Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/218dcb-d097-41fd-8f82-d6d3422baec8/1/z9Lut21fyCF7tL2qWb78UeppJfg.roa
File: z9Lut21fyCF7tL2qWb78UeppJfg.roa (raw, json)
Hash identifier: r5WIiNv1vUWcaskyWX0C2BLc3AiHzSBYA/qvEuHiUR8=
Subject key identifier: CF:D2:EE:B7:6D:5F:C8:21:7B:B4:BD:AA:59:BE:FC:51:EA:69:25:F8
Certificate issuer: /CN=d89b6a1097b1f251f95c56da4e4aa311b9470bff
Certificate serial: 01856F42CBFEFB5B1F5489E32D3304B3D3D7
Authority key identifier: D8:9B:6A:10:97:B1:F2:51:F9:5C:56:DA:4E:4A:A3:11:B9:47:0B:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JtqEJex8lH5XFbaTkqjEblHC_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/218dcb-d097-41fd-8f82-d6d3422baec8/1/z9Lut21fyCF7tL2qWb78UeppJfg.roa
Signing time: Sun 01 Jan 2023 21:35:26 +0000
ROA not before: Sun 01 Jan 2023 21:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137
IP address blocks: 159.149.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:cb:fe:fb:5b:1f:54:89:e3:2d:33:04:b3:d3:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d89b6a1097b1f251f95c56da4e4aa311b9470bff
Validity
Not Before: Jan 1 21:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfd2eeb76d5fc8217bb4bdaa59befc51ea6925f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:54:11:2d:9c:4f:c4:bd:d3:f3:ed:de:a3:07:
0c:ba:44:0a:54:62:57:bb:8d:fa:5a:a7:b6:a6:6c:
2e:6a:e6:96:13:d4:df:d7:a2:23:6c:6d:46:99:e6:
e7:28:d6:aa:86:1f:96:1e:24:71:ce:f7:d2:0e:6a:
ff:f5:a7:e2:c1:f1:7f:c6:93:0a:71:a5:46:73:3d:
9b:c7:17:c5:7f:ca:32:1f:40:f5:c1:20:bd:f6:07:
d8:ec:37:6d:32:3c:d3:73:62:14:06:47:b3:94:d5:
e8:f3:2e:ad:62:b1:2c:b3:64:4e:5e:d4:b9:b4:d3:
9a:1c:7e:36:83:73:00:16:93:e0:0a:64:ee:a7:bf:
a0:6c:98:bb:43:eb:ba:58:24:c5:a1:09:16:36:91:
09:fe:2d:c7:30:e0:47:19:89:28:db:72:97:f1:b9:
43:1f:83:0f:2a:41:5e:87:c4:b7:a9:8b:c8:d8:6d:
c2:17:6c:2e:93:e6:6e:4b:36:81:d7:80:6a:a9:ba:
b5:96:a6:27:98:f9:92:2b:12:02:78:46:75:4b:5f:
5a:3c:9d:75:30:c8:57:f2:88:d0:09:1c:60:a6:78:
9a:5e:23:e9:4d:75:86:df:6d:cd:62:2e:21:41:57:
d5:62:ac:73:7d:56:07:0a:a3:30:52:56:07:1d:7c:
74:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D2:EE:B7:6D:5F:C8:21:7B:B4:BD:AA:59:BE:FC:51:EA:69:25:F8
X509v3 Authority Key Identifier:
keyid:D8:9B:6A:10:97:B1:F2:51:F9:5C:56:DA:4E:4A:A3:11:B9:47:0B:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JtqEJex8lH5XFbaTkqjEblHC_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/218dcb-d097-41fd-8f82-d6d3422baec8/1/z9Lut21fyCF7tL2qWb78UeppJfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/218dcb-d097-41fd-8f82-d6d3422baec8/1/2JtqEJex8lH5XFbaTkqjEblHC_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.149.0.0/16
Signature Algorithm: sha256WithRSAEncryption
05:6f:25:1b:1b:60:24:b8:e0:3d:6d:6e:b2:d4:21:c6:be:13:
08:98:94:d7:38:87:31:c3:d0:6e:05:42:f7:81:0f:75:ea:2c:
d9:d0:81:99:bb:69:95:d5:a5:0e:7f:e9:d0:b5:c5:3a:cb:a3:
f0:65:2a:3e:78:51:26:c8:ad:16:a4:60:3b:6f:92:f5:e0:a9:
ff:c9:f7:3c:62:e3:f0:02:ef:99:f2:e3:ab:84:53:e2:85:67:
d5:db:66:2b:c0:40:9d:5f:ab:62:6d:b0:4d:27:e9:2e:58:8b:
a0:1a:99:ac:2a:b3:0e:d9:f2:73:f9:21:19:33:85:b2:3b:04:
f8:3d:a4:f5:a0:98:58:6b:2b:d5:7d:76:1a:f4:9c:f0:7d:66:
51:9d:12:3f:97:77:e5:42:06:d5:e9:a6:c7:36:89:f1:92:36:
c9:fa:2b:0b:08:43:e0:ac:a2:27:d4:0c:50:8a:99:a5:3e:4a:
71:97:4b:11:33:21:de:3e:e4:7c:6b:fb:e8:23:a2:f1:65:bf:
a7:60:7e:88:cb:8c:89:3e:3f:30:de:fd:36:f2:98:4d:58:c3:
71:b7:80:d8:99:df:6f:51:47:7e:50:64:38:13:c0:5c:d5:7a:
c8:ec:33:ae:2a:a6:67:e1:34:b6:37:bd:2b:bf:e8:27:86:68:
e6:ab:35:d2
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVvQsv++1sfVInjLTMEs9PXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OWI2YTEwOTdiMWYyNTFmOTVjNTZkYTRlNGFhMzExYjk0
NzBiZmYwHhcNMjMwMTAxMjEzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmQyZWViNzZkNWZjODIxN2JiNGJkYWE1OWJlZmM1MWVhNjkyNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VQRLZxPxL3T8+3eowcMukQKVGJX
u436Wqe2pmwuauaWE9Tf16IjbG1GmebnKNaqhh+WHiRxzvfSDmr/9afiwfF/xpMK
caVGcz2bxxfFf8oyH0D1wSC99gfY7DdtMjzTc2IUBkezlNXo8y6tYrEss2ROXtS5
tNOaHH42g3MAFpPgCmTup7+gbJi7Q+u6WCTFoQkWNpEJ/i3HMOBHGYko23KX8blD
H4MPKkFeh8S3qYvI2G3CF2wuk+ZuSzaB14Bqqbq1lqYnmPmSKxICeEZ1S19aPJ11
MMhX8ojQCRxgpniaXiPpTXWG323NYi4hQVfVYqxzfVYHCqMwUlYHHXx0CQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFM/S7rdtX8ghe7S9qlm+/FHqaSX4MB8GA1UdIwQY
MBaAFNibahCXsfJR+VxW2k5KoxG5Rwv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkp0cUVKZXg4bEg1WEZiYVRrcWpFYmxIQ184LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yMThkY2ItZDA5Ny00MWZkLThmODIt
ZDZkMzQyMmJhZWM4LzEvejlMdXQyMWZ5Q0Y3dEwycVdiNzhVZXBwSmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yMThkY2ItZDA5Ny00MWZkLThmODItZDZkMzQyMmJhZWM4
LzEvMkp0cUVKZXg4bEg1WEZiYVRrcWpFYmxIQ184LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAn5UwDQYJ
KoZIhvcNAQELBQADggEBAAVvJRsbYCS44D1tbrLUIca+EwiYlNc4hzHD0G4FQveB
D3XqLNnQgZm7aZXVpQ5/6dC1xTrLo/BlKj54USbIrRakYDtvkvXgqf/J9zxi4/AC
75ny46uEU+KFZ9XbZivAQJ1fq2JtsE0n6S5Yi6Aamawqsw7Z8nP5IRkzhbI7BPg9
pPWgmFhrK9V9dhr0nPB9ZlGdEj+Xd+VCBtXppsc2ifGSNsn6KwsIQ+CsoifUDFCK
maU+SnGXSxEzId4+5Hxr++gjovFlv6dgfojLjIk+PzDe/TbymE1Yw3G3gNiZ329R
R35QZDgTwFzVesjsM64qpmfhNLY3vSu/6CeGaOarNdI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:12 2025 by rpki-client