Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/AV3WnQJnk5YEFyTZZLEqnQU1UNM.roa
File: AV3WnQJnk5YEFyTZZLEqnQU1UNM.roa (raw, json)
Hash identifier: E65Sk3ZZ+61fjAgjTy00BmftzFDA6lCN7FhryRJOc6k=
Subject key identifier: 01:5D:D6:9D:02:67:93:96:04:17:24:D9:64:B1:2A:9D:05:35:50:D3
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 0185CA080E04F3E9763E6B14152784FA1731
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/AV3WnQJnk5YEFyTZZLEqnQU1UNM.roa
Signing time: Thu 19 Jan 2023 12:36:43 +0000
ROA not before: Thu 19 Jan 2023 12:36:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12956
IP address blocks: 213.99.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ca:08:0e:04:f3:e9:76:3e:6b:14:15:27:84:fa:17:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 19 12:36:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=015dd69d02679396041724d964b12a9d053550d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:28:4b:9b:5b:53:53:24:2a:d8:71:d2:52:fe:
5c:61:24:65:49:18:a7:c7:fe:c2:f2:63:8c:a7:4b:
c5:0e:7a:3d:51:b6:f8:2f:c3:a4:81:b8:63:d3:3d:
28:97:cb:b7:86:c9:5f:c8:65:34:99:15:8f:64:32:
88:5b:09:db:d9:fa:df:a2:9f:e0:f5:ac:9c:59:ac:
ee:19:86:88:97:17:b0:86:64:1c:10:c0:b1:e5:6b:
f6:2f:69:8d:a8:f8:46:5a:f5:38:1c:f0:6e:53:ed:
f1:a8:0d:36:8d:3c:26:d1:e8:7b:62:3b:6c:8a:90:
04:1c:71:f2:23:24:a5:ee:b5:34:fa:40:46:19:89:
bb:5e:3d:7d:53:66:50:7f:36:20:81:fb:1d:34:dc:
da:55:c4:08:b7:be:8d:7a:c5:ee:52:3f:48:c6:7c:
6a:80:c3:b6:58:4c:9f:ec:04:06:a9:c5:9b:2c:a2:
82:15:b0:e4:a5:f6:d5:a8:82:0d:cd:58:94:66:18:
64:92:37:91:b2:78:44:46:80:b6:0d:c9:ec:3b:f1:
38:0b:99:df:97:fc:e4:dc:d4:56:f9:76:48:2a:91:
e0:9d:58:25:3a:99:cf:9b:27:65:ed:bf:23:8c:08:
01:be:a8:a9:90:a9:1e:ab:36:00:0d:b0:ec:19:1e:
4a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5D:D6:9D:02:67:93:96:04:17:24:D9:64:B1:2A:9D:05:35:50:D3
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/AV3WnQJnk5YEFyTZZLEqnQU1UNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.99.16.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:3f:31:fa:30:60:3c:52:22:5d:07:b4:a7:56:9d:f9:0b:d8:
de:24:82:bd:df:bb:38:7b:c5:30:11:d4:1d:34:01:8f:c5:54:
70:0e:ae:46:26:ae:4f:4b:80:69:95:52:04:f2:38:a7:c9:fe:
23:5f:65:d6:b6:50:6a:f3:1d:f4:af:8a:ac:d4:3f:bd:2c:c8:
ac:65:32:36:c0:c0:2a:a9:8b:ea:f3:79:36:54:b0:f8:72:05:
97:7c:24:e2:26:e7:23:80:78:10:a7:5a:a9:8a:62:9a:b6:44:
7b:6a:ed:72:7b:cd:f9:94:d3:53:32:3c:b0:9e:c4:f7:07:28:
e5:60:6f:77:d8:a6:b4:12:47:2b:ff:d2:8a:60:06:81:2c:54:
2b:3e:ae:40:87:43:07:75:9e:71:cc:00:57:67:9a:33:bd:30:
78:18:82:51:cb:33:d6:a7:e0:27:b1:6c:17:67:96:d4:98:19:
17:20:6e:43:93:54:4d:62:a8:7d:21:b5:64:60:e8:dd:07:3c:
7c:d1:af:75:eb:da:72:ee:ac:70:e4:d3:19:aa:2c:dd:b5:84:
d9:2e:7a:31:ce:ec:41:eb:65:f2:7e:71:73:5a:a8:74:25:7d:
a9:22:10:9f:42:c9:15:1e:73:72:12:b7:69:90:a6:df:8e:cc:
1c:b7:ff:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXKCA4E8+l2PmsUFSeE+hcxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwMTE5MTIzNjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTVkZDY5ZDAyNjc5Mzk2MDQxNzI0ZDk2NGIxMmE5ZDA1MzU1MGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjihLm1tTUyQq2HHSUv5cYSRlSRin
x/7C8mOMp0vFDno9Ubb4L8Okgbhj0z0ol8u3hslfyGU0mRWPZDKIWwnb2frfop/g
9aycWazuGYaIlxewhmQcEMCx5Wv2L2mNqPhGWvU4HPBuU+3xqA02jTwm0eh7Yjts
ipAEHHHyIySl7rU0+kBGGYm7Xj19U2ZQfzYggfsdNNzaVcQIt76NesXuUj9Ixnxq
gMO2WEyf7AQGqcWbLKKCFbDkpfbVqIINzViUZhhkkjeRsnhERoC2DcnsO/E4C5nf
l/zk3NRW+XZIKpHgnVglOpnPmydl7b8jjAgBvqipkKkeqzYADbDsGR5KKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAFd1p0CZ5OWBBck2WSxKp0FNVDTMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvQVYzV25RSm5rNVlFRnlUWlpMRXFuUVUxVU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1WMQMA0G
CSqGSIb3DQEBCwUAA4IBAQDTPzH6MGA8UiJdB7SnVp35C9jeJIK937s4e8UwEdQd
NAGPxVRwDq5GJq5PS4BplVIE8jinyf4jX2XWtlBq8x30r4qs1D+9LMisZTI2wMAq
qYvq83k2VLD4cgWXfCTiJucjgHgQp1qpimKatkR7au1ye835lNNTMjywnsT3Byjl
YG932Ka0Ekcr/9KKYAaBLFQrPq5Ah0MHdZ5xzABXZ5ozvTB4GIJRyzPWp+AnsWwX
Z5bUmBkXIG5Dk1RNYqh9IbVkYOjdBzx80a9169py7qxw5NMZqizdtYTZLnoxzuxB
62XyfnFzWqh0JX2pIhCfQskVHnNyErdpkKbfjswct//n
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:36:35 2025 by rpki-client