Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/f9I23evOueWp5piSnrd6HZEPig4.roa
File: f9I23evOueWp5piSnrd6HZEPig4.roa (raw, json)
Hash identifier: a9K508EzT+N8REQmCkJiaDlzf8OYsKWAdfxqGPOkCvA=
Subject key identifier: 7F:D2:36:DD:EB:CE:B9:E5:A9:E6:98:92:9E:B7:7A:1D:91:0F:8A:0E
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B1EB659CE815D91B90CBDB687F5F3
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/f9I23evOueWp5piSnrd6HZEPig4.roa
Signing time: Sun 01 Jan 2023 13:35:11 +0000
ROA not before: Sun 01 Jan 2023 13:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213011
IP address blocks: 194.209.39.0/24 maxlen: 24
194.209.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:1e:b6:59:ce:81:5d:91:b9:0c:bd:b6:87:f5:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fd236ddebceb9e5a9e698929eb77a1d910f8a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a7:45:46:7a:e3:13:60:02:49:63:d9:d6:26:
64:aa:10:57:ad:88:ff:74:12:4e:d5:77:01:49:b0:
5f:c1:3c:1b:e1:e2:59:c9:29:42:1a:44:1c:36:90:
15:ee:13:d4:a4:b3:ab:b9:b5:89:e6:36:cd:f1:e5:
96:14:d9:3d:9c:1b:37:e1:f1:76:23:b5:8e:5d:c0:
60:90:cf:2c:98:c5:f3:5c:16:6b:f0:47:59:1e:59:
9b:8d:7c:76:f4:3b:33:d6:16:96:0d:15:1a:8c:fc:
f3:6d:15:65:5e:fb:27:25:23:dd:a1:8f:bd:63:03:
e2:df:30:c6:67:9a:4e:17:6b:96:16:21:e6:c7:60:
5b:a3:34:cb:24:63:b6:8c:2b:09:d4:dc:c0:b1:d5:
6b:9d:80:a1:33:86:a3:c7:e8:de:c0:f0:b1:15:62:
86:7b:14:92:c6:09:9c:44:92:8f:2d:a5:30:78:ef:
80:15:8d:ec:ee:09:fb:7e:19:5a:47:c9:db:d6:8f:
85:e6:25:0b:9e:35:cb:9e:da:70:8f:32:5f:67:1e:
3a:e6:34:d1:44:6d:98:30:af:c1:4e:e7:c0:46:cb:
ca:69:f2:55:be:4e:c3:f0:03:cc:07:da:77:2d:6d:
5b:90:a7:ec:cf:7c:7a:83:f5:c4:e7:57:0f:28:d3:
7c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D2:36:DD:EB:CE:B9:E5:A9:E6:98:92:9E:B7:7A:1D:91:0F:8A:0E
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/f9I23evOueWp5piSnrd6HZEPig4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.39.0/24
194.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:1c:58:79:da:e2:4b:c1:c3:e8:60:6f:8e:b8:93:95:58:25:
20:95:c6:43:af:81:ca:96:a1:f4:ca:2c:de:98:bc:21:49:44:
75:42:4e:c1:0e:dc:02:84:60:8b:2b:a3:69:b9:57:e4:0c:3d:
c9:f4:e2:f7:bf:ab:0f:b0:db:8f:e3:d7:5f:32:86:d3:2c:06:
d1:bc:bf:86:af:ee:a9:89:6d:91:68:2b:25:9c:70:6d:44:2e:
b9:f4:c5:88:f7:3f:19:32:ce:63:ad:2d:d9:70:77:3e:a9:1e:
26:21:41:e9:73:42:aa:74:17:2c:06:4d:dd:b2:bc:76:98:6b:
51:29:aa:88:25:dd:63:f1:e8:7e:56:6d:0c:c8:eb:95:c5:f4:
ca:1b:69:53:87:54:57:a3:91:db:fb:42:34:82:82:89:5a:14:
bd:1c:29:3c:7b:8a:40:d6:ce:78:2b:2d:e1:36:da:4b:05:c4:
f1:3e:31:5f:24:28:60:56:fb:2a:b6:31:61:c0:29:da:1d:73:
34:d9:ca:9d:56:f8:12:7e:44:61:aa:90:4a:04:c1:ea:24:01:
92:e4:05:f0:aa:7d:3e:c0:dc:92:c7:ea:65:3e:c7:fc:02:7a:
91:74:7e:7c:ab:dc:f5:34:fd:e6:6d:9a:e3:03:9b:cf:a2:fb:
52:4a:63:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtix62Wc6BXZG5DL22h/XzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmQyMzZkZGViY2ViOWU1YTllNjk4OTI5ZWI3N2ExZDkxMGY4YTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqdFRnrjE2ACSWPZ1iZkqhBXrYj/
dBJO1XcBSbBfwTwb4eJZySlCGkQcNpAV7hPUpLOrubWJ5jbN8eWWFNk9nBs34fF2
I7WOXcBgkM8smMXzXBZr8EdZHlmbjXx29Dsz1haWDRUajPzzbRVlXvsnJSPdoY+9
YwPi3zDGZ5pOF2uWFiHmx2BbozTLJGO2jCsJ1NzAsdVrnYChM4ajx+jewPCxFWKG
exSSxgmcRJKPLaUweO+AFY3s7gn7fhlaR8nb1o+F5iULnjXLntpwjzJfZx465jTR
RG2YMK/BTufARsvKafJVvk7D8APMB9p3LW1bkKfsz3x6g/XE51cPKNN8vQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH/SNt3rzrnlqeaYkp63eh2RD4oOMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvZjlJMjNldk91ZVdwNXBpU25yZDZIWkVQaWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwtEnAwQA
wtHGMA0GCSqGSIb3DQEBCwUAA4IBAQBKHFh52uJLwcPoYG+OuJOVWCUglcZDr4HK
lqH0yizemLwhSUR1Qk7BDtwChGCLK6NpuVfkDD3J9OL3v6sPsNuP49dfMobTLAbR
vL+Gr+6piW2RaCslnHBtRC659MWI9z8ZMs5jrS3ZcHc+qR4mIUHpc0KqdBcsBk3d
srx2mGtRKaqIJd1j8eh+Vm0MyOuVxfTKG2lTh1RXo5Hb+0I0goKJWhS9HCk8e4pA
1s54Ky3hNtpLBcTxPjFfJChgVvsqtjFhwCnaHXM02cqdVvgSfkRhqpBKBMHqJAGS
5AXwqn0+wNySx+plPsf8AnqRdH58q9z1NP3mbZrjA5vPovtSSmNS
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:37:11 2025 by rpki-client