Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/kCe9xoxe1UT8yoXjKcBwfdAMd6w.roa
File: kCe9xoxe1UT8yoXjKcBwfdAMd6w.roa (raw, json)
Hash identifier: w1JLY1M3OUJwbc1OcX6t2C9dOakuGeVTBSuKwIPX88w=
Subject key identifier: 90:27:BD:C6:8C:5E:D5:44:FC:CA:85:E3:29:C0:70:7D:D0:0C:77:AC
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 098E39D4
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/kCe9xoxe1UT8yoXjKcBwfdAMd6w.roa
Signing time: Sat 01 Jan 2022 05:59:44 +0000
ROA not before: Sat 01 Jan 2022 05:59:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42585
IP address blocks: 213.249.64.0/21 maxlen: 24
213.249.92.0/22 maxlen: 24
2a01:448::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160315860 (0x98e39d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Jan 1 05:59:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9027bdc68c5ed544fcca85e329c0707dd00c77ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:65:20:bc:3a:79:7f:67:4a:41:64:4b:ec:ec:
e5:e8:23:e9:82:5e:a7:07:9a:c4:94:ee:d0:be:f3:
a1:e0:ca:70:b5:fa:a0:f4:0d:6b:6c:6c:93:5b:bf:
e8:8d:16:92:7b:88:6f:6a:4f:4f:16:a1:7a:0f:15:
ad:41:3d:ef:0b:4e:37:89:be:29:b6:36:c5:42:e9:
71:e4:fc:a8:20:d4:74:e8:e4:6d:dc:0e:1e:bb:e2:
b4:8e:b4:38:38:7c:61:87:10:b2:a6:bc:1f:58:f2:
b5:e1:fa:5d:0f:12:34:1c:d0:33:bd:9a:d4:23:90:
8e:53:97:6c:80:12:06:46:eb:59:dc:bc:40:95:31:
17:42:8c:f4:d3:b5:db:58:fd:62:a0:1c:55:a3:62:
3b:c7:52:6a:86:90:71:28:3d:4e:44:5a:38:a5:01:
f1:25:f0:c9:bf:91:06:8f:a7:6a:34:49:6c:d2:b3:
1a:8f:01:31:3c:37:b0:9d:7b:ef:77:0b:08:d9:82:
98:be:60:c0:ce:bb:fe:f5:20:f2:74:51:15:4c:e2:
7b:09:0b:41:88:3f:2e:73:76:b5:dd:81:09:53:21:
92:92:d3:b4:5b:1b:fd:ca:39:c1:c0:02:ba:85:b0:
ac:96:02:3a:9b:39:39:1c:08:1d:3a:82:a9:41:d1:
98:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:27:BD:C6:8C:5E:D5:44:FC:CA:85:E3:29:C0:70:7D:D0:0C:77:AC
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/kCe9xoxe1UT8yoXjKcBwfdAMd6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.249.64.0/21
213.249.92.0/22
IPv6:
2a01:448::/32
Signature Algorithm: sha256WithRSAEncryption
55:33:29:f3:0a:0b:45:98:fa:e8:66:f6:ff:1d:68:a1:c5:6a:
c6:dd:c4:c9:93:e1:1c:77:4d:8b:7e:c3:a8:24:71:23:1c:20:
61:34:45:b3:b1:cc:73:de:6c:90:51:dd:ee:dc:e7:92:a0:e8:
03:df:ff:d5:ed:b5:9f:c0:63:e7:8a:e9:e2:96:0d:dc:26:d8:
bd:45:5a:ec:7d:38:65:6a:3c:bb:6c:b7:96:92:44:4c:c8:04:
db:72:26:ab:45:1d:4b:20:b5:7c:16:a4:b5:82:49:6b:64:7f:
07:fb:46:b9:d6:60:f4:63:18:5d:93:0b:86:79:c8:8b:ce:6a:
00:f0:15:85:1a:b0:39:62:e5:92:46:90:85:7e:9b:83:56:20:
90:5f:2b:fd:ad:49:f7:8b:ec:53:da:e4:eb:30:f2:e3:6a:a5:
28:06:be:51:ed:c6:ae:1a:1b:3a:23:9b:c3:c1:97:89:2d:86:
c7:30:49:23:63:e9:7c:ec:55:91:16:f2:43:9a:ce:0c:44:bd:
33:d8:a7:ff:ea:b1:86:46:31:67:f1:2f:da:fb:24:e8:f9:9e:
61:78:bd:e7:43:bc:87:00:79:83:a9:29:0b:df:5f:24:ba:ce:
a4:09:91:80:38:b8:fd:e9:93:43:41:2d:af:30:32:d2:32:5c:
9a:fb:3d:5f
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECY451DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NGJlZTBlYmQwNmI0YjgxMmY5ZTEzNzE2ZTI1ZjFjM2MzZDE0Y2M2MB4XDTIyMDEw
MTA1NTk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTAyN2JkYzY4YzVl
ZDU0NGZjY2E4NWUzMjljMDcwN2RkMDBjNzdhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtlILw6eX9nSkFkS+zs5egj6YJepweaxJTu0L7zoeDKcLX6
oPQNa2xsk1u/6I0WknuIb2pPTxaheg8VrUE97wtON4m+KbY2xULpceT8qCDUdOjk
bdwOHrvitI60ODh8YYcQsqa8H1jyteH6XQ8SNBzQM72a1COQjlOXbIASBkbrWdy8
QJUxF0KM9NO121j9YqAcVaNiO8dSaoaQcSg9TkRaOKUB8SXwyb+RBo+najRJbNKz
Go8BMTw3sJ1773cLCNmCmL5gwM67/vUg8nRRFUziewkLQYg/LnN2td2BCVMhkpLT
tFsb/co5wcACuoWwrJYCOps5ORwIHTqCqUHRmBkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSQJ73GjF7VRPzKheMpwHB90Ax3rDAfBgNVHSMEGDAWgBQUvuDr0GtLgS+e
E3FuJfHDw9FMxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZMN2c2OUJyUzRFdm5oTnhiaVh4dzhQUlRNWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMTYxYzNmLWI4M2QtNDViMS1hYThlLWQxYmI2YjRkZDcwMS8x
L2tDZTl4b3hlMVVUOHlvWGpLY0J3ZmRBTWQ2dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MTYxYzNmLWI4M2QtNDViMS1hYThlLWQxYmI2YjRkZDcwMS8xL0ZMN2c2OUJyUzRF
dm5oTnhiaVh4dzhQUlRNWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA9X5QAMEAtX5XDANBAIAAjAHAwUA
KgEESDANBgkqhkiG9w0BAQsFAAOCAQEAVTMp8woLRZj66Gb2/x1oocVqxt3EyZPh
HHdNi37DqCRxIxwgYTRFs7HMc95skFHd7tznkqDoA9//1e21n8Bj54rp4pYN3CbY
vUVa7H04ZWo8u2y3lpJETMgE23Imq0UdSyC1fBaktYJJa2R/B/tGudZg9GMYXZML
hnnIi85qAPAVhRqwOWLlkkaQhX6bg1YgkF8r/a1J94vsU9rk6zDy42qlKAa+Ue3G
rhobOiObw8GXiS2GxzBJI2PpfOxVkRbyQ5rODES9M9in/+qxhkYxZ/Ev2vsk6Pme
YXi950O8hwB5g6kpC99fJLrOpAmRgDi4/emTQ0EtrzAy0jJcmvs9Xw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:29:48 2025 by rpki-client