Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/k4145JCmoQD_YuqHUsLMbAYRw1k.roa
File: k4145JCmoQD_YuqHUsLMbAYRw1k.roa (raw, json)
Hash identifier: +0iL4allXF8My4MDo9oEuRp45s0mRQNGrZAmk0TYdmM=
Subject key identifier: 93:8D:78:E4:90:A6:A1:00:FF:62:EA:87:52:C2:CC:6C:06:11:C3:59
Certificate issuer: /CN=4e167ee5f8d2ac0d9cc0137b41912f181b0489b0
Certificate serial: 0185734CB72F22C3B2C47BF02A9D29E933C7
Authority key identifier: 4E:16:7E:E5:F8:D2:AC:0D:9C:C0:13:7B:41:91:2F:18:1B:04:89:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThZ-5fjSrA2cwBN7QZEvGBsEibA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/k4145JCmoQD_YuqHUsLMbAYRw1k.roa
Signing time: Mon 02 Jan 2023 16:24:45 +0000
ROA not before: Mon 02 Jan 2023 16:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1930
IP address blocks: 192.26.231.0/24 maxlen: 24
192.80.20.0/24 maxlen: 24
192.107.122.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:b7:2f:22:c3:b2:c4:7b:f0:2a:9d:29:e9:33:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e167ee5f8d2ac0d9cc0137b41912f181b0489b0
Validity
Not Before: Jan 2 16:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=938d78e490a6a100ff62ea8752c2cc6c0611c359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b2:50:da:96:e9:bd:33:e3:8c:5c:ec:35:f0:
8f:3a:ea:d2:1e:cc:ec:02:b0:10:5b:2f:b4:f6:b4:
5f:34:7f:5b:e7:92:17:80:bf:17:cc:2d:31:cc:53:
f2:cc:44:b9:8c:da:a0:65:e5:42:29:57:ea:f5:3b:
4d:e7:b7:28:ea:c5:46:d3:fb:33:71:88:3e:72:03:
11:25:fd:9c:26:19:01:83:ea:ac:54:29:be:ad:80:
78:08:6e:89:75:e8:a7:41:2a:25:7d:b0:5d:45:f9:
5d:88:cb:ae:43:19:07:ab:f1:a1:65:4c:d4:d1:76:
ad:d5:c6:0c:a3:56:f6:ab:c5:9f:7f:3e:71:f8:67:
0d:4b:79:c5:8c:62:6f:8e:d4:30:01:19:39:cc:c9:
f5:58:4d:d3:3a:3e:20:1f:f5:7e:66:7a:f7:cb:b7:
f4:08:47:9f:7e:52:2c:8f:f7:19:ca:2a:4e:f4:36:
60:78:7d:06:f0:10:26:2d:d6:79:fe:4f:48:12:62:
0f:00:e4:1a:fb:df:21:d7:6a:9a:e7:8a:67:f1:f6:
89:cc:9e:7e:98:e7:de:b0:e4:e9:cd:78:65:e7:94:
e5:ec:90:2b:2b:f1:71:3f:bc:af:ad:47:db:75:29:
bd:51:d7:09:9c:45:af:45:e5:ad:77:1d:af:99:36:
c4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:8D:78:E4:90:A6:A1:00:FF:62:EA:87:52:C2:CC:6C:06:11:C3:59
X509v3 Authority Key Identifier:
keyid:4E:16:7E:E5:F8:D2:AC:0D:9C:C0:13:7B:41:91:2F:18:1B:04:89:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThZ-5fjSrA2cwBN7QZEvGBsEibA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/k4145JCmoQD_YuqHUsLMbAYRw1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/ThZ-5fjSrA2cwBN7QZEvGBsEibA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.26.231.0/24
192.80.20.0/24
192.107.122.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:b2:7d:66:cd:0c:8d:e4:8f:94:1f:71:91:f6:7b:f9:44:f5:
43:f6:ec:bf:79:82:6c:03:4c:26:eb:5f:da:4d:fc:a5:46:fe:
b7:98:48:46:21:45:55:b0:63:35:5a:72:2b:f3:d2:9e:e2:94:
6c:b9:7c:95:ad:68:29:25:f2:db:fb:d6:08:d9:c5:ed:9c:7d:
e9:54:ae:d3:c4:f3:43:5f:1b:64:5a:7a:df:a7:ba:ea:39:7c:
85:53:e7:40:a4:71:b2:f8:d7:9d:9e:6a:04:84:85:2c:47:7e:
85:11:31:5a:20:8d:c1:70:59:c4:9c:c1:5c:3a:87:e6:a1:e1:
2c:4a:81:a6:6a:c1:2a:63:74:f0:52:dc:3e:32:f0:af:b5:f1:
90:b7:1d:89:00:5d:8d:bd:1d:0e:a7:60:19:0d:06:60:d8:6e:
2d:b0:bf:33:25:de:81:67:17:87:4c:c2:06:a9:47:e8:df:d1:
68:bb:e0:45:d3:b3:3c:fb:38:3b:9f:09:50:ff:31:12:3d:d5:
8c:9c:1a:4b:d4:33:d6:1b:bf:17:36:f5:b1:0c:a2:35:5d:af:
77:e8:6a:ef:c5:86:76:ed:ab:d1:31:87:d2:4a:77:02:8e:02:
df:78:b0:eb:21:5b:10:3b:3f:93:c2:24:b8:66:84:8a:42:4a:
b2:24:e5:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzTLcvIsOyxHvwKp0p6TPHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTY3ZWU1ZjhkMmFjMGQ5Y2MwMTM3YjQxOTEyZjE4MWIw
NDg5YjAwHhcNMjMwMTAyMTYyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzhkNzhlNDkwYTZhMTAwZmY2MmVhODc1MmMyY2M2YzA2MTFjMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbJQ2pbpvTPjjFzsNfCPOurSHszs
ArAQWy+09rRfNH9b55IXgL8XzC0xzFPyzES5jNqgZeVCKVfq9TtN57co6sVG0/sz
cYg+cgMRJf2cJhkBg+qsVCm+rYB4CG6JdeinQSolfbBdRfldiMuuQxkHq/GhZUzU
0Xat1cYMo1b2q8Wffz5x+GcNS3nFjGJvjtQwARk5zMn1WE3TOj4gH/V+Znr3y7f0
CEefflIsj/cZyipO9DZgeH0G8BAmLdZ5/k9IEmIPAOQa+98h12qa54pn8faJzJ5+
mOfesOTpzXhl55Tl7JArK/FxP7yvrUfbdSm9UdcJnEWvReWtdx2vmTbE1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJONeOSQpqEA/2Lqh1LCzGwGEcNZMB8GA1UdIwQY
MBaAFE4WfuX40qwNnMATe0GRLxgbBImwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhaLTVmalNyQTJjd0JON1FaRXZHQnNFaWJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82ZTE3OGUtOWNiZi00ODllLWFhM2Et
ZjY2MmIwYTY1ZThlLzEvazQxNDVKQ21vUURfWXVxSFVzTE1iQVlSdzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82ZTE3OGUtOWNiZi00ODllLWFhM2EtZjY2MmIwYTY1ZThl
LzEvVGhaLTVmalNyQTJjd0JON1FaRXZHQnNFaWJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwBrnAwQA
wFAUAwQAwGt6MA0GCSqGSIb3DQEBCwUAA4IBAQCssn1mzQyN5I+UH3GR9nv5RPVD
9uy/eYJsA0wm61/aTfylRv63mEhGIUVVsGM1WnIr89Ke4pRsuXyVrWgpJfLb+9YI
2cXtnH3pVK7TxPNDXxtkWnrfp7rqOXyFU+dApHGy+NednmoEhIUsR36FETFaII3B
cFnEnMFcOofmoeEsSoGmasEqY3TwUtw+MvCvtfGQtx2JAF2NvR0Op2AZDQZg2G4t
sL8zJd6BZxeHTMIGqUfo39Fou+BF07M8+zg7nwlQ/zESPdWMnBpL1DPWG78XNvWx
DKI1Xa936GrvxYZ27avRMYfSSncCjgLfeLDrIVsQOz+TwiS4ZoSKQkqyJOVi
-----END CERTIFICATE-----
Generated at Wed May 14 18:47:17 2025 by rpki-client