Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/lunUHtnUUr7VpdHeqXwNU-Nmg38.roa
File: lunUHtnUUr7VpdHeqXwNU-Nmg38.roa (raw, json)
Hash identifier: /kC0R8ViwKj5N4xzRqnwBuUG0OYsTR5qsTrCD2ot1uQ=
Subject key identifier: 96:E9:D4:1E:D9:D4:52:BE:D5:A5:D1:DE:A9:7C:0D:53:E3:66:83:7F
Certificate issuer: /CN=b9f769d4433b7704df703d1645b7fea8efbf926e
Certificate serial: 0184A4B32AA741F9F5EA5E80C93BFBF26098
Authority key identifier: B9:F7:69:D4:43:3B:77:04:DF:70:3D:16:45:B7:FE:A8:EF:BF:92:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufdp1EM7dwTfcD0WRbf-qO-_km4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/lunUHtnUUr7VpdHeqXwNU-Nmg38.roa
Signing time: Wed 23 Nov 2022 13:35:15 +0000
ROA not before: Wed 23 Nov 2022 13:35:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210250
IP address blocks: 194.1.147.0/24 maxlen: 24
2001:67c:51c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a4:b3:2a:a7:41:f9:f5:ea:5e:80:c9:3b:fb:f2:60:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f769d4433b7704df703d1645b7fea8efbf926e
Validity
Not Before: Nov 23 13:35:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96e9d41ed9d452bed5a5d1dea97c0d53e366837f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:49:5c:60:6d:ee:40:3e:e3:5e:41:3c:2f:4a:
30:0d:07:5e:9a:4d:9e:f9:79:dd:f9:51:e3:bb:43:
df:37:76:78:0c:4b:f5:01:8e:ab:db:ef:b8:7c:19:
10:d3:5f:65:07:93:e6:bf:d2:23:48:07:7f:00:31:
29:95:59:22:bc:73:ad:73:ee:c8:75:bd:fc:10:c2:
ca:e4:2c:88:93:fd:b0:13:17:97:9b:12:f9:46:cd:
ca:c5:ec:89:61:2f:6d:08:b3:4f:ad:8a:a2:3c:bb:
24:83:4f:55:8e:68:5a:64:12:58:d2:87:0e:23:d0:
94:72:1e:92:01:b6:d6:a6:31:74:4c:9a:f8:b9:76:
02:3d:bc:9e:71:3a:66:db:68:16:0a:65:03:47:c0:
5f:78:ae:fe:b3:f6:cd:24:d4:38:e3:d1:dd:70:de:
85:45:93:40:a3:2f:4c:9b:4a:dc:3c:af:5d:15:35:
0c:5b:cc:e1:71:23:89:fb:3c:40:55:7e:33:48:5c:
c4:09:cc:73:7c:5f:bd:96:3f:36:3d:94:c7:c3:22:
e0:5b:fb:7e:da:f5:93:91:14:33:6b:1f:20:ff:1a:
e3:d8:37:1f:81:be:c2:f4:bb:fb:3b:79:8c:59:89:
e6:9b:32:f9:4a:ec:e1:9f:d9:39:b5:81:f9:91:42:
2d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E9:D4:1E:D9:D4:52:BE:D5:A5:D1:DE:A9:7C:0D:53:E3:66:83:7F
X509v3 Authority Key Identifier:
keyid:B9:F7:69:D4:43:3B:77:04:DF:70:3D:16:45:B7:FE:A8:EF:BF:92:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufdp1EM7dwTfcD0WRbf-qO-_km4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/lunUHtnUUr7VpdHeqXwNU-Nmg38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/ufdp1EM7dwTfcD0WRbf-qO-_km4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.147.0/24
IPv6:
2001:67c:51c::/48
Signature Algorithm: sha256WithRSAEncryption
97:d9:f3:a7:43:98:59:61:02:46:57:d7:85:26:18:2b:06:cd:
d8:76:e0:b5:b9:69:95:2c:58:c5:5f:e3:72:b1:d1:60:7d:f0:
15:7a:0b:54:3c:9e:fa:52:c6:a4:4c:f8:55:24:e7:f5:19:a1:
3e:b5:bc:7b:19:38:1e:1e:c2:65:9a:b5:87:61:7e:93:80:1e:
98:be:11:63:6c:94:9a:3d:7d:64:82:60:4c:af:e1:cd:8e:b4:
c6:a5:95:68:04:d9:5a:9e:ed:5f:1c:bb:a7:b4:65:25:ab:47:
5c:7e:ce:2d:d7:e6:ba:56:e8:d2:c0:6a:e9:c4:68:fa:46:9a:
f5:e1:82:e4:ed:22:e8:f0:f2:7d:eb:ce:f5:c1:82:cf:b0:f9:
8e:3d:19:3b:57:24:38:59:18:f5:a5:bd:c3:f8:eb:1d:66:1d:
4c:55:b0:bd:8c:84:da:c5:7b:ca:79:61:db:cf:e7:e9:f6:ec:
ce:fa:ab:e1:e1:f0:a9:7a:02:82:9c:01:9c:66:e5:f5:b0:57:
9a:3a:da:44:96:a9:d8:b7:33:97:a9:63:c3:34:7a:5a:a6:05:
42:4c:ed:41:b8:f9:d7:97:21:ec:e5:af:3b:89:1e:37:22:6f:
f7:e8:6a:ab:51:77:b0:53:ab:1e:03:ce:f3:b3:a6:6c:ef:ac:
61:ae:48:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYSksyqnQfn16l6AyTv78mCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Zjc2OWQ0NDMzYjc3MDRkZjcwM2QxNjQ1YjdmZWE4ZWZi
ZjkyNmUwHhcNMjIxMTIzMTMzNTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmU5ZDQxZWQ5ZDQ1MmJlZDVhNWQxZGVhOTdjMGQ1M2UzNjY4MzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0lcYG3uQD7jXkE8L0owDQdemk2e
+Xnd+VHju0PfN3Z4DEv1AY6r2++4fBkQ019lB5Pmv9IjSAd/ADEplVkivHOtc+7I
db38EMLK5CyIk/2wExeXmxL5Rs3KxeyJYS9tCLNPrYqiPLskg09VjmhaZBJY0ocO
I9CUch6SAbbWpjF0TJr4uXYCPbyecTpm22gWCmUDR8BfeK7+s/bNJNQ449HdcN6F
RZNAoy9Mm0rcPK9dFTUMW8zhcSOJ+zxAVX4zSFzECcxzfF+9lj82PZTHwyLgW/t+
2vWTkRQzax8g/xrj2Dcfgb7C9Lv7O3mMWYnmmzL5Suzhn9k5tYH5kUItawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJbp1B7Z1FK+1aXR3ql8DVPjZoN/MB8GA1UdIwQY
MBaAFLn3adRDO3cE33A9FkW3/qjvv5JuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZkcDFFTTdkd1RmY0QwV1JiZi1xTy1fa200LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS80ZGZiZDQtOGVkNy00NWYyLTk1MGQt
M2FlYjdjZGUwMzZjLzEvbHVuVUh0blVVcjdWcGRIZXFYd05VLU5tZzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS80ZGZiZDQtOGVkNy00NWYyLTk1MGQtM2FlYjdjZGUwMzZj
LzEvdWZkcDFFTTdkd1RmY0QwV1JiZi1xTy1fa200LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgGTMA8E
AgACMAkDBwAgAQZ8BRwwDQYJKoZIhvcNAQELBQADggEBAJfZ86dDmFlhAkZX14Um
GCsGzdh24LW5aZUsWMVf43Kx0WB98BV6C1Q8nvpSxqRM+FUk5/UZoT61vHsZOB4e
wmWatYdhfpOAHpi+EWNslJo9fWSCYEyv4c2OtMallWgE2Vqe7V8cu6e0ZSWrR1x+
zi3X5rpW6NLAaunEaPpGmvXhguTtIujw8n3rzvXBgs+w+Y49GTtXJDhZGPWlvcP4
6x1mHUxVsL2MhNrFe8p5YdvP5+n27M76q+Hh8Kl6AoKcAZxm5fWwV5o62kSWqdi3
M5epY8M0elqmBUJM7UG4+deXIezlrzuJHjcib/foaqtRd7BTqx4DzvOzpmzvrGGu
SCY=
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:29:36 2025 by rpki-client