Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/9tjQTyFvX93Cj35qyqgsTkesqfA.roa
File: 9tjQTyFvX93Cj35qyqgsTkesqfA.roa (raw, json)
Hash identifier: U8HlMU9KoBT8M7kV4HHFo2gs6rSCVKvOnGQsz7H9agY=
Subject key identifier: F6:D8:D0:4F:21:6F:5F:DD:C2:8F:7E:6A:CA:A8:2C:4E:47:AC:A9:F0
Certificate issuer: /CN=0f0f9f044e2b929878d747c5ffbb80ad10e3d6bd
Certificate serial: 01851574313D676CC8AE3A1CC21E7F6D8AD8
Authority key identifier: 0F:0F:9F:04:4E:2B:92:98:78:D7:47:C5:FF:BB:80:AD:10:E3:D6:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dw-fBE4rkph410fF_7uArRDj1r0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/9tjQTyFvX93Cj35qyqgsTkesqfA.roa
Signing time: Thu 15 Dec 2022 11:03:34 +0000
ROA not before: Thu 15 Dec 2022 11:03:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201589
IP address blocks: 5.101.71.0/24 maxlen: 24
2a13:1ec0:1000::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:15:74:31:3d:67:6c:c8:ae:3a:1c:c2:1e:7f:6d:8a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f0f9f044e2b929878d747c5ffbb80ad10e3d6bd
Validity
Not Before: Dec 15 11:03:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6d8d04f216f5fddc28f7e6acaa82c4e47aca9f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:09:3d:38:24:b7:ac:c9:4f:7b:fc:55:dc:0d:
2c:e4:f3:eb:cd:ba:83:da:f3:18:f3:fc:ec:36:79:
80:1e:6c:05:0c:5b:c9:a1:49:c2:42:4f:4a:0d:98:
ae:ce:04:99:80:42:2e:e7:05:dc:2a:da:ac:7d:d1:
08:3b:8c:94:05:b8:ec:ae:7e:94:35:ce:56:ae:9e:
aa:62:55:dc:50:a3:cb:a2:4b:40:dc:3b:ea:e6:63:
f8:84:11:9c:bd:14:3c:8e:cd:c6:2b:17:e4:8c:f4:
da:dc:c9:66:37:0f:dd:f2:d6:ea:35:c9:78:3e:7c:
fc:bc:b3:52:12:1b:d5:ae:19:41:55:bb:9c:0d:3a:
d0:5e:6c:82:c4:7e:52:c1:bb:b6:c4:71:f4:fe:09:
ce:ae:8c:4c:44:5b:86:16:57:eb:f1:7c:a5:0e:8a:
bc:63:1f:33:7e:db:2c:26:13:84:8d:3f:20:30:f0:
0d:fe:60:9b:1d:48:75:3e:08:e4:a8:87:dc:33:a8:
41:14:5d:d4:76:e3:3c:3c:3e:d9:94:2d:a6:b8:29:
67:0b:9e:df:58:35:2d:45:68:3b:3e:fd:61:d6:d2:
ce:aa:fe:bd:e2:aa:9d:ba:6e:a6:f2:eb:5c:1f:29:
d9:38:8f:54:dc:38:c5:11:c9:f4:75:1f:c2:e7:5d:
d0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:D8:D0:4F:21:6F:5F:DD:C2:8F:7E:6A:CA:A8:2C:4E:47:AC:A9:F0
X509v3 Authority Key Identifier:
keyid:0F:0F:9F:04:4E:2B:92:98:78:D7:47:C5:FF:BB:80:AD:10:E3:D6:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dw-fBE4rkph410fF_7uArRDj1r0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/9tjQTyFvX93Cj35qyqgsTkesqfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/93d460-368c-46d7-8e7a-cdbd3b6ce777/1/Dw-fBE4rkph410fF_7uArRDj1r0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.71.0/24
IPv6:
2a13:1ec0:1000::/44
Signature Algorithm: sha256WithRSAEncryption
96:f1:a5:eb:56:1d:4c:a1:30:cd:8e:9f:45:41:f1:fc:f1:13:
50:15:18:3c:37:00:fb:1f:f7:a9:22:ca:e3:35:e2:29:c9:9e:
14:69:43:9d:c0:28:9e:16:31:a0:ef:3d:a0:d4:51:a0:df:fb:
88:ca:28:98:ff:7e:3f:0a:d2:45:c9:c9:2c:f1:e7:b3:46:35:
3c:ef:30:56:67:6c:c8:87:43:19:56:e7:73:6a:ad:9b:45:d6:
23:82:78:d9:66:32:38:49:43:19:47:16:53:42:92:c6:b6:c4:
7b:90:14:dd:fe:1e:fb:f9:d5:c3:37:60:86:78:77:06:83:a9:
d8:96:27:9c:1c:c3:7a:8d:91:42:f7:65:2a:7d:88:92:1a:33:
db:a4:b9:ed:d2:d7:e4:41:4d:d5:db:28:92:c7:a7:5b:60:f8:
55:5d:c6:09:90:00:fd:b4:5d:9a:e6:a6:2b:4e:ba:dd:36:21:
0c:c9:95:34:5f:79:42:f7:77:b4:19:01:3f:ae:00:d1:75:16:
aa:31:dd:18:56:88:c3:4a:b3:65:aa:cf:31:d0:02:2c:32:db:
d4:e4:fe:7e:a5:0a:f8:ad:89:f0:4f:a1:4d:03:98:94:66:97:
b3:43:60:bc:c6:cc:98:68:72:65:34:40:fe:a0:98:0f:ea:5f:
2e:2f:f7:ea
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUVdDE9Z2zIrjocwh5/bYrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMGY5ZjA0NGUyYjkyOTg3OGQ3NDdjNWZmYmI4MGFkMTBl
M2Q2YmQwHhcNMjIxMjE1MTEwMzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmQ4ZDA0ZjIxNmY1ZmRkYzI4ZjdlNmFjYWE4MmM0ZTQ3YWNhOWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAk9OCS3rMlPe/xV3A0s5PPrzbqD
2vMY8/zsNnmAHmwFDFvJoUnCQk9KDZiuzgSZgEIu5wXcKtqsfdEIO4yUBbjsrn6U
Nc5Wrp6qYlXcUKPLoktA3Dvq5mP4hBGcvRQ8js3GKxfkjPTa3MlmNw/d8tbqNcl4
Pnz8vLNSEhvVrhlBVbucDTrQXmyCxH5Swbu2xHH0/gnOroxMRFuGFlfr8XylDoq8
Yx8zftssJhOEjT8gMPAN/mCbHUh1PgjkqIfcM6hBFF3UduM8PD7ZlC2muClnC57f
WDUtRWg7Pv1h1tLOqv694qqdum6m8utcHynZOI9U3DjFEcn0dR/C513QgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPbY0E8hb1/dwo9+asqoLE5HrKnwMB8GA1UdIwQY
MBaAFA8PnwROK5KYeNdHxf+7gK0Q49a9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHctZkJFNHJrcGg0MTBmRl83dUFyUkRqMXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85M2Q0NjAtMzY4Yy00NmQ3LThlN2Et
Y2RiZDNiNmNlNzc3LzEvOXRqUVR5RnZYOTNDajM1cXlxZ3NUa2VzcWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85M2Q0NjAtMzY4Yy00NmQ3LThlN2EtY2RiZDNiNmNlNzc3
LzEvRHctZkJFNHJrcGg0MTBmRl83dUFyUkRqMXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABWVHMA8E
AgACMAkDBwQqEx7AEAAwDQYJKoZIhvcNAQELBQADggEBAJbxpetWHUyhMM2On0VB
8fzxE1AVGDw3APsf96kiyuM14inJnhRpQ53AKJ4WMaDvPaDUUaDf+4jKKJj/fj8K
0kXJySzx57NGNTzvMFZnbMiHQxlW53NqrZtF1iOCeNlmMjhJQxlHFlNCksa2xHuQ
FN3+Hvv51cM3YIZ4dwaDqdiWJ5wcw3qNkUL3ZSp9iJIaM9ukue3S1+RBTdXbKJLH
p1tg+FVdxgmQAP20XZrmpitOut02IQzJlTRfeUL3d7QZAT+uANF1Fqox3RhWiMNK
s2WqzzHQAiwy29Tk/n6lCvitifBPoU0DmJRml7NDYLzGzJhocmU0QP6gmA/qXy4v
9+o=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:52 2025 by rpki-client