Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/0580b2-f6a4-4de6-9103-a01d729b0a21/1/wEd_j-tj5EYngJ-ysKwTzKszo50.roa
File: wEd_j-tj5EYngJ-ysKwTzKszo50.roa (raw, json)
Hash identifier: BntVx1vM+465mjvnI8liKp5z/mNUXFkNWl8vZs+e69Y=
Subject key identifier: C0:47:7F:8F:EB:63:E4:46:27:80:9F:B2:B0:AC:13:CC:AB:33:A3:9D
Certificate issuer: /CN=9a3ce5c5a730cd8e2ff1f55d180f1a81b3000cc8
Certificate serial: 01856F0B4D2978F27C90AF744DE178DB245C
Authority key identifier: 9A:3C:E5:C5:A7:30:CD:8E:2F:F1:F5:5D:18:0F:1A:81:B3:00:0C:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mjzlxacwzY4v8fVdGA8agbMADMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/0580b2-f6a4-4de6-9103-a01d729b0a21/1/wEd_j-tj5EYngJ-ysKwTzKszo50.roa
Signing time: Sun 01 Jan 2023 20:34:49 +0000
ROA not before: Sun 01 Jan 2023 20:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5432
IP address blocks: 213.137.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:4d:29:78:f2:7c:90:af:74:4d:e1:78:db:24:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a3ce5c5a730cd8e2ff1f55d180f1a81b3000cc8
Validity
Not Before: Jan 1 20:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0477f8feb63e44627809fb2b0ac13ccab33a39d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2f:cd:ea:13:5c:d0:2e:ba:88:79:d9:7b:e2:
7d:82:db:56:61:11:9e:f3:b3:b1:42:69:d3:b9:39:
f2:80:7f:37:66:25:dd:2c:de:ac:68:b7:ea:ff:7a:
cb:d6:dd:72:60:59:a5:37:30:de:d4:00:55:54:a5:
1e:53:db:2c:47:37:24:2f:8c:49:b6:f3:4f:03:1d:
43:ba:6b:13:fd:10:72:fd:0c:1a:36:8a:bd:95:44:
54:67:4a:54:f6:26:d0:c6:78:84:e5:60:ea:85:5b:
05:0e:2f:0a:f8:b6:26:a2:ff:68:e7:02:28:f1:ec:
7f:5d:b0:32:d2:13:25:60:e3:a4:1f:de:8e:20:13:
d7:1c:79:1a:ff:92:a4:4c:e8:6c:17:dd:24:43:39:
43:24:30:c6:3b:90:5b:5b:f4:80:25:bf:33:51:59:
a6:4e:9a:78:64:6c:64:5a:9b:1c:62:cd:56:88:7d:
12:2a:4c:1d:35:7d:f9:53:0c:60:83:4a:04:55:2b:
bc:3b:96:3d:43:3c:f0:7d:a6:a1:25:27:7d:e4:f7:
64:94:30:0c:5a:e1:be:37:d1:22:2c:25:a1:6a:10:
7a:bf:3d:1a:a8:5d:5e:2b:71:7c:c5:14:1d:55:2f:
1b:da:17:28:9d:db:03:54:45:98:21:18:a0:e4:87:
d5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:47:7F:8F:EB:63:E4:46:27:80:9F:B2:B0:AC:13:CC:AB:33:A3:9D
X509v3 Authority Key Identifier:
keyid:9A:3C:E5:C5:A7:30:CD:8E:2F:F1:F5:5D:18:0F:1A:81:B3:00:0C:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mjzlxacwzY4v8fVdGA8agbMADMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0580b2-f6a4-4de6-9103-a01d729b0a21/1/wEd_j-tj5EYngJ-ysKwTzKszo50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0580b2-f6a4-4de6-9103-a01d729b0a21/1/mjzlxacwzY4v8fVdGA8agbMADMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.137.157.0/24
Signature Algorithm: sha256WithRSAEncryption
04:cb:37:c0:de:e0:cb:70:82:fe:dc:4c:52:55:e1:e1:d3:75:
a0:e0:6d:5d:05:27:76:70:9e:b5:05:77:42:e8:bd:2f:8d:2b:
50:82:c8:92:bf:8d:18:26:59:79:84:05:f4:c0:cb:3d:3b:e2:
5f:eb:60:43:57:dd:98:55:c2:e8:b5:e3:ac:3d:1a:76:ee:ee:
0e:7c:e4:d4:48:75:e3:e2:ce:2f:c4:a1:d4:bf:ad:6f:18:f6:
f5:ce:dc:31:e1:ad:57:ca:66:b3:1a:88:c0:f6:0d:40:ae:6a:
24:a8:b8:b4:f1:b6:ad:b6:92:31:24:98:e2:2c:04:2d:3b:a0:
cd:6f:4c:f5:03:3f:43:41:0e:d1:9f:46:57:f0:a8:27:38:3f:
a9:75:a9:1d:d9:90:b5:55:16:15:a1:5e:93:ad:51:91:c7:77:
e4:20:5f:e6:c4:7e:7c:32:d5:38:46:9d:d9:90:c1:94:58:87:
9c:86:62:9c:79:66:11:84:01:f4:15:98:dd:f4:a6:71:e5:11:
37:01:eb:cc:61:00:61:89:c4:af:8c:89:74:6c:67:a8:22:b8:
9b:ba:35:64:24:1f:28:be:08:8a:28:fb:41:93:43:e6:21:9a:
7a:26:eb:69:14:3d:bd:5a:e5:f9:8d:33:fd:f3:d5:84:14:4a:
c4:41:28:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC00pePJ8kK90TeF42yRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhM2NlNWM1YTczMGNkOGUyZmYxZjU1ZDE4MGYxYTgxYjMw
MDBjYzgwHhcNMjMwMTAxMjAzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDQ3N2Y4ZmViNjNlNDQ2Mjc4MDlmYjJiMGFjMTNjY2FiMzNhMzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnC/N6hNc0C66iHnZe+J9gttWYRGe
87OxQmnTuTnygH83ZiXdLN6saLfq/3rL1t1yYFmlNzDe1ABVVKUeU9ssRzckL4xJ
tvNPAx1DumsT/RBy/QwaNoq9lURUZ0pU9ibQxniE5WDqhVsFDi8K+LYmov9o5wIo
8ex/XbAy0hMlYOOkH96OIBPXHHka/5KkTOhsF90kQzlDJDDGO5BbW/SAJb8zUVmm
Tpp4ZGxkWpscYs1WiH0SKkwdNX35Uwxgg0oEVSu8O5Y9QzzwfaahJSd95PdklDAM
WuG+N9EiLCWhahB6vz0aqF1eK3F8xRQdVS8b2hcondsDVEWYIRig5IfV6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBHf4/rY+RGJ4CfsrCsE8yrM6OdMB8GA1UdIwQY
MBaAFJo85cWnMM2OL/H1XRgPGoGzAAzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWp6bHhhY3d6WTR2OGZWZEdBOGFnYk1BRE1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wNTgwYjItZjZhNC00ZGU2LTkxMDMt
YTAxZDcyOWIwYTIxLzEvd0VkX2otdGo1RVluZ0oteXNLd1R6S3N6bzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8wNTgwYjItZjZhNC00ZGU2LTkxMDMtYTAxZDcyOWIwYTIx
LzEvbWp6bHhhY3d6WTR2OGZWZEdBOGFnYk1BRE1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YmdMA0G
CSqGSIb3DQEBCwUAA4IBAQAEyzfA3uDLcIL+3ExSVeHh03Wg4G1dBSd2cJ61BXdC
6L0vjStQgsiSv40YJll5hAX0wMs9O+Jf62BDV92YVcLoteOsPRp27u4OfOTUSHXj
4s4vxKHUv61vGPb1ztwx4a1XymazGojA9g1ArmokqLi08battpIxJJjiLAQtO6DN
b0z1Az9DQQ7Rn0ZX8KgnOD+pdakd2ZC1VRYVoV6TrVGRx3fkIF/mxH58MtU4Rp3Z
kMGUWIechmKceWYRhAH0FZjd9KZx5RE3AevMYQBhicSvjIl0bGeoIribujVkJB8o
vgiKKPtBk0PmIZp6JutpFD29WuX5jTP989WEFErEQSgq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:10 2025 by rpki-client