Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/5OwNYuSO_gmbEkwZy66dAZw0iyQ.roa
File: 5OwNYuSO_gmbEkwZy66dAZw0iyQ.roa (raw, json)
Hash identifier: 08IGBj5B94GXr/hSenO6osqvfabA7Vl7tUbCJpkYF/4=
Subject key identifier: E4:EC:0D:62:E4:8E:FE:09:9B:12:4C:19:CB:AE:9D:01:9C:34:8B:24
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 098EA7A6
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/5OwNYuSO_gmbEkwZy66dAZw0iyQ.roa
Signing time: Sat 01 Jan 2022 05:59:45 +0000
ROA not before: Sat 01 Jan 2022 05:59:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200020
IP address blocks: 213.249.72.0/24 maxlen: 24
2a01:448:72::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160343974 (0x98ea7a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Jan 1 05:59:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4ec0d62e48efe099b124c19cbae9d019c348b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:60:80:d6:11:95:2b:66:6d:19:32:90:70:87:
a9:b6:40:c8:f1:75:73:63:be:80:f5:c3:9d:82:07:
14:19:45:9a:98:37:c9:c2:19:11:4b:d2:e3:44:05:
3b:4a:0b:01:39:55:4a:20:48:5c:54:60:bd:90:7c:
30:c1:35:b1:5b:ff:7b:91:a0:c8:43:9c:00:dc:1d:
7b:3a:bc:6a:31:a0:dc:8a:76:58:e6:7f:2e:70:bc:
15:ba:38:03:1a:63:ea:16:13:6b:48:b8:36:86:f4:
98:a3:18:65:e9:6a:ea:4d:7f:08:97:ca:be:a1:db:
19:da:b5:e1:40:97:32:aa:15:9b:f8:5c:11:96:d1:
33:16:eb:d4:df:27:e1:96:5b:5c:57:9e:7a:27:1e:
54:eb:97:30:0c:c7:f4:06:67:74:3b:cd:8b:60:ea:
da:97:b4:b1:79:1f:bc:aa:76:d7:71:63:aa:33:b9:
52:0c:7f:f4:58:86:89:c0:0e:63:3c:f7:c2:46:42:
3a:5a:72:e0:f1:3c:52:53:5f:ba:44:1d:c6:c2:e7:
ce:ef:7e:e6:be:3b:98:c1:6d:3e:2d:af:1a:59:64:
0f:7d:6a:6f:95:9b:a8:af:e0:c3:93:f3:23:39:95:
82:e1:ff:7e:c5:12:da:bf:02:52:19:c3:90:2f:6d:
78:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:EC:0D:62:E4:8E:FE:09:9B:12:4C:19:CB:AE:9D:01:9C:34:8B:24
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/5OwNYuSO_gmbEkwZy66dAZw0iyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.249.72.0/24
IPv6:
2a01:448:72::/48
Signature Algorithm: sha256WithRSAEncryption
97:f1:00:c4:3b:25:cb:5d:fb:a7:63:ba:dd:c6:8d:ce:f7:2b:
ec:b2:0c:64:05:fc:ae:21:bd:d4:2d:9a:25:48:87:ff:9d:b3:
2a:b6:02:f1:7b:11:f8:65:63:0f:2c:5e:ad:9a:af:75:d9:7e:
28:b7:62:ee:d8:22:06:a2:b1:7c:27:5a:40:57:14:43:20:f5:
b4:70:07:43:64:12:81:6a:4d:59:3a:df:47:33:12:32:89:82:
7a:08:15:a6:23:9e:cd:d0:70:af:fd:e1:54:d7:9e:f3:25:81:
53:f1:f1:3e:1c:51:cf:65:a1:b8:77:c7:64:39:bb:21:51:c8:
14:04:80:9d:f9:fe:81:54:43:37:10:07:59:3e:15:1b:c0:f9:
05:bc:13:cf:e8:17:f8:20:07:6e:e6:36:53:a9:26:e6:98:78:
cb:64:aa:83:0f:2d:c9:ce:7a:68:1d:aa:72:44:b6:a1:d0:bb:
37:83:ad:d1:b5:34:da:cd:08:8f:4b:02:be:c9:f6:17:ff:90:
97:4e:08:41:e6:43:15:e5:e1:79:ae:9c:8c:46:48:78:ba:ce:
d8:ab:5e:29:64:43:5f:e9:37:b3:98:93:c0:37:0b:10:49:ce:
86:3c:d6:5d:d2:dc:e9:7a:2d:20:b0:4a:dd:e1:b1:40:49:19:
0c:2b:5c:5c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECY6npjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NGJlZTBlYmQwNmI0YjgxMmY5ZTEzNzE2ZTI1ZjFjM2MzZDE0Y2M2MB4XDTIyMDEw
MTA1NTk0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTRlYzBkNjJlNDhl
ZmUwOTliMTI0YzE5Y2JhZTlkMDE5YzM0OGIyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJggNYRlStmbRkykHCHqbZAyPF1c2O+gPXDnYIHFBlFmpg3
ycIZEUvS40QFO0oLATlVSiBIXFRgvZB8MME1sVv/e5GgyEOcANwdezq8ajGg3Ip2
WOZ/LnC8Fbo4Axpj6hYTa0i4Nob0mKMYZelq6k1/CJfKvqHbGdq14UCXMqoVm/hc
EZbRMxbr1N8n4ZZbXFeeeiceVOuXMAzH9AZndDvNi2Dq2pe0sXkfvKp213FjqjO5
Ugx/9FiGicAOYzz3wkZCOlpy4PE8UlNfukQdxsLnzu9+5r47mMFtPi2vGllkD31q
b5WbqK/gw5PzIzmVguH/fsUS2r8CUhnDkC9teK8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTk7A1i5I7+CZsSTBnLrp0BnDSLJDAfBgNVHSMEGDAWgBQUvuDr0GtLgS+e
E3FuJfHDw9FMxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZMN2c2OUJyUzRFdm5oTnhiaVh4dzhQUlRNWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMTYxYzNmLWI4M2QtNDViMS1hYThlLWQxYmI2YjRkZDcwMS8x
LzVPd05ZdVNPX2dtYkVrd1p5NjZkQVp3MGl5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MTYxYzNmLWI4M2QtNDViMS1hYThlLWQxYmI2YjRkZDcwMS8xL0ZMN2c2OUJyUzRF
dm5oTnhiaVh4dzhQUlRNWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEANX5SDAPBAIAAjAJAwcAKgEESABy
MA0GCSqGSIb3DQEBCwUAA4IBAQCX8QDEOyXLXfunY7rdxo3O9yvssgxkBfyuIb3U
LZolSIf/nbMqtgLxexH4ZWMPLF6tmq912X4ot2Lu2CIGorF8J1pAVxRDIPW0cAdD
ZBKBak1ZOt9HMxIyiYJ6CBWmI57N0HCv/eFU157zJYFT8fE+HFHPZaG4d8dkObsh
UcgUBICd+f6BVEM3EAdZPhUbwPkFvBPP6Bf4IAdu5jZTqSbmmHjLZKqDDy3Jznpo
HapyRLah0Ls3g63RtTTazQiPSwK+yfYX/5CXTghB5kMV5eF5rpyMRkh4us7Yq14p
ZENf6TezmJPANwsQSc6GPNZd0tzpei0gsErd4bFASRkMK1xc
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:32:30 2025 by rpki-client