Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/9MeqG445vp-qETXf-pbFEBB-hzU.roa
File: 9MeqG445vp-qETXf-pbFEBB-hzU.roa (raw, json)
Hash identifier: f+FlmAz9Im+nB/SWMOj7N/n4rxB2lXaVChaHgXMRulM=
Subject key identifier: F4:C7:AA:1B:8E:39:BE:9F:AA:11:35:DF:FA:96:C5:10:10:7E:87:35
Certificate issuer: /CN=7ca04cc67ef96d9022f3d0bfc51eadb4a4b63ee6
Certificate serial: 01856DA669572750EFF5452508BBABC93B7E
Authority key identifier: 7C:A0:4C:C6:7E:F9:6D:90:22:F3:D0:BF:C5:1E:AD:B4:A4:B6:3E:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKBMxn75bZAi89C_xR6ttKS2PuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/9MeqG445vp-qETXf-pbFEBB-hzU.roa
Signing time: Sun 01 Jan 2023 14:05:00 +0000
ROA not before: Sun 01 Jan 2023 14:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197792
IP address blocks: 159.255.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:69:57:27:50:ef:f5:45:25:08:bb:ab:c9:3b:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca04cc67ef96d9022f3d0bfc51eadb4a4b63ee6
Validity
Not Before: Jan 1 14:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4c7aa1b8e39be9faa1135dffa96c510107e8735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8d:14:d6:8f:45:e8:d0:ff:08:d1:86:93:01:
be:c6:78:80:69:cf:5b:43:da:5f:df:19:e5:92:73:
5d:25:43:bc:b0:dc:28:fb:37:44:0e:ce:06:2d:f6:
37:b8:a7:26:64:b4:86:2c:98:e4:b2:87:61:67:a8:
53:c1:86:85:1f:7d:53:38:af:08:c2:60:5a:20:4a:
cc:f2:8d:73:ca:3d:72:97:1a:5c:0e:74:cd:b1:c5:
56:74:43:73:0d:7e:5b:76:c2:f7:eb:32:d1:23:38:
12:2f:ec:81:27:fb:ca:22:8a:fc:5f:ab:38:bb:9d:
1b:e5:91:32:5c:30:bc:12:db:66:6a:e2:58:00:09:
01:c3:a2:61:54:bb:81:9c:88:e8:f4:43:48:5e:ad:
0d:ff:7c:4c:cb:5f:7c:64:d3:0e:69:87:03:ab:7c:
55:ca:d2:a3:9e:bb:da:76:f4:88:53:c8:b1:fa:b2:
60:3e:39:a1:01:d7:3b:e4:7f:41:1e:0d:cd:4a:bc:
68:7a:82:db:08:bd:80:54:08:3c:72:55:f2:28:ac:
f0:48:a8:64:7b:b8:7e:64:41:4d:d6:de:34:0c:a3:
67:12:94:7a:7a:51:b0:aa:2e:ce:7d:ca:4c:95:ab:
04:90:e8:47:92:a0:fd:93:1b:e0:82:7e:27:c0:4a:
78:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C7:AA:1B:8E:39:BE:9F:AA:11:35:DF:FA:96:C5:10:10:7E:87:35
X509v3 Authority Key Identifier:
keyid:7C:A0:4C:C6:7E:F9:6D:90:22:F3:D0:BF:C5:1E:AD:B4:A4:B6:3E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKBMxn75bZAi89C_xR6ttKS2PuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/9MeqG445vp-qETXf-pbFEBB-hzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/fKBMxn75bZAi89C_xR6ttKS2PuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.40.0/22
Signature Algorithm: sha256WithRSAEncryption
33:9c:8b:58:20:4a:9f:d6:75:27:06:c1:38:6c:46:cf:76:c4:
d6:f7:73:a7:f8:60:34:f2:15:17:48:8a:41:90:d2:b1:3e:bd:
ad:da:b6:f1:4e:15:ef:d6:3d:fb:7d:26:03:ba:84:41:8e:47:
05:41:b9:6d:bb:55:d6:ce:6a:1b:c7:9b:38:a5:a0:aa:2d:6a:
b2:d1:ad:d7:12:cc:bb:50:c6:8e:d0:62:0b:d1:cc:e4:6c:60:
a9:39:b8:1e:62:8a:f3:5b:b2:d2:a3:11:f8:af:cf:b5:23:16:
e3:75:dd:a9:bc:9e:ff:ce:9e:33:0f:39:b7:6d:b4:a1:83:6b:
d9:94:13:2c:72:01:00:7e:c6:95:4e:ef:a9:ab:f1:07:61:18:
d4:e3:dd:bc:bd:28:3a:9f:b5:00:c5:91:76:f9:8a:ed:df:6f:
4a:9d:80:19:df:66:d4:6b:3f:11:37:e5:1f:f3:48:79:0a:d1:
d5:a0:d2:cb:c8:89:f7:25:b2:d3:76:2a:94:1f:0b:86:8d:9d:
d1:88:dd:8a:36:34:62:83:d2:da:11:ef:fd:c2:82:14:b7:0a:
2a:aa:b0:61:c9:54:d5:c6:5a:34:f4:37:59:c4:54:d4:3c:84:
99:bb:39:74:bc:23:39:86:b2:d5:c8:03:f2:b6:b6:3a:57:62:
ac:2f:17:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpmlXJ1Dv9UUlCLuryTt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTA0Y2M2N2VmOTZkOTAyMmYzZDBiZmM1MWVhZGI0YTRi
NjNlZTYwHhcNMjMwMTAxMTQwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGM3YWExYjhlMzliZTlmYWExMTM1ZGZmYTk2YzUxMDEwN2U4NzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI0U1o9F6ND/CNGGkwG+xniAac9b
Q9pf3xnlknNdJUO8sNwo+zdEDs4GLfY3uKcmZLSGLJjksodhZ6hTwYaFH31TOK8I
wmBaIErM8o1zyj1ylxpcDnTNscVWdENzDX5bdsL36zLRIzgSL+yBJ/vKIor8X6s4
u50b5ZEyXDC8EttmauJYAAkBw6JhVLuBnIjo9ENIXq0N/3xMy198ZNMOaYcDq3xV
ytKjnrvadvSIU8ix+rJgPjmhAdc75H9BHg3NSrxoeoLbCL2AVAg8clXyKKzwSKhk
e7h+ZEFN1t40DKNnEpR6elGwqi7OfcpMlasEkOhHkqD9kxvggn4nwEp4XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPTHqhuOOb6fqhE13/qWxRAQfoc1MB8GA1UdIwQY
MBaAFHygTMZ++W2QIvPQv8UerbSktj7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktCTXhuNzViWkFpODlDX3hSNnR0S1MyUHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85Yjk0ZTItZDIxZC00ZDgxLThhZWEt
YTU1NjhlMGZiYjZkLzEvOU1lcUc0NDV2cC1xRVRYZi1wYkZFQkItaHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85Yjk0ZTItZDIxZC00ZDgxLThhZWEtYTU1NjhlMGZiYjZk
LzEvZktCTXhuNzViWkFpODlDX3hSNnR0S1MyUHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCn/8oMA0G
CSqGSIb3DQEBCwUAA4IBAQAznItYIEqf1nUnBsE4bEbPdsTW93On+GA08hUXSIpB
kNKxPr2t2rbxThXv1j37fSYDuoRBjkcFQbltu1XWzmobx5s4paCqLWqy0a3XEsy7
UMaO0GIL0czkbGCpObgeYorzW7LSoxH4r8+1Ixbjdd2pvJ7/zp4zDzm3bbShg2vZ
lBMscgEAfsaVTu+pq/EHYRjU4928vSg6n7UAxZF2+Yrt329KnYAZ32bUaz8RN+Uf
80h5CtHVoNLLyIn3JbLTdiqUHwuGjZ3RiN2KNjRig9LaEe/9woIUtwoqqrBhyVTV
xlo09DdZxFTUPISZuzl0vCM5hrLVyAPytrY6V2KsLxe4
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:15:13 2025 by rpki-client