Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/57Goo6c9W1ntAABB-Ztb78tgaZ0.roa
File: 57Goo6c9W1ntAABB-Ztb78tgaZ0.roa (raw, json)
Hash identifier: AHDdCumDVysUw9/vg2lfkOokLW6D29T9shOY6Z93LEw=
Subject key identifier: E7:B1:A8:A3:A7:3D:5B:59:ED:00:00:41:F9:9B:5B:EF:CB:60:69:9D
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 018AB16B8CCD56076607970B6B6AE698855F
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/57Goo6c9W1ntAABB-Ztb78tgaZ0.roa
Signing time: Wed 20 Sep 2023 07:08:50 +0000
ROA not before: Wed 20 Sep 2023 07:08:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16589
IP address blocks: 192.109.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:6b:8c:cd:56:07:66:07:97:0b:6b:6a:e6:98:85:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Sep 20 07:08:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7b1a8a3a73d5b59ed000041f99b5befcb60699d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:31:d6:ce:b7:bb:b7:50:94:b4:58:78:8d:e5:
49:26:01:85:7c:aa:1a:95:e0:25:5e:35:eb:a0:15:
5e:d3:1f:3e:95:d5:bc:f8:3d:b2:c1:e9:ff:1f:2c:
86:b9:2f:05:38:a7:6c:ec:6b:72:f4:aa:3b:27:57:
b7:d3:89:91:09:9b:df:e5:ce:1e:b9:e2:84:96:8b:
09:a9:64:7e:37:8a:03:03:6a:cd:cc:e3:c3:80:88:
b5:84:7d:bb:ba:ef:89:01:73:03:3b:76:a1:c6:3d:
14:6c:dc:e3:5b:8e:1c:5a:8f:67:2a:f7:79:71:f7:
15:25:21:d8:b6:c9:af:f4:cb:32:4b:53:57:21:9f:
0f:1f:a8:23:79:ec:13:0a:59:62:f4:73:3d:d8:cf:
84:22:45:6c:33:3f:89:ba:ed:82:0c:aa:46:28:01:
1d:7a:e4:a9:93:ed:11:d4:77:86:2a:ec:79:8c:f9:
28:89:f3:1a:4a:d6:6e:f4:b0:64:82:c9:48:3a:87:
fd:f9:d1:4b:82:2c:69:a1:35:cc:23:e9:ed:db:9e:
47:7f:6d:7a:0b:f0:b6:5f:9b:04:fb:2b:cb:3c:3d:
75:04:ca:3f:10:93:90:52:0d:4f:f2:16:1c:3d:85:
59:6d:52:cf:57:34:71:77:ce:0a:22:d4:f5:ca:ba:
f9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B1:A8:A3:A7:3D:5B:59:ED:00:00:41:F9:9B:5B:EF:CB:60:69:9D
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/57Goo6c9W1ntAABB-Ztb78tgaZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:a6:a5:54:0b:fe:cb:c7:f6:a8:3c:3f:cd:6a:eb:06:c1:04:
b5:62:30:e3:2f:28:0d:bc:c8:f8:02:2c:05:17:db:ff:ea:2c:
da:58:03:09:44:38:ac:7a:5d:0d:1e:30:7b:0a:15:34:e5:0f:
8c:de:9e:64:c2:ae:f6:c9:de:fd:1c:eb:81:48:ab:0b:bd:e1:
2c:52:c3:f6:55:03:5d:45:b5:1c:29:d4:c4:6e:c2:e3:30:26:
21:96:fa:2e:85:bf:b7:ec:da:0d:9f:91:46:79:03:4d:99:7f:
26:c9:7e:59:d5:06:d2:06:c1:c9:cb:4d:42:6a:3f:6f:88:cf:
dd:20:cd:43:df:f3:33:eb:76:d5:d8:20:1b:38:0f:ce:f0:43:
4e:60:24:95:e2:97:2a:52:e0:ff:af:fa:74:96:28:7a:a4:fc:
c5:0f:b0:8f:45:1b:1b:c2:3e:bb:71:77:cf:b2:b3:39:77:f8:
92:18:f6:f5:e1:ab:78:09:a1:d5:37:f7:93:0e:ae:08:54:82:
6f:4b:c3:8d:64:0c:4d:77:93:c1:5e:16:55:4f:3d:b2:9d:8f:
da:6d:14:ab:7a:29:fd:11:ef:1a:d5:c1:96:74:de:22:fa:48:
a1:7d:a3:70:4a:6a:ea:4b:07:dd:a6:59:73:c7:30:88:9e:03:
c7:59:68:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqxa4zNVgdmB5cLa2rmmIVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjMwOTIwMDcwODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2IxYThhM2E3M2Q1YjU5ZWQwMDAwNDFmOTliNWJlZmNiNjA2OTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzHWzre7t1CUtFh4jeVJJgGFfKoa
leAlXjXroBVe0x8+ldW8+D2ywen/HyyGuS8FOKds7Gty9Ko7J1e304mRCZvf5c4e
ueKElosJqWR+N4oDA2rNzOPDgIi1hH27uu+JAXMDO3ahxj0UbNzjW44cWo9nKvd5
cfcVJSHYtsmv9MsyS1NXIZ8PH6gjeewTClli9HM92M+EIkVsMz+Juu2CDKpGKAEd
euSpk+0R1HeGKux5jPkoifMaStZu9LBkgslIOof9+dFLgixpoTXMI+nt255Hf216
C/C2X5sE+yvLPD11BMo/EJOQUg1P8hYcPYVZbVLPVzRxd84KItT1yrr5KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOexqKOnPVtZ7QAAQfmbW+/LYGmdMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvNTdHb282YzlXMW50QUFCQi1adGI3OHRnYVowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG3IMA0G
CSqGSIb3DQEBCwUAA4IBAQCNpqVUC/7Lx/aoPD/NausGwQS1YjDjLygNvMj4AiwF
F9v/6izaWAMJRDisel0NHjB7ChU05Q+M3p5kwq72yd79HOuBSKsLveEsUsP2VQNd
RbUcKdTEbsLjMCYhlvouhb+37NoNn5FGeQNNmX8myX5Z1QbSBsHJy01Caj9viM/d
IM1D3/Mz63bV2CAbOA/O8ENOYCSV4pcqUuD/r/p0lih6pPzFD7CPRRsbwj67cXfP
srM5d/iSGPb14at4CaHVN/eTDq4IVIJvS8ONZAxNd5PBXhZVTz2ynY/abRSrein9
Ee8a1cGWdN4i+kihfaNwSmrqSwfdpllzxzCIngPHWWhp
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:55:16 2025 by rpki-client