnIpDLy7fu9wzZ13QIGhSpL3LkPalMSye/7BT8OIaGQfE
VtD1LKTCmaE7knLn70skPIKYJvMuaTlw//B7siAa+oxH85Q9/4feuNMnxmNPYsqa
dFefcN/01e08638AJNMAbGKyAdESGFpr3g0rbn/bLidhr3Pp4yFTHSztncqA1oqL
3FfRBZSUDou5nGGAxtFHptCQnVTIxLMVK4vXi8rz+pBNITvwXc+TnhvUNFQpMrpP
pnAgN7LlWm4lDeOLxgPF1olgD9ZfI9vP3zax5lpgYRIjnshhB6EBLwFJBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBfN+eLQi4uHpR3Ji81swFmOkblUMB8GA1UdIwQY
MBaAFE5CbIffvMVS3HkP7D7Rzeeo+IbpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtKc2g5LTh4VkxjZVFfc1B0SE41Nmo0aHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lNWJkYzctZWIwNi00NjI2LTg0ZDct
MTNkYTc0Y2QzNWE0LzEvRjgzNTR0Q0xpNGVsSGNtTHpXekFXWTZSdVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9lNWJkYzctZWIwNi00NjI2LTg0ZDctMTNkYTc0Y2QzNWE0
LzEvVGtKc2g5LTh4VkxjZVFfc1B0SE41Nmo0aHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXn+eMA0G
CSqGSIb3DQEBCwUAA4IBAQCSceL3+q0sFyzgMmbqWBo811u49AmIZM//YbyjBwL0
XqW8g+DS+rkjlmURQUBWzZG81iGsRrt0H+IKHM0bMzdFrhZZhZgDEdYosvF1hYKV
Ey28RvqwECD3Mcvy3piGIs5F6hQrxf9xzQPRcKtnRYDUl9Qrj386Pj+hBdRN3kTU
i+U+6BM4qolo0rwVPAKnlQsr34IH3nM7eb2NeEQ0v/BGBB9CMigfEz2vE34S5TIB
gQaxsWKqRJqKWPo+AJXjz7nq87SzzjP/6rU47BLycJMenTk5vMkAzPqVuoLN5+lk
RhQvrk061+HDD8TZwUS8Z3BytiBTD6Kf+aaJmguE6oua
-----END CERTIFICATE-----
Generated at Sun May 11 17:59:30 2025 by rpki-client