Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/rorU1yo5EnHzy5eD8-bd0FFt6xU.roa
File: rorU1yo5EnHzy5eD8-bd0FFt6xU.roa (raw, json)
Hash identifier: 2Ht7kYkZKmuUSruzswwkgUGozgekI+EaNF8OULmgt1s=
Subject key identifier: AE:8A:D4:D7:2A:39:12:71:F3:CB:97:83:F3:E6:DD:D0:51:6D:EB:15
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018572BA62112CAB8F9B114382101F2062E8
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/rorU1yo5EnHzy5eD8-bd0FFt6xU.roa
Signing time: Mon 02 Jan 2023 13:44:55 +0000
ROA not before: Mon 02 Jan 2023 13:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198622
IP address blocks: 213.252.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:62:11:2c:ab:8f:9b:11:43:82:10:1f:20:62:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 2 13:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae8ad4d72a391271f3cb9783f3e6ddd0516deb15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:24:7e:dc:05:6d:8c:5a:c2:58:62:53:5e:bf:
59:68:a8:96:b9:48:53:bf:e1:78:09:0a:75:4b:c0:
0d:ea:2a:f9:7b:81:a1:3b:83:9d:5f:9d:64:c1:9e:
6a:23:a7:a6:1d:53:20:59:f0:d5:bf:b0:75:1c:77:
c8:43:4c:0f:4a:39:5c:af:21:3a:44:22:98:22:4b:
5c:9e:29:3d:df:de:43:05:bd:d9:49:a2:36:6d:bf:
84:1c:98:3e:74:f7:7a:a3:ec:f7:64:09:09:a8:db:
0a:16:8e:ce:98:b5:cb:02:e0:24:3b:c3:4d:38:38:
f6:22:5a:bf:51:20:c2:2e:63:4e:d3:94:85:cb:08:
a6:79:2d:02:5e:74:cf:29:f5:6a:ba:ee:e4:6e:71:
0f:d3:13:e2:af:e8:0f:12:50:cb:59:f5:c5:e9:b2:
de:99:20:c5:6b:71:fa:44:aa:0d:d6:1f:dd:7c:8e:
a5:cf:28:36:e7:9f:14:a0:26:33:97:a2:06:dd:cf:
df:ba:5b:be:c4:cd:1b:dd:13:0a:9f:85:b1:fe:52:
70:5a:21:90:f1:f1:56:f8:e2:1a:9c:2d:79:36:62:
fa:e9:53:08:e6:de:f3:d1:20:1c:5b:6a:cb:a2:be:
3c:e3:c1:1c:61:03:5e:04:f6:5e:94:08:72:8e:c7:
4d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:8A:D4:D7:2A:39:12:71:F3:CB:97:83:F3:E6:DD:D0:51:6D:EB:15
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/rorU1yo5EnHzy5eD8-bd0FFt6xU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.252.255.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:3b:b1:83:15:80:8e:92:7b:93:9a:69:a5:17:7b:a9:2e:21:
05:6c:45:6f:96:7f:31:e3:6a:9f:ef:96:46:54:6a:44:3b:c0:
31:92:8d:bb:4c:bf:c1:a9:98:dc:5f:97:4e:56:b7:9f:2c:bc:
74:1a:47:e3:93:c5:88:e0:0f:69:dc:95:bd:1a:ff:69:3e:b8:
bb:03:4c:6d:22:93:5d:2f:52:9e:42:9b:25:72:65:ec:1f:2d:
83:b0:53:a7:11:42:cc:ea:7a:9a:b5:36:26:96:bd:55:fa:11:
2f:eb:1e:7e:36:f3:6c:c8:ee:1c:da:f7:2f:c6:7d:6b:2b:6f:
99:27:8d:19:e6:e2:98:c8:7b:5d:a4:6c:04:ab:f2:5c:0d:51:
1b:2f:ef:c6:c1:bb:11:0f:23:d2:5f:07:cd:10:9b:c9:cf:92:
e7:bc:b8:1f:d4:09:a0:bc:ba:56:f5:bc:a4:c4:e2:e4:11:42:
46:9a:4b:b9:fb:70:65:d9:af:e7:e2:e9:6e:80:6e:37:30:62:
10:34:5b:41:19:47:f4:61:db:2a:48:35:7b:c9:0a:50:c3:d9:
30:3c:45:f5:a0:be:63:97:84:78:69:9c:02:29:36:78:f7:3a:
b0:b2:8a:71:26:73:8f:6a:4f:9d:24:47:99:86:70:3a:26:38:
e4:8f:14:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyumIRLKuPmxFDghAfIGLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjMwMTAyMTM0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZThhZDRkNzJhMzkxMjcxZjNjYjk3ODNmM2U2ZGRkMDUxNmRlYjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiR+3AVtjFrCWGJTXr9ZaKiWuUhT
v+F4CQp1S8AN6ir5e4GhO4OdX51kwZ5qI6emHVMgWfDVv7B1HHfIQ0wPSjlcryE6
RCKYIktcnik9395DBb3ZSaI2bb+EHJg+dPd6o+z3ZAkJqNsKFo7OmLXLAuAkO8NN
ODj2Ilq/USDCLmNO05SFywimeS0CXnTPKfVquu7kbnEP0xPir+gPElDLWfXF6bLe
mSDFa3H6RKoN1h/dfI6lzyg2558UoCYzl6IG3c/fulu+xM0b3RMKn4Wx/lJwWiGQ
8fFW+OIanC15NmL66VMI5t7z0SAcW2rLor4848EcYQNeBPZelAhyjsdNaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6K1NcqORJx88uXg/Pm3dBRbesVMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvcm9yVTF5bzVFbkh6eTVlRDgtYmQwRkZ0NnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1fz/MA0G
CSqGSIb3DQEBCwUAA4IBAQBKO7GDFYCOknuTmmmlF3upLiEFbEVvln8x42qf75ZG
VGpEO8Axko27TL/BqZjcX5dOVrefLLx0Gkfjk8WI4A9p3JW9Gv9pPri7A0xtIpNd
L1KeQpslcmXsHy2DsFOnEULM6nqatTYmlr1V+hEv6x5+NvNsyO4c2vcvxn1rK2+Z
J40Z5uKYyHtdpGwEq/JcDVEbL+/GwbsRDyPSXwfNEJvJz5LnvLgf1AmgvLpW9byk
xOLkEUJGmku5+3Bl2a/n4ulugG43MGIQNFtBGUf0YdsqSDV7yQpQw9kwPEX1oL5j
l4R4aZwCKTZ49zqwsopxJnOPak+dJEeZhnA6JjjkjxTh
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:08 2025 by rpki-client