Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/kHKsEodIdpdOohz1WAEqvHF9Jqo.roa
File: kHKsEodIdpdOohz1WAEqvHF9Jqo.roa (raw, json)
Hash identifier: 9Tz0kBEfKSOzHm7XrH351bETTNz2uF42p739LSejuSI=
Subject key identifier: 90:72:AC:12:87:48:76:97:4E:A2:1C:F5:58:01:2A:BC:71:7D:26:AA
Certificate issuer: /CN=93b91eefa6d8046d918e364045604952640bc15d
Certificate serial: 01856B00B423E860CC18188129261EBEFB6F
Authority key identifier: 93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/kHKsEodIdpdOohz1WAEqvHF9Jqo.roa
Signing time: Sun 01 Jan 2023 01:44:46 +0000
ROA not before: Sun 01 Jan 2023 01:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56911
IP address blocks: 139.28.158.0/24 maxlen: 24
139.28.157.0/24 maxlen: 24
139.28.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:00:b4:23:e8:60:cc:18:18:81:29:26:1e:be:fb:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b91eefa6d8046d918e364045604952640bc15d
Validity
Not Before: Jan 1 01:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9072ac12874876974ea21cf558012abc717d26aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b1:0c:84:0c:32:79:fb:f1:0c:4f:b8:73:ba:
3d:77:cb:58:45:03:88:93:29:18:f9:8c:a9:e2:68:
85:a4:ab:e4:e5:c1:26:67:d5:4f:b8:29:0c:1f:ac:
c0:8d:0b:c4:51:f4:b9:f6:fd:d2:4e:01:c4:07:6a:
56:00:3f:28:4e:c5:76:61:d2:4b:b1:52:cf:50:49:
7d:16:c2:1a:a8:34:53:09:bc:86:e3:7e:3c:21:96:
a7:ff:10:25:c2:ca:f1:82:63:92:fb:39:29:c3:08:
73:f3:2f:34:41:f6:26:45:76:df:4f:37:40:01:f0:
8b:51:9c:50:87:b4:e1:1b:8a:db:65:54:d1:c3:d1:
e4:5b:dd:5a:d7:d4:da:78:53:72:f2:a3:f8:dc:31:
d9:35:d9:21:e8:90:a3:86:40:7f:37:12:c0:8a:1d:
af:08:fd:ba:db:da:73:09:bf:b6:2e:ab:69:e2:0f:
76:13:33:8b:09:cc:a4:08:c1:05:56:a8:2c:d6:c0:
8d:29:84:62:e4:7b:1b:17:ff:8e:d6:bb:f1:67:19:
09:17:03:9e:bf:70:37:fd:40:b3:92:a8:5c:7f:d7:
a3:13:ab:b0:fe:5d:85:d0:62:3e:6c:e2:4b:c9:40:
3d:36:c7:3b:8f:46:65:2a:3a:1d:b1:22:6b:e7:6d:
d4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:72:AC:12:87:48:76:97:4E:A2:1C:F5:58:01:2A:BC:71:7D:26:AA
X509v3 Authority Key Identifier:
keyid:93:B9:1E:EF:A6:D8:04:6D:91:8E:36:40:45:60:49:52:64:0B:C1:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7ke76bYBG2RjjZARWBJUmQLwV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/kHKsEodIdpdOohz1WAEqvHF9Jqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/babef9-079d-40f4-a211-3586aae13da7/1/k7ke76bYBG2RjjZARWBJUmQLwV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.157.0-139.28.159.255
Signature Algorithm: sha256WithRSAEncryption
03:e8:60:ce:ed:af:c5:f2:5e:49:62:6e:cd:6f:4d:7b:c2:bf:
74:3c:62:6a:a9:c8:a1:8d:f5:8e:39:81:16:15:a9:42:c5:47:
8f:e9:0c:19:4b:da:de:ec:01:af:02:96:b3:6f:8a:53:53:50:
a4:aa:f7:fe:b8:d8:b4:76:aa:77:4d:9f:4a:e5:6c:27:98:aa:
0f:7d:db:a0:28:93:30:b7:b0:44:7a:4c:1b:ef:22:ad:03:4e:
c0:11:9f:ec:8b:9a:9a:b6:3c:b5:4e:03:a1:4e:70:07:b2:96:
5d:b9:0d:c2:1b:b9:80:bb:bb:19:1a:ec:38:52:4d:af:f0:a3:
6f:48:5c:96:db:6d:47:47:33:63:23:79:e7:2b:b8:fe:a2:9d:
d6:c7:77:d6:ce:8b:06:2f:04:ac:bd:42:3c:81:5d:4d:74:f5:
7b:ac:d5:2e:3e:9e:b3:c1:c4:84:01:d5:0f:e2:c9:db:c9:3d:
a0:a5:6d:3f:69:7d:ad:18:9d:28:25:8a:39:f0:02:be:e6:bd:
49:9b:78:5b:cc:bc:cd:a6:12:5f:b4:fc:89:8f:47:d6:dc:84:
a8:96:c4:5b:75:a1:0a:7d:42:b7:e4:b0:1f:8a:0c:7a:32:10:
cf:9f:38:c2:f8:f8:d7:d0:d3:b1:7b:fe:f9:68:89:e0:39:c7:
c5:ba:28:3a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVrALQj6GDMGBiBKSYevvtvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjkxZWVmYTZkODA0NmQ5MThlMzY0MDQ1NjA0OTUyNjQw
YmMxNWQwHhcNMjMwMTAxMDE0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDcyYWMxMjg3NDg3Njk3NGVhMjFjZjU1ODAxMmFiYzcxN2QyNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7EMhAwyefvxDE+4c7o9d8tYRQOI
kykY+Yyp4miFpKvk5cEmZ9VPuCkMH6zAjQvEUfS59v3STgHEB2pWAD8oTsV2YdJL
sVLPUEl9FsIaqDRTCbyG4348IZan/xAlwsrxgmOS+zkpwwhz8y80QfYmRXbfTzdA
AfCLUZxQh7ThG4rbZVTRw9HkW91a19TaeFNy8qP43DHZNdkh6JCjhkB/NxLAih2v
CP2629pzCb+2Lqtp4g92EzOLCcykCMEFVqgs1sCNKYRi5HsbF/+O1rvxZxkJFwOe
v3A3/UCzkqhcf9ejE6uw/l2F0GI+bOJLyUA9Nsc7j0ZlKjodsSJr523UawIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJByrBKHSHaXTqIc9VgBKrxxfSaqMB8GA1UdIwQY
MBaAFJO5Hu+m2ARtkY42QEVgSVJkC8FdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEt
MzU4NmFhZTEzZGE3LzEva0hLc0VvZElkcGRPb2h6MVdBRXF2SEY5SnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYWJlZjktMDc5ZC00MGY0LWEyMTEtMzU4NmFhZTEzZGE3
LzEvazdrZTc2YllCRzJSampaQVJXQkpVbVFMd1YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACLHJ0D
BAWLHIAwDQYJKoZIhvcNAQELBQADggEBAAPoYM7tr8XyXklibs1vTXvCv3Q8Ymqp
yKGN9Y45gRYVqULFR4/pDBlL2t7sAa8ClrNvilNTUKSq9/642LR2qndNn0rlbCeY
qg9926AokzC3sER6TBvvIq0DTsARn+yLmpq2PLVOA6FOcAeyll25DcIbuYC7uxka
7DhSTa/wo29IXJbbbUdHM2MjeecruP6indbHd9bOiwYvBKy9QjyBXU109Xus1S4+
nrPBxIQB1Q/iydvJPaClbT9pfa0YnSglijnwAr7mvUmbeFvMvM2mEl+0/ImPR9bc
hKiWxFt1oQp9QrfksB+KDHoyEM+fOML4+NfQ07F7/vloieA5x8W6KDo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:15 2025 by rpki-client