Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/9NepPFvmwPYolu7uyNwZ3hJAZQY.roa
File: 9NepPFvmwPYolu7uyNwZ3hJAZQY.roa (raw, json)
Hash identifier: brDFjw1FlEIKIOLKvmPbkuOOQ00VBtutpOyBeyIRldQ=
Subject key identifier: F4:D7:A9:3C:5B:E6:C0:F6:28:96:EE:EE:C8:DC:19:DE:12:40:65:06
Certificate issuer: /CN=fb782b78f20a6e4b70643052bd1a40af15a56338
Certificate serial: 018708832EAB5CC4BE30BB3D0842E2D28390
Authority key identifier: FB:78:2B:78:F2:0A:6E:4B:70:64:30:52:BD:1A:40:AF:15:A5:63:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3grePIKbktwZDBSvRpArxWlYzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/9NepPFvmwPYolu7uyNwZ3hJAZQY.roa
Signing time: Wed 22 Mar 2023 08:50:27 +0000
ROA not before: Wed 22 Mar 2023 08:50:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12337
IP address blocks: 185.174.151.0/24 maxlen: 24
185.174.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:83:2e:ab:5c:c4:be:30:bb:3d:08:42:e2:d2:83:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb782b78f20a6e4b70643052bd1a40af15a56338
Validity
Not Before: Mar 22 08:50:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4d7a93c5be6c0f62896eeeec8dc19de12406506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:11:d8:1f:b9:f5:eb:e6:f1:42:24:3a:8f:7b:
cf:e9:a0:84:6f:fc:d3:cd:82:d4:b7:08:21:29:1f:
52:27:2c:9c:44:2f:83:02:65:5c:34:1e:8e:a1:9e:
d4:df:52:56:03:13:3b:4c:80:11:e8:8a:bb:28:b0:
d7:bb:63:df:22:80:34:f9:a7:88:d6:b3:3d:83:0e:
bb:63:f7:b1:0a:e1:97:9a:c7:2a:48:40:1d:a0:6f:
1c:b8:a6:8c:2e:30:b3:4f:75:b3:99:4a:26:99:12:
d0:3d:7c:3f:6f:53:5c:d1:ea:1f:c1:e1:37:12:bc:
1a:82:74:01:ba:60:81:24:9a:88:e9:b0:00:66:53:
c3:40:1f:a0:ea:3d:a1:8b:69:40:f5:bd:6a:98:39:
b4:36:3a:bd:cb:fe:f1:90:9d:f7:75:99:75:2a:39:
62:24:41:c4:7f:23:d9:d3:a0:f6:da:10:2c:f1:b6:
aa:ff:53:02:aa:a3:fb:2b:69:63:8b:ac:cc:db:7c:
41:3c:00:e8:57:5f:22:1c:34:e0:d2:4a:5c:c7:67:
f6:b1:c8:f2:c8:bd:38:ef:d5:e2:f5:d2:3b:17:ee:
23:56:ac:55:fd:ff:64:1c:53:f6:6f:d4:6f:04:f5:
06:bf:e4:24:40:ab:18:eb:59:40:a9:7d:c3:2f:c7:
99:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D7:A9:3C:5B:E6:C0:F6:28:96:EE:EE:C8:DC:19:DE:12:40:65:06
X509v3 Authority Key Identifier:
keyid:FB:78:2B:78:F2:0A:6E:4B:70:64:30:52:BD:1A:40:AF:15:A5:63:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3grePIKbktwZDBSvRpArxWlYzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/9NepPFvmwPYolu7uyNwZ3hJAZQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/1-3grePIKbktwZDBSvRpArxWlYzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.150.0/23
Signature Algorithm: sha256WithRSAEncryption
58:73:5c:45:67:dc:fb:6b:c1:d8:c2:97:7d:24:f7:a1:de:20:
41:97:7a:f8:7a:ec:f6:8d:1d:91:6b:42:49:31:b9:74:c6:4d:
79:50:4f:25:62:0a:fe:58:94:f1:be:78:9a:83:86:a7:05:81:
12:ed:2c:f8:f0:f2:c1:e1:55:45:b2:7f:df:cb:f5:09:0d:c2:
a0:82:e7:8e:a9:6a:83:36:bc:68:5a:70:9b:5d:62:10:57:27:
3d:b8:c8:18:78:f0:67:ec:bf:b7:a7:37:37:35:1d:28:71:7d:
75:67:e6:bb:03:e6:80:03:16:c6:98:20:5e:af:6e:17:eb:65:
31:8d:79:37:63:b5:91:ff:1c:69:d8:7a:30:6d:ec:67:5a:08:
a7:f1:b3:42:aa:29:a8:a4:04:3c:11:a5:be:f8:52:a2:72:89:
cd:e4:f7:13:0e:c3:f5:0e:20:12:fc:ee:23:4d:1e:41:de:e0:
28:0a:2f:2c:31:04:01:b7:47:22:bd:20:74:10:a7:85:78:5b:
a6:27:91:9b:cf:cc:90:e4:81:b7:69:00:3d:5e:88:91:dd:e1:
c8:81:f4:de:b4:86:51:b6:e8:5d:e9:77:be:e3:ab:f7:50:9f:
22:4a:c5:df:f8:f9:bf:de:92:3d:b1:eb:77:36:7b:03:b8:8e:
98:39:83:0c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYcIgy6rXMS+MLs9CELi0oOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzgyYjc4ZjIwYTZlNGI3MDY0MzA1MmJkMWE0MGFmMTVh
NTYzMzgwHhcNMjMwMzIyMDg1MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQ3YTkzYzViZTZjMGY2Mjg5NmVlZWVjOGRjMTlkZTEyNDA2NTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxHYH7n16+bxQiQ6j3vP6aCEb/zT
zYLUtwghKR9SJyycRC+DAmVcNB6OoZ7U31JWAxM7TIAR6Iq7KLDXu2PfIoA0+aeI
1rM9gw67Y/exCuGXmscqSEAdoG8cuKaMLjCzT3WzmUommRLQPXw/b1Nc0eofweE3
ErwagnQBumCBJJqI6bAAZlPDQB+g6j2hi2lA9b1qmDm0Njq9y/7xkJ33dZl1Kjli
JEHEfyPZ06D22hAs8baq/1MCqqP7K2lji6zM23xBPADoV18iHDTg0kpcx2f2scjy
yL0479Xi9dI7F+4jVqxV/f9kHFP2b9RvBPUGv+QkQKsY61lAqX3DL8eZqQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPTXqTxb5sD2KJbu7sjcGd4SQGUGMB8GA1UdIwQY
MBaAFPt4K3jyCm5LcGQwUr0aQK8VpWM4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zZ3JlUElLYmt0d1pEQlN2UnBBcnhXbFl6Zy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMvOWRjOTMzLTVjMGQtNDQ2MS1hNDVk
LThmN2Q1NjkxYzFiZS8xLzlOZXBQRnZtd1BZb2x1N3V5TndaM2hKQVpRWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTMvOWRjOTMzLTVjMGQtNDQ2MS1hNDVkLThmN2Q1NjkxYzFi
ZS8xLzEtM2dyZVBJS2JrdHdaREJTdlJwQXJ4V2xZemcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG5rpYw
DQYJKoZIhvcNAQELBQADggEBAFhzXEVn3PtrwdjCl30k96HeIEGXevh67PaNHZFr
QkkxuXTGTXlQTyViCv5YlPG+eJqDhqcFgRLtLPjw8sHhVUWyf9/L9QkNwqCC546p
aoM2vGhacJtdYhBXJz24yBh48Gfsv7enNzc1HShxfXVn5rsD5oADFsaYIF6vbhfr
ZTGNeTdjtZH/HGnYejBt7GdaCKfxs0KqKaikBDwRpb74UqJyic3k9xMOw/UOIBL8
7iNNHkHe4CgKLywxBAG3RyK9IHQQp4V4W6YnkZvPzJDkgbdpAD1eiJHd4ciB9N60
hlG26F3pd77jq/dQnyJKxd/4+b/ekj2x63c2ewO4jpg5gww=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:03:47 2025 by rpki-client