Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/1c068e-889c-42be-bd8b-a6abb1215dec/1/fAB9fKLCzdUl5WwT4pillEWf0q4.roa
File: fAB9fKLCzdUl5WwT4pillEWf0q4.roa (raw, json)
Hash identifier: v5Te3Ge4IpOGrXVuxBU+GCtcU3C80gvAPQCn+JYRBwc=
Subject key identifier: 7C:00:7D:7C:A2:C2:CD:D5:25:E5:6C:13:E2:98:A5:94:45:9F:D2:AE
Certificate issuer: /CN=b5b632972547673df0f75aabc839a2422854a22a
Certificate serial: 0185704BB8C594981A7EECDCA55E20E3B63D
Authority key identifier: B5:B6:32:97:25:47:67:3D:F0:F7:5A:AB:C8:39:A2:42:28:54:A2:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tbYylyVHZz3w91qryDmiQihUoio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/1c068e-889c-42be-bd8b-a6abb1215dec/1/fAB9fKLCzdUl5WwT4pillEWf0q4.roa
Signing time: Mon 02 Jan 2023 02:24:48 +0000
ROA not before: Mon 02 Jan 2023 02:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 137.193.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:b8:c5:94:98:1a:7e:ec:dc:a5:5e:20:e3:b6:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5b632972547673df0f75aabc839a2422854a22a
Validity
Not Before: Jan 2 02:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c007d7ca2c2cdd525e56c13e298a594459fd2ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3b:44:e2:1c:9f:b4:b3:ca:d1:e1:9d:d8:01:
f5:cf:07:3a:22:e6:48:c9:21:9e:82:8a:2c:2c:0e:
85:ca:4e:70:4b:0a:57:1c:77:64:40:94:4f:b0:41:
ef:d7:83:19:b3:ac:23:cd:8b:d0:9c:61:ef:6f:bc:
ae:d6:a7:d1:e4:2e:8e:30:9c:e3:02:af:ca:79:a3:
a8:9b:77:f3:6a:d8:7d:ca:85:ce:03:76:fe:3f:4f:
a5:67:ab:40:f9:65:06:c7:74:e7:12:de:d4:90:41:
f0:46:5c:d9:e3:9d:4b:8d:1f:10:90:2d:41:2e:5c:
8a:12:7b:3b:99:12:84:76:df:1c:23:ea:b3:c6:d5:
85:96:de:82:77:8d:7e:f0:f8:5a:c5:70:d2:c3:20:
33:03:be:8e:22:5e:6b:ed:1b:42:18:44:46:38:a8:
66:29:d2:3d:da:68:20:3a:f1:d3:0d:31:57:94:1d:
2e:cf:f6:3b:d6:93:60:c4:ea:88:4a:8b:01:7b:4b:
06:81:7e:64:23:b8:31:65:09:7b:6c:c7:06:ce:28:
0d:27:61:64:f4:42:20:85:16:7e:57:10:c6:72:fa:
63:d6:5b:bc:9b:26:40:e9:82:3f:98:ca:39:88:7e:
72:83:6d:1b:ba:72:13:be:96:92:46:44:66:89:77:
3b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:00:7D:7C:A2:C2:CD:D5:25:E5:6C:13:E2:98:A5:94:45:9F:D2:AE
X509v3 Authority Key Identifier:
keyid:B5:B6:32:97:25:47:67:3D:F0:F7:5A:AB:C8:39:A2:42:28:54:A2:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbYylyVHZz3w91qryDmiQihUoio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1c068e-889c-42be-bd8b-a6abb1215dec/1/fAB9fKLCzdUl5WwT4pillEWf0q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1c068e-889c-42be-bd8b-a6abb1215dec/1/tbYylyVHZz3w91qryDmiQihUoio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.193.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bb:7f:3e:f0:b0:d5:e7:5b:7a:a3:44:e9:f5:c4:26:e8:1b:03:
8d:8d:dd:41:00:43:16:aa:1c:1b:f7:35:9c:25:0f:d6:3a:b3:
b8:0c:2c:3f:43:13:e1:72:df:79:3b:07:6b:e9:c7:9f:28:86:
15:f3:5b:53:32:21:61:c2:ed:92:14:58:90:7c:7c:cf:e8:5f:
09:bd:22:f6:bb:21:fa:ab:b2:c6:b6:48:28:b7:5b:d6:6f:37:
61:91:89:3f:25:bf:40:12:fc:d2:23:67:c3:e3:7d:9c:39:ac:
ed:50:a3:c7:52:ab:6e:04:d0:97:be:39:b4:9a:b0:a5:78:41:
1a:63:d5:91:9f:06:d1:e2:26:67:17:1c:35:8d:07:a4:fb:ef:
d0:cf:22:31:d8:cd:0d:85:9d:75:bf:e1:ab:ee:5e:aa:1e:11:
53:fc:3a:1b:98:d9:ed:50:13:cd:d5:fd:0c:0c:59:31:e1:4f:
cd:4f:d8:38:7b:de:fb:03:70:a8:3e:c2:b0:5a:4a:99:49:fb:
7b:ef:d0:e5:48:70:c5:90:8c:66:5e:70:d5:33:24:17:1f:d2:
b1:5b:1e:03:ff:a5:6f:75:30:e1:6d:3d:8c:0d:6f:d4:fc:35:
1a:7e:c2:13:e5:a6:0d:09:b9:dd:12:b4:84:aa:ac:da:78:e0:
93:51:c2:80
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVwS7jFlJgafuzcpV4g47Y9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjYzMjk3MjU0NzY3M2RmMGY3NWFhYmM4MzlhMjQyMjg1
NGEyMmEwHhcNMjMwMTAyMDIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzAwN2Q3Y2EyYzJjZGQ1MjVlNTZjMTNlMjk4YTU5NDQ1OWZkMmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgztE4hyftLPK0eGd2AH1zwc6IuZI
ySGegoosLA6Fyk5wSwpXHHdkQJRPsEHv14MZs6wjzYvQnGHvb7yu1qfR5C6OMJzj
Aq/KeaOom3fzath9yoXOA3b+P0+lZ6tA+WUGx3TnEt7UkEHwRlzZ451LjR8QkC1B
LlyKEns7mRKEdt8cI+qzxtWFlt6Cd41+8PhaxXDSwyAzA76OIl5r7RtCGERGOKhm
KdI92mggOvHTDTFXlB0uz/Y71pNgxOqISosBe0sGgX5kI7gxZQl7bMcGzigNJ2Fk
9EIghRZ+VxDGcvpj1lu8myZA6YI/mMo5iH5yg20bunITvpaSRkRmiXc7cwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFHwAfXyiws3VJeVsE+KYpZRFn9KuMB8GA1UdIwQY
MBaAFLW2MpclR2c98Pdaq8g5okIoVKIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJZeWx5VkhaejN3OTFxcnlEbWlRaWhVb2lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8xYzA2OGUtODg5Yy00MmJlLWJkOGIt
YTZhYmIxMjE1ZGVjLzEvZkFCOWZLTEN6ZFVsNVd3VDRwaWxsRVdmMHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8xYzA2OGUtODg5Yy00MmJlLWJkOGItYTZhYmIxMjE1ZGVj
LzEvdGJZeWx5VkhaejN3OTFxcnlEbWlRaWhVb2lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAicEwDQYJ
KoZIhvcNAQELBQADggEBALt/PvCw1edbeqNE6fXEJugbA42N3UEAQxaqHBv3NZwl
D9Y6s7gMLD9DE+Fy33k7B2vpx58ohhXzW1MyIWHC7ZIUWJB8fM/oXwm9Iva7Ifqr
ssa2SCi3W9ZvN2GRiT8lv0AS/NIjZ8PjfZw5rO1Qo8dSq24E0Je+ObSasKV4QRpj
1ZGfBtHiJmcXHDWNB6T779DPIjHYzQ2FnXW/4avuXqoeEVP8OhuY2e1QE83V/QwM
WTHhT81P2Dh73vsDcKg+wrBaSplJ+3vv0OVIcMWQjGZecNUzJBcf0rFbHgP/pW91
MOFtPYwNb9T8NRp+whPlpg0Jud0StISqrNp44JNRwoA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:50:48 2025 by rpki-client