Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/3bae86-a8fc-43e6-801a-bca80e47c573/1/9l9F9Uz-3RqbG0NJ4WTf6GX8sNQ.roa
File: 9l9F9Uz-3RqbG0NJ4WTf6GX8sNQ.roa (raw, json)
Hash identifier: 1shkwJK/FF4IpM1b++VuyPsJY5rUnTcof1FIO2RfsYI=
Subject key identifier: F6:5F:45:F5:4C:FE:DD:1A:9B:1B:43:49:E1:64:DF:E8:65:FC:B0:D4
Certificate issuer: /CN=8d281989c3b6e58fdc9534ee7eb3e260d1d87749
Certificate serial: 018571553CDDD388539CC6D43595916CF47A
Authority key identifier: 8D:28:19:89:C3:B6:E5:8F:DC:95:34:EE:7E:B3:E2:60:D1:D8:77:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jSgZicO25Y_clTTufrPiYNHYd0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/3bae86-a8fc-43e6-801a-bca80e47c573/1/9l9F9Uz-3RqbG0NJ4WTf6GX8sNQ.roa
Signing time: Mon 02 Jan 2023 07:14:49 +0000
ROA not before: Mon 02 Jan 2023 07:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31549
IP address blocks: 185.166.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:3c:dd:d3:88:53:9c:c6:d4:35:95:91:6c:f4:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d281989c3b6e58fdc9534ee7eb3e260d1d87749
Validity
Not Before: Jan 2 07:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f65f45f54cfedd1a9b1b4349e164dfe865fcb0d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:7c:91:72:6a:cb:8f:f6:67:63:24:2a:37:62:
ef:da:95:46:d4:16:b4:87:0a:cc:70:a8:05:04:d5:
9d:57:3e:13:d3:4e:56:ec:75:ef:14:33:1a:e7:96:
71:ba:b6:c2:1f:be:f9:59:f7:ea:9a:55:ec:7f:2a:
1a:8d:7a:d2:ee:30:fc:f1:24:37:f6:02:3a:32:f8:
fe:cf:eb:8b:c0:ad:2d:c1:09:3d:d6:fc:8f:69:35:
d3:06:06:07:c6:f9:d7:bb:a6:d5:8d:1f:21:a8:d4:
16:a1:f2:e4:20:3e:33:48:4a:15:59:93:9e:75:f9:
98:a5:d9:21:c5:ba:ac:c1:01:80:9d:da:a6:fd:e1:
0d:0a:40:e0:b1:bd:dc:1b:bf:a4:aa:96:97:37:59:
5b:e3:9a:24:9b:70:50:c3:6a:2a:47:fb:a0:96:8a:
2d:4a:fb:1a:39:1b:7d:bd:4d:30:55:f0:3b:55:e9:
39:88:7f:75:0e:cc:58:07:c1:7d:82:6b:9f:f6:41:
3f:9a:b8:dc:fd:69:27:05:50:89:dd:c3:06:63:38:
c7:3d:d8:e5:ab:8e:05:23:b3:05:93:57:8b:7f:87:
e7:36:69:1d:51:94:d0:ff:04:7f:b4:80:65:d9:f1:
85:06:b0:d7:91:b0:fe:cc:4c:2d:62:6b:b5:a2:61:
ec:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5F:45:F5:4C:FE:DD:1A:9B:1B:43:49:E1:64:DF:E8:65:FC:B0:D4
X509v3 Authority Key Identifier:
keyid:8D:28:19:89:C3:B6:E5:8F:DC:95:34:EE:7E:B3:E2:60:D1:D8:77:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jSgZicO25Y_clTTufrPiYNHYd0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3bae86-a8fc-43e6-801a-bca80e47c573/1/9l9F9Uz-3RqbG0NJ4WTf6GX8sNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3bae86-a8fc-43e6-801a-bca80e47c573/1/jSgZicO25Y_clTTufrPiYNHYd0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.113.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:5e:d1:32:dc:36:b4:07:3d:11:fe:16:4c:fe:66:93:ac:6f:
4e:54:58:c0:9e:8b:1e:bf:2a:10:50:be:ad:33:4d:32:34:8b:
e1:0a:f1:ca:84:ab:d3:21:dc:63:ff:8b:d8:02:71:93:0b:0b:
2f:d4:24:23:52:12:d4:5e:db:3b:d2:63:41:a7:02:e0:8f:53:
17:33:26:a2:ca:1e:e1:50:6f:e8:36:d5:55:b0:f8:c0:9b:e7:
67:3d:74:86:95:67:97:27:44:bd:cd:cd:fb:b3:98:11:22:51:
27:91:47:9f:b4:ef:cc:e2:f1:9a:8c:f5:1f:ce:8b:43:40:32:
e3:99:85:dd:48:4b:53:0c:90:67:c7:83:f9:d1:81:66:69:4a:
63:ee:bb:d3:c8:68:67:20:ee:e2:fc:fe:e0:0d:89:df:f9:0b:
bc:ca:af:50:e0:cd:6f:e0:51:53:f8:41:25:ae:2f:0c:a8:18:
29:31:87:bf:e3:0d:b9:2a:f9:fa:6d:74:f4:a8:9f:6c:e8:3e:
2c:e4:46:88:61:3b:b8:3e:0d:2a:6b:55:a4:0b:dc:24:e4:16:
a1:d2:4a:96:14:43:c5:d7:2e:6b:0c:ce:0c:99:0d:e4:69:4b:
e7:2c:22:9b:e5:74:ce:75:73:f8:cc:e5:7b:10:fd:42:c9:f0:
31:dd:28:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVTzd04hTnMbUNZWRbPR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMjgxOTg5YzNiNmU1OGZkYzk1MzRlZTdlYjNlMjYwZDFk
ODc3NDkwHhcNMjMwMTAyMDcxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjVmNDVmNTRjZmVkZDFhOWIxYjQzNDllMTY0ZGZlODY1ZmNiMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnyRcmrLj/ZnYyQqN2Lv2pVG1Ba0
hwrMcKgFBNWdVz4T005W7HXvFDMa55ZxurbCH775WffqmlXsfyoajXrS7jD88SQ3
9gI6Mvj+z+uLwK0twQk91vyPaTXTBgYHxvnXu6bVjR8hqNQWofLkID4zSEoVWZOe
dfmYpdkhxbqswQGAndqm/eENCkDgsb3cG7+kqpaXN1lb45okm3BQw2oqR/ugloot
SvsaORt9vU0wVfA7Vek5iH91DsxYB8F9gmuf9kE/mrjc/WknBVCJ3cMGYzjHPdjl
q44FI7MFk1eLf4fnNmkdUZTQ/wR/tIBl2fGFBrDXkbD+zEwtYmu1omHslwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZfRfVM/t0amxtDSeFk3+hl/LDUMB8GA1UdIwQY
MBaAFI0oGYnDtuWP3JU07n6z4mDR2HdJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalNnWmljTzI1WV9jbFRUdWZyUGlZTkhZZDBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8zYmFlODYtYThmYy00M2U2LTgwMWEt
YmNhODBlNDdjNTczLzEvOWw5RjlVei0zUnFiRzBOSjRXVGY2R1g4c05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8zYmFlODYtYThmYy00M2U2LTgwMWEtYmNhODBlNDdjNTcz
LzEvalNnWmljTzI1WV9jbFRUdWZyUGlZTkhZZDBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaZxMA0G
CSqGSIb3DQEBCwUAA4IBAQCMXtEy3Da0Bz0R/hZM/maTrG9OVFjAnosevyoQUL6t
M00yNIvhCvHKhKvTIdxj/4vYAnGTCwsv1CQjUhLUXts70mNBpwLgj1MXMyaiyh7h
UG/oNtVVsPjAm+dnPXSGlWeXJ0S9zc37s5gRIlEnkUeftO/M4vGajPUfzotDQDLj
mYXdSEtTDJBnx4P50YFmaUpj7rvTyGhnIO7i/P7gDYnf+Qu8yq9Q4M1v4FFT+EEl
ri8MqBgpMYe/4w25Kvn6bXT0qJ9s6D4s5EaIYTu4Pg0qa1WkC9wk5Bah0kqWFEPF
1y5rDM4MmQ3kaUvnLCKb5XTOdXP4zOV7EP1CyfAx3Shn
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:36 2025 by rpki-client