Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/CE9uQiBPUyKsYcMrVQaWQLCndR4.roa
File: CE9uQiBPUyKsYcMrVQaWQLCndR4.roa (raw, json)
Hash identifier: 5Y4Ol0gBqMrC+SY+WeBavs29m8hfxToOtImo2cwzXcc=
Subject key identifier: 08:4F:6E:42:20:4F:53:22:AC:61:C3:2B:55:06:96:40:B0:A7:75:1E
Certificate issuer: /CN=becec531e5c37756b828663f9cc20ad6217713ac
Certificate serial: 0139E24D
Authority key identifier: BE:CE:C5:31:E5:C3:77:56:B8:28:66:3F:9C:C2:0A:D6:21:77:13:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vs7FMeXDd1a4KGY_nMIK1iF3E6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/CE9uQiBPUyKsYcMrVQaWQLCndR4.roa
Signing time: Tue 01 Mar 2022 06:11:38 +0000
ROA not before: Tue 01 Mar 2022 06:11:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 164.133.91.0/24 maxlen: 24
164.133.98.0/24 maxlen: 24
164.133.99.0/24 maxlen: 24
164.133.4.0/24 maxlen: 24
164.133.11.0/24 maxlen: 24
164.133.10.0/24 maxlen: 24
164.133.150.0/24 maxlen: 24
164.133.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20570701 (0x139e24d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=becec531e5c37756b828663f9cc20ad6217713ac
Validity
Not Before: Mar 1 06:11:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=084f6e42204f5322ac61c32b55069640b0a7751e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1a:d6:3c:b0:b8:95:20:4b:8a:76:f6:d3:8e:
4b:61:dc:aa:f4:4a:9f:f0:8b:04:50:b9:36:de:e9:
f0:86:29:14:68:50:88:6a:42:f5:d2:51:76:c8:54:
24:eb:10:d6:31:6d:32:f7:c5:53:e8:85:f5:db:f7:
39:61:7b:9d:3d:b7:a3:3e:35:4c:ce:8d:f1:32:cd:
06:37:4a:5f:0e:da:2c:28:1d:ba:e4:4a:b8:1d:95:
4b:77:fa:53:e2:9a:77:cf:b2:37:35:cb:c4:3d:14:
c3:ec:1f:e7:18:cc:e8:10:15:3f:6e:d8:cd:8f:79:
ce:b8:9f:d8:7e:39:de:50:7b:b2:e9:d2:20:0f:04:
06:b0:5e:54:28:7c:54:50:c7:9d:04:6e:05:0f:3a:
f7:a1:46:1c:6f:c5:c7:7c:b1:6d:d4:b5:22:0a:6c:
82:15:ed:58:15:f0:72:de:41:8f:f7:19:e1:fb:5b:
e5:e0:94:65:2a:45:d0:00:a3:28:7e:60:30:18:8e:
75:5b:27:dd:5c:43:cd:d9:e7:dd:7d:2a:11:3c:88:
0f:ff:da:5e:1c:36:a2:9d:77:ac:f5:e7:b3:3a:83:
b5:eb:32:ad:4e:50:28:22:e4:09:7f:38:4b:b1:d7:
55:af:5a:ec:ec:c1:2e:de:65:db:20:8f:bd:91:31:
c0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:4F:6E:42:20:4F:53:22:AC:61:C3:2B:55:06:96:40:B0:A7:75:1E
X509v3 Authority Key Identifier:
keyid:BE:CE:C5:31:E5:C3:77:56:B8:28:66:3F:9C:C2:0A:D6:21:77:13:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vs7FMeXDd1a4KGY_nMIK1iF3E6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/CE9uQiBPUyKsYcMrVQaWQLCndR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/vs7FMeXDd1a4KGY_nMIK1iF3E6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.133.4.0/24
164.133.10.0/23
164.133.91.0/24
164.133.98.0/23
164.133.150.0/24
164.133.154.0/24
Signature Algorithm: sha256WithRSAEncryption
41:3a:7a:2d:52:8b:b1:aa:90:05:5d:b7:1d:9f:8a:ca:13:d0:
e3:79:02:dc:b7:38:cd:fb:ef:38:42:a1:7d:40:b1:02:23:bd:
7f:4c:cb:54:10:6a:9e:ff:33:21:32:86:43:ce:f3:06:27:85:
38:80:52:d2:ee:b9:53:e1:08:26:54:09:dc:56:cd:90:dc:b7:
14:52:c1:67:7c:c3:68:32:b3:f1:8f:73:31:cc:35:73:c2:49:
a1:14:32:65:35:bb:75:3d:30:fb:a5:a5:e9:f9:a5:b2:bf:8c:
a6:03:46:d9:a7:3f:6b:c2:21:51:d4:cc:2c:7f:2f:e8:86:d5:
bc:d4:73:fe:c6:41:75:4b:74:b7:8e:c5:37:c4:06:3f:17:67:
0d:e5:f2:4f:a1:4a:fe:63:e3:4c:c0:6a:62:a9:9e:f4:c0:05:
06:ef:cf:73:aa:f9:a2:83:02:89:db:12:a2:b8:6d:fb:ce:15:
38:c1:9f:a7:12:ca:23:6f:4c:ba:e8:74:1e:43:7f:56:56:7f:
b4:84:e7:34:75:d1:46:99:03:47:7f:06:30:ed:55:52:23:68:
7f:16:6f:d8:26:b8:7a:32:17:e9:b7:fc:51:82:a0:4c:ce:7b:
bc:3e:dd:4a:5f:28:56:dc:aa:e4:00:d5:0d:db:32:e4:3d:29:
bd:37:be:b5
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEATniTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZWNlYzUzMWU1YzM3NzU2YjgyODY2M2Y5Y2MyMGFkNjIxNzcxM2FjMB4XDTIyMDMw
MTA2MTEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg0ZjZlNDIyMDRm
NTMyMmFjNjFjMzJiNTUwNjk2NDBiMGE3NzUxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIca1jywuJUgS4p29tOOS2HcqvRKn/CLBFC5Nt7p8IYpFGhQ
iGpC9dJRdshUJOsQ1jFtMvfFU+iF9dv3OWF7nT23oz41TM6N8TLNBjdKXw7aLCgd
uuRKuB2VS3f6U+Kad8+yNzXLxD0Uw+wf5xjM6BAVP27YzY95zrif2H453lB7sunS
IA8EBrBeVCh8VFDHnQRuBQ8696FGHG/Fx3yxbdS1IgpsghXtWBXwct5Bj/cZ4ftb
5eCUZSpF0ACjKH5gMBiOdVsn3VxDzdnn3X0qETyID//aXhw2op13rPXnszqDtesy
rU5QKCLkCX84S7HXVa9a7OzBLt5l2yCPvZExwMsCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQIT25CIE9TIqxhwytVBpZAsKd1HjAfBgNVHSMEGDAWgBS+zsUx5cN3Vrgo
Zj+cwgrWIXcTrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZzN0ZNZVhEZDFhNEtHWV9uTUlLMWlGM0U2dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMWJjYjhiLWEzZjgtNDhjYy04ZGI5LTNkZjllMjFmNGJjYy8x
L0NFOXVRaUJQVXlLc1ljTXJWUWFXUUxDbmRSNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MWJjYjhiLWEzZjgtNDhjYy04ZGI5LTNkZjllMjFmNGJjYy8xL3ZzN0ZNZVhEZDFh
NEtHWV9uTUlLMWlGM0U2dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAKSFBAMEAaSFCgMEAKSFWwMEAaSF
YgMEAKSFlgMEAKSFmjANBgkqhkiG9w0BAQsFAAOCAQEAQTp6LVKLsaqQBV23HZ+K
yhPQ43kC3Lc4zfvvOEKhfUCxAiO9f0zLVBBqnv8zITKGQ87zBieFOIBS0u65U+EI
JlQJ3FbNkNy3FFLBZ3zDaDKz8Y9zMcw1c8JJoRQyZTW7dT0w+6Wl6fmlsr+MpgNG
2ac/a8IhUdTMLH8v6IbVvNRz/sZBdUt0t47FN8QGPxdnDeXyT6FK/mPjTMBqYqme
9MAFBu/Pc6r5ooMCidsSorht+84VOMGfpxLKI29Muuh0HkN/VlZ/tITnNHXRRpkD
R38GMO1VUiNofxZv2Ca4ejIX6bf8UYKgTM57vD7dSl8oVtyq5ADVDdsy5D0pvTe+
tQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:20:44 2025 by rpki-client