Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/4F5bMmS3pY5zaQ6a2QKO6O7Ls6Q.roa
File: 4F5bMmS3pY5zaQ6a2QKO6O7Ls6Q.roa (raw, json)
Hash identifier: DX8tAgbHC+jbwGChIvdZr4QJXsxEPkDjXpYeL+bhUfo=
Subject key identifier: E0:5E:5B:32:64:B7:A5:8E:73:69:0E:9A:D9:02:8E:E8:EE:CB:B3:A4
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 018B8B95DCA8FBF92B731D0E3F3B2B1C5417
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/4F5bMmS3pY5zaQ6a2QKO6O7Ls6Q.roa
Signing time: Wed 01 Nov 2023 15:52:16 +0000
ROA not before: Wed 01 Nov 2023 15:52:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 37.0.15.0/24 maxlen: 24
37.0.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:95:dc:a8:fb:f9:2b:73:1d:0e:3f:3b:2b:1c:54:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Nov 1 15:52:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e05e5b3264b7a58e73690e9ad9028ee8eecbb3a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e8:e3:e6:df:37:bc:c5:c2:cc:a7:23:ab:49:
ad:fc:71:26:a8:ae:de:22:75:38:df:a6:a2:49:c5:
97:de:51:5a:1c:2a:21:17:18:3a:1b:4c:e1:6e:d0:
2d:91:3f:3a:38:db:cd:30:11:4c:ce:38:7f:98:39:
1f:61:b3:ee:b7:c4:bc:1a:18:ac:5a:b1:55:07:d4:
27:14:e7:9d:72:01:f1:49:63:a3:5a:a4:cf:81:48:
6b:ae:36:e1:d5:cd:40:49:cb:8e:52:d5:0f:24:0a:
22:11:11:80:ae:cd:00:c3:93:e2:59:0b:9e:c7:cf:
51:e5:78:e4:ca:bb:7f:0f:86:03:21:85:8b:0c:aa:
70:bb:7f:40:35:77:88:0d:72:49:50:57:72:ca:85:
46:8b:d1:94:24:7a:9d:24:bb:64:b9:84:f3:f2:45:
6b:d6:25:ca:cd:e0:c9:ea:94:20:2c:08:88:3c:24:
89:30:90:1e:88:58:0a:ac:4e:2c:85:74:28:0b:28:
f6:c0:92:ae:43:14:20:0f:c5:96:7f:42:7b:39:33:
26:c4:ff:5b:76:8f:9d:db:74:51:27:63:b5:d3:d3:
1f:b5:e4:f9:c4:7d:b3:3a:dc:d1:4a:8d:87:3b:25:
d4:1a:ea:91:80:fc:db:7a:0f:28:94:d5:f2:e5:4e:
4a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:5E:5B:32:64:B7:A5:8E:73:69:0E:9A:D9:02:8E:E8:EE:CB:B3:A4
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/4F5bMmS3pY5zaQ6a2QKO6O7Ls6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.14.0/23
Signature Algorithm: sha256WithRSAEncryption
78:94:04:07:cc:d6:6e:a5:80:28:8c:15:41:fa:3c:40:8c:29:
2e:f4:ad:56:f0:a5:0d:40:ee:4a:4e:05:72:93:fd:80:d3:df:
81:73:4a:7e:2f:1c:c8:0b:ae:8f:a9:90:33:f1:20:f3:f5:f3:
b7:6a:8e:f1:ea:af:26:95:c4:b6:4a:ba:78:aa:84:65:f2:18:
8f:6b:78:cf:4e:8e:04:9f:8b:a3:78:39:53:78:40:96:7d:54:
da:ed:80:9b:4f:2d:fa:ad:d3:6b:6f:14:89:27:c3:e0:fa:8a:
76:fe:ca:59:ab:f7:72:89:8f:d3:a2:a5:27:a7:48:cb:90:95:
50:c9:ce:56:b5:13:41:0a:4d:72:9c:c0:54:25:46:f2:4d:98:
0f:39:00:fd:66:d2:c1:04:8f:1c:50:1a:5f:32:a3:62:25:c2:
15:00:45:4e:37:e0:fe:c7:ea:35:96:cf:24:da:06:87:bd:a3:
4e:40:ae:1f:a0:e9:59:68:07:69:b3:b8:99:67:61:56:92:70:
c3:fe:91:9a:ba:c0:cd:fd:8e:83:e1:57:08:c1:aa:a3:da:6f:
9a:56:70:b2:6f:48:a0:3a:6f:11:fc:db:8e:1d:14:5a:ba:84:
a6:ec:7f:63:93:71:a1:0c:3a:0f:01:86:28:88:94:7e:e9:cd:
7f:00:1f:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuLldyo+/krcx0OPzsrHFQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjMxMTAxMTU1MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDVlNWIzMjY0YjdhNThlNzM2OTBlOWFkOTAyOGVlOGVlY2JiM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnujj5t83vMXCzKcjq0mt/HEmqK7e
InU436aiScWX3lFaHCohFxg6G0zhbtAtkT86ONvNMBFMzjh/mDkfYbPut8S8Ghis
WrFVB9QnFOedcgHxSWOjWqTPgUhrrjbh1c1AScuOUtUPJAoiERGArs0Aw5PiWQue
x89R5Xjkyrt/D4YDIYWLDKpwu39ANXeIDXJJUFdyyoVGi9GUJHqdJLtkuYTz8kVr
1iXKzeDJ6pQgLAiIPCSJMJAeiFgKrE4shXQoCyj2wJKuQxQgD8WWf0J7OTMmxP9b
do+d23RRJ2O109MfteT5xH2zOtzRSo2HOyXUGuqRgPzbeg8olNXy5U5KsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOBeWzJkt6WOc2kOmtkCjujuy7OkMB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvNEY1Yk1tUzNwWTV6YVE2YTJRS082TzdMczZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJQAOMA0G
CSqGSIb3DQEBCwUAA4IBAQB4lAQHzNZupYAojBVB+jxAjCku9K1W8KUNQO5KTgVy
k/2A09+Bc0p+LxzIC66PqZAz8SDz9fO3ao7x6q8mlcS2Srp4qoRl8hiPa3jPTo4E
n4ujeDlTeECWfVTa7YCbTy36rdNrbxSJJ8Pg+op2/spZq/dyiY/ToqUnp0jLkJVQ
yc5WtRNBCk1ynMBUJUbyTZgPOQD9ZtLBBI8cUBpfMqNiJcIVAEVON+D+x+o1ls8k
2gaHvaNOQK4foOlZaAdps7iZZ2FWknDD/pGausDN/Y6D4VcIwaqj2m+aVnCyb0ig
Om8R/NuOHRRauoSm7H9jk3GhDDoPAYYoiJR+6c1/AB/C
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:59:17 2025 by rpki-client