Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/s_fiA9P6qojIpKS5mx1EI6D3xdU.roa
File: s_fiA9P6qojIpKS5mx1EI6D3xdU.roa (raw, json)
Hash identifier: GDN8cTnd0ceu2nwd0KulOLxxe2er7/K/8VUMsdNkEAU=
Subject key identifier: B3:F7:E2:03:D3:FA:AA:88:C8:A4:A4:B9:9B:1D:44:23:A0:F7:C5:D5
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 036C81D9
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/s_fiA9P6qojIpKS5mx1EI6D3xdU.roa
Signing time: Sat 01 Jan 2022 11:54:09 +0000
ROA not before: Sat 01 Jan 2022 11:54:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212271
IP address blocks: 152.89.169.0/24 maxlen: 24
152.89.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57442777 (0x36c81d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 1 11:54:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3f7e203d3faaa88c8a4a4b99b1d4423a0f7c5d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a2:fe:d7:96:02:03:10:88:75:44:cd:98:0b:
95:d3:93:7f:a4:b9:47:24:4a:6b:0e:9f:46:23:16:
44:d0:ec:b6:07:69:6b:27:1f:ba:1d:75:3a:af:77:
01:1d:53:77:fd:26:98:84:28:8c:ef:e7:14:8c:9c:
00:97:ba:48:7f:e4:ab:6d:a4:2a:98:ac:c0:21:0e:
4e:cc:3e:27:b1:0d:b7:3b:ce:1e:c8:17:df:b1:52:
8b:43:95:35:54:da:43:77:91:24:a6:04:13:b1:e4:
24:25:fa:fa:1b:ec:71:49:78:52:5e:c3:93:cf:5f:
d8:ef:db:de:4c:d6:8b:f2:8f:41:c2:27:10:e0:8c:
27:e0:be:b0:64:86:7f:c4:e7:32:ab:64:d1:fc:d1:
fa:f8:db:fa:08:a0:14:a2:87:b8:61:ef:a8:5d:f1:
2d:56:f2:9f:4a:02:a6:5c:aa:19:8b:5c:fc:6c:a7:
d7:95:bd:6f:b8:cd:c3:99:0b:76:46:9d:b2:50:14:
f4:1b:d1:9e:46:2b:d7:1b:fa:e9:f7:e8:9f:98:82:
ea:58:ec:1f:83:e3:b7:6f:32:bd:12:96:0d:96:70:
71:26:35:a4:14:25:f9:41:fd:3c:8b:1f:f2:0e:57:
f0:3b:77:79:9a:34:01:9c:8f:35:93:d2:ed:89:31:
3e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F7:E2:03:D3:FA:AA:88:C8:A4:A4:B9:9B:1D:44:23:A0:F7:C5:D5
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/s_fiA9P6qojIpKS5mx1EI6D3xdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.168.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:65:a4:5d:82:c8:c2:f1:fa:e5:27:b5:0e:f3:62:b7:c8:f8:
32:89:b3:31:3f:f3:a4:bf:e4:31:fc:67:69:c9:10:19:13:96:
c0:c3:ed:8e:9d:ba:c8:5b:f5:38:d8:99:a5:fd:80:19:43:ef:
8f:80:c5:4d:5c:05:00:9b:ac:7b:73:7e:2a:4d:c9:59:39:48:
8e:df:c9:67:ee:cb:00:77:0d:88:b9:1b:0d:19:b9:75:81:2a:
5b:20:3e:f7:1b:e4:bf:bf:42:b7:ae:3b:a9:39:c4:92:38:20:
56:ed:7e:22:95:c4:16:f9:40:de:6a:69:d5:95:d9:81:99:19:
0b:14:59:fa:04:f5:57:9a:87:fa:ff:fa:e4:ec:4f:82:fa:60:
00:26:fb:61:83:70:de:ef:06:f0:c7:b6:07:fe:31:24:60:bb:
8f:38:74:0b:df:97:5f:d0:0d:ad:0e:ce:e2:2f:8b:66:43:76:
af:3c:6f:d3:44:2c:0d:42:05:da:b3:39:64:51:58:b0:56:eb:
68:b1:e7:de:6c:ee:63:12:00:39:12:6d:f3:ac:c1:67:4c:94:
75:2a:42:37:26:3f:dd:05:d5:70:56:21:61:fc:18:96:04:7c:
83:4d:e3:22:78:c2:13:a8:14:20:af:cb:ba:3f:ad:a9:9a:a0:
33:2f:ad:b0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA2yB2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YmY1NDNlMjNlMjlmYjAzNzQ4ZDA5Mzk3MjZmMzBmZTlhZmZhMTllMB4XDTIyMDEw
MTExNTQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjNmN2UyMDNkM2Zh
YWE4OGM4YTRhNGI5OWIxZDQ0MjNhMGY3YzVkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOSi/teWAgMQiHVEzZgLldOTf6S5RyRKaw6fRiMWRNDstgdp
aycfuh11Oq93AR1Td/0mmIQojO/nFIycAJe6SH/kq22kKpiswCEOTsw+J7ENtzvO
HsgX37FSi0OVNVTaQ3eRJKYEE7HkJCX6+hvscUl4Ul7Dk89f2O/b3kzWi/KPQcIn
EOCMJ+C+sGSGf8TnMqtk0fzR+vjb+gigFKKHuGHvqF3xLVbyn0oCplyqGYtc/Gyn
15W9b7jNw5kLdkadslAU9BvRnkYr1xv66ffon5iC6ljsH4Pjt28yvRKWDZZwcSY1
pBQl+UH9PIsf8g5X8Dt3eZo0AZyPNZPS7YkxPj0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSz9+ID0/qqiMikpLmbHUQjoPfF1TAfBgNVHSMEGDAWgBQL9UPiPin7A3SN
CTlybzD+mv+hnjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NfVkQ0ajRwLXdOMGpRazVjbTh3X3ByX29aNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvYWZhMzRjLWYzZjAtNDA1Yy1iMDgzLWEzNWZjNDM4ZDRjYS8x
L3NfZmlBOVA2cW9qSXBLUzVteDFFSTZEM3hkVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
YWZhMzRjLWYzZjAtNDA1Yy1iMDgzLWEzNWZjNDM4ZDRjYS8xL0NfVkQ0ajRwLXdO
MGpRazVjbTh3X3ByX29aNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZhZqDANBgkqhkiG9w0BAQsFAAOC
AQEAXGWkXYLIwvH65Se1DvNit8j4MomzMT/zpL/kMfxnackQGROWwMPtjp26yFv1
ONiZpf2AGUPvj4DFTVwFAJuse3N+Kk3JWTlIjt/JZ+7LAHcNiLkbDRm5dYEqWyA+
9xvkv79Ct647qTnEkjggVu1+IpXEFvlA3mpp1ZXZgZkZCxRZ+gT1V5qH+v/65OxP
gvpgACb7YYNw3u8G8Me2B/4xJGC7jzh0C9+XX9ANrQ7O4i+LZkN2rzxv00QsDUIF
2rM5ZFFYsFbraLHn3mzuYxIAORJt86zBZ0yUdSpCNyY/3QXVcFYhYfwYlgR8g03j
InjCE6gUIK/Luj+tqZqgMy+tsA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:18:05 2025 by rpki-client