Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fd7493-7599-43b6-8559-787c0632cfea/1/9BE5x707mhs2jLtCLPjuuLMmy6M.roa
File: 9BE5x707mhs2jLtCLPjuuLMmy6M.roa (raw, json)
Hash identifier: 2CeBmwP/t/R24g4ipAy367HBXCp6DL7JxOcYA4081T0=
Subject key identifier: F4:11:39:C7:BD:3B:9A:1B:36:8C:BB:42:2C:F8:EE:B8:B3:26:CB:A3
Certificate issuer: /CN=a81699a5bc6487bd2f1749d133fca2e37fd4da88
Certificate serial: 01856F5DF8F3D80503002D6FFDA33AAC2FE6
Authority key identifier: A8:16:99:A5:BC:64:87:BD:2F:17:49:D1:33:FC:A2:E3:7F:D4:DA:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBaZpbxkh70vF0nRM_yi43_U2og.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/fd7493-7599-43b6-8559-787c0632cfea/1/9BE5x707mhs2jLtCLPjuuLMmy6M.roa
Signing time: Sun 01 Jan 2023 22:05:07 +0000
ROA not before: Sun 01 Jan 2023 22:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 149.133.4.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:f8:f3:d8:05:03:00:2d:6f:fd:a3:3a:ac:2f:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81699a5bc6487bd2f1749d133fca2e37fd4da88
Validity
Not Before: Jan 1 22:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f41139c7bd3b9a1b368cbb422cf8eeb8b326cba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e6:58:5d:82:ad:32:e8:55:98:ba:3b:1e:ba:
c0:60:00:b7:93:25:14:6b:b7:bf:05:d5:c3:d6:b9:
56:b8:1c:06:56:43:c3:8a:d2:42:dd:6e:4f:25:21:
c0:b3:69:21:81:be:97:5e:00:07:6a:a5:07:68:c5:
90:6f:54:9d:54:42:de:9c:f5:de:29:1d:79:47:5a:
be:e7:82:1b:7b:9d:27:7c:4e:a9:68:84:1f:b7:9d:
63:81:c9:b5:ca:7b:cc:5e:48:75:97:b1:55:a9:a2:
7a:ca:86:dc:08:27:39:12:1d:76:0d:77:8b:d0:73:
9e:f3:00:30:c3:25:a1:6c:0f:9d:d9:a9:3d:67:10:
41:bd:df:62:d9:bb:9e:1e:dd:34:30:b4:c3:3e:d8:
38:25:c4:8f:83:f6:ee:be:63:b0:66:a7:1d:2b:9b:
2c:10:d9:51:5a:77:a9:4d:4b:ba:c0:14:dc:6a:f8:
2d:5c:88:f1:eb:0e:06:83:ae:8d:30:7a:97:ac:c3:
a0:e9:fb:9d:58:29:9f:da:fa:da:55:63:97:8e:e9:
a2:bb:4d:68:50:a3:32:c4:7e:5e:4b:dd:00:03:06:
03:c9:9a:3a:0d:17:91:f6:60:81:35:72:33:c1:e0:
76:ea:28:1e:3d:73:27:da:80:a7:28:51:ed:39:4f:
4c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:11:39:C7:BD:3B:9A:1B:36:8C:BB:42:2C:F8:EE:B8:B3:26:CB:A3
X509v3 Authority Key Identifier:
keyid:A8:16:99:A5:BC:64:87:BD:2F:17:49:D1:33:FC:A2:E3:7F:D4:DA:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBaZpbxkh70vF0nRM_yi43_U2og.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd7493-7599-43b6-8559-787c0632cfea/1/9BE5x707mhs2jLtCLPjuuLMmy6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd7493-7599-43b6-8559-787c0632cfea/1/qBaZpbxkh70vF0nRM_yi43_U2og.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.133.4.0/23
Signature Algorithm: sha256WithRSAEncryption
29:f9:10:ea:6f:6b:b1:da:f8:25:ba:3f:a6:7b:97:35:51:63:
43:f9:fd:27:b8:53:25:f1:1c:95:e5:09:e1:3e:e9:0d:c5:73:
e0:6f:3e:b9:80:ad:77:27:83:0f:61:44:59:2a:27:29:b8:8c:
ac:7c:a7:9d:7c:56:cd:56:d2:86:ac:81:4b:07:ea:e8:89:ec:
64:a2:05:00:b3:74:92:cc:a7:22:1a:f8:66:a7:e8:af:be:23:
40:34:4d:3e:b3:37:65:b5:2b:3f:89:ee:6b:5c:8c:d6:62:5b:
35:68:ec:6c:d3:27:8b:9c:3f:c1:e8:06:5b:0a:a8:13:10:05:
77:0c:1e:5e:23:62:3e:6f:43:55:c2:2a:91:38:d8:cb:95:49:
38:d9:e5:b6:b6:30:f6:07:9f:ff:e2:4c:92:31:0f:b7:06:b6:
94:61:da:a9:74:db:e4:80:56:75:cc:5a:2f:3d:45:9d:f7:4e:
e0:2c:b4:58:8a:24:b1:85:58:c7:ff:e1:11:09:62:5a:fc:90:
ba:4b:7b:57:40:4b:d3:a4:62:2d:ee:98:6f:92:1a:9b:c4:c9:
e5:34:36:9d:51:04:bb:b4:78:eb:2c:be:51:96:f0:53:98:16:
da:0a:07:99:88:5f:b3:50:19:3a:e7:fa:8a:f7:79:55:78:30:
55:8b:5c:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXfjz2AUDAC1v/aM6rC/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTY5OWE1YmM2NDg3YmQyZjE3NDlkMTMzZmNhMmUzN2Zk
NGRhODgwHhcNMjMwMTAxMjIwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDExMzljN2JkM2I5YTFiMzY4Y2JiNDIyY2Y4ZWViOGIzMjZjYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreZYXYKtMuhVmLo7HrrAYAC3kyUU
a7e/BdXD1rlWuBwGVkPDitJC3W5PJSHAs2khgb6XXgAHaqUHaMWQb1SdVELenPXe
KR15R1q+54Ibe50nfE6paIQft51jgcm1ynvMXkh1l7FVqaJ6yobcCCc5Eh12DXeL
0HOe8wAwwyWhbA+d2ak9ZxBBvd9i2bueHt00MLTDPtg4JcSPg/buvmOwZqcdK5ss
ENlRWnepTUu6wBTcavgtXIjx6w4Gg66NMHqXrMOg6fudWCmf2vraVWOXjumiu01o
UKMyxH5eS90AAwYDyZo6DReR9mCBNXIzweB26igePXMn2oCnKFHtOU9MawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPQROce9O5obNoy7Qiz47rizJsujMB8GA1UdIwQY
MBaAFKgWmaW8ZIe9LxdJ0TP8ouN/1NqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJhWnBieGtoNzB2RjBuUk1feWk0M19VMm9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mZDc0OTMtNzU5OS00M2I2LTg1NTkt
Nzg3YzA2MzJjZmVhLzEvOUJFNXg3MDdtaHMyakx0Q0xQanV1TE1teTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9mZDc0OTMtNzU5OS00M2I2LTg1NTktNzg3YzA2MzJjZmVh
LzEvcUJhWnBieGtoNzB2RjBuUk1feWk0M19VMm9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBlYUEMA0G
CSqGSIb3DQEBCwUAA4IBAQAp+RDqb2ux2vgluj+me5c1UWND+f0nuFMl8RyV5Qnh
PukNxXPgbz65gK13J4MPYURZKicpuIysfKedfFbNVtKGrIFLB+roiexkogUAs3SS
zKciGvhmp+ivviNANE0+szdltSs/ie5rXIzWYls1aOxs0yeLnD/B6AZbCqgTEAV3
DB5eI2I+b0NVwiqRONjLlUk42eW2tjD2B5//4kySMQ+3BraUYdqpdNvkgFZ1zFov
PUWd907gLLRYiiSxhVjH/+ERCWJa/JC6S3tXQEvTpGIt7phvkhqbxMnlNDadUQS7
tHjrLL5RlvBTmBbaCgeZiF+zUBk65/qK93lVeDBVi1xZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:11:22 2025 by rpki-client