Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/cb8930-c063-41e2-805d-a7e4bb415cfe/1/1-u1oqwi7TIa9B23PO20s4YyfIck.roa
File: 1-u1oqwi7TIa9B23PO20s4YyfIck.roa (raw, json)
Hash identifier: n7YH5bgwkDi+ENlDKEs6os6FmRWBs3wuM4UiCkMp6k8=
Subject key identifier: FA:ED:68:AB:08:BB:4C:86:BD:07:6D:CF:3B:6D:2C:E1:8C:9F:21:C9
Certificate issuer: /CN=b51ec4e58bd44ebac789548f319e69cc9a53211f
Certificate serial: 106721ED
Authority key identifier: B5:1E:C4:E5:8B:D4:4E:BA:C7:89:54:8F:31:9E:69:CC:9A:53:21:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tR7E5YvUTrrHiVSPMZ5pzJpTIR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/cb8930-c063-41e2-805d-a7e4bb415cfe/1/1-u1oqwi7TIa9B23PO20s4YyfIck.roa
Signing time: Sat 01 Jan 2022 03:58:45 +0000
ROA not before: Sat 01 Jan 2022 03:58:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 192.109.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 275194349 (0x106721ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b51ec4e58bd44ebac789548f319e69cc9a53211f
Validity
Not Before: Jan 1 03:58:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=faed68ab08bb4c86bd076dcf3b6d2ce18c9f21c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:91:8a:26:e0:eb:2c:eb:38:aa:2b:d7:03:e8:
3c:a8:0f:4e:66:57:ae:b8:ff:26:93:51:93:3d:d3:
d7:3a:02:a5:77:0a:3c:4b:1c:4a:15:b5:2f:ab:3d:
bb:51:81:80:95:10:70:93:9f:63:21:46:32:04:ef:
2f:98:dc:8a:f6:1c:66:69:0a:6d:2b:16:10:55:af:
8e:b3:76:4e:c7:02:a8:29:47:81:dc:ba:2d:99:da:
17:8c:2b:f5:a2:f8:d4:56:9c:d9:53:14:e0:ad:b8:
05:40:f2:62:27:ba:b3:3a:9c:2c:bf:cd:a1:d2:77:
b6:fd:3c:bb:5f:a7:8d:d3:6b:08:d4:03:cc:0b:59:
2c:3e:4c:fa:00:64:b4:2b:3e:d8:ad:f7:35:15:40:
cf:73:43:1c:96:1f:3c:ab:16:8b:98:1e:5d:4b:f9:
9d:c1:80:d6:cf:9a:9f:7f:04:49:09:e5:bb:ac:56:
2b:56:50:b4:58:5c:f0:c4:eb:be:06:1b:a8:55:64:
6b:42:1b:c4:39:b1:1e:b0:e9:2b:45:27:f9:6d:c8:
e3:0e:ed:84:99:69:03:fa:ae:4c:f7:c7:a4:c8:4c:
48:34:44:0e:f3:ad:a1:97:e2:95:08:f8:f0:c8:55:
bf:e5:dc:68:ff:fb:c7:25:18:c9:d1:bd:17:df:f3:
1f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:ED:68:AB:08:BB:4C:86:BD:07:6D:CF:3B:6D:2C:E1:8C:9F:21:C9
X509v3 Authority Key Identifier:
keyid:B5:1E:C4:E5:8B:D4:4E:BA:C7:89:54:8F:31:9E:69:CC:9A:53:21:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tR7E5YvUTrrHiVSPMZ5pzJpTIR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/cb8930-c063-41e2-805d-a7e4bb415cfe/1/1-u1oqwi7TIa9B23PO20s4YyfIck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/cb8930-c063-41e2-805d-a7e4bb415cfe/1/tR7E5YvUTrrHiVSPMZ5pzJpTIR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.135.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ec:9d:1a:28:1b:9e:52:24:21:cc:b4:fc:e4:d1:b7:37:01:
ea:9d:e3:a7:31:63:0f:8b:c9:da:26:8f:5b:a0:77:57:3d:0d:
62:c2:10:85:22:8b:3c:44:44:d2:9a:47:2f:97:10:10:d0:b8:
0b:c7:da:f5:5e:0c:85:64:28:e0:94:a8:b5:ce:a3:62:4c:f4:
53:16:f9:b3:25:dc:85:17:07:bb:d9:c2:d4:36:b4:76:d7:b4:
ec:7a:9c:57:eb:e3:59:67:ad:7e:a2:6b:5b:fe:2a:24:c9:31:
b8:43:6e:38:f9:4b:bb:3e:e8:92:60:b1:b5:eb:04:ce:5d:94:
e0:27:b1:88:96:0d:62:c1:4f:c9:6e:d1:f7:80:fc:50:b7:28:
60:e8:f9:a8:42:5d:4b:a5:2f:ca:00:12:5c:11:56:95:fa:e6:
5f:58:1e:4b:08:bb:34:dc:8c:ff:5c:83:ff:43:a4:93:0c:8b:
c5:50:96:2d:fd:7e:2d:de:c0:f2:f3:02:3b:ed:7b:a0:3c:cd:
31:fc:a8:be:ce:da:20:2c:f6:3f:9b:f2:ed:25:20:7b:31:26:
83:5f:86:8b:61:72:e5:04:86:49:55:a1:1f:c3:e9:e2:bc:d2:
79:89:9a:c6:68:bb:32:a5:e5:f1:bd:1d:00:51:ba:b6:f3:3b:
48:06:4e:a3
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEEGch7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTFlYzRlNThiZDQ0ZWJhYzc4OTU0OGYzMTllNjljYzlhNTMyMTFmMB4XDTIyMDEw
MTAzNTg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFlZDY4YWIwOGJi
NGM4NmJkMDc2ZGNmM2I2ZDJjZTE4YzlmMjFjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKORiibg6yzrOKor1wPoPKgPTmZXrrj/JpNRkz3T1zoCpXcK
PEscShW1L6s9u1GBgJUQcJOfYyFGMgTvL5jcivYcZmkKbSsWEFWvjrN2TscCqClH
gdy6LZnaF4wr9aL41Fac2VMU4K24BUDyYie6szqcLL/NodJ3tv08u1+njdNrCNQD
zAtZLD5M+gBktCs+2K33NRVAz3NDHJYfPKsWi5geXUv5ncGA1s+an38ESQnlu6xW
K1ZQtFhc8MTrvgYbqFVka0IbxDmxHrDpK0Un+W3I4w7thJlpA/quTPfHpMhMSDRE
DvOtoZfilQj48MhVv+XcaP/7xyUYydG9F9/zH+UCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT67WirCLtMhr0Hbc87bSzhjJ8hyTAfBgNVHSMEGDAWgBS1HsTli9ROuseJ
VI8xnmnMmlMhHzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RSN0U1WXZVVHJySGlWU1BNWjVwekpwVElSOC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvY2I4OTMwLWMwNjMtNDFlMi04MDVkLWE3ZTRiYjQxNWNmZS8x
LzEtdTFvcXdpN1RJYTlCMjNQTzIwczRZeWZJY2sucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk0
L2NiODkzMC1jMDYzLTQxZTItODA1ZC1hN2U0YmI0MTVjZmUvMS90UjdFNVl2VVRy
ckhpVlNQTVo1cHpKcFRJUjguY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAbYcwDQYJKoZIhvcNAQELBQAD
ggEBACrsnRooG55SJCHMtPzk0bc3Aeqd46cxYw+Lydomj1ugd1c9DWLCEIUiizxE
RNKaRy+XEBDQuAvH2vVeDIVkKOCUqLXOo2JM9FMW+bMl3IUXB7vZwtQ2tHbXtOx6
nFfr41lnrX6ia1v+KiTJMbhDbjj5S7s+6JJgsbXrBM5dlOAnsYiWDWLBT8lu0feA
/FC3KGDo+ahCXUulL8oAElwRVpX65l9YHksIuzTcjP9cg/9DpJMMi8VQli39fi3e
wPLzAjvte6A8zTH8qL7O2iAs9j+b8u0lIHsxJoNfhothcuUEhklVoR/D6eK80nmJ
msZouzKl5fG9HQBRurbzO0gGTqM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:01 2025 by rpki-client