Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/9cb5fb-ab65-4a2b-88dd-2ef7165b21b5/1/9k8wWpIdsRqrVwNiJkGfvlnKFBI.roa
File: 9k8wWpIdsRqrVwNiJkGfvlnKFBI.roa (raw, json)
Hash identifier: Richb1qHPGFSl4xwmW1qZD7FzLiQBBuvIJdY700/eWc=
Subject key identifier: F6:4F:30:5A:92:1D:B1:1A:AB:57:03:62:26:41:9F:BE:59:CA:14:12
Certificate issuer: /CN=9b5337bd1a7c5ee9c57a73b0a33c61219cd2a9cb
Certificate serial: 018570D50EE81CE0AF404C9582089EB7F3B5
Authority key identifier: 9B:53:37:BD:1A:7C:5E:E9:C5:7A:73:B0:A3:3C:61:21:9C:D2:A9:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m1M3vRp8XunFenOwozxhIZzSqcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/9cb5fb-ab65-4a2b-88dd-2ef7165b21b5/1/9k8wWpIdsRqrVwNiJkGfvlnKFBI.roa
Signing time: Mon 02 Jan 2023 04:54:49 +0000
ROA not before: Mon 02 Jan 2023 04:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1213
IP address blocks: 149.153.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:0e:e8:1c:e0:af:40:4c:95:82:08:9e:b7:f3:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b5337bd1a7c5ee9c57a73b0a33c61219cd2a9cb
Validity
Not Before: Jan 2 04:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f64f305a921db11aab57036226419fbe59ca1412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:98:be:64:ac:67:a2:34:c5:13:34:e5:6f:d9:
0b:73:b7:c6:5f:9a:fc:2a:b0:45:cc:a2:47:e9:fb:
61:0e:c1:0b:53:eb:e9:6f:a8:c4:dc:e0:d3:ed:56:
53:84:43:5f:2b:20:2f:67:44:78:3a:72:57:da:34:
e0:ef:b5:8a:61:7c:be:98:c5:af:dc:69:02:67:bd:
a9:92:75:84:6d:e2:b5:bc:78:76:a6:7e:78:86:7e:
ff:72:6a:2c:49:e6:2e:57:3e:ef:d9:52:04:4a:25:
21:2b:9a:00:4d:de:36:0d:69:e4:44:c3:df:ba:49:
2b:f8:34:6f:64:87:8b:5c:9e:d6:b1:97:4c:c0:7e:
db:33:05:0f:18:d9:54:4b:3a:25:a2:b9:81:7c:14:
b1:18:09:59:43:a2:bf:ce:85:69:30:0a:b9:f0:e3:
8f:29:29:8d:8e:5e:46:f6:7f:71:13:f8:76:5f:d2:
0f:75:19:23:9b:4f:ca:8a:1d:72:59:9a:95:a5:83:
68:03:c9:45:ca:d1:30:b4:a1:14:40:1c:d8:77:c8:
77:ec:a6:13:85:65:4c:1c:e3:9d:19:2f:1b:8d:76:
2e:84:0c:d0:0d:c6:96:0e:22:d8:94:71:64:8c:17:
f4:ea:1d:c8:87:2f:ef:4a:49:c6:d6:76:8d:c5:71:
4f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:4F:30:5A:92:1D:B1:1A:AB:57:03:62:26:41:9F:BE:59:CA:14:12
X509v3 Authority Key Identifier:
keyid:9B:53:37:BD:1A:7C:5E:E9:C5:7A:73:B0:A3:3C:61:21:9C:D2:A9:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m1M3vRp8XunFenOwozxhIZzSqcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/9cb5fb-ab65-4a2b-88dd-2ef7165b21b5/1/9k8wWpIdsRqrVwNiJkGfvlnKFBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/9cb5fb-ab65-4a2b-88dd-2ef7165b21b5/1/m1M3vRp8XunFenOwozxhIZzSqcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.153.0.0/16
Signature Algorithm: sha256WithRSAEncryption
60:c6:e3:d3:79:41:74:e5:42:da:b8:1e:26:2c:e4:a4:ee:90:
60:60:a1:01:6e:b3:46:43:da:d5:0c:ec:7f:96:4c:76:42:b0:
3b:ca:5f:b8:87:54:26:2b:25:5c:ce:25:f4:75:4b:c1:1a:a9:
ef:11:88:f9:5a:53:c1:ce:68:fb:42:45:96:dd:3a:4e:48:45:
7d:b2:85:bb:b5:d5:00:0f:85:b8:85:32:ca:c5:bd:b4:42:96:
62:7d:03:4f:38:82:c8:c0:dd:e4:49:3a:71:44:a8:73:e7:42:
08:db:06:c5:3d:c1:13:46:0d:e0:bc:44:1f:12:01:14:b2:90:
5b:55:7d:ab:5d:6a:08:30:7a:9c:c4:50:da:36:1d:b9:d6:51:
5d:6a:05:c8:a3:8b:59:d6:19:95:c7:15:8e:7d:6f:95:79:78:
57:c5:a5:ca:32:8c:79:1d:f5:06:30:a5:be:1b:1f:26:3e:8b:
9e:66:bd:1a:56:08:f9:73:ad:90:78:25:2c:a9:14:68:56:a3:
07:a6:98:0e:be:a9:a2:17:3b:04:88:c5:14:01:6f:31:cf:a4:
62:f5:6d:d0:c0:6d:30:f0:85:d7:93:d9:dc:07:03:6d:94:ae:
e2:2e:b2:71:69:04:cd:90:08:91:be:08:a2:ae:c4:5d:c8:ca:
fd:02:46:15
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVw1Q7oHOCvQEyVggiet/O1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNTMzN2JkMWE3YzVlZTljNTdhNzNiMGEzM2M2MTIxOWNk
MmE5Y2IwHhcNMjMwMTAyMDQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjRmMzA1YTkyMWRiMTFhYWI1NzAzNjIyNjQxOWZiZTU5Y2ExNDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpi+ZKxnojTFEzTlb9kLc7fGX5r8
KrBFzKJH6fthDsELU+vpb6jE3ODT7VZThENfKyAvZ0R4OnJX2jTg77WKYXy+mMWv
3GkCZ72pknWEbeK1vHh2pn54hn7/cmosSeYuVz7v2VIESiUhK5oATd42DWnkRMPf
ukkr+DRvZIeLXJ7WsZdMwH7bMwUPGNlUSzolormBfBSxGAlZQ6K/zoVpMAq58OOP
KSmNjl5G9n9xE/h2X9IPdRkjm0/Kih1yWZqVpYNoA8lFytEwtKEUQBzYd8h37KYT
hWVMHOOdGS8bjXYuhAzQDcaWDiLYlHFkjBf06h3Ihy/vSknG1naNxXFPcQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFPZPMFqSHbEaq1cDYiZBn75ZyhQSMB8GA1UdIwQY
MBaAFJtTN70afF7pxXpzsKM8YSGc0qnLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTFNM3ZScDhYdW5GZW5Pd296eGhJWnpTcWNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS85Y2I1ZmItYWI2NS00YTJiLTg4ZGQt
MmVmNzE2NWIyMWI1LzEvOWs4d1dwSWRzUnFyVndOaUprR2Z2bG5LRkJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS85Y2I1ZmItYWI2NS00YTJiLTg4ZGQtMmVmNzE2NWIyMWI1
LzEvbTFNM3ZScDhYdW5GZW5Pd296eGhJWnpTcWNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAlZkwDQYJ
KoZIhvcNAQELBQADggEBAGDG49N5QXTlQtq4HiYs5KTukGBgoQFus0ZD2tUM7H+W
THZCsDvKX7iHVCYrJVzOJfR1S8Eaqe8RiPlaU8HOaPtCRZbdOk5IRX2yhbu11QAP
hbiFMsrFvbRClmJ9A084gsjA3eRJOnFEqHPnQgjbBsU9wRNGDeC8RB8SARSykFtV
fatdaggwepzEUNo2HbnWUV1qBciji1nWGZXHFY59b5V5eFfFpcoyjHkd9QYwpb4b
HyY+i55mvRpWCPlzrZB4JSypFGhWowemmA6+qaIXOwSIxRQBbzHPpGL1bdDAbTDw
hdeT2dwHA22UruIusnFpBM2QCJG+CKKuxF3Iyv0CRhU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:08 2025 by rpki-client