Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/kT_9xs2kA5cUocsYuvM2Tc5xINM.roa
File: kT_9xs2kA5cUocsYuvM2Tc5xINM.roa (raw, json)
Hash identifier: nZMbMX/jKvqPuYIUk0/Y9X6/QaTQM9Kbsatz7Sd3EM4=
Subject key identifier: 91:3F:FD:C6:CD:A4:03:97:14:A1:CB:18:BA:F3:36:4D:CE:71:20:D3
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 1AB29904
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/kT_9xs2kA5cUocsYuvM2Tc5xINM.roa
Signing time: Sat 01 Jan 2022 12:02:45 +0000
ROA not before: Sat 01 Jan 2022 12:02:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 198.105.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447912196 (0x1ab29904)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 12:02:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=913ffdc6cda4039714a1cb18baf3364dce7120d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:cb:f4:fd:ce:55:07:60:33:48:53:e6:15:2f:
fc:da:95:b8:7c:9b:6e:14:3c:97:cc:a0:4f:e0:c9:
a2:47:47:d7:36:87:72:cb:01:bf:8a:23:d3:87:8d:
35:ab:15:67:0c:1b:de:90:7c:75:20:04:34:e9:dc:
df:65:ee:58:37:83:e1:29:f4:28:c6:39:56:55:d8:
04:a7:27:4f:14:3c:40:b7:a3:38:03:52:f2:02:48:
be:4e:fe:d0:7e:08:1b:16:60:48:56:9c:2d:9e:5b:
a0:7b:9a:2c:10:af:af:db:28:54:65:41:e7:6e:52:
ce:80:4f:a1:ef:e8:a4:2a:4e:2c:98:f8:17:af:94:
e7:59:2a:55:6e:78:c6:3b:dc:73:1f:05:03:a9:e1:
32:9f:4d:9d:bd:24:f2:3c:17:fd:02:f5:ba:68:86:
5b:4d:0a:97:c2:c3:d2:4b:83:3c:83:36:06:80:f2:
b4:0d:70:f1:a6:c4:81:f3:c1:fd:a7:b9:9a:71:8e:
c4:a1:5d:50:03:ec:75:65:81:f7:59:2a:d5:20:48:
f6:37:36:00:4d:b2:1c:65:e3:a7:a4:92:0b:01:00:
a2:fc:ba:a2:f9:c9:91:ff:38:7f:49:6c:25:3d:b3:
6e:98:41:85:df:04:9b:f6:c3:b3:39:c3:cb:ac:f8:
e3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3F:FD:C6:CD:A4:03:97:14:A1:CB:18:BA:F3:36:4D:CE:71:20:D3
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/kT_9xs2kA5cUocsYuvM2Tc5xINM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.105.125.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:82:ce:9f:4f:b6:b6:55:88:54:ff:88:14:bd:b8:59:5a:1f:
aa:cc:ba:72:b0:85:9e:52:1a:b1:97:c7:00:29:df:62:d3:df:
95:d5:e8:2d:bb:8e:22:62:d1:c8:bf:ce:28:27:88:f8:42:04:
00:42:7c:57:a0:57:65:f3:5a:94:19:01:a8:07:39:8f:65:cc:
a5:e7:69:9c:e1:fa:79:0d:6d:45:73:ad:43:72:da:53:2d:f8:
ea:1b:a9:f8:63:ec:ae:7a:13:1b:8f:b8:48:c5:25:9b:4a:71:
d8:04:70:8a:b2:70:9d:c0:fb:35:ea:f8:41:c8:4a:c1:40:42:
23:91:07:f8:82:81:ac:35:3e:58:3a:58:52:f4:4b:c1:66:a1:
67:75:a8:77:cd:63:67:2b:62:91:c2:56:54:bb:08:f8:bf:43:
4f:cb:98:16:16:3d:f6:ed:35:bc:66:dc:ff:89:ea:41:37:49:
d3:4a:5b:be:64:c7:eb:bd:7e:1c:19:11:ef:21:9b:3a:1a:c6:
e4:c5:a0:f5:f3:81:02:31:53:5d:51:de:39:e9:59:61:ec:4f:
fb:25:97:9d:79:6d:9d:8b:f6:a5:6f:42:da:73:43:41:69:68:
a5:cb:42:14:f0:7b:a9:b2:58:16:59:87:d7:3f:fa:7b:49:e6:
bc:05:ca:29
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGrKZBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzU0YzM0N2Q2OGQxNTQ5M2RlNzFiYjk2MmYwYTU2N2UxMzRkNjAzMB4XDTIyMDEw
MTEyMDI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTEzZmZkYzZjZGE0
MDM5NzE0YTFjYjE4YmFmMzM2NGRjZTcxMjBkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANnL9P3OVQdgM0hT5hUv/NqVuHybbhQ8l8ygT+DJokdH1zaH
cssBv4oj04eNNasVZwwb3pB8dSAENOnc32XuWDeD4Sn0KMY5VlXYBKcnTxQ8QLej
OANS8gJIvk7+0H4IGxZgSFacLZ5boHuaLBCvr9soVGVB525SzoBPoe/opCpOLJj4
F6+U51kqVW54xjvccx8FA6nhMp9Nnb0k8jwX/QL1umiGW00Kl8LD0kuDPIM2BoDy
tA1w8abEgfPB/ae5mnGOxKFdUAPsdWWB91kq1SBI9jc2AE2yHGXjp6SSCwEAovy6
ovnJkf84f0lsJT2zbphBhd8Em/bDsznDy6z441MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSRP/3GzaQDlxShyxi68zZNznEg0zAfBgNVHSMEGDAWgBTnVMNH1o0VST3n
G7li8KVn4TTWAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzUxVERSOWFORlVrOTV4dTVZdkNsWi1FMDFnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8x
L2tUXzl4czJrQTVjVW9jc1l1dk0yVGM1eElOTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8xLzUxVERSOWFORlVr
OTV4dTVZdkNsWi1FMDFnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMZpfTANBgkqhkiG9w0BAQsFAAOC
AQEAvILOn0+2tlWIVP+IFL24WVofqsy6crCFnlIasZfHACnfYtPfldXoLbuOImLR
yL/OKCeI+EIEAEJ8V6BXZfNalBkBqAc5j2XMpedpnOH6eQ1tRXOtQ3LaUy346hup
+GPsrnoTG4+4SMUlm0px2ARwirJwncD7Ner4QchKwUBCI5EH+IKBrDU+WDpYUvRL
wWahZ3Wod81jZytikcJWVLsI+L9DT8uYFhY99u01vGbc/4nqQTdJ00pbvmTH671+
HBkR7yGbOhrG5MWg9fOBAjFTXVHeOelZYexP+yWXnXltnYv2pW9C2nNDQWlopctC
FPB7qbJYFlmH1z/6e0nmvAXKKQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:11:35 2025 by rpki-client