Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/Y9ZX05io666blqBgDQqUtnSYm3g.roa
File: Y9ZX05io666blqBgDQqUtnSYm3g.roa (raw, json)
Hash identifier: b0glaZx255bzQ7onqNZtt1rlCd0PCdXFiXTMSBpIg7Y=
Subject key identifier: 63:D6:57:D3:98:A8:EB:AE:9B:96:A0:60:0D:0A:94:B6:74:98:9B:78
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 01856EC204A747FDF77DB72B4A3AB5EFB06A
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/Y9ZX05io666blqBgDQqUtnSYm3g.roa
Signing time: Sun 01 Jan 2023 19:14:47 +0000
ROA not before: Sun 01 Jan 2023 19:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133542
IP address blocks: 150.129.92.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:04:a7:47:fd:f7:7d:b7:2b:4a:3a:b5:ef:b0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Jan 1 19:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63d657d398a8ebae9b96a0600d0a94b674989b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f9:6b:c3:06:11:13:21:69:70:ab:93:d8:f3:
03:80:0d:32:8c:73:76:26:6c:a6:c7:21:6f:df:9f:
29:2e:0a:46:b0:d8:e9:9c:01:df:03:6d:14:c2:f1:
e7:af:b9:dd:b9:4e:c5:52:3a:c6:37:0e:e5:52:2c:
13:51:6f:ed:c0:a1:4c:1c:70:4c:94:a9:9f:da:d5:
ab:c0:43:af:ed:5a:dc:90:a9:65:a5:65:70:dd:84:
be:4c:06:07:fe:bd:4c:8b:8c:23:52:5b:be:be:31:
23:48:7c:d8:4e:68:99:7a:d0:65:36:5b:55:e4:b5:
18:8a:c3:ba:78:35:04:87:b3:d2:91:30:4c:9f:45:
89:85:23:c2:86:d2:a2:25:41:ce:94:bf:d5:35:fa:
fb:40:84:a8:a2:63:4c:00:ac:fb:1c:95:2a:37:a7:
36:5d:5d:c0:bf:9b:d6:52:70:3a:16:1e:a5:97:94:
e6:bb:5c:0d:51:e5:af:8d:19:07:38:4c:38:de:45:
02:61:c7:e7:52:73:1b:85:a6:79:9d:bd:3a:f0:c3:
c0:ae:ad:3f:96:48:14:77:ff:23:41:cf:8e:9b:f4:
22:71:db:41:b0:8d:be:14:9c:b1:10:f7:21:6b:67:
e6:68:dd:7a:78:84:f0:f5:bd:20:b0:42:40:f5:a1:
ec:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D6:57:D3:98:A8:EB:AE:9B:96:A0:60:0D:0A:94:B6:74:98:9B:78
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/Y9ZX05io666blqBgDQqUtnSYm3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.129.92.0/22
Signature Algorithm: sha256WithRSAEncryption
63:57:c4:1c:72:a5:70:1e:15:da:1b:b7:a9:40:df:78:9e:ee:
2b:72:7d:c5:0e:0f:25:6a:65:87:e4:d6:2a:f4:27:8f:25:26:
13:51:8e:9b:6b:63:d9:a7:c1:7c:dd:51:7c:e6:b1:33:78:22:
0b:6e:1b:83:2d:50:ac:18:d1:01:03:df:c3:21:86:4c:12:f3:
0d:47:7e:b5:b7:09:78:3b:9e:88:92:0c:96:d4:21:3a:d1:9d:
12:a5:2c:6a:73:6d:5a:69:de:b8:44:26:c6:5e:be:f3:59:7b:
80:9f:fe:cc:33:3d:81:c0:f7:61:0d:ca:02:c3:ad:aa:5c:68:
bf:33:58:51:1b:6a:9a:4a:f3:39:b9:cd:db:2e:0f:9c:e0:12:
c4:cd:ae:4e:b6:d4:05:20:e8:d6:00:8a:b1:d0:06:26:ea:2b:
10:76:44:d3:76:02:22:5e:47:65:dd:13:32:c3:5f:5f:fe:a6:
e2:be:c5:70:b0:99:d4:5d:a6:56:3c:f9:d9:5c:34:f2:0e:ab:
0d:f8:f8:d6:1e:47:d4:17:eb:ab:d2:56:54:c6:68:7d:1d:21:
fa:22:c9:09:89:76:be:74:63:45:b8:5f:d1:0d:2a:68:26:47:
af:24:55:df:e8:0d:0d:0a:91:ec:ab:2b:36:92:48:dc:3f:5d:
f0:d4:94:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwgSnR/33fbcrSjq177BqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjMwMTAxMTkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Q2NTdkMzk4YThlYmFlOWI5NmEwNjAwZDBhOTRiNjc0OTg5Yjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPlrwwYREyFpcKuT2PMDgA0yjHN2
JmymxyFv358pLgpGsNjpnAHfA20UwvHnr7nduU7FUjrGNw7lUiwTUW/twKFMHHBM
lKmf2tWrwEOv7VrckKllpWVw3YS+TAYH/r1Mi4wjUlu+vjEjSHzYTmiZetBlNltV
5LUYisO6eDUEh7PSkTBMn0WJhSPChtKiJUHOlL/VNfr7QISoomNMAKz7HJUqN6c2
XV3Av5vWUnA6Fh6ll5Tmu1wNUeWvjRkHOEw43kUCYcfnUnMbhaZ5nb068MPArq0/
lkgUd/8jQc+Om/QicdtBsI2+FJyxEPcha2fmaN16eITw9b0gsEJA9aHsrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGPWV9OYqOuum5agYA0KlLZ0mJt4MB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvWTlaWDA1aW82NjZibHFCZ0RRcVV0blNZbTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCloFcMA0G
CSqGSIb3DQEBCwUAA4IBAQBjV8QccqVwHhXaG7epQN94nu4rcn3FDg8lamWH5NYq
9CePJSYTUY6ba2PZp8F83VF85rEzeCILbhuDLVCsGNEBA9/DIYZMEvMNR361twl4
O56IkgyW1CE60Z0SpSxqc21aad64RCbGXr7zWXuAn/7MMz2BwPdhDcoCw62qXGi/
M1hRG2qaSvM5uc3bLg+c4BLEza5OttQFIOjWAIqx0AYm6isQdkTTdgIiXkdl3RMy
w19f/qbivsVwsJnUXaZWPPnZXDTyDqsN+PjWHkfUF+ur0lZUxmh9HSH6IskJiXa+
dGNFuF/RDSpoJkevJFXf6A0NCpHsqys2kkjcP13w1JQH
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:29:51 2025 by rpki-client