Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/FrDvG-9gOdO-cyVrTU6zQNQ0JnE.roa
File: FrDvG-9gOdO-cyVrTU6zQNQ0JnE.roa (raw, json)
Hash identifier: YUuP/TTOe8d73W0iaWCg/OlQOicWhjWfJiGjtMaJ0ag=
Subject key identifier: 16:B0:EF:1B:EF:60:39:D3:BE:73:25:6B:4D:4E:B3:40:D4:34:26:71
Certificate issuer: /CN=9b23639060ff87a77fc67a6e03c0c4dd2ae4c391
Certificate serial: 01856F4B67CB9DFF5D4BE108A983C26977AC
Authority key identifier: 9B:23:63:90:60:FF:87:A7:7F:C6:7A:6E:03:C0:C4:DD:2A:E4:C3:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/myNjkGD_h6d_xnpuA8DE3Srkw5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/FrDvG-9gOdO-cyVrTU6zQNQ0JnE.roa
Signing time: Sun 01 Jan 2023 21:44:50 +0000
ROA not before: Sun 01 Jan 2023 21:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196678
IP address blocks: 131.117.216.0/24 maxlen: 24
131.117.218.0/23 maxlen: 24
131.117.217.0/24 maxlen: 24
131.117.220.0/22 maxlen: 22
2a00:bd40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:67:cb:9d:ff:5d:4b:e1:08:a9:83:c2:69:77:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b23639060ff87a77fc67a6e03c0c4dd2ae4c391
Validity
Not Before: Jan 1 21:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16b0ef1bef6039d3be73256b4d4eb340d4342671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:2b:1e:df:c4:e6:a0:28:9e:ea:9e:6b:19:0d:
c3:c9:9b:3d:b2:ce:c8:06:df:36:e5:b7:a5:97:1b:
97:9c:99:f9:88:cf:a6:3d:e5:c2:cc:e9:d7:10:7c:
59:a0:cc:20:e7:ce:97:47:9c:10:ae:c8:b0:84:e1:
04:9f:9f:d5:73:fa:a0:b4:0a:ce:31:1b:08:ab:74:
69:ea:a8:4f:d6:94:97:c2:5a:8b:d5:41:82:89:2f:
5a:d9:33:22:9f:68:94:b5:6a:12:9e:a5:0e:b3:13:
dd:a3:79:ac:54:96:56:73:77:4d:0f:6a:b4:47:a9:
25:21:41:4a:aa:a3:1f:9d:2b:cf:f0:77:76:f5:67:
bb:5e:8d:c6:a8:da:61:a8:27:2e:58:3b:74:40:79:
aa:a3:4e:58:94:e8:95:80:01:1c:7a:32:5f:91:a6:
15:30:df:76:e1:fa:58:f0:41:f4:d5:f6:87:e5:1f:
02:bd:32:3b:c5:7d:f0:4f:28:8c:78:69:df:8a:8b:
83:54:70:e5:10:bb:c5:05:50:53:86:2e:9d:d5:ce:
37:b1:34:45:ba:55:4e:c4:32:bc:1c:a2:32:0d:b6:
95:c6:a3:ea:31:44:c3:85:5e:08:ae:67:ce:56:9c:
86:7e:e1:47:2b:e7:b5:45:e0:fd:e4:44:c7:92:16:
d0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B0:EF:1B:EF:60:39:D3:BE:73:25:6B:4D:4E:B3:40:D4:34:26:71
X509v3 Authority Key Identifier:
keyid:9B:23:63:90:60:FF:87:A7:7F:C6:7A:6E:03:C0:C4:DD:2A:E4:C3:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/myNjkGD_h6d_xnpuA8DE3Srkw5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/FrDvG-9gOdO-cyVrTU6zQNQ0JnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/myNjkGD_h6d_xnpuA8DE3Srkw5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.117.216.0/21
IPv6:
2a00:bd40::/32
Signature Algorithm: sha256WithRSAEncryption
d3:26:04:a7:01:e1:0b:76:3a:5b:00:f1:19:ef:13:8e:15:61:
b9:45:67:54:54:50:d6:3d:f7:0a:86:40:31:6c:07:49:ef:07:
2d:a8:6b:ed:c8:01:9c:7c:ca:87:19:00:3b:10:e1:ff:b0:07:
ad:2d:4c:2f:16:c1:a4:81:89:e5:6d:c6:9f:9c:d1:4f:a5:36:
a1:98:ce:c7:87:7b:f1:92:b3:8b:d7:a3:81:99:c3:86:3e:0d:
9e:00:79:11:53:0a:9f:0c:91:73:78:ae:b0:a0:d5:66:39:6a:
a2:e3:2f:3e:c7:16:6f:fb:3a:90:1a:5c:b8:b3:39:07:ea:2d:
d9:ea:3e:6d:16:a4:ac:89:bc:7e:36:2c:b4:b1:92:7f:37:c4:
38:f7:f4:83:38:97:28:37:ce:d9:a1:db:16:b3:40:37:19:a9:
ab:e4:6d:5b:9a:22:b6:d9:18:d0:09:4b:fe:52:b6:a7:b9:da:
ad:9c:fc:78:36:51:03:12:fc:17:94:83:2e:6a:9e:b5:e7:c4:
ab:ce:70:3f:16:ec:34:c6:8d:51:4a:73:a2:76:ee:40:88:7d:
d1:74:00:19:1b:58:c6:31:bd:a5:b0:57:cb:fc:fb:ab:b1:1b:
5f:6a:ec:6d:38:fc:56:47:cf:b4:ba:27:6b:fd:38:05:cc:90:
15:57:e8:53
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvS2fLnf9dS+EIqYPCaXesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMjM2MzkwNjBmZjg3YTc3ZmM2N2E2ZTAzYzBjNGRkMmFl
NGMzOTEwHhcNMjMwMTAxMjE0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmIwZWYxYmVmNjAzOWQzYmU3MzI1NmI0ZDRlYjM0MGQ0MzQyNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhise38TmoCie6p5rGQ3DyZs9ss7I
Bt825bellxuXnJn5iM+mPeXCzOnXEHxZoMwg586XR5wQrsiwhOEEn5/Vc/qgtArO
MRsIq3Rp6qhP1pSXwlqL1UGCiS9a2TMin2iUtWoSnqUOsxPdo3msVJZWc3dND2q0
R6klIUFKqqMfnSvP8Hd29We7Xo3GqNphqCcuWDt0QHmqo05YlOiVgAEcejJfkaYV
MN924fpY8EH01faH5R8CvTI7xX3wTyiMeGnfiouDVHDlELvFBVBThi6d1c43sTRF
ulVOxDK8HKIyDbaVxqPqMUTDhV4IrmfOVpyGfuFHK+e1ReD95ETHkhbQwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBaw7xvvYDnTvnMla01Os0DUNCZxMB8GA1UdIwQY
MBaAFJsjY5Bg/4enf8Z6bgPAxN0q5MORMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXlOamtHRF9oNmRfeG5wdUE4REUzU3JrdzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS81ZDVmNzMtNjNiOS00YWFhLWE4ZWMt
NWFmYzNhNGZlNTQyLzEvRnJEdkctOWdPZE8tY3lWclRVNnpRTlEwSm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS81ZDVmNzMtNjNiOS00YWFhLWE4ZWMtNWFmYzNhNGZlNTQy
LzEvbXlOamtHRF9oNmRfeG5wdUE4REUzU3JrdzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDg3XYMA0E
AgACMAcDBQAqAL1AMA0GCSqGSIb3DQEBCwUAA4IBAQDTJgSnAeELdjpbAPEZ7xOO
FWG5RWdUVFDWPfcKhkAxbAdJ7wctqGvtyAGcfMqHGQA7EOH/sAetLUwvFsGkgYnl
bcafnNFPpTahmM7Hh3vxkrOL16OBmcOGPg2eAHkRUwqfDJFzeK6woNVmOWqi4y8+
xxZv+zqQGly4szkH6i3Z6j5tFqSsibx+Niy0sZJ/N8Q49/SDOJcoN87ZodsWs0A3
Gamr5G1bmiK22RjQCUv+UranudqtnPx4NlEDEvwXlIMuap6158SrznA/Fuw0xo1R
SnOidu5AiH3RdAAZG1jGMb2lsFfL/PursRtfauxtOPxWR8+0uidr/TgFzJAVV+hT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:06 2025 by rpki-client