Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/pkRU1pcfeCV8kypC8afl4LAZVpQ.roa
File: pkRU1pcfeCV8kypC8afl4LAZVpQ.roa (raw, json)
Hash identifier: u87NoJBML6SRQ2snCHociFlv9uyQ6C2DPScJXGCa0aA=
Subject key identifier: A6:44:54:D6:97:1F:78:25:7C:93:2A:42:F1:A7:E5:E0:B0:19:56:94
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 4272FDB0
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/pkRU1pcfeCV8kypC8afl4LAZVpQ.roa
Signing time: Sat 01 Jan 2022 14:03:16 +0000
ROA not before: Sat 01 Jan 2022 14:03:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49769
IP address blocks: 193.235.1.0/24 maxlen: 24
193.235.2.0/23 maxlen: 23
192.165.152.0/22 maxlen: 22
192.165.158.0/23 maxlen: 23
192.165.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1114832304 (0x4272fdb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a64454d6971f78257c932a42f1a7e5e0b0195694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:10:5b:1c:92:71:6b:94:37:ff:0c:a9:6b:c9:
d1:70:f6:ad:b1:67:a6:7b:13:c1:11:29:3b:42:ab:
8d:cd:3e:bd:cf:29:ad:ec:05:ee:58:dd:cd:96:80:
9c:7d:57:21:ab:ab:17:d3:c4:d8:25:24:31:d8:a5:
e7:19:de:e0:7d:7a:eb:78:26:0d:83:81:d7:38:d0:
44:1f:27:e4:90:4b:90:57:97:02:e6:2b:86:eb:6d:
e3:4d:d9:24:d1:1c:16:c4:f1:be:09:79:40:d3:83:
5f:9f:87:f9:00:bc:8a:d9:74:db:16:96:a3:bf:a7:
6a:ac:ad:87:f0:e0:9c:c5:44:78:fe:ae:a3:85:f2:
d8:16:26:6f:56:27:77:d5:71:7c:49:45:fb:6e:85:
c6:5e:29:50:d7:72:bd:ae:12:22:4d:8f:67:7b:62:
3b:0c:d8:11:a0:22:0b:5b:01:fb:6a:b6:65:39:99:
0f:e6:9b:9a:5c:9e:6e:ed:d4:7a:40:f5:ed:ba:9b:
3e:b5:4d:d6:af:0e:7d:8d:e7:70:92:72:e2:c5:14:
f7:55:86:6a:0b:e6:db:9e:48:c9:12:45:9b:e1:73:
a0:51:b2:75:37:5f:b5:de:ee:72:c7:c0:db:a0:8a:
5a:93:3f:9a:59:7c:38:7a:16:a1:96:94:35:9e:c2:
c6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:44:54:D6:97:1F:78:25:7C:93:2A:42:F1:A7:E5:E0:B0:19:56:94
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/pkRU1pcfeCV8kypC8afl4LAZVpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.152.0-192.165.156.255
192.165.158.0/23
193.235.1.0-193.235.3.255
Signature Algorithm: sha256WithRSAEncryption
5e:b2:49:ef:ee:c3:fb:82:eb:e1:e5:55:73:02:8e:a0:e2:aa:
94:21:f4:d7:54:41:08:47:19:84:75:cc:45:9b:c6:1a:ee:1d:
ae:12:e3:77:39:aa:19:70:3a:08:41:77:c9:ec:82:e5:10:0c:
78:6d:57:bb:80:27:51:53:16:b0:0f:cd:9e:b8:04:b8:96:71:
9d:0a:c5:65:06:e2:a7:8d:44:15:7f:5b:22:7b:30:67:93:e7:
fa:62:0e:23:6d:a7:0d:7f:ee:19:96:d2:7f:0c:cb:14:26:fc:
43:51:7f:07:c7:2d:29:39:5b:70:cc:99:ad:44:29:41:31:64:
a0:4f:a3:5a:5b:c8:0f:41:1f:8c:cb:3e:af:29:b3:01:ce:e2:
97:7d:45:06:1e:3b:cf:bc:1e:26:aa:e5:55:c2:33:2f:4f:7b:
f1:5c:7e:77:ee:4d:a5:28:bd:33:db:fd:c4:02:94:28:a1:f2:
8c:5e:01:ea:76:c6:a0:c2:52:11:0e:cd:9d:0b:55:d3:f0:52:
71:df:2a:ad:67:6a:d1:de:55:4c:fe:92:ce:44:7f:ba:55:2f:
14:57:fe:66:7f:01:f5:74:9f:3b:3f:d3:f0:d8:7f:34:9f:51:
68:e4:31:23:52:8b:f3:25:ba:d5:43:53:85:bb:9c:11:28:1b:
9f:c2:ae:2e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEQnL9sDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY0NDU0ZDY5NzFm
NzgyNTdjOTMyYTQyZjFhN2U1ZTBiMDE5NTY5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPEQWxyScWuUN/8MqWvJ0XD2rbFnpnsTwREpO0Krjc0+vc8p
rewF7ljdzZaAnH1XIaurF9PE2CUkMdil5xne4H1663gmDYOB1zjQRB8n5JBLkFeX
AuYrhutt403ZJNEcFsTxvgl5QNODX5+H+QC8itl02xaWo7+naqyth/DgnMVEeP6u
o4Xy2BYmb1Ynd9VxfElF+26Fxl4pUNdyva4SIk2PZ3tiOwzYEaAiC1sB+2q2ZTmZ
D+abmlyebu3UekD17bqbPrVN1q8OfY3ncJJy4sUU91WGagvm255IyRJFm+FzoFGy
dTdftd7ucsfA26CKWpM/mll8OHoWoZaUNZ7CxuUCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBSmRFTWlx94JXyTKkLxp+XgsBlWlDAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L3BrUlUxcGNmZUNWOGt5cEM4YWZsNExBWlZwUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowKAQCAAEwIjAMAwQDwKWYAwQAwKWcAwQBwKWeMAwD
BADB6wEDBALB6wAwDQYJKoZIhvcNAQELBQADggEBAF6ySe/uw/uC6+HlVXMCjqDi
qpQh9NdUQQhHGYR1zEWbxhruHa4S43c5qhlwOghBd8nsguUQDHhtV7uAJ1FTFrAP
zZ64BLiWcZ0KxWUG4qeNRBV/WyJ7MGeT5/piDiNtpw1/7hmW0n8MyxQm/ENRfwfH
LSk5W3DMma1EKUExZKBPo1pbyA9BH4zLPq8pswHO4pd9RQYeO8+8Hiaq5VXCMy9P
e/FcfnfuTaUovTPb/cQClCih8oxeAep2xqDCUhEOzZ0LVdPwUnHfKq1natHeVUz+
ks5Ef7pVLxRX/mZ/AfV0nzs/0/DYfzSfUWjkMSNSi/MlutVDU4W7nBEoG5/Cri4=
-----END CERTIFICATE-----
Generated at Sat May 17 13:57:38 2025 by rpki-client