Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/id9fz_ktYUnS2ZjZLD_WSU2Jy0k.roa
File: id9fz_ktYUnS2ZjZLD_WSU2Jy0k.roa (raw, json)
Hash identifier: bNUWJJe5QRRUly+aoE/FepQGS5bl++eoSS0zEd+xbKI=
Subject key identifier: 89:DF:5F:CF:F9:2D:61:49:D2:D9:98:D9:2C:3F:D6:49:4D:89:CB:49
Certificate issuer: /CN=49378660f5f01923946c35d94be5ccd7d2b71051
Certificate serial: 01856F1D88B10C875B05DF2474E6F3B28A96
Authority key identifier: 49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/id9fz_ktYUnS2ZjZLD_WSU2Jy0k.roa
Signing time: Sun 01 Jan 2023 20:54:44 +0000
ROA not before: Sun 01 Jan 2023 20:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203593
IP address blocks: 185.129.253.0/24 maxlen: 24
185.129.252.0/24 maxlen: 24
185.129.254.0/24 maxlen: 24
185.129.255.0/24 maxlen: 24
213.244.41.0/24 maxlen: 24
157.97.163.0/24 maxlen: 24
213.244.40.0/24 maxlen: 24
193.254.202.0/24 maxlen: 24
193.254.203.0/24 maxlen: 24
2a06:d680::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:88:b1:0c:87:5b:05:df:24:74:e6:f3:b2:8a:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49378660f5f01923946c35d94be5ccd7d2b71051
Validity
Not Before: Jan 1 20:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89df5fcff92d6149d2d998d92c3fd6494d89cb49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9c:f8:5a:65:97:ca:77:18:2a:4d:71:1e:9d:
a6:02:8c:81:28:d9:62:b2:bf:92:9f:34:4e:10:43:
0d:22:28:9d:15:40:fa:4e:6b:34:c5:e4:73:99:40:
88:dc:a6:b5:2e:46:5f:c2:ad:6f:c7:44:8f:f8:40:
2c:40:8c:97:89:d3:bd:92:f5:e1:b4:8d:57:fd:80:
34:a0:6c:3d:03:4e:0a:04:54:c1:c7:64:ec:0b:61:
4c:94:2b:1d:f2:11:4a:27:a7:3a:15:92:55:34:34:
08:f6:01:b4:b9:2f:c6:d3:5c:ee:be:40:74:e2:44:
f3:13:a3:0a:f8:5c:97:c1:d2:a0:13:b9:f7:71:ff:
cf:1b:a9:28:ae:0b:7d:e1:a8:66:0e:de:fb:1a:73:
ab:82:27:1c:b3:72:e3:59:e6:17:43:06:6c:1e:07:
50:c7:45:a7:ec:5b:9d:6d:43:cc:b7:af:d4:ac:7f:
5b:af:0d:8b:d1:ed:7a:2a:a7:e2:c7:29:e3:d8:74:
96:65:dc:96:2a:47:9d:4e:fb:c7:1f:45:f1:7d:2a:
c8:b4:78:e3:f7:8e:47:bc:cb:8a:65:0e:91:75:87:
68:2b:91:2e:20:eb:d5:87:42:05:9b:9b:dc:5a:ad:
1a:81:3d:3b:7e:0d:9e:b0:a4:80:52:07:8c:91:1b:
14:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DF:5F:CF:F9:2D:61:49:D2:D9:98:D9:2C:3F:D6:49:4D:89:CB:49
X509v3 Authority Key Identifier:
keyid:49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/id9fz_ktYUnS2ZjZLD_WSU2Jy0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.163.0/24
185.129.252.0/22
193.254.202.0/23
213.244.40.0/23
IPv6:
2a06:d680::/29
Signature Algorithm: sha256WithRSAEncryption
31:5f:22:d3:12:3b:05:47:cf:e0:45:f6:7b:37:f5:93:ec:18:
cd:12:0f:45:7c:e9:18:95:5b:ab:c9:a6:ea:df:51:5b:33:49:
49:ef:de:54:5d:5d:6d:4f:de:1c:fd:dd:0b:0e:4b:ec:8e:22:
a4:29:04:89:3f:b1:28:ed:3f:f8:54:28:c0:e7:1d:99:ed:e3:
f9:3c:56:d3:06:27:a0:e4:d5:65:ec:41:23:c6:2f:7a:50:e1:
ea:91:0c:27:08:92:71:dc:cb:86:e1:e9:b0:6f:f6:61:97:79:
93:d7:35:6b:42:ba:51:7a:2b:df:e3:fd:a9:fe:e3:1d:b1:4d:
1a:6c:3a:a5:45:f1:02:97:46:96:45:eb:5d:44:ec:0e:62:bf:
48:75:b1:a7:4a:8e:19:3e:d9:ac:ce:16:56:24:95:f7:83:61:
19:87:01:ce:2d:a7:b8:09:7d:b9:21:c7:7e:2c:a2:e2:62:23:
41:45:3b:5a:1e:20:24:33:34:22:05:49:76:c7:b5:91:b5:59:
19:d8:2f:83:cd:f9:dc:dc:ef:38:a1:09:ec:f7:5b:8c:38:46:
06:b0:8a:5a:f2:9a:ae:b0:8c:c0:91:1c:cd:70:a2:8b:b9:23:
59:de:86:a5:9f:69:96:08:02:57:ea:fb:c0:4a:64:10:ed:27:
e0:e9:78:f8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvHYixDIdbBd8kdObzsoqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Mzc4NjYwZjVmMDE5MjM5NDZjMzVkOTRiZTVjY2Q3ZDJi
NzEwNTEwHhcNMjMwMTAxMjA1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWRmNWZjZmY5MmQ2MTQ5ZDJkOTk4ZDkyYzNmZDY0OTRkODljYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZz4WmWXyncYKk1xHp2mAoyBKNli
sr+SnzROEEMNIiidFUD6Tms0xeRzmUCI3Ka1LkZfwq1vx0SP+EAsQIyXidO9kvXh
tI1X/YA0oGw9A04KBFTBx2TsC2FMlCsd8hFKJ6c6FZJVNDQI9gG0uS/G01zuvkB0
4kTzE6MK+FyXwdKgE7n3cf/PG6korgt94ahmDt77GnOrgiccs3LjWeYXQwZsHgdQ
x0Wn7FudbUPMt6/UrH9brw2L0e16Kqfixynj2HSWZdyWKkedTvvHH0XxfSrItHjj
945HvMuKZQ6RdYdoK5EuIOvVh0IFm5vcWq0agT07fg2esKSAUgeMkRsUywIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFInfX8/5LWFJ0tmY2Sw/1klNictJMB8GA1UdIwQY
MBaAFEk3hmD18BkjlGw12UvlzNfStxBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUt
NDFiNzQ1YmY1M2RiLzEvaWQ5Znpfa3RZVW5TMlpqWkxEX1dTVTJKeTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUtNDFiNzQ1YmY1M2Ri
LzEvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAnWGjAwQC
uYH8AwQBwf7KAwQB1fQoMA0EAgACMAcDBQMqBtaAMA0GCSqGSIb3DQEBCwUAA4IB
AQAxXyLTEjsFR8/gRfZ7N/WT7BjNEg9FfOkYlVuryabq31FbM0lJ795UXV1tT94c
/d0LDkvsjiKkKQSJP7Eo7T/4VCjA5x2Z7eP5PFbTBieg5NVl7EEjxi96UOHqkQwn
CJJx3MuG4emwb/Zhl3mT1zVrQrpReivf4/2p/uMdsU0abDqlRfECl0aWRetdROwO
Yr9IdbGnSo4ZPtmszhZWJJX3g2EZhwHOLae4CX25Icd+LKLiYiNBRTtaHiAkMzQi
BUl2x7WRtVkZ2C+Dzfnc3O84oQns91uMOEYGsIpa8pqusIzAkRzNcKKLuSNZ3oal
n2mWCAJX6vvASmQQ7Sfg6Xj4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:02 2025 by rpki-client