Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/k9bwx0rJIvff9qWBaLfH6BcE48c.roa
File: k9bwx0rJIvff9qWBaLfH6BcE48c.roa (raw, json)
Hash identifier: G/VttYdkptH0/FAPWp+eWxHWJ5KqlBVGAuw9jviG40o=
Subject key identifier: 93:D6:F0:C7:4A:C9:22:F7:DF:F6:A5:81:68:B7:C7:E8:17:04:E3:C7
Certificate issuer: /CN=c35adeebc28d7e27fd9eb9efb23551dae20b1d0f
Certificate serial: 018557AA8C1CB8B3477EBA42EFEBF5175CA2
Authority key identifier: C3:5A:DE:EB:C2:8D:7E:27:FD:9E:B9:EF:B2:35:51:DA:E2:0B:1D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w1re68KNfif9nrnvsjVR2uILHQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/k9bwx0rJIvff9qWBaLfH6BcE48c.roa
Signing time: Wed 28 Dec 2022 07:37:52 +0000
ROA not before: Wed 28 Dec 2022 07:37:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47951
IP address blocks: 194.104.137.0/24 maxlen: 24
2a11:5fc0::/29 maxlen: 29
2a11:5fc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:57:aa:8c:1c:b8:b3:47:7e:ba:42:ef:eb:f5:17:5c:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35adeebc28d7e27fd9eb9efb23551dae20b1d0f
Validity
Not Before: Dec 28 07:37:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93d6f0c74ac922f7dff6a58168b7c7e81704e3c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:41:45:45:db:d1:5b:e1:fb:66:36:af:e4:f0:
3f:cc:3c:7c:ed:a1:5f:7a:5b:51:fd:8b:2f:19:c2:
e2:bd:52:c7:2c:86:4d:5d:2a:c6:17:58:3e:a6:b9:
f8:b5:d3:b1:b0:8d:83:3a:e2:ae:ac:f0:5c:ab:1d:
36:b1:e3:79:e6:4f:bf:c8:fa:96:48:b9:34:fe:c4:
41:29:63:17:b6:d7:b6:3a:ce:85:fb:52:64:91:3c:
b6:b5:ee:83:1c:a9:e5:43:97:b2:2a:de:4d:f8:84:
1f:5a:10:ef:3c:bc:6d:7f:9b:63:4b:70:08:31:1a:
1d:34:af:e8:fb:29:87:9d:2f:55:0f:72:66:35:87:
2e:c1:f6:a6:e9:28:27:aa:52:4c:85:53:73:c6:49:
f9:50:2c:2c:eb:24:6c:30:e8:45:6d:f0:e7:35:55:
05:0f:c6:ca:2d:11:dd:f6:7f:be:ae:35:07:f5:b9:
46:89:d2:8f:7e:96:08:be:c3:68:46:26:00:af:ef:
b1:1f:23:89:6c:ad:1b:6d:36:0a:32:8b:e1:b4:3a:
e7:d0:23:e1:c0:23:28:ba:19:7b:cc:75:dd:c6:1a:
c1:7e:35:2f:ba:04:bc:e9:41:09:f8:29:fc:3a:0f:
2a:9d:16:de:90:cf:6b:9d:69:98:fc:d4:ed:81:67:
48:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:D6:F0:C7:4A:C9:22:F7:DF:F6:A5:81:68:B7:C7:E8:17:04:E3:C7
X509v3 Authority Key Identifier:
keyid:C3:5A:DE:EB:C2:8D:7E:27:FD:9E:B9:EF:B2:35:51:DA:E2:0B:1D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w1re68KNfif9nrnvsjVR2uILHQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/k9bwx0rJIvff9qWBaLfH6BcE48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/w1re68KNfif9nrnvsjVR2uILHQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.137.0/24
IPv6:
2a11:5fc0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:dc:9a:5b:7d:4b:0e:71:08:dc:eb:d6:eb:98:2f:0e:78:93:
3b:2a:a0:41:27:af:e0:50:bb:0c:59:d9:20:9a:cd:fe:70:0f:
06:b0:d9:75:a4:06:b5:e9:59:8e:2e:b2:97:29:f0:00:b4:63:
b8:3b:86:69:cd:2a:76:01:79:71:e4:09:cc:39:5f:61:21:49:
c9:bd:ad:18:48:a7:f5:be:7d:10:23:00:e8:da:39:b2:d7:dd:
bf:6a:50:cc:e9:c1:c6:24:5a:13:09:f5:8e:30:0b:24:a9:7b:
1f:9c:c2:41:42:93:a1:fe:7c:9f:78:6f:9e:3c:bb:9c:d1:28:
ab:4d:16:9c:b5:7f:de:8e:09:85:cc:02:ba:62:16:de:f2:39:
bc:c4:04:80:f9:38:0d:89:39:43:0a:85:0f:cc:d0:72:e7:c9:
99:7a:ae:6d:2d:f2:e6:d4:96:4e:54:90:8b:7f:2e:15:40:8d:
e0:09:3f:f2:69:6a:81:96:e5:20:60:f5:08:66:e3:11:fd:8b:
80:06:3e:67:9a:c2:18:47:8a:0f:21:f5:8f:db:63:8e:f8:38:
c8:db:55:a8:d9:c0:a2:99:d9:bc:e9:a5:66:71:ac:c0:95:ab:
f5:b7:1d:9e:84:41:2f:d5:d7:94:2c:75:41:82:de:b3:0b:70:
da:37:df:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVXqowcuLNHfrpC7+v1F1yiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWFkZWViYzI4ZDdlMjdmZDllYjllZmIyMzU1MWRhZTIw
YjFkMGYwHhcNMjIxMjI4MDczNzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2Q2ZjBjNzRhYzkyMmY3ZGZmNmE1ODE2OGI3YzdlODE3MDRlM2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkFFRdvRW+H7Zjav5PA/zDx87aFf
eltR/YsvGcLivVLHLIZNXSrGF1g+prn4tdOxsI2DOuKurPBcqx02seN55k+/yPqW
SLk0/sRBKWMXtte2Os6F+1JkkTy2te6DHKnlQ5eyKt5N+IQfWhDvPLxtf5tjS3AI
MRodNK/o+ymHnS9VD3JmNYcuwfam6SgnqlJMhVNzxkn5UCws6yRsMOhFbfDnNVUF
D8bKLRHd9n++rjUH9blGidKPfpYIvsNoRiYAr++xHyOJbK0bbTYKMovhtDrn0CPh
wCMouhl7zHXdxhrBfjUvugS86UEJ+Cn8Og8qnRbekM9rnWmY/NTtgWdI2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJPW8MdKySL33/algWi3x+gXBOPHMB8GA1UdIwQY
MBaAFMNa3uvCjX4n/Z6577I1UdriCx0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzFyZTY4S05maWY5bnJudnNqVlIydUlMSFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84MzlkMWMtNGRiMy00NWNjLWIwNGYt
YjU1ZDdkN2YyYzQ4LzEvazlid3gwckpJdmZmOXFXQmFMZkg2QmNFNDhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84MzlkMWMtNGRiMy00NWNjLWIwNGYtYjU1ZDdkN2YyYzQ4
LzEvdzFyZTY4S05maWY5bnJudnNqVlIydUlMSFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwmiJMA0E
AgACMAcDBQMqEV/AMA0GCSqGSIb3DQEBCwUAA4IBAQB83JpbfUsOcQjc69brmC8O
eJM7KqBBJ6/gULsMWdkgms3+cA8GsNl1pAa16VmOLrKXKfAAtGO4O4ZpzSp2AXlx
5AnMOV9hIUnJva0YSKf1vn0QIwDo2jmy192/alDM6cHGJFoTCfWOMAskqXsfnMJB
QpOh/nyfeG+ePLuc0SirTRactX/ejgmFzAK6Yhbe8jm8xASA+TgNiTlDCoUPzNBy
58mZeq5tLfLm1JZOVJCLfy4VQI3gCT/yaWqBluUgYPUIZuMR/YuABj5nmsIYR4oP
IfWP22OO+DjI21Wo2cCimdm86aVmcazAlav1tx2ehEEv1deULHVBgt6zC3DaN9+L
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:06 2025 by rpki-client