Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c77833-31ae-4412-b049-70a4a8d7c43f/1/K61rMJSz9BZW3b5X9_pSDXB13Zs.roa
File: K61rMJSz9BZW3b5X9_pSDXB13Zs.roa (raw, json)
Hash identifier: Q0s/NMN6v41ntnKl6ymslh6GHuzWt7Uqem0m7HhA+EI=
Subject key identifier: 2B:AD:6B:30:94:B3:F4:16:56:DD:BE:57:F7:FA:52:0D:70:75:DD:9B
Certificate issuer: /CN=9f891ff3477ed7fdaacfae2e3f0dfa64fd92ac0c
Certificate serial: 01856D0A8AA61BF8F3F4D4EA749975E5A009
Authority key identifier: 9F:89:1F:F3:47:7E:D7:FD:AA:CF:AE:2E:3F:0D:FA:64:FD:92:AC:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n4kf80d-1_2qz64uPw36ZP2SrAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c77833-31ae-4412-b049-70a4a8d7c43f/1/K61rMJSz9BZW3b5X9_pSDXB13Zs.roa
Signing time: Sun 01 Jan 2023 11:14:45 +0000
ROA not before: Sun 01 Jan 2023 11:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202720
IP address blocks: 185.1.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:8a:a6:1b:f8:f3:f4:d4:ea:74:99:75:e5:a0:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f891ff3477ed7fdaacfae2e3f0dfa64fd92ac0c
Validity
Not Before: Jan 1 11:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bad6b3094b3f41656ddbe57f7fa520d7075dd9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:59:bd:12:ab:40:57:52:40:e0:b4:cb:0e:9c:
90:0b:d8:ed:18:a4:34:53:6d:16:37:aa:dd:d3:15:
d7:04:c2:71:47:5a:15:ff:8a:93:bb:c6:72:0f:72:
32:30:fc:45:24:0d:2b:d0:45:d1:0b:3a:69:d1:4a:
b2:18:7f:a1:3e:f2:40:b2:cc:a9:93:b3:f8:b4:05:
a2:d0:d2:b9:97:a2:69:2d:f8:b1:1c:0d:e2:76:3d:
e9:48:81:a1:62:85:df:06:d7:9a:08:50:6c:3c:4b:
50:45:cd:fa:49:8c:ef:2c:36:61:00:57:cd:f3:13:
e7:cf:6b:07:e6:d1:ab:c2:44:78:07:56:31:f3:a0:
28:5b:28:15:5c:a8:fd:20:39:a0:9b:95:7e:8a:5f:
bb:d8:a1:b4:a2:18:ad:db:13:98:15:aa:42:ae:0d:
05:3a:c5:41:85:e6:cc:ba:d6:2c:d8:2e:32:ed:92:
35:92:d4:d5:29:ca:bf:88:85:a5:87:86:1a:11:f8:
31:9d:4c:4f:33:fc:eb:f5:a9:3b:d3:0d:fd:47:a0:
8a:9b:51:ad:1b:7a:5b:1e:dd:02:1b:52:a7:d7:d6:
a0:0a:27:a6:d7:b0:26:be:5f:4b:75:72:30:cc:96:
a7:b5:4c:ec:20:9e:f1:cb:ac:6c:af:df:d6:0f:9b:
04:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:AD:6B:30:94:B3:F4:16:56:DD:BE:57:F7:FA:52:0D:70:75:DD:9B
X509v3 Authority Key Identifier:
keyid:9F:89:1F:F3:47:7E:D7:FD:AA:CF:AE:2E:3F:0D:FA:64:FD:92:AC:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n4kf80d-1_2qz64uPw36ZP2SrAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c77833-31ae-4412-b049-70a4a8d7c43f/1/K61rMJSz9BZW3b5X9_pSDXB13Zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c77833-31ae-4412-b049-70a4a8d7c43f/1/n4kf80d-1_2qz64uPw36ZP2SrAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.70.0/24
Signature Algorithm: sha256WithRSAEncryption
70:7d:82:dd:ed:87:e4:a5:d1:99:0c:18:bf:9e:f0:1d:ae:2c:
6f:b4:dc:f6:6d:7a:52:cb:73:a5:96:2f:f6:6e:03:b2:7c:ad:
98:5f:be:4b:5d:ba:4e:aa:e0:8f:16:88:e6:b1:0d:4d:50:aa:
c3:26:16:ae:6f:1b:b0:a2:e6:34:0e:25:e5:0b:5c:fb:b3:d6:
98:a0:1a:36:40:ef:69:4d:b8:a3:25:e7:13:bc:2b:40:a2:5a:
4b:d5:6a:27:cb:0a:33:55:c9:7f:b6:48:ca:45:1c:87:9b:9a:
d0:cd:91:d5:54:7b:ed:4b:8e:83:7e:ef:5c:46:43:d8:3c:0f:
2d:ad:eb:0b:81:1c:a1:be:95:bf:3c:b5:61:00:e2:0a:6e:5a:
a7:b8:2e:a9:06:95:27:f1:a8:30:26:24:c0:58:d5:d5:3a:ad:
06:9c:e7:4a:43:d0:14:f5:b8:d3:12:60:9a:d2:ed:2c:e3:42:
b1:c7:da:e8:5e:f6:c7:0b:28:06:b2:87:87:3b:b6:78:b1:1d:
38:de:27:79:d8:7b:b3:1e:e9:64:66:b3:00:95:92:32:da:73:
2e:1e:e1:85:07:55:9e:57:c1:89:77:03:5a:9e:2b:64:9c:5a:
1b:54:4b:db:85:ea:4f:fe:70:81:f3:67:7a:75:9d:c0:20:01:
33:6f:60:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCoqmG/jz9NTqdJl15aAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmODkxZmYzNDc3ZWQ3ZmRhYWNmYWUyZTNmMGRmYTY0ZmQ5
MmFjMGMwHhcNMjMwMTAxMTExNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmFkNmIzMDk0YjNmNDE2NTZkZGJlNTdmN2ZhNTIwZDcwNzVkZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFm9EqtAV1JA4LTLDpyQC9jtGKQ0
U20WN6rd0xXXBMJxR1oV/4qTu8ZyD3IyMPxFJA0r0EXRCzpp0UqyGH+hPvJAssyp
k7P4tAWi0NK5l6JpLfixHA3idj3pSIGhYoXfBteaCFBsPEtQRc36SYzvLDZhAFfN
8xPnz2sH5tGrwkR4B1Yx86AoWygVXKj9IDmgm5V+il+72KG0ohit2xOYFapCrg0F
OsVBhebMutYs2C4y7ZI1ktTVKcq/iIWlh4YaEfgxnUxPM/zr9ak70w39R6CKm1Gt
G3pbHt0CG1Kn19agCiem17Amvl9LdXIwzJantUzsIJ7xy6xsr9/WD5sErwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCutazCUs/QWVt2+V/f6Ug1wdd2bMB8GA1UdIwQY
MBaAFJ+JH/NHftf9qs+uLj8N+mT9kqwMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjRrZjgwZC0xXzJxejY0dVB3MzZaUDJTckF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jNzc4MzMtMzFhZS00NDEyLWIwNDkt
NzBhNGE4ZDdjNDNmLzEvSzYxck1KU3o5QlpXM2I1WDlfcFNEWEIxM1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jNzc4MzMtMzFhZS00NDEyLWIwNDktNzBhNGE4ZDdjNDNm
LzEvbjRrZjgwZC0xXzJxejY0dVB3MzZaUDJTckF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQFGMA0G
CSqGSIb3DQEBCwUAA4IBAQBwfYLd7YfkpdGZDBi/nvAdrixvtNz2bXpSy3Olli/2
bgOyfK2YX75LXbpOquCPFojmsQ1NUKrDJhaubxuwouY0DiXlC1z7s9aYoBo2QO9p
TbijJecTvCtAolpL1WonywozVcl/tkjKRRyHm5rQzZHVVHvtS46Dfu9cRkPYPA8t
resLgRyhvpW/PLVhAOIKblqnuC6pBpUn8agwJiTAWNXVOq0GnOdKQ9AU9bjTEmCa
0u0s40Kxx9roXvbHCygGsoeHO7Z4sR043id52HuzHulkZrMAlZIy2nMuHuGFB1We
V8GJdwNanitknFobVEvbhepP/nCB82d6dZ3AIAEzb2C7
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:10 2025 by rpki-client