Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/AJ9FCZZVcY2Iyej9R6oTUKVZXrk.roa
File: AJ9FCZZVcY2Iyej9R6oTUKVZXrk.roa (raw, json)
Hash identifier: MMdMeL20t4O1gnZwGJv36JEep7Es7Omb3/mLY0Q+OdM=
Subject key identifier: 00:9F:45:09:96:55:71:8D:88:C9:E8:FD:47:AA:13:50:A5:59:5E:B9
Certificate issuer: /CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Certificate serial: 018573BA9EE3F5D8D7CD487356D0D7CBA1E9
Authority key identifier: B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/AJ9FCZZVcY2Iyej9R6oTUKVZXrk.roa
Signing time: Mon 02 Jan 2023 18:24:48 +0000
ROA not before: Mon 02 Jan 2023 18:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211503
IP address blocks: 81.29.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:ba:9e:e3:f5:d8:d7:cd:48:73:56:d0:d7:cb:a1:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Validity
Not Before: Jan 2 18:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=009f45099655718d88c9e8fd47aa1350a5595eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f2:58:84:d5:45:60:df:8b:bf:fd:2a:eb:70:
fe:6f:9c:9b:4b:67:5c:1f:f8:87:db:d2:7e:66:7b:
1d:3b:fa:c5:ea:25:43:50:b3:03:4c:59:75:b5:0d:
80:4f:ec:1c:21:e9:be:2d:e9:f2:82:d4:d1:97:11:
8f:0f:a1:f8:97:74:4e:e7:36:c3:ae:07:0a:6a:68:
d9:50:68:49:7d:68:f3:76:a0:72:28:e2:41:2d:e2:
0e:c7:86:a4:80:2b:fa:86:a6:3a:00:29:39:58:23:
57:71:10:b9:c7:ca:03:a1:92:6e:20:02:ed:79:62:
97:70:4d:51:7c:09:28:89:62:1f:6f:f4:9a:be:f5:
19:df:8c:f0:a2:10:61:7b:82:bc:f1:ee:4b:10:9a:
90:cc:f7:1f:0e:1c:cc:bd:68:d9:62:fc:fe:0e:07:
88:46:b2:b5:9f:c3:32:7d:b9:98:3e:98:bf:50:c9:
d0:ec:6e:b5:e1:41:b3:5e:67:de:44:bb:68:0e:d5:
04:fb:bf:4e:88:f4:04:41:49:61:7a:81:8d:99:2e:
40:1d:d2:9f:61:58:44:e3:8a:58:4b:f5:a4:ee:6e:
4f:61:b6:ff:2d:b3:2e:4c:8d:16:e7:a7:c9:d1:1c:
f4:27:72:bf:f8:b7:be:a8:81:d5:7d:d7:c7:30:cd:
4f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:9F:45:09:96:55:71:8D:88:C9:E8:FD:47:AA:13:50:A5:59:5E:B9
X509v3 Authority Key Identifier:
keyid:B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/AJ9FCZZVcY2Iyej9R6oTUKVZXrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.137.0/24
Signature Algorithm: sha256WithRSAEncryption
73:19:5a:7a:bf:b6:70:c2:8d:af:9a:4e:69:d9:01:ee:a9:bd:
96:2d:f9:44:21:48:8e:24:24:97:22:66:af:2e:02:97:ed:99:
63:b6:d0:45:a1:90:0d:c7:fc:33:ac:44:ae:97:02:c1:aa:fc:
88:a6:a5:b2:72:14:14:33:f5:80:4f:83:76:f2:8b:c0:30:ac:
64:30:bd:04:7c:86:64:28:bd:48:fc:a2:b2:bc:ed:7f:9b:c3:
56:3c:db:60:53:5d:b8:78:0e:e2:ed:11:b0:09:a2:3e:bb:74:
24:55:aa:bb:86:47:19:eb:c0:dd:60:aa:21:58:92:83:11:f3:
25:7f:52:76:2e:f6:13:b4:f8:88:9e:ac:c3:05:a5:23:cb:06:
65:a6:a8:40:c5:51:f1:41:41:21:21:b2:f1:a5:84:56:6f:e1:
42:0a:57:6b:b2:28:3f:a2:1d:17:8f:1c:aa:24:a1:d8:e6:e6:
ba:31:ff:b6:2c:8f:94:47:38:e3:af:02:b8:14:9c:16:09:b7:
ff:48:ec:a7:09:9a:9b:57:7b:13:b2:dd:20:33:98:1f:b2:8e:
19:47:ce:4d:a2:3c:76:48:62:78:4b:dd:ed:d6:dd:f2:fc:1b:
00:d7:15:47:7f:11:18:a9:fd:0b:3f:d5:eb:f6:5a:3c:02:90:
5a:10:08:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzup7j9djXzUhzVtDXy6HpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNDM1MTQ2MzBkYzE3ZjNmZTliNTFkZDQzNDE4NGQwYjYy
YjAzYzAwHhcNMjMwMTAyMTgyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDlmNDUwOTk2NTU3MThkODhjOWU4ZmQ0N2FhMTM1MGE1NTk1ZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPJYhNVFYN+Lv/0q63D+b5ybS2dc
H/iH29J+ZnsdO/rF6iVDULMDTFl1tQ2AT+wcIem+LenygtTRlxGPD6H4l3RO5zbD
rgcKamjZUGhJfWjzdqByKOJBLeIOx4akgCv6hqY6ACk5WCNXcRC5x8oDoZJuIALt
eWKXcE1RfAkoiWIfb/SavvUZ34zwohBhe4K88e5LEJqQzPcfDhzMvWjZYvz+DgeI
RrK1n8MyfbmYPpi/UMnQ7G614UGzXmfeRLtoDtUE+79OiPQEQUlheoGNmS5AHdKf
YVhE44pYS/Wk7m5PYbb/LbMuTI0W56fJ0Rz0J3K/+Le+qIHVfdfHMM1PvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACfRQmWVXGNiMno/UeqE1ClWV65MB8GA1UdIwQY
MBaAFLNDUUYw3Bfz/ptR3UNBhNC2KwPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGIt
YTcyNDdlOWQ1ZjNhLzEvQUo5RkNaWlZjWTJJeWVqOVI2b1RVS1ZaWHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGItYTcyNDdlOWQ1ZjNh
LzEvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2JMA0G
CSqGSIb3DQEBCwUAA4IBAQBzGVp6v7Zwwo2vmk5p2QHuqb2WLflEIUiOJCSXImav
LgKX7ZljttBFoZANx/wzrESulwLBqvyIpqWychQUM/WAT4N28ovAMKxkML0EfIZk
KL1I/KKyvO1/m8NWPNtgU124eA7i7RGwCaI+u3QkVaq7hkcZ68DdYKohWJKDEfMl
f1J2LvYTtPiInqzDBaUjywZlpqhAxVHxQUEhIbLxpYRWb+FCCldrsig/oh0Xjxyq
JKHY5ua6Mf+2LI+URzjjrwK4FJwWCbf/SOynCZqbV3sTst0gM5gfso4ZR85Nojx2
SGJ4S93t1t3y/BsA1xVHfxEYqf0LP9Xr9lo8ApBaEAje
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:36:25 2025 by rpki-client