Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/CaB6Ab6KkhxiVvxVHAoozBN3xps.roa
File: CaB6Ab6KkhxiVvxVHAoozBN3xps.roa (raw, json)
Hash identifier: US91YiZDaUqGbqEMkP4QL2NDSe/5kdsUcAekKmS/zXk=
Subject key identifier: 09:A0:7A:01:BE:8A:92:1C:62:56:FC:55:1C:0A:28:CC:13:77:C6:9B
Certificate issuer: /CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Certificate serial: 01857315D0E0BC528B46EAAB44265DDE1F70
Authority key identifier: 4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/CaB6Ab6KkhxiVvxVHAoozBN3xps.roa
Signing time: Mon 02 Jan 2023 15:24:47 +0000
ROA not before: Mon 02 Jan 2023 15:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31129
IP address blocks: 212.106.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:d0:e0:bc:52:8b:46:ea:ab:44:26:5d:de:1f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Validity
Not Before: Jan 2 15:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09a07a01be8a921c6256fc551c0a28cc1377c69b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:95:62:3a:ac:f8:3e:a8:b1:05:af:80:aa:66:
22:f2:b7:06:f5:3b:c1:57:59:e0:a4:32:bd:d5:56:
f4:ad:0f:0f:4e:0f:31:8c:9b:6d:b8:92:98:09:97:
fb:41:9b:86:1e:ba:e5:f7:04:d0:e2:95:a3:ee:51:
07:dd:d4:e7:33:a1:cc:78:2b:e8:07:1e:83:4b:72:
1a:39:5b:da:ad:9e:2c:80:74:6e:62:b7:40:43:c9:
57:6e:74:4c:0e:ec:12:f2:a8:ff:87:73:b1:0f:15:
57:2d:f1:06:2f:cf:7c:4c:eb:8d:d5:28:b5:2d:ae:
82:55:86:a4:a0:13:51:f6:e4:1a:38:98:71:ff:16:
4f:46:70:b2:da:bd:ca:6b:c3:16:88:0b:b1:1b:b7:
70:43:ce:18:47:7c:8f:53:fe:8f:78:77:79:9f:77:
49:9c:8a:a2:b1:1b:75:90:a6:5a:01:47:7b:47:84:
db:7a:2c:c7:72:d2:9a:cc:43:dd:27:0b:fc:df:14:
76:b1:66:5f:0f:dc:3b:da:e8:a4:90:8b:9d:94:c2:
e4:3f:21:bc:cb:7a:18:e4:bb:29:25:d4:6b:d8:05:
e0:c7:92:64:e0:ec:a1:b5:b2:d8:c4:4a:8c:89:b5:
29:b3:83:76:9b:43:4e:b1:75:2c:20:7f:c3:10:da:
f5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:A0:7A:01:BE:8A:92:1C:62:56:FC:55:1C:0A:28:CC:13:77:C6:9B
X509v3 Authority Key Identifier:
keyid:4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/CaB6Ab6KkhxiVvxVHAoozBN3xps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.106.143.0/24
Signature Algorithm: sha256WithRSAEncryption
26:26:93:9a:e1:52:bf:cc:f4:ae:9d:1c:0b:cc:f8:54:d2:6e:
37:9b:52:e8:77:b6:43:fc:63:20:a9:66:db:49:e7:ac:64:5d:
37:f9:17:f4:fb:98:9a:d8:6e:4b:fe:96:04:eb:e3:99:30:33:
48:0c:04:97:34:88:cd:a5:8e:10:da:6e:06:83:6c:2f:a8:17:
8a:e4:5e:c7:d4:9e:3f:0c:bf:d6:17:6e:22:c9:cf:45:ce:15:
d1:db:32:32:76:cd:91:51:a5:ae:c4:08:68:91:0f:ac:db:e2:
c0:26:0c:f3:dc:4d:37:c3:02:fe:d5:86:df:af:b1:69:71:9a:
6a:8f:55:92:02:11:84:02:ce:cf:ea:df:d3:9c:1e:8f:43:fb:
e7:d1:50:50:4f:39:5f:70:2e:57:fa:c1:fa:71:d6:25:aa:5d:
9c:85:19:0d:b9:e4:58:c1:ba:65:ad:f6:2b:51:d1:a0:e5:48:
98:5a:4e:ac:a4:44:0d:b5:42:2a:d0:5a:05:be:d5:8c:bb:53:
56:25:f2:77:0a:be:34:b0:db:ab:22:77:21:c4:6b:0e:b4:d8:
60:35:92:e0:be:43:b5:2a:28:96:d1:0d:b4:4f:8f:3c:20:e7:
98:ac:70:57:53:c8:8a:e4:54:8e:1f:6e:49:57:3b:c5:f2:1c:
0b:49:5c:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFdDgvFKLRuqrRCZd3h9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDA1Y2FhYjM0YmJmZGU2YjhlZTY2YzYwMDg2MGM2Y2U5
NmYzMmIwHhcNMjMwMTAyMTUyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWEwN2EwMWJlOGE5MjFjNjI1NmZjNTUxYzBhMjhjYzEzNzdjNjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJViOqz4PqixBa+AqmYi8rcG9TvB
V1ngpDK91Vb0rQ8PTg8xjJttuJKYCZf7QZuGHrrl9wTQ4pWj7lEH3dTnM6HMeCvo
Bx6DS3IaOVvarZ4sgHRuYrdAQ8lXbnRMDuwS8qj/h3OxDxVXLfEGL898TOuN1Si1
La6CVYakoBNR9uQaOJhx/xZPRnCy2r3Ka8MWiAuxG7dwQ84YR3yPU/6PeHd5n3dJ
nIqisRt1kKZaAUd7R4TbeizHctKazEPdJwv83xR2sWZfD9w72uikkIudlMLkPyG8
y3oY5LspJdRr2AXgx5Jk4OyhtbLYxEqMibUps4N2m0NOsXUsIH/DENr1aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmgegG+ipIcYlb8VRwKKMwTd8abMB8GA1UdIwQY
MBaAFEtAXKqzS7/ea47mbGAIYMbOlvMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYt
ZDg3YWZmYjhiYzYxLzEvQ2FCNkFiNktraHhpVnZ4VkhBb296Qk4zeHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYtZDg3YWZmYjhiYzYx
LzEvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GqPMA0G
CSqGSIb3DQEBCwUAA4IBAQAmJpOa4VK/zPSunRwLzPhU0m43m1Lod7ZD/GMgqWbb
SeesZF03+Rf0+5ia2G5L/pYE6+OZMDNIDASXNIjNpY4Q2m4Gg2wvqBeK5F7H1J4/
DL/WF24iyc9FzhXR2zIyds2RUaWuxAhokQ+s2+LAJgzz3E03wwL+1Ybfr7FpcZpq
j1WSAhGEAs7P6t/TnB6PQ/vn0VBQTzlfcC5X+sH6cdYlql2chRkNueRYwbplrfYr
UdGg5UiYWk6spEQNtUIq0FoFvtWMu1NWJfJ3Cr40sNurInchxGsOtNhgNZLgvkO1
KiiW0Q20T488IOeYrHBXU8iK5FSOH25JVzvF8hwLSVxZ
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:01:48 2025 by rpki-client