Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/m3AP2yDQrnZmpQbA1i8B2opbktU.roa
File: m3AP2yDQrnZmpQbA1i8B2opbktU.roa (raw, json)
Hash identifier: AUDYafFUA6tgTxYjqv3ouSlNNGhgFJAKXD/GVR2PYN0=
Subject key identifier: 9B:70:0F:DB:20:D0:AE:76:66:A5:06:C0:D6:2F:01:DA:8A:5B:92:D5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189085863BDC90962080219331F3E21CABF
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/m3AP2yDQrnZmpQbA1i8B2opbktU.roa
Signing time: Thu 29 Jun 2023 18:09:17 +0000
ROA not before: Thu 29 Jun 2023 18:09:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211440
IP address blocks: 78.142.241.0/24 maxlen: 24
203.0.9.0/24 maxlen: 24
223.27.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:08:58:63:bd:c9:09:62:08:02:19:33:1f:3e:21:ca:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 29 18:09:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b700fdb20d0ae7666a506c0d62f01da8a5b92d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3f:1f:77:33:46:83:81:7d:7b:38:2d:91:7a:
e7:36:82:a9:86:8f:44:a0:1c:4a:50:b5:3f:65:7e:
d6:e1:a6:76:4b:4f:8c:b0:31:3d:b3:d0:88:f9:6c:
e9:3f:f8:67:01:52:e5:5c:3d:f9:c4:7e:bf:c9:3f:
6e:1a:22:1f:d0:03:5a:76:da:9f:0c:11:71:33:f7:
cf:fd:9d:98:cf:e7:89:de:cc:19:8e:b6:80:a3:07:
a0:54:cc:bb:b4:4e:ee:72:44:2f:e9:f8:e6:8f:f8:
00:05:0a:50:99:05:27:fb:05:c4:fe:71:c1:3f:68:
9e:37:7f:bb:a6:eb:12:1f:83:93:82:e3:14:dd:e2:
b4:f0:6a:70:c7:df:93:81:ed:8a:f7:15:12:b0:55:
ce:38:25:07:b4:e7:aa:41:b8:db:44:cb:06:5d:e7:
f7:23:fc:35:ed:40:66:f5:f3:6a:d3:ed:99:19:46:
2f:73:c4:1a:f0:71:80:1b:a2:86:4b:09:69:7d:a9:
d3:71:76:a1:d9:df:0c:a7:14:ab:08:ab:36:c1:c3:
28:94:23:a2:ac:6a:10:c4:99:38:0e:c8:89:4d:54:
51:13:17:3e:7f:bc:11:94:72:a7:05:8d:85:6c:3f:
02:f8:9a:86:47:a1:e4:dd:30:45:07:c5:1f:a8:c3:
fa:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:70:0F:DB:20:D0:AE:76:66:A5:06:C0:D6:2F:01:DA:8A:5B:92:D5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/m3AP2yDQrnZmpQbA1i8B2opbktU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.241.0/24
203.0.9.0/24
223.27.113.0/24
Signature Algorithm: sha256WithRSAEncryption
28:23:48:4d:40:b5:91:43:c0:9c:a5:11:55:d3:b8:a3:1d:99:
8b:e9:b1:88:43:bd:15:bb:80:2a:3d:26:5c:cd:de:b9:07:bf:
a0:c2:79:b7:39:b8:cb:37:ff:eb:dc:b2:12:f4:d6:71:2b:e5:
fc:95:eb:5b:a7:1d:e1:eb:a7:7a:cb:32:37:12:c4:b7:9e:f1:
2b:73:38:60:5f:6b:47:95:49:d9:00:49:21:30:f7:8e:90:40:
71:ec:4f:2d:36:77:b4:7e:3d:71:33:4e:a0:1a:d5:fe:8f:f0:
c7:98:60:00:ea:99:5a:7b:92:c6:77:04:91:59:2a:f3:8b:da:
3a:8b:a9:9b:75:fe:a2:bb:b8:51:27:79:6b:ce:59:d4:29:c7:
e1:66:6d:58:89:e1:fb:15:d3:fa:e6:fe:b7:35:5d:9e:ce:36:
b3:00:51:01:fa:27:bc:29:d4:ce:69:ad:00:6e:89:b8:ff:9a:
8a:6a:b2:d5:27:23:89:bd:c0:ae:04:64:b7:3b:8c:7b:3a:a7:
e8:d0:5c:3e:aa:e9:be:fe:e4:21:57:97:60:9f:31:b9:0d:36:
17:01:5f:f9:ea:04:93:2e:5b:f6:78:9a:cd:06:84:d0:2f:e6:
db:a3:37:de:64:19:09:37:f6:a2:a2:96:cd:5b:6d:77:90:65:
4a:6b:bf:b8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkIWGO9yQliCAIZMx8+Icq/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjI5MTgwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjcwMGZkYjIwZDBhZTc2NjZhNTA2YzBkNjJmMDFkYThhNWI5MmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxz8fdzNGg4F9ezgtkXrnNoKpho9E
oBxKULU/ZX7W4aZ2S0+MsDE9s9CI+WzpP/hnAVLlXD35xH6/yT9uGiIf0ANadtqf
DBFxM/fP/Z2Yz+eJ3swZjraAowegVMy7tE7uckQv6fjmj/gABQpQmQUn+wXE/nHB
P2ieN3+7pusSH4OTguMU3eK08Gpwx9+Tge2K9xUSsFXOOCUHtOeqQbjbRMsGXef3
I/w17UBm9fNq0+2ZGUYvc8Qa8HGAG6KGSwlpfanTcXah2d8MpxSrCKs2wcMolCOi
rGoQxJk4DsiJTVRRExc+f7wRlHKnBY2FbD8C+JqGR6Hk3TBFB8UfqMP6bwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJtwD9sg0K52ZqUGwNYvAdqKW5LVMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbTNBUDJ5RFFyblptcFFiQTFpOEIyb3Bia3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATo7xAwQA
ywAJAwQA3xtxMA0GCSqGSIb3DQEBCwUAA4IBAQAoI0hNQLWRQ8CcpRFV07ijHZmL
6bGIQ70Vu4AqPSZczd65B7+gwnm3ObjLN//r3LIS9NZxK+X8letbpx3h66d6yzI3
EsS3nvErczhgX2tHlUnZAEkhMPeOkEBx7E8tNne0fj1xM06gGtX+j/DHmGAA6pla
e5LGdwSRWSrzi9o6i6mbdf6iu7hRJ3lrzlnUKcfhZm1YieH7FdP65v63NV2ezjaz
AFEB+ie8KdTOaa0Abom4/5qKarLVJyOJvcCuBGS3O4x7Oqfo0Fw+qum+/uQhV5dg
nzG5DTYXAV/56gSTLlv2eJrNBoTQL+bbozfeZBkJN/aiopbNW213kGVKa7+4
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:05:51 2025 by rpki-client