Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/5b60e5-8237-4628-946b-2229cd83f3e5/1/CwG4EdsAuZZaUeR9wluiyagMVpU.roa
File: CwG4EdsAuZZaUeR9wluiyagMVpU.roa (raw, json)
Hash identifier: ZQzu+1y8PcZjxB9yxd4vD5TfNOKGVeGtur+gKCCCRT4=
Subject key identifier: 0B:01:B8:11:DB:00:B9:96:5A:51:E4:7D:C2:5B:A2:C9:A8:0C:56:95
Certificate issuer: /CN=fd9f7dc5095abdb445d189857d3101a8aee29dfa
Certificate serial: 0181ED75CFD0F5BF538006E25B5EC10C6C32
Authority key identifier: FD:9F:7D:C5:09:5A:BD:B4:45:D1:89:85:7D:31:01:A8:AE:E2:9D:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Z99xQlavbRF0YmFfTEBqK7info.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/5b60e5-8237-4628-946b-2229cd83f3e5/1/CwG4EdsAuZZaUeR9wluiyagMVpU.roa
Signing time: Mon 11 Jul 2022 13:32:09 +0000
ROA not before: Mon 11 Jul 2022 13:32:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2117
IP address blocks: 134.171.64.0/20 maxlen: 20
134.171.0.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ed:75:cf:d0:f5:bf:53:80:06:e2:5b:5e:c1:0c:6c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd9f7dc5095abdb445d189857d3101a8aee29dfa
Validity
Not Before: Jul 11 13:32:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b01b811db00b9965a51e47dc25ba2c9a80c5695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5c:c5:6e:89:a1:a6:bd:b0:82:6b:e7:ad:52:
13:a2:5d:bf:72:d9:90:f9:54:b1:35:dd:4b:a6:14:
42:63:e5:02:d3:b4:64:be:9d:3d:10:8b:25:41:8a:
e6:a0:9a:73:a1:5a:50:9e:13:90:f1:7f:b1:e7:11:
05:b1:6f:98:21:0b:c8:a0:e2:9c:75:a1:29:32:d8:
c2:55:c3:6c:d4:60:62:f1:11:90:f5:26:a3:3e:3f:
89:2f:ce:bc:4f:59:55:48:36:61:6c:f8:d3:95:fc:
41:92:6c:c2:b5:82:02:19:7f:fe:ac:c5:6b:df:28:
07:cb:19:70:61:c3:22:14:1f:f5:3d:8d:9a:c2:ef:
7a:31:19:44:7e:9e:7e:31:48:48:e9:c0:d9:f2:62:
47:f5:40:b6:b6:eb:88:cf:b3:ef:cc:16:7a:b1:a8:
d3:16:cd:53:55:64:ca:a7:b2:b7:1e:c4:c3:fb:b5:
3b:c3:3e:c0:ca:42:89:f4:7a:1b:99:4e:37:ae:29:
b2:5a:35:40:19:a4:bb:a3:bb:c3:ae:97:0f:53:4b:
5a:2b:db:57:0e:2f:30:11:9f:bc:3a:5d:a6:60:2b:
45:d2:9b:54:7c:b5:e8:93:89:ba:e2:e3:c9:3f:9b:
9d:4c:2a:ba:6b:40:0c:ac:a3:c0:fc:15:68:3c:1e:
59:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:01:B8:11:DB:00:B9:96:5A:51:E4:7D:C2:5B:A2:C9:A8:0C:56:95
X509v3 Authority Key Identifier:
keyid:FD:9F:7D:C5:09:5A:BD:B4:45:D1:89:85:7D:31:01:A8:AE:E2:9D:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Z99xQlavbRF0YmFfTEBqK7info.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/5b60e5-8237-4628-946b-2229cd83f3e5/1/CwG4EdsAuZZaUeR9wluiyagMVpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/5b60e5-8237-4628-946b-2229cd83f3e5/1/_Z99xQlavbRF0YmFfTEBqK7info.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.171.0.0-134.171.79.255
Signature Algorithm: sha256WithRSAEncryption
07:47:3d:aa:ae:a2:05:73:f2:ed:3d:57:2a:f4:7d:31:9d:e9:
ce:f1:60:82:0f:89:11:14:6c:94:f6:09:24:c0:f9:b7:70:ac:
8d:71:88:5c:92:9c:b9:5d:0f:1e:44:6b:27:28:04:c0:e3:63:
71:63:9a:8f:5c:1e:e0:ae:47:57:6f:fe:5e:32:29:32:1e:6d:
4f:61:03:ef:90:67:7c:88:db:af:ab:1d:da:a7:3e:1b:08:01:
46:aa:11:f9:32:ba:fb:4c:66:c1:f7:07:b1:49:19:0c:6a:16:
e6:69:25:a6:b5:ec:d7:67:8f:8a:f8:9f:52:22:98:1a:47:fa:
e4:d4:01:68:4c:07:ce:f4:e0:5e:22:78:01:8f:85:ef:19:f3:
ee:11:d9:c7:64:ec:d0:c0:c2:78:f2:35:91:41:84:5c:41:4f:
71:4f:21:94:de:2e:30:06:b3:08:46:40:9a:32:dd:17:91:b2:
a4:30:1a:bf:48:5f:5f:55:cb:e5:ff:d3:eb:7f:ff:da:29:4e:
eb:d5:95:0e:1d:8c:21:81:9a:28:7e:73:1a:1e:e3:ba:1f:e5:
17:5f:13:3a:e8:11:8e:69:c9:fc:c2:23:68:80:a0:3b:59:a5:
dc:86:f2:31:5b:ac:a0:d2:6c:99:a6:2c:f9:b2:6f:6b:be:3a:
02:dc:70:b2
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYHtdc/Q9b9TgAbiW17BDGwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkOWY3ZGM1MDk1YWJkYjQ0NWQxODk4NTdkMzEwMWE4YWVl
MjlkZmEwHhcNMjIwNzExMTMzMjA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjAxYjgxMWRiMDBiOTk2NWE1MWU0N2RjMjViYTJjOWE4MGM1Njk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFzFbomhpr2wgmvnrVITol2/ctmQ
+VSxNd1LphRCY+UC07Rkvp09EIslQYrmoJpzoVpQnhOQ8X+x5xEFsW+YIQvIoOKc
daEpMtjCVcNs1GBi8RGQ9SajPj+JL868T1lVSDZhbPjTlfxBkmzCtYICGX/+rMVr
3ygHyxlwYcMiFB/1PY2awu96MRlEfp5+MUhI6cDZ8mJH9UC2tuuIz7PvzBZ6sajT
Fs1TVWTKp7K3HsTD+7U7wz7AykKJ9HobmU43rimyWjVAGaS7o7vDrpcPU0taK9tX
Di8wEZ+8Ol2mYCtF0ptUfLXok4m64uPJP5udTCq6a0AMrKPA/BVoPB5Z3QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFAsBuBHbALmWWlHkfcJbosmoDFaVMB8GA1UdIwQY
MBaAFP2ffcUJWr20RdGJhX0xAaiu4p36MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1o5OXhRbGF2YlJGMFltRmZURUJxSzdpbmZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC81YjYwZTUtODIzNy00NjI4LTk0NmIt
MjIyOWNkODNmM2U1LzEvQ3dHNEVkc0F1WlphVWVSOXdsdWl5YWdNVnBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC81YjYwZTUtODIzNy00NjI4LTk0NmItMjIyOWNkODNmM2U1
LzEvX1o5OXhRbGF2YlJGMFltRmZURUJxSzdpbmZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwCGqwME
BIarQDANBgkqhkiG9w0BAQsFAAOCAQEAB0c9qq6iBXPy7T1XKvR9MZ3pzvFggg+J
ERRslPYJJMD5t3CsjXGIXJKcuV0PHkRrJygEwONjcWOaj1we4K5HV2/+XjIpMh5t
T2ED75BnfIjbr6sd2qc+GwgBRqoR+TK6+0xmwfcHsUkZDGoW5mklprXs12ePivif
UiKYGkf65NQBaEwHzvTgXiJ4AY+F7xnz7hHZx2Ts0MDCePI1kUGEXEFPcU8hlN4u
MAazCEZAmjLdF5GypDAav0hfX1XL5f/T63//2ilO69WVDh2MIYGaKH5zGh7juh/l
F18TOugRjmnJ/MIjaICgO1ml3IbyMVusoNJsmaYs+bJva746Atxwsg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:26 2025 by rpki-client