Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3ef96e-f8a6-4f9b-9bc7-fe26e899deb8/1/md3pVSTPKDazZbv6boznb31uIVs.roa
File: md3pVSTPKDazZbv6boznb31uIVs.roa (raw, json)
Hash identifier: Wu9v3Q34aB8WwnqY35/skN3OsE7iHudXDxFPI8Y8Ue0=
Subject key identifier: 99:DD:E9:55:24:CF:28:36:B3:65:BB:FA:6E:8C:E7:6F:7D:6E:21:5B
Certificate issuer: /CN=20f81274f66bde89f12c243d09a9edc3e5b1e229
Certificate serial: 01856B4106B05F5744FBC3197238D7C9C077
Authority key identifier: 20:F8:12:74:F6:6B:DE:89:F1:2C:24:3D:09:A9:ED:C3:E5:B1:E2:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPgSdPZr3onxLCQ9Cantw-Wx4ik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef96e-f8a6-4f9b-9bc7-fe26e899deb8/1/md3pVSTPKDazZbv6boznb31uIVs.roa
Signing time: Sun 01 Jan 2023 02:55:01 +0000
ROA not before: Sun 01 Jan 2023 02:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207568
IP address blocks: 2.57.222.0/23 maxlen: 23
2a09:d9c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:41:06:b0:5f:57:44:fb:c3:19:72:38:d7:c9:c0:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20f81274f66bde89f12c243d09a9edc3e5b1e229
Validity
Not Before: Jan 1 02:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99dde95524cf2836b365bbfa6e8ce76f7d6e215b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:12:5e:f0:ef:c6:25:47:87:11:62:28:c2:86:
28:92:44:64:39:bc:57:f4:dc:ec:20:b0:16:01:23:
00:1e:13:51:ba:29:96:84:d3:90:f2:54:dc:27:31:
68:3e:43:c7:b8:5e:54:d6:00:5f:de:93:06:e6:c9:
ac:60:e2:4c:b4:ca:4e:1b:95:2e:c0:51:42:44:ac:
3e:57:6f:2f:14:0a:0e:fa:00:d0:73:3d:48:3d:46:
fc:1f:1c:6f:e7:9d:6a:82:d6:91:a8:91:b2:65:f1:
12:eb:24:f2:c5:23:38:7e:37:f4:0d:e5:96:52:cd:
e0:8a:0a:20:ba:37:9e:01:f4:08:3a:2b:72:af:a9:
dd:0f:b6:a7:20:01:c0:10:e4:d8:1a:90:75:e5:4e:
a6:d6:be:2f:fa:c7:52:b4:57:aa:5a:e2:9b:a2:8f:
ca:62:e1:a2:81:71:3f:81:7b:ed:cd:a0:5f:06:06:
08:0d:c8:87:b7:30:9f:33:f2:66:76:32:d9:5c:18:
1d:fc:34:69:f3:b5:15:f8:03:85:9c:ad:5c:9f:d4:
d0:f1:e7:ff:d7:ae:96:07:ef:ab:2b:62:f9:25:3d:
e6:22:41:8f:86:21:b0:45:56:ac:09:e9:82:38:f8:
3a:95:f2:8d:cf:70:44:aa:3c:b5:72:7a:a2:07:c1:
4a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:DD:E9:55:24:CF:28:36:B3:65:BB:FA:6E:8C:E7:6F:7D:6E:21:5B
X509v3 Authority Key Identifier:
keyid:20:F8:12:74:F6:6B:DE:89:F1:2C:24:3D:09:A9:ED:C3:E5:B1:E2:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPgSdPZr3onxLCQ9Cantw-Wx4ik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef96e-f8a6-4f9b-9bc7-fe26e899deb8/1/md3pVSTPKDazZbv6boznb31uIVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef96e-f8a6-4f9b-9bc7-fe26e899deb8/1/IPgSdPZr3onxLCQ9Cantw-Wx4ik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.222.0/23
IPv6:
2a09:d9c0::/32
Signature Algorithm: sha256WithRSAEncryption
70:80:86:82:da:51:46:4d:44:f6:fa:da:f3:ea:46:af:d1:f3:
a6:fc:5b:42:63:3f:ea:b2:03:96:03:ce:3f:a3:2a:10:95:cd:
ab:3d:bc:55:57:cd:a1:c3:27:24:7d:37:a6:81:ce:8d:d7:c1:
14:7f:9a:84:64:ab:6a:ef:82:85:8f:f7:54:2c:11:16:33:05:
fd:1f:50:1b:a5:cc:98:6b:5d:19:42:27:11:95:fc:07:e6:1a:
6e:6c:e5:f8:a8:bd:2b:9b:f6:ac:e8:8c:a0:50:58:37:60:19:
e7:c0:b0:f6:90:1e:74:cd:25:5c:29:ea:07:a7:30:71:60:e4:
a0:3d:ab:64:51:f8:02:74:37:a3:d1:46:68:36:26:cc:0e:a5:
1a:35:e3:61:0c:0f:d6:c4:cc:29:59:d2:b6:c0:7a:38:4a:8f:
a1:2f:f0:18:77:f2:44:f2:f2:06:83:7b:c1:7c:a4:b0:43:a7:
a7:61:7c:62:bb:ff:50:37:66:0d:85:22:e3:f8:62:11:ed:fc:
5c:6b:ec:89:25:c1:fb:25:20:1c:99:48:37:93:b4:8d:c7:cd:
ac:02:85:d1:cf:90:f4:91:99:0b:e5:59:05:71:62:c2:d7:75:
57:2b:af:71:58:00:96:c8:9d:7f:70:5b:c9:72:d2:78:fe:ed:
75:28:69:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrQQawX1dE+8MZcjjXycB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjgxMjc0ZjY2YmRlODlmMTJjMjQzZDA5YTllZGMzZTVi
MWUyMjkwHhcNMjMwMTAxMDI1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWRkZTk1NTI0Y2YyODM2YjM2NWJiZmE2ZThjZTc2ZjdkNmUyMTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxJe8O/GJUeHEWIowoYokkRkObxX
9NzsILAWASMAHhNRuimWhNOQ8lTcJzFoPkPHuF5U1gBf3pMG5smsYOJMtMpOG5Uu
wFFCRKw+V28vFAoO+gDQcz1IPUb8Hxxv551qgtaRqJGyZfES6yTyxSM4fjf0DeWW
Us3gigogujeeAfQIOityr6ndD7anIAHAEOTYGpB15U6m1r4v+sdStFeqWuKboo/K
YuGigXE/gXvtzaBfBgYIDciHtzCfM/JmdjLZXBgd/DRp87UV+AOFnK1cn9TQ8ef/
166WB++rK2L5JT3mIkGPhiGwRVasCemCOPg6lfKNz3BEqjy1cnqiB8FKAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJnd6VUkzyg2s2W7+m6M5299biFbMB8GA1UdIwQY
MBaAFCD4EnT2a96J8SwkPQmp7cPlseIpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBnU2RQWnIzb254TENROUNhbnR3LVd4NGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zZWY5NmUtZjhhNi00ZjliLTliYzct
ZmUyNmU4OTlkZWI4LzEvbWQzcFZTVFBLRGF6WmJ2NmJvem5iMzF1SVZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zZWY5NmUtZjhhNi00ZjliLTliYzctZmUyNmU4OTlkZWI4
LzEvSVBnU2RQWnIzb254TENROUNhbnR3LVd4NGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBAjneMA0E
AgACMAcDBQAqCdnAMA0GCSqGSIb3DQEBCwUAA4IBAQBwgIaC2lFGTUT2+trz6kav
0fOm/FtCYz/qsgOWA84/oyoQlc2rPbxVV82hwyckfTemgc6N18EUf5qEZKtq74KF
j/dULBEWMwX9H1AbpcyYa10ZQicRlfwH5hpubOX4qL0rm/as6IygUFg3YBnnwLD2
kB50zSVcKeoHpzBxYOSgPatkUfgCdDej0UZoNibMDqUaNeNhDA/WxMwpWdK2wHo4
So+hL/AYd/JE8vIGg3vBfKSwQ6enYXxiu/9QN2YNhSLj+GIR7fxca+yJJcH7JSAc
mUg3k7SNx82sAoXRz5D0kZkL5VkFcWLC13VXK69xWACWyJ1/cFvJctJ4/u11KGn1
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:19:00 2025 by rpki-client