Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/846607-00c8-401d-bcfe-0a6f8b1c654d/1/9b7WfiLJ-gaqf02G8380VSRf5dQ.roa
File: 9b7WfiLJ-gaqf02G8380VSRf5dQ.roa (raw, json)
Hash identifier: ksD2DUY2QjP/0S1pi0gnepDyuateFaD/GpbBJ0SJj0c=
Subject key identifier: F5:BE:D6:7E:22:C9:FA:06:AA:7F:4D:86:F3:7F:34:55:24:5F:E5:D4
Certificate issuer: /CN=c77ff58d19af10bda4fcb0cf31e58de094bbbb48
Certificate serial: 018570C2CA6882B440BAA658550CCB87DFE6
Authority key identifier: C7:7F:F5:8D:19:AF:10:BD:A4:FC:B0:CF:31:E5:8D:E0:94:BB:BB:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3_1jRmvEL2k_LDPMeWN4JS7u0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/846607-00c8-401d-bcfe-0a6f8b1c654d/1/9b7WfiLJ-gaqf02G8380VSRf5dQ.roa
Signing time: Mon 02 Jan 2023 04:34:52 +0000
ROA not before: Mon 02 Jan 2023 04:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31493
IP address blocks: 194.33.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:ca:68:82:b4:40:ba:a6:58:55:0c:cb:87:df:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c77ff58d19af10bda4fcb0cf31e58de094bbbb48
Validity
Not Before: Jan 2 04:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5bed67e22c9fa06aa7f4d86f37f3455245fe5d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7b:74:67:b5:e2:91:9b:f8:21:a9:81:ff:2d:
3c:eb:c5:59:d1:73:48:32:f3:59:1b:94:e4:5a:d9:
83:b7:ba:23:80:bb:c0:60:4d:5e:d8:39:a9:c5:21:
c2:70:a2:dc:fc:4c:1b:66:f4:d8:b8:20:e9:a8:15:
80:28:59:fa:b8:c7:f6:88:46:c4:67:5c:70:78:62:
0d:44:4a:50:5e:98:a4:af:87:49:f9:b5:50:7d:f9:
96:ca:48:ba:41:62:78:20:e5:1e:ca:b0:7f:6c:3c:
fe:9f:40:fc:b5:c1:19:4f:06:84:a5:ce:13:68:b7:
dc:10:a7:77:d7:13:08:ab:bc:bb:8d:77:e9:0b:b9:
0d:02:43:6b:6c:4c:e6:bb:53:97:40:a6:73:9d:ec:
4d:b1:19:fa:c0:4e:10:07:20:7d:aa:7b:ea:26:45:
ce:77:cb:72:61:5a:ce:5e:8b:7d:92:9c:69:c8:53:
6b:18:6e:72:1e:63:21:8c:f1:47:7b:b1:ed:81:af:
54:d8:78:4c:ec:ce:a8:62:d9:e1:20:8c:96:cf:28:
fa:32:e0:17:53:f0:b4:27:cf:40:c3:a2:53:88:6d:
96:e2:bf:44:88:16:32:52:3f:a7:3c:ce:4e:41:72:
94:83:52:30:37:58:46:33:18:f8:77:11:b1:01:f0:
12:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:BE:D6:7E:22:C9:FA:06:AA:7F:4D:86:F3:7F:34:55:24:5F:E5:D4
X509v3 Authority Key Identifier:
keyid:C7:7F:F5:8D:19:AF:10:BD:A4:FC:B0:CF:31:E5:8D:E0:94:BB:BB:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3_1jRmvEL2k_LDPMeWN4JS7u0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/846607-00c8-401d-bcfe-0a6f8b1c654d/1/9b7WfiLJ-gaqf02G8380VSRf5dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/846607-00c8-401d-bcfe-0a6f8b1c654d/1/x3_1jRmvEL2k_LDPMeWN4JS7u0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.63.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:94:07:50:4a:e6:aa:31:9b:e5:77:86:d3:15:4b:38:da:0e:
63:25:80:9e:5c:43:7e:68:f8:c9:b6:a5:0d:d6:cd:2f:57:3e:
f3:1a:59:0e:95:a6:e4:76:94:9d:ad:ac:4d:61:e7:32:a8:f2:
68:f6:8c:55:92:27:15:9e:1a:6c:97:f5:0d:2d:5f:8e:75:72:
df:b6:e0:d1:8c:64:60:c8:ed:f3:1c:10:85:a8:05:b9:29:0d:
48:d0:23:62:79:2a:02:af:f4:95:dd:a6:dc:08:2a:a4:7f:34:
d0:e6:17:67:b2:ed:4d:6e:74:82:09:a2:46:94:76:ec:90:36:
9e:a2:1d:e0:1b:73:f2:af:d2:e0:2f:d2:dc:6c:dc:bf:31:50:
f4:ec:c2:84:9a:08:a7:33:f4:4e:b2:6e:cd:2e:5f:2c:a9:b0:
0c:5b:5e:9a:07:f0:d9:65:4e:91:3f:b6:2d:86:87:f0:9d:bf:
d6:66:72:08:3d:e6:ec:f5:94:88:4d:ce:20:eb:e7:b0:f8:d5:
5e:3b:c7:13:44:9d:39:6e:bc:14:a1:41:17:c7:8c:86:d1:b2:
99:3e:36:fb:66:44:47:bb:37:2a:0e:b4:c5:98:dd:0c:20:45:
12:17:83:0e:07:2a:aa:26:71:1a:9b:c6:b9:0a:92:8e:9b:61:
97:b7:4a:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwspogrRAuqZYVQzLh9/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3N2ZmNThkMTlhZjEwYmRhNGZjYjBjZjMxZTU4ZGUwOTRi
YmJiNDgwHhcNMjMwMTAyMDQzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWJlZDY3ZTIyYzlmYTA2YWE3ZjRkODZmMzdmMzQ1NTI0NWZlNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHt0Z7XikZv4IamB/y0868VZ0XNI
MvNZG5TkWtmDt7ojgLvAYE1e2DmpxSHCcKLc/EwbZvTYuCDpqBWAKFn6uMf2iEbE
Z1xweGINREpQXpikr4dJ+bVQffmWyki6QWJ4IOUeyrB/bDz+n0D8tcEZTwaEpc4T
aLfcEKd31xMIq7y7jXfpC7kNAkNrbEzmu1OXQKZznexNsRn6wE4QByB9qnvqJkXO
d8tyYVrOXot9kpxpyFNrGG5yHmMhjPFHe7Htga9U2HhM7M6oYtnhIIyWzyj6MuAX
U/C0J89Aw6JTiG2W4r9EiBYyUj+nPM5OQXKUg1IwN1hGMxj4dxGxAfASIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPW+1n4iyfoGqn9NhvN/NFUkX+XUMB8GA1UdIwQY
MBaAFMd/9Y0ZrxC9pPywzzHljeCUu7tIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNfMWpSbXZFTDJrX0xEUE1lV040SlM3dTBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84NDY2MDctMDBjOC00MDFkLWJjZmUt
MGE2ZjhiMWM2NTRkLzEvOWI3V2ZpTEotZ2FxZjAyRzgzODBWU1JmNWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84NDY2MDctMDBjOC00MDFkLWJjZmUtMGE2ZjhiMWM2NTRk
LzEveDNfMWpSbXZFTDJrX0xEUE1lV040SlM3dTBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiE/MA0G
CSqGSIb3DQEBCwUAA4IBAQAvlAdQSuaqMZvld4bTFUs42g5jJYCeXEN+aPjJtqUN
1s0vVz7zGlkOlabkdpSdraxNYecyqPJo9oxVkicVnhpsl/UNLV+OdXLftuDRjGRg
yO3zHBCFqAW5KQ1I0CNieSoCr/SV3abcCCqkfzTQ5hdnsu1NbnSCCaJGlHbskDae
oh3gG3Pyr9LgL9LcbNy/MVD07MKEmginM/ROsm7NLl8sqbAMW16aB/DZZU6RP7Yt
hofwnb/WZnIIPebs9ZSITc4g6+ew+NVeO8cTRJ05brwUoUEXx4yG0bKZPjb7ZkRH
uzcqDrTFmN0MIEUSF4MOByqqJnEam8a5CpKOm2GXt0og
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:11:42 2025 by rpki-client