Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/i33-eIio2jKdpixmwS68baBWb5s.roa
File: i33-eIio2jKdpixmwS68baBWb5s.roa (raw, json)
Hash identifier: bU13JS2JzNCcuYllolbAXiSP45xg4KNmc9uFEqZYFcg=
Subject key identifier: 8B:7D:FE:78:88:A8:DA:32:9D:A6:2C:66:C1:2E:BC:6D:A0:56:6F:9B
Certificate issuer: /CN=725c0c7111e2f57fcaf8113a42e556e882dd5c4b
Certificate serial: 018570CBD6C6C922C8F093BF9238E79B13C0
Authority key identifier: 72:5C:0C:71:11:E2:F5:7F:CA:F8:11:3A:42:E5:56:E8:82:DD:5C:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/clwMcRHi9X_K-BE6QuVW6ILdXEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/i33-eIio2jKdpixmwS68baBWb5s.roa
Signing time: Mon 02 Jan 2023 04:44:45 +0000
ROA not before: Mon 02 Jan 2023 04:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30848
IP address blocks: 151.248.13.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:d6:c6:c9:22:c8:f0:93:bf:92:38:e7:9b:13:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=725c0c7111e2f57fcaf8113a42e556e882dd5c4b
Validity
Not Before: Jan 2 04:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b7dfe7888a8da329da62c66c12ebc6da0566f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4b:0c:d6:9a:77:c6:65:86:31:0e:11:1c:91:
dc:5e:b4:5b:98:ba:de:ef:fc:96:f9:39:62:7c:3b:
1d:2f:1d:e9:94:c8:4a:f9:c1:27:05:43:b6:f0:c4:
fb:8a:a1:df:17:4a:fa:1f:9a:88:64:a7:3f:a3:df:
53:8d:57:29:54:fe:6c:d6:14:b4:e7:b3:50:91:19:
04:7a:78:f3:5c:f4:1e:0e:8c:23:c0:72:d5:af:78:
31:02:f8:7f:98:9e:50:fc:cb:b7:26:f8:42:21:27:
d5:4f:81:08:a0:a0:a0:08:f1:da:ad:e6:8b:09:24:
b7:fb:2c:01:2a:66:d3:8a:86:7e:d7:f0:31:e3:8d:
a6:57:87:22:fd:51:6d:4b:b5:c3:3b:df:41:ab:7b:
1c:dd:0e:ae:1e:7d:da:5b:43:9f:7d:d6:dc:03:30:
fb:68:7c:0a:0f:b5:7d:d5:c3:9d:c3:c8:f8:bb:b7:
47:d2:b4:06:6c:06:53:87:2d:d8:f1:be:b9:2e:63:
95:5c:d3:4f:a8:1f:75:25:bf:51:1f:af:e3:fe:9b:
73:4a:5e:fd:00:73:56:59:cc:c1:49:1a:68:16:1c:
3b:6b:da:42:47:18:93:e8:0e:0f:31:20:d5:71:a6:
d2:93:d4:ec:67:a6:01:dc:d0:38:45:23:b5:e2:77:
6f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:7D:FE:78:88:A8:DA:32:9D:A6:2C:66:C1:2E:BC:6D:A0:56:6F:9B
X509v3 Authority Key Identifier:
keyid:72:5C:0C:71:11:E2:F5:7F:CA:F8:11:3A:42:E5:56:E8:82:DD:5C:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clwMcRHi9X_K-BE6QuVW6ILdXEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/i33-eIio2jKdpixmwS68baBWb5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/clwMcRHi9X_K-BE6QuVW6ILdXEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.13.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:d3:83:88:27:9a:60:38:b2:cf:14:b3:69:0c:7b:93:4c:65:
9a:77:52:60:9b:dd:fe:87:90:c6:42:a7:7f:15:16:9a:d7:41:
6b:ee:38:d0:54:15:17:8c:89:4f:61:36:c8:d4:8e:37:fd:5f:
04:7a:56:66:f6:5f:02:7d:4c:8a:a1:76:0e:bf:99:6a:ac:37:
a2:d2:c8:91:39:8a:aa:a0:57:d4:54:d9:99:41:bd:a1:a1:61:
b6:16:32:e8:b4:1b:9a:e9:b5:11:f0:64:f7:24:62:42:e4:33:
81:88:69:3a:e1:0e:4b:4f:18:fa:e3:5e:f2:49:cb:23:90:7c:
8a:9b:60:4f:95:90:1b:4e:f9:cc:41:3c:7b:57:09:2a:b2:c7:
e6:a3:44:de:74:3a:68:46:1d:95:f4:f9:51:a7:48:c5:88:a1:
0a:3f:0a:f6:1f:c9:80:9c:5d:b2:3b:97:b0:fa:ed:38:2e:30:
68:36:b9:19:1d:7c:7e:6f:75:ba:58:47:60:16:80:ea:f7:ec:
8f:51:c6:ff:01:2c:65:8b:d5:df:0b:43:fd:95:50:98:e2:61:
fa:02:11:07:41:aa:0f:ff:52:91:a6:7a:ba:10:ee:ca:97:68:
3e:8e:90:72:ec:cb:64:5c:5e:56:bb:5d:fd:43:d1:d7:74:cc:
fb:6e:91:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy9bGySLI8JO/kjjnmxPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWMwYzcxMTFlMmY1N2ZjYWY4MTEzYTQyZTU1NmU4ODJk
ZDVjNGIwHhcNMjMwMTAyMDQ0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjdkZmU3ODg4YThkYTMyOWRhNjJjNjZjMTJlYmM2ZGEwNTY2ZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmksM1pp3xmWGMQ4RHJHcXrRbmLre
7/yW+TlifDsdLx3plMhK+cEnBUO28MT7iqHfF0r6H5qIZKc/o99TjVcpVP5s1hS0
57NQkRkEenjzXPQeDowjwHLVr3gxAvh/mJ5Q/Mu3JvhCISfVT4EIoKCgCPHareaL
CSS3+ywBKmbTioZ+1/Ax442mV4ci/VFtS7XDO99Bq3sc3Q6uHn3aW0OffdbcAzD7
aHwKD7V91cOdw8j4u7dH0rQGbAZThy3Y8b65LmOVXNNPqB91Jb9RH6/j/ptzSl79
AHNWWczBSRpoFhw7a9pCRxiT6A4PMSDVcabSk9TsZ6YB3NA4RSO14ndvZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIt9/niIqNoynaYsZsEuvG2gVm+bMB8GA1UdIwQY
MBaAFHJcDHER4vV/yvgROkLlVuiC3VxLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2x3TWNSSGk5WF9LLUJFNlF1Vlc2SUxkWEVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYzliNTQtMTMwYS00OTlhLWJmOWYt
NzYxMGFhYmFhMjc0LzEvaTMzLWVJaW8yaktkcGl4bXdTNjhiYUJXYjVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYzliNTQtMTMwYS00OTlhLWJmOWYtNzYxMGFhYmFhMjc0
LzEvY2x3TWNSSGk5WF9LLUJFNlF1Vlc2SUxkWEVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/gNMA0G
CSqGSIb3DQEBCwUAA4IBAQAf04OIJ5pgOLLPFLNpDHuTTGWad1Jgm93+h5DGQqd/
FRaa10Fr7jjQVBUXjIlPYTbI1I43/V8EelZm9l8CfUyKoXYOv5lqrDei0siROYqq
oFfUVNmZQb2hoWG2FjLotBua6bUR8GT3JGJC5DOBiGk64Q5LTxj6417yScsjkHyK
m2BPlZAbTvnMQTx7Vwkqssfmo0TedDpoRh2V9PlRp0jFiKEKPwr2H8mAnF2yO5ew
+u04LjBoNrkZHXx+b3W6WEdgFoDq9+yPUcb/ASxli9XfC0P9lVCY4mH6AhEHQaoP
/1KRpnq6EO7Kl2g+jpBy7MtkXF5Wu139Q9HXdMz7bpGA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:23 2025 by rpki-client