Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/9TPRvu4lo4dmmcvZzsvtw4St3vY.roa
File: 9TPRvu4lo4dmmcvZzsvtw4St3vY.roa (raw, json)
Hash identifier: K1N73W4JOOi4Bbn8nuA9Tc+78ONTNG6OJ8+gA4cd04w=
Subject key identifier: F5:33:D1:BE:EE:25:A3:87:66:99:CB:D9:CE:CB:ED:C3:84:AD:DE:F6
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 018924C9384299495093CA9ACFB8089705FF
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/9TPRvu4lo4dmmcvZzsvtw4St3vY.roa
Signing time: Wed 05 Jul 2023 06:41:54 +0000
ROA not before: Wed 05 Jul 2023 06:41:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196755
IP address blocks: 157.143.248.0/21 maxlen: 21
178.157.24.0/23 maxlen: 23
178.157.18.0/23 maxlen: 23
178.157.20.0/22 maxlen: 22
178.157.28.0/22 maxlen: 22
178.157.26.0/23 maxlen: 23
80.251.108.0/23 maxlen: 23
217.181.252.0/23 maxlen: 23
178.157.40.0/22 maxlen: 22
178.157.44.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:24:c9:38:42:99:49:50:93:ca:9a:cf:b8:08:97:05:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Jul 5 06:41:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f533d1beee25a3876699cbd9cecbedc384addef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6b:ca:e1:01:1b:ef:64:c4:45:c8:b9:4b:c8:
99:fd:bd:71:4f:ae:ea:f8:a1:5d:1c:41:b1:b3:c8:
cf:e8:b5:d4:9e:9f:60:7d:06:86:1e:ae:74:13:dc:
b6:57:c2:04:b1:14:e3:25:13:87:c8:d2:48:52:24:
14:e6:a0:3e:c2:e5:ce:92:c5:8f:4c:da:98:95:d2:
96:e6:f4:c1:ae:b9:da:6c:44:d3:58:3c:ca:e3:58:
ed:21:51:6a:a0:85:93:60:c1:76:c9:c1:b8:89:6e:
5c:49:7c:bf:d8:39:f1:62:6f:aa:b0:3a:1f:08:b1:
86:f9:e1:a6:ad:3c:fd:a8:1a:a5:d7:0b:b1:8d:45:
5e:23:f3:78:26:20:af:a6:af:c7:f3:0c:6e:aa:f4:
68:44:bf:5c:79:2a:5e:29:5a:51:aa:e1:64:4d:43:
0d:6b:c0:f8:e5:ac:b5:8c:7e:0a:0c:9b:87:ba:ac:
fd:dc:c5:8e:90:91:f3:b1:07:4f:9e:6a:7a:bd:b1:
92:04:04:c9:06:80:fa:33:53:67:a4:5b:94:0d:6f:
21:13:cf:8b:b3:19:01:1a:38:19:dc:9c:82:c8:c3:
a7:ba:0d:12:41:f7:1b:30:ae:6b:ac:56:75:f9:ce:
d9:4e:b4:43:d6:70:21:76:10:e2:9d:a3:53:70:0e:
2a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:33:D1:BE:EE:25:A3:87:66:99:CB:D9:CE:CB:ED:C3:84:AD:DE:F6
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/9TPRvu4lo4dmmcvZzsvtw4St3vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.251.108.0/23
157.143.248.0/21
178.157.18.0-178.157.31.255
178.157.40.0/21
217.181.252.0/23
Signature Algorithm: sha256WithRSAEncryption
53:90:de:04:1b:6a:1e:d1:49:ed:26:95:d1:01:c1:48:e4:71:
1b:14:cc:12:69:d7:69:01:7b:e6:92:1f:a5:37:2d:fb:db:f5:
7f:d3:a7:9b:fc:de:1d:83:e6:60:ed:3e:92:bf:1a:9e:c4:30:
e5:4a:43:52:a3:10:c2:d8:bb:8f:71:1f:c9:1a:20:a8:3a:52:
77:f1:c0:68:69:e8:eb:34:78:16:aa:4d:78:21:5f:12:f3:fc:
ff:0d:18:66:89:24:b7:d6:20:17:b3:15:e9:db:76:fb:f5:cf:
92:c2:74:85:eb:a0:39:de:72:af:41:40:e9:b6:3b:25:2f:ee:
a4:3a:07:4b:65:6b:08:09:0f:e2:bc:7b:b6:e7:15:f8:b7:1e:
b1:7b:f6:64:6b:98:30:fd:a1:13:ae:f9:07:e1:c3:00:9a:ae:
8a:4b:62:f8:a7:72:2c:c7:c3:63:5d:fb:22:6a:05:37:b8:1f:
9c:fd:06:d0:3c:f0:bb:fa:39:25:11:c0:d1:87:7b:77:e9:48:
0a:57:54:12:d5:13:4b:61:70:dd:06:82:3d:1e:6c:8a:0e:5d:
3a:cb:1b:db:ac:79:54:70:13:e9:8e:7b:50:43:27:92:67:8d:
ad:bc:76:2d:6a:9f:0f:aa:ff:ea:c6:2c:e3:89:00:9e:a4:ec:
b3:51:32:42
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYkkyThCmUlQk8qaz7gIlwX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjMwNzA1MDY0MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTMzZDFiZWVlMjVhMzg3NjY5OWNiZDljZWNiZWRjMzg0YWRkZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02vK4QEb72TERci5S8iZ/b1xT67q
+KFdHEGxs8jP6LXUnp9gfQaGHq50E9y2V8IEsRTjJROHyNJIUiQU5qA+wuXOksWP
TNqYldKW5vTBrrnabETTWDzK41jtIVFqoIWTYMF2ycG4iW5cSXy/2DnxYm+qsDof
CLGG+eGmrTz9qBql1wuxjUVeI/N4JiCvpq/H8wxuqvRoRL9ceSpeKVpRquFkTUMN
a8D45ay1jH4KDJuHuqz93MWOkJHzsQdPnmp6vbGSBATJBoD6M1NnpFuUDW8hE8+L
sxkBGjgZ3JyCyMOnug0SQfcbMK5rrFZ1+c7ZTrRD1nAhdhDinaNTcA4qvwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPUz0b7uJaOHZpnL2c7L7cOErd72MB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvOVRQUnZ1NGxvNGRtbWN2WnpzdnR3NFN0M3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBUPtsAwQD
nY/4MAwDBAGynRIDBAWynQADBAOynSgDBAHZtfwwDQYJKoZIhvcNAQELBQADggEB
AFOQ3gQbah7RSe0mldEBwUjkcRsUzBJp12kBe+aSH6U3Lfvb9X/Tp5v83h2D5mDt
PpK/Gp7EMOVKQ1KjEMLYu49xH8kaIKg6UnfxwGhp6Os0eBaqTXghXxLz/P8NGGaJ
JLfWIBezFenbdvv1z5LCdIXroDnecq9BQOm2OyUv7qQ6B0tlawgJD+K8e7bnFfi3
HrF79mRrmDD9oROu+QfhwwCaropLYvincizHw2Nd+yJqBTe4H5z9BtA88Lv6OSUR
wNGHe3fpSApXVBLVE0thcN0Ggj0ebIoOXTrLG9useVRwE+mOe1BDJ5Jnja28di1q
nw+q/+rGLOOJAJ6k7LNRMkI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:23:42 2025 by rpki-client