Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/9KpKk1fyZ5gxnt6b2QVEKyCp9iM.roa
File: 9KpKk1fyZ5gxnt6b2QVEKyCp9iM.roa (raw, json)
Hash identifier: dx0fucoqU6d4cSLjDcd5Xw6aH29JTI0zcHq89LX+XNw=
Subject key identifier: F4:AA:4A:93:57:F2:67:98:31:9E:DE:9B:D9:05:44:2B:20:A9:F6:23
Certificate issuer: /CN=64b59ae521952da55e03f779b885031c0c809cf9
Certificate serial: 0188B9E9C136FA0B9078B56C075D1E73C625
Authority key identifier: 64:B5:9A:E5:21:95:2D:A5:5E:03:F7:79:B8:85:03:1C:0C:80:9C:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/9KpKk1fyZ5gxnt6b2QVEKyCp9iM.roa
Signing time: Wed 14 Jun 2023 12:38:04 +0000
ROA not before: Wed 14 Jun 2023 12:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210897
IP address blocks: 103.56.172.0/24 maxlen: 24
193.23.125.0/24 maxlen: 24
194.8.135.0/24 maxlen: 24
2a11:2b80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:e9:c1:36:fa:0b:90:78:b5:6c:07:5d:1e:73:c6:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64b59ae521952da55e03f779b885031c0c809cf9
Validity
Not Before: Jun 14 12:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4aa4a9357f26798319ede9bd905442b20a9f623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fc:1d:4e:d2:e8:34:0f:97:df:64:c3:2a:6b:
f0:54:02:61:94:85:53:05:a5:85:91:77:55:6c:8b:
b2:42:85:eb:7c:32:6b:75:ce:56:3f:e6:30:07:16:
d2:61:36:06:a7:f3:e5:2e:16:12:06:17:99:8a:0c:
24:41:e3:d6:bc:a6:44:c6:0f:2d:3a:d5:18:24:c6:
98:f9:18:55:06:5c:54:9c:1a:07:26:ed:5e:4b:e3:
d0:65:1f:60:6d:3d:1f:11:44:3c:ff:db:78:8a:84:
f8:76:c4:12:b6:05:1c:9f:ba:48:62:19:1e:7a:4f:
f2:59:14:4e:63:74:5b:f4:90:d7:5f:1c:b4:f6:77:
c0:49:be:01:b8:17:e0:36:f0:33:36:5c:50:56:cd:
82:ab:f7:c3:bc:d6:0c:06:1f:fb:26:c9:69:20:41:
76:47:8f:c5:4a:f4:e5:1b:38:eb:0b:4c:bf:39:df:
a7:58:f2:d3:50:65:2d:a5:55:85:1c:9d:1a:b1:83:
4d:e4:a3:14:a6:c0:c5:9b:ab:d4:fa:8a:c5:22:59:
25:fa:96:40:51:1d:bf:15:e5:b8:41:63:ca:b8:47:
8c:f3:58:60:4d:ae:ec:5e:90:ec:82:51:e3:a7:fe:
15:d9:ea:10:df:3a:b9:9b:fa:bf:2d:8f:b2:38:57:
26:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AA:4A:93:57:F2:67:98:31:9E:DE:9B:D9:05:44:2B:20:A9:F6:23
X509v3 Authority Key Identifier:
keyid:64:B5:9A:E5:21:95:2D:A5:5E:03:F7:79:B8:85:03:1C:0C:80:9C:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/9KpKk1fyZ5gxnt6b2QVEKyCp9iM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.56.172.0/24
193.23.125.0/24
194.8.135.0/24
IPv6:
2a11:2b80::/32
Signature Algorithm: sha256WithRSAEncryption
1a:74:b4:19:3a:0d:00:36:a3:ba:66:3b:2e:59:95:42:4e:a2:
70:e7:88:6b:5f:fd:0a:65:ec:d3:1c:58:fd:9d:6a:e8:95:f4:
f1:cd:a6:24:97:68:92:f9:09:a4:af:a9:60:15:ae:12:18:95:
25:10:08:6d:63:ed:41:37:9b:52:8d:c6:9c:e5:91:a7:4e:77:
1d:91:ea:de:46:b5:82:e1:5c:e6:1e:5e:84:fa:d8:01:2e:a5:
1b:b1:42:c9:ab:ab:7f:78:c0:8e:4b:a3:b3:1b:95:ac:73:6b:
e2:fa:42:8e:7c:f6:0b:22:a0:b7:62:dd:5c:2e:96:51:31:7c:
00:14:35:0f:88:23:81:af:19:8f:fd:da:b1:57:53:30:62:d2:
2e:f8:64:24:67:55:31:8b:47:83:8f:88:3d:1b:26:6d:d4:32:
78:30:0c:10:95:32:a0:c8:a4:ef:6b:ad:62:8c:49:e0:ef:09:
ba:1b:b2:9a:48:df:15:b0:2e:37:c2:f2:0e:bf:0c:95:80:b4:
27:6a:b2:2b:2b:cb:b5:06:b6:90:8c:0a:2e:0c:a4:f7:0a:7f:
6c:cd:3d:64:9b:ad:5d:2d:b3:d9:b7:91:43:27:06:1b:80:d5:
e2:8a:b2:54:41:d4:ab:be:b1:12:d0:0c:11:3f:e8:77:f6:f9:
cd:83:1a:5e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYi56cE2+guQeLVsB10ec8YlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjU5YWU1MjE5NTJkYTU1ZTAzZjc3OWI4ODUwMzFjMGM4
MDljZjkwHhcNMjMwNjE0MTIzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFhNGE5MzU3ZjI2Nzk4MzE5ZWRlOWJkOTA1NDQyYjIwYTlmNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivwdTtLoNA+X32TDKmvwVAJhlIVT
BaWFkXdVbIuyQoXrfDJrdc5WP+YwBxbSYTYGp/PlLhYSBheZigwkQePWvKZExg8t
OtUYJMaY+RhVBlxUnBoHJu1eS+PQZR9gbT0fEUQ8/9t4ioT4dsQStgUcn7pIYhke
ek/yWRROY3Rb9JDXXxy09nfASb4BuBfgNvAzNlxQVs2Cq/fDvNYMBh/7JslpIEF2
R4/FSvTlGzjrC0y/Od+nWPLTUGUtpVWFHJ0asYNN5KMUpsDFm6vU+orFIlkl+pZA
UR2/FeW4QWPKuEeM81hgTa7sXpDsglHjp/4V2eoQ3zq5m/q/LY+yOFcmuwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPSqSpNX8meYMZ7em9kFRCsgqfYjMB8GA1UdIwQY
MBaAFGS1muUhlS2lXgP3ebiFAxwMgJz5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxXYTVTR1ZMYVZlQV9kNXVJVURIQXlBblBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi82YTZiMjItZmU2Ny00MjAyLWFjOTQt
NTFhZDAwZTU0MzMyLzEvOUtwS2sxZnlaNWd4bnQ2YjJRVkVLeUNwOWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi82YTZiMjItZmU2Ny00MjAyLWFjOTQtNTFhZDAwZTU0MzMy
LzEvWkxXYTVTR1ZMYVZlQV9kNXVJVURIQXlBblBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAZzisAwQA
wRd9AwQAwgiHMA0EAgACMAcDBQAqESuAMA0GCSqGSIb3DQEBCwUAA4IBAQAadLQZ
Og0ANqO6ZjsuWZVCTqJw54hrX/0KZezTHFj9nWrolfTxzaYkl2iS+Qmkr6lgFa4S
GJUlEAhtY+1BN5tSjcac5ZGnTncdkereRrWC4VzmHl6E+tgBLqUbsULJq6t/eMCO
S6OzG5Wsc2vi+kKOfPYLIqC3Yt1cLpZRMXwAFDUPiCOBrxmP/dqxV1MwYtIu+GQk
Z1Uxi0eDj4g9GyZt1DJ4MAwQlTKgyKTva61ijEng7wm6G7KaSN8VsC43wvIOvwyV
gLQnarIrK8u1BraQjAouDKT3Cn9szT1km61dLbPZt5FDJwYbgNXiirJUQdSrvrES
0AwRP+h39vnNgxpe
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:04:38 2025 by rpki-client