Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7caae5-03af-47f8-b29e-e951a74346f9/1/9AtM_bB-cnCKaq5bRPUQbkXlTw8.roa
File: 9AtM_bB-cnCKaq5bRPUQbkXlTw8.roa (raw, json)
Hash identifier: br20IBoy8HGa9FWJcA/g7F82o5A0cTzbj3q1/Q6HUxs=
Subject key identifier: F4:0B:4C:FD:B0:7E:72:70:8A:6A:AE:5B:44:F5:10:6E:45:E5:4F:0F
Certificate issuer: /CN=552423ed905000f69ad93eefc666bb9b1addcb37
Certificate serial: 01856FF01E381038C30C71D7E348D2958819
Authority key identifier: 55:24:23:ED:90:50:00:F6:9A:D9:3E:EF:C6:66:BB:9B:1A:DD:CB:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSQj7ZBQAPaa2T7vxma7mxrdyzc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/7caae5-03af-47f8-b29e-e951a74346f9/1/9AtM_bB-cnCKaq5bRPUQbkXlTw8.roa
Signing time: Mon 02 Jan 2023 00:44:45 +0000
ROA not before: Mon 02 Jan 2023 00:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200517
IP address blocks: 51.4.0.0/16 maxlen: 16
51.4.0.0/15 maxlen: 15
51.18.0.0/16 maxlen: 16
51.5.0.0/16 maxlen: 16
51.8.0.0/16 maxlen: 16
2a01:4180::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:1e:38:10:38:c3:0c:71:d7:e3:48:d2:95:88:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=552423ed905000f69ad93eefc666bb9b1addcb37
Validity
Not Before: Jan 2 00:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f40b4cfdb07e72708a6aae5b44f5106e45e54f0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:45:1b:28:95:8f:6d:d7:83:00:86:20:16:0d:
00:1d:52:a3:11:ad:8d:cf:c9:07:57:22:eb:21:5e:
06:71:35:d6:93:70:6d:89:8e:d2:7e:4b:9d:71:b0:
85:f5:99:c8:82:96:ae:24:4c:96:52:56:09:45:17:
0f:df:f3:56:f5:32:8f:1d:7d:a2:91:93:41:ea:3c:
d2:24:62:92:6b:5f:83:21:02:6e:4b:bf:b4:05:c0:
84:f0:7f:1f:24:39:a1:d3:7c:08:eb:82:f1:49:5d:
09:ba:8d:e5:6e:b4:52:b4:3e:58:cd:87:ba:69:0f:
76:c4:d4:e5:fe:fb:dd:2a:23:b4:fd:52:ba:e1:07:
c8:37:24:01:de:69:5d:21:47:d2:d4:61:dc:5e:4d:
ea:03:3f:fc:6c:b7:52:b8:3b:65:7b:71:99:3d:5f:
14:82:50:c7:85:05:de:38:9c:16:d2:dd:1d:69:7a:
a3:9b:bd:c5:d3:2c:c9:be:02:94:9c:16:46:bc:dc:
df:b9:30:43:1b:ce:21:11:c3:4e:75:a9:72:1e:49:
01:0f:31:63:ad:29:e3:56:2d:2f:b5:e6:d9:ec:7b:
0a:40:78:91:44:a0:ba:ec:ee:cf:b3:5b:af:3c:d5:
86:dc:2f:6d:7b:9a:9e:6c:31:a4:a2:89:e8:bf:a6:
0e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:0B:4C:FD:B0:7E:72:70:8A:6A:AE:5B:44:F5:10:6E:45:E5:4F:0F
X509v3 Authority Key Identifier:
keyid:55:24:23:ED:90:50:00:F6:9A:D9:3E:EF:C6:66:BB:9B:1A:DD:CB:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSQj7ZBQAPaa2T7vxma7mxrdyzc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7caae5-03af-47f8-b29e-e951a74346f9/1/9AtM_bB-cnCKaq5bRPUQbkXlTw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7caae5-03af-47f8-b29e-e951a74346f9/1/VSQj7ZBQAPaa2T7vxma7mxrdyzc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.4.0.0/15
51.8.0.0/16
51.18.0.0/16
IPv6:
2a01:4180::/33
Signature Algorithm: sha256WithRSAEncryption
29:da:c5:67:e3:51:0d:0f:39:a2:4d:c1:60:de:23:d0:26:04:
d4:b0:67:44:12:72:0a:1d:f3:df:a5:b2:a3:3d:80:8d:d4:a1:
bd:13:1b:2e:17:9e:c8:89:ae:59:04:a7:72:18:fd:37:cf:63:
ef:f0:8a:31:4a:71:cf:9f:99:36:95:03:06:80:65:e3:39:90:
fd:77:34:54:2c:95:b3:7f:19:4a:81:2d:bb:c5:a9:d9:f6:a0:
70:e1:76:e5:35:66:43:30:da:f7:17:47:a4:a8:78:88:c9:8a:
3c:81:89:01:c3:28:53:68:1a:fd:45:1e:7e:f3:4a:e7:04:d7:
b8:a0:62:ce:c8:a5:4c:24:60:7e:98:83:c7:22:a4:f5:65:af:
3e:6b:31:38:b2:6e:c9:0c:42:f4:44:3f:29:5c:09:8c:95:8a:
98:f6:db:53:74:60:93:8a:83:95:f4:f3:e3:7b:dc:dd:d5:08:
3a:e2:5e:b6:eb:19:52:e0:cf:46:b1:b5:a9:54:54:7e:ff:80:
38:39:ee:95:16:04:b1:cb:e7:70:3d:3b:e5:7d:bc:10:c1:8d:
3b:d8:cc:de:df:60:9c:35:ff:ea:21:be:9f:d6:26:dd:d5:b5:
8c:4f:e6:e8:6c:67:5e:1c:91:02:ae:74:a8:93:64:67:8b:a9:
37:df:23:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVv8B44EDjDDHHX40jSlYgZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MjQyM2VkOTA1MDAwZjY5YWQ5M2VlZmM2NjZiYjliMWFk
ZGNiMzcwHhcNMjMwMTAyMDA0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDBiNGNmZGIwN2U3MjcwOGE2YWFlNWI0NGY1MTA2ZTQ1ZTU0ZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EUbKJWPbdeDAIYgFg0AHVKjEa2N
z8kHVyLrIV4GcTXWk3BtiY7SfkudcbCF9ZnIgpauJEyWUlYJRRcP3/NW9TKPHX2i
kZNB6jzSJGKSa1+DIQJuS7+0BcCE8H8fJDmh03wI64LxSV0Juo3lbrRStD5YzYe6
aQ92xNTl/vvdKiO0/VK64QfINyQB3mldIUfS1GHcXk3qAz/8bLdSuDtle3GZPV8U
glDHhQXeOJwW0t0daXqjm73F0yzJvgKUnBZGvNzfuTBDG84hEcNOdalyHkkBDzFj
rSnjVi0vtebZ7HsKQHiRRKC67O7Ps1uvPNWG3C9te5qebDGkoonov6YOxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQLTP2wfnJwimquW0T1EG5F5U8PMB8GA1UdIwQY
MBaAFFUkI+2QUAD2mtk+78Zmu5sa3cs3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlNRajdaQlFBUGFhMlQ3dnhtYTdteHJkeXpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83Y2FhZTUtMDNhZi00N2Y4LWIyOWUt
ZTk1MWE3NDM0NmY5LzEvOUF0TV9iQi1jbkNLYXE1YlJQVVFia1hsVHc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83Y2FhZTUtMDNhZi00N2Y4LWIyOWUtZTk1MWE3NDM0NmY5
LzEvVlNRajdaQlFBUGFhMlQ3dnhtYTdteHJkeXpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAVBAIAATAPAwMBMwQDAwAz
CAMDADMSMA4EAgACMAgDBgcqAUGAADANBgkqhkiG9w0BAQsFAAOCAQEAKdrFZ+NR
DQ85ok3BYN4j0CYE1LBnRBJyCh3z36Wyoz2AjdShvRMbLheeyImuWQSnchj9N89j
7/CKMUpxz5+ZNpUDBoBl4zmQ/Xc0VCyVs38ZSoEtu8Wp2fagcOF25TVmQzDa9xdH
pKh4iMmKPIGJAcMoU2ga/UUefvNK5wTXuKBizsilTCRgfpiDxyKk9WWvPmsxOLJu
yQxC9EQ/KVwJjJWKmPbbU3Rgk4qDlfTz43vc3dUIOuJetusZUuDPRrG1qVRUfv+A
ODnulRYEscvncD075X28EMGNO9jM3t9gnDX/6iG+n9Ym3dW1jE/m6GxnXhyRAq50
qJNkZ4upN98j+w==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:02:34 2025 by rpki-client