Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/5b60e5-8237-4628-946b-2229cd83f3e5/1/_1wUrTyOV_TZ9ma6hv4dB7En6dk.roa
File: _1wUrTyOV_TZ9ma6hv4dB7En6dk.roa (raw, json)
Hash identifier: kf0PL0Hdi+OdVSqG7r01jqdHTjhIJ4E3sfUewxIudsQ=
Subject key identifier: FF:5C:14:AD:3C:8E:57:F4:D9:F6:66:BA:86:FE:1D:07:B1:27:E9:D9
Certificate issuer: /CN=fd9f7dc5095abdb445d189857d3101a8aee29dfa
Certificate serial: 01856D6630C2A6EF33BB887951B12D211937
Authority key identifier: FD:9F:7D:C5:09:5A:BD:B4:45:D1:89:85:7D:31:01:A8:AE:E2:9D:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Z99xQlavbRF0YmFfTEBqK7info.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/5b60e5-8237-4628-946b-2229cd83f3e5/1/_1wUrTyOV_TZ9ma6hv4dB7En6dk.roa
Signing time: Sun 01 Jan 2023 12:54:51 +0000
ROA not before: Sun 01 Jan 2023 12:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2117
IP address blocks: 134.171.64.0/20 maxlen: 20
134.171.0.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:30:c2:a6:ef:33:bb:88:79:51:b1:2d:21:19:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd9f7dc5095abdb445d189857d3101a8aee29dfa
Validity
Not Before: Jan 1 12:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff5c14ad3c8e57f4d9f666ba86fe1d07b127e9d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a7:48:53:b0:7d:44:af:6d:95:38:9d:be:6f:
58:77:03:e6:1b:c6:fa:b3:02:77:30:23:51:66:fe:
04:73:19:72:64:f8:4c:d2:b9:d8:38:17:b6:f5:1e:
cf:93:39:b8:08:90:4e:07:53:77:1b:37:2b:69:46:
1b:17:b5:88:6d:a6:99:0e:aa:a8:02:40:d5:21:c0:
8e:d6:4a:68:7e:af:68:fc:30:75:6e:63:d4:76:35:
88:b1:a7:c6:00:db:80:ed:05:46:4b:cd:ce:dc:49:
85:b8:c7:93:63:83:c7:94:76:da:fb:ca:99:a0:ae:
e9:79:68:ee:73:1d:49:cc:d2:3c:5a:00:72:97:b8:
6e:c6:7d:76:d9:f3:d5:a9:0b:1a:db:ee:84:53:db:
11:e3:73:3e:7d:2e:17:d1:78:08:90:e4:9f:a4:4d:
ca:be:6f:78:8b:e4:bc:12:a4:91:fa:16:45:52:25:
47:a0:4b:7e:47:d5:e1:6c:d6:26:97:52:2c:ea:36:
12:79:d2:6a:9b:3f:b3:20:3a:a1:11:f2:47:fa:44:
3d:3d:f1:86:c6:33:0b:f0:b4:2d:6c:bc:1b:02:81:
56:41:3d:f7:99:6b:27:33:da:5c:85:29:b4:19:cf:
64:98:6d:1a:3f:76:4c:2b:41:38:cc:3a:ae:28:b7:
f8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:5C:14:AD:3C:8E:57:F4:D9:F6:66:BA:86:FE:1D:07:B1:27:E9:D9
X509v3 Authority Key Identifier:
keyid:FD:9F:7D:C5:09:5A:BD:B4:45:D1:89:85:7D:31:01:A8:AE:E2:9D:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Z99xQlavbRF0YmFfTEBqK7info.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/5b60e5-8237-4628-946b-2229cd83f3e5/1/_1wUrTyOV_TZ9ma6hv4dB7En6dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/5b60e5-8237-4628-946b-2229cd83f3e5/1/_Z99xQlavbRF0YmFfTEBqK7info.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.171.0.0-134.171.79.255
Signature Algorithm: sha256WithRSAEncryption
18:51:56:5f:a4:ce:6e:09:0b:cc:ec:84:0f:d5:ac:8b:b5:c1:
31:e4:b4:29:6f:95:ca:f6:cb:2f:fb:16:4b:c2:82:50:68:ec:
fb:ac:ac:04:5c:43:73:99:f5:35:e4:c7:5c:80:e8:19:97:b8:
57:1e:7a:19:d8:f2:7c:da:9c:5f:38:52:8c:9b:05:71:7c:b7:
06:1d:56:b4:a3:04:89:50:02:8a:7d:fc:b0:a1:2c:a2:79:97:
0b:dc:ec:89:40:eb:ad:4f:88:5d:56:9c:88:ba:8f:2a:26:92:
73:d2:6e:d7:24:c7:c3:79:be:80:6a:ca:b8:5a:77:78:b4:d6:
3e:78:52:c2:47:2b:c6:c9:70:1e:32:a1:6b:99:81:e2:ef:89:
3a:eb:dc:c4:5d:19:ec:41:83:e5:58:3e:d6:87:49:d4:10:6c:
27:f3:ed:7b:4a:56:e2:1c:36:cc:40:40:8f:0a:52:d7:0a:cf:
eb:ab:2b:cd:e4:e8:e3:64:d0:0d:89:27:1f:0e:83:5d:b4:ad:
eb:4c:3e:3b:43:a0:61:a3:82:28:36:5a:e0:14:6c:24:1e:1a:
9a:20:d1:71:ed:8d:5c:1e:ef:2e:74:c7:55:90:c1:f8:72:de:
c6:49:4d:81:63:e7:9e:89:9b:ae:e1:96:2b:5a:ce:29:2a:85:
bc:13:5e:da
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVtZjDCpu8zu4h5UbEtIRk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkOWY3ZGM1MDk1YWJkYjQ0NWQxODk4NTdkMzEwMWE4YWVl
MjlkZmEwHhcNMjMwMTAxMTI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjVjMTRhZDNjOGU1N2Y0ZDlmNjY2YmE4NmZlMWQwN2IxMjdlOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKdIU7B9RK9tlTidvm9YdwPmG8b6
swJ3MCNRZv4EcxlyZPhM0rnYOBe29R7Pkzm4CJBOB1N3GzcraUYbF7WIbaaZDqqo
AkDVIcCO1kpofq9o/DB1bmPUdjWIsafGANuA7QVGS83O3EmFuMeTY4PHlHba+8qZ
oK7peWjucx1JzNI8WgByl7huxn122fPVqQsa2+6EU9sR43M+fS4X0XgIkOSfpE3K
vm94i+S8EqSR+hZFUiVHoEt+R9XhbNYml1Is6jYSedJqmz+zIDqhEfJH+kQ9PfGG
xjML8LQtbLwbAoFWQT33mWsnM9pchSm0Gc9kmG0aP3ZMK0E4zDquKLf4jQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFP9cFK08jlf02fZmuob+HQexJ+nZMB8GA1UdIwQY
MBaAFP2ffcUJWr20RdGJhX0xAaiu4p36MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1o5OXhRbGF2YlJGMFltRmZURUJxSzdpbmZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC81YjYwZTUtODIzNy00NjI4LTk0NmIt
MjIyOWNkODNmM2U1LzEvXzF3VXJUeU9WX1RaOW1hNmh2NGRCN0VuNmRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC81YjYwZTUtODIzNy00NjI4LTk0NmItMjIyOWNkODNmM2U1
LzEvX1o5OXhRbGF2YlJGMFltRmZURUJxSzdpbmZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwCGqwME
BIarQDANBgkqhkiG9w0BAQsFAAOCAQEAGFFWX6TObgkLzOyED9Wsi7XBMeS0KW+V
yvbLL/sWS8KCUGjs+6ysBFxDc5n1NeTHXIDoGZe4Vx56GdjyfNqcXzhSjJsFcXy3
Bh1WtKMEiVACin38sKEsonmXC9zsiUDrrU+IXVaciLqPKiaSc9Ju1yTHw3m+gGrK
uFp3eLTWPnhSwkcrxslwHjKha5mB4u+JOuvcxF0Z7EGD5Vg+1odJ1BBsJ/Pte0pW
4hw2zEBAjwpS1wrP66srzeTo42TQDYknHw6DXbSt60w+O0OgYaOCKDZa4BRsJB4a
miDRce2NXB7vLnTHVZDB+HLexklNgWPnnombruGWK1rOKSqFvBNe2g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:02 2025 by rpki-client