Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/phAA9vS-R_Yqdd5mlV9MDMK7QJE.roa
File: phAA9vS-R_Yqdd5mlV9MDMK7QJE.roa (raw, json)
Hash identifier: 1iocn+1RRLKpIRB2ngIPYpKZzcIdD8XhvlXpwWo9vRk=
Subject key identifier: A6:10:00:F6:F4:BE:47:F6:2A:75:DE:66:95:5F:4C:0C:C2:BB:40:91
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 0AA84736
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/phAA9vS-R_Yqdd5mlV9MDMK7QJE.roa
Signing time: Sat 01 Jan 2022 12:00:03 +0000
ROA not before: Sat 01 Jan 2022 12:00:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42193
IP address blocks: 213.153.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 178800438 (0xaa84736)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 1 12:00:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a61000f6f4be47f62a75de66955f4c0cc2bb4091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6a:3d:6f:b1:6b:00:24:05:23:f9:b3:62:8b:
da:ae:ce:b4:eb:16:10:a2:81:da:6e:20:1b:64:58:
89:03:57:eb:e0:14:a0:07:28:5e:f9:31:0a:6c:6c:
cf:45:d8:6f:89:be:c7:14:04:e3:63:2b:2b:e6:eb:
eb:6f:4e:8c:80:b9:d3:d8:77:0b:71:5b:bf:b4:12:
a1:eb:b9:bd:33:7a:a8:00:ee:d5:6f:cb:72:c3:01:
63:96:b2:c2:41:88:ed:b7:12:ba:49:3d:99:7c:3b:
d8:85:a7:2f:dd:d6:66:ec:b7:ee:3f:0c:3a:83:50:
f6:2b:31:49:e5:00:26:10:0c:6a:42:bc:bd:63:46:
7b:16:9f:e2:2d:dc:5f:21:3f:4f:3c:b2:5d:6b:be:
26:ed:29:13:4c:68:a8:41:dc:fe:ef:ac:4c:73:ef:
56:71:23:ab:9d:75:3a:7e:e1:03:cc:f1:8e:2c:c8:
ec:93:e3:4b:5d:03:22:f9:60:ce:f5:42:f0:07:ad:
e6:8c:6d:76:9b:15:25:85:3f:b9:e0:5c:8a:8b:91:
84:5d:0d:84:38:a6:0a:75:e4:83:55:57:d4:e1:fc:
6f:88:61:fb:14:46:ae:ae:b2:38:e5:93:5e:02:9a:
6d:08:f6:0d:ff:34:84:74:cc:0f:de:7f:c9:1f:e5:
53:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:10:00:F6:F4:BE:47:F6:2A:75:DE:66:95:5F:4C:0C:C2:BB:40:91
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/phAA9vS-R_Yqdd5mlV9MDMK7QJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.153.129.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:6a:a7:0d:e8:fe:4f:e6:bc:80:83:de:f0:54:95:cc:87:11:
fc:76:68:ff:ed:dd:8f:37:41:7d:2b:10:ce:85:c1:74:48:f2:
7f:a3:8e:6d:36:20:01:29:c9:8b:b8:b0:d3:c4:28:5f:d3:80:
80:dc:f1:cb:e2:77:6e:da:5b:e4:b9:50:6f:bc:4e:78:d1:ee:
91:40:4e:a5:6c:4c:b6:eb:11:1c:05:e0:81:89:f8:7e:fe:79:
cc:53:41:56:f5:8a:f2:20:79:d0:70:13:70:be:a2:51:71:98:
02:a3:f6:e8:a6:e6:be:83:9c:bc:b5:d6:5f:50:e5:04:43:17:
24:0b:7b:aa:45:1f:f8:2d:5b:66:75:54:88:db:69:10:6b:fe:
ae:18:72:7e:c6:d2:63:19:eb:ff:13:8e:0f:aa:df:35:18:ec:
de:59:a8:76:2c:b5:43:e7:9f:fa:49:df:dc:7a:ff:18:43:bb:
7f:52:8d:01:4e:d6:08:6f:45:5f:c6:20:f5:f7:da:dd:f2:03:
a5:e4:dc:5f:39:e4:41:ff:53:dd:59:2f:9e:6a:44:fe:9c:19:
cd:fc:b5:18:ba:0f:a6:ba:94:dc:0e:ba:a6:20:b2:01:15:48:
42:ee:44:bc:59:d6:6c:f4:e4:c8:b1:45:21:1f:56:ae:1d:09:
0e:ce:d2:e2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECqhHNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTlkMzBlNjAzNWJlOGI4Mzg2MDYxZjI3MTQ4MWM3MDdlMDRjZTJiMB4XDTIyMDEw
MTEyMDAwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTYxMDAwZjZmNGJl
NDdmNjJhNzVkZTY2OTU1ZjRjMGNjMmJiNDA5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhqPW+xawAkBSP5s2KL2q7OtOsWEKKB2m4gG2RYiQNX6+AU
oAcoXvkxCmxsz0XYb4m+xxQE42MrK+br629OjIC509h3C3Fbv7QSoeu5vTN6qADu
1W/LcsMBY5aywkGI7bcSukk9mXw72IWnL93WZuy37j8MOoNQ9isxSeUAJhAMakK8
vWNGexaf4i3cXyE/TzyyXWu+Ju0pE0xoqEHc/u+sTHPvVnEjq511On7hA8zxjizI
7JPjS10DIvlgzvVC8Aet5oxtdpsVJYU/ueBciouRhF0NhDimCnXkg1VX1OH8b4hh
+xRGrq6yOOWTXgKabQj2Df80hHTMD95/yR/lU8cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSmEAD29L5H9ip13maVX0wMwrtAkTAfBgNVHSMEGDAWgBS6nTDmA1vouDhg
YfJxSBxwfgTOKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VwMHc1Z05iNkxnNFlHSHljVWdjY0g0RXppcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8x
L3BoQUE5dlMtUl9ZcWRkNW1sVjlNRE1LN1FKRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8xL3VwMHc1Z05iNkxn
NFlHSHljVWdjY0g0RXppcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWZgTANBgkqhkiG9w0BAQsFAAOC
AQEAnGqnDej+T+a8gIPe8FSVzIcR/HZo/+3djzdBfSsQzoXBdEjyf6OObTYgASnJ
i7iw08QoX9OAgNzxy+J3btpb5LlQb7xOeNHukUBOpWxMtusRHAXggYn4fv55zFNB
VvWK8iB50HATcL6iUXGYAqP26KbmvoOcvLXWX1DlBEMXJAt7qkUf+C1bZnVUiNtp
EGv+rhhyfsbSYxnr/xOOD6rfNRjs3lmodiy1Q+ef+knf3Hr/GEO7f1KNAU7WCG9F
X8Yg9ffa3fIDpeTcXznkQf9T3VkvnmpE/pwZzfy1GLoPprqU3A66piCyARVIQu5E
vFnWbPTkyLFFIR9Wrh0JDs7S4g==
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:38:26 2025 by rpki-client