Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/Cim9Ny99ToR7RtGWyZK_BDOlAKI.roa
File: Cim9Ny99ToR7RtGWyZK_BDOlAKI.roa (raw, json)
Hash identifier: 5RlTC7gd+4My2DiAbMDKXfmMXQVE/6MlphMzq0gSBe0=
Subject key identifier: 0A:29:BD:37:2F:7D:4E:84:7B:46:D1:96:C9:92:BF:04:33:A5:00:A2
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 0185C99949BC84E8D45DC4C02FB9E03F1F27
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/Cim9Ny99ToR7RtGWyZK_BDOlAKI.roa
Signing time: Thu 19 Jan 2023 10:35:44 +0000
ROA not before: Thu 19 Jan 2023 10:35:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 192.109.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c9:99:49:bc:84:e8:d4:5d:c4:c0:2f:b9:e0:3f:1f:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 19 10:35:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a29bd372f7d4e847b46d196c992bf0433a500a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1a:83:36:79:00:17:0d:d6:eb:cb:34:d1:64:
d2:04:50:b9:c8:ba:53:49:0c:3e:11:b2:5c:b4:f7:
0f:64:a9:15:f2:e5:b6:0a:e4:e5:2a:24:02:e8:bf:
e5:d9:bc:e9:4e:69:4f:c1:72:50:d7:43:42:a2:6b:
bb:41:2d:ae:95:63:be:60:91:60:48:09:f0:31:61:
51:20:d3:a4:b9:b1:96:37:06:17:ce:c8:83:b1:03:
2f:16:a6:f9:f5:c6:a7:d7:4f:26:ed:d7:4c:c5:e5:
97:34:69:95:ff:7c:cb:72:61:a0:79:02:96:ee:57:
09:37:87:f7:cd:3b:5b:bb:6e:e9:2a:a4:d9:40:a1:
02:e7:94:23:25:07:38:81:de:a9:4c:8d:fb:09:aa:
b8:83:fe:36:f0:6b:c7:12:55:1f:93:61:d3:30:0e:
f7:e0:4a:82:41:df:f1:22:a2:c1:aa:07:87:1e:4e:
d7:10:55:2d:29:c1:98:ef:c8:5d:37:de:6f:ce:15:
0f:9c:4d:b3:9a:c3:bd:84:a2:8b:28:d1:72:50:81:
38:62:51:e8:55:bf:c2:ec:fd:47:c8:fe:7f:63:54:
2d:87:71:a1:a8:d3:1f:18:ff:02:2a:77:f3:c7:0d:
b0:58:9b:d4:ed:c9:00:d1:4f:ed:41:7b:1f:b5:09:
f5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:29:BD:37:2F:7D:4E:84:7B:46:D1:96:C9:92:BF:04:33:A5:00:A2
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/Cim9Ny99ToR7RtGWyZK_BDOlAKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
Signature Algorithm: sha256WithRSAEncryption
00:91:5c:e2:d4:2b:0b:39:78:41:48:72:63:cd:ae:ec:b1:22:
02:fb:e1:1a:52:ea:5f:c0:60:c3:79:bb:31:be:b9:94:f5:b1:
83:b0:23:a9:e4:89:95:86:3c:b2:78:56:bf:ef:b8:6a:ba:12:
4f:ff:52:87:1f:1e:86:6f:5c:cb:fe:ce:a8:16:64:e0:65:8c:
95:63:5a:fd:b5:c5:c4:fd:19:d3:6d:80:f1:27:4f:8e:85:d5:
ff:7f:3e:d0:49:07:2e:d0:91:50:db:08:00:5e:d9:d5:91:7a:
2d:f7:6a:12:83:f8:3a:e3:ec:41:01:74:d7:50:e4:ac:64:b3:
5d:c9:7d:ef:40:05:07:b9:24:2f:7b:03:68:1d:93:1e:b9:8f:
a8:5b:19:d2:93:f9:ab:41:a5:ce:d8:21:f7:9f:e0:65:60:34:
48:b7:d4:2b:c2:27:7d:8d:0b:e6:94:3f:75:0c:d0:ae:fd:22:
7f:39:95:45:de:72:08:6b:b0:10:d5:b5:f3:07:e1:31:d6:3f:
74:35:08:de:13:86:73:1c:c7:4b:39:d2:20:1d:fe:16:ce:87:
70:75:d0:25:2b:80:a1:3a:da:4e:dc:eb:fd:74:1a:f4:e6:ce:
7b:f1:9b:c1:09:37:95:42:39:56:9d:6a:42:cf:86:67:6a:04:
d4:e8:c9:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXJmUm8hOjUXcTAL7ngPx8nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjMwMTE5MTAzNTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTI5YmQzNzJmN2Q0ZTg0N2I0NmQxOTZjOTkyYmYwNDMzYTUwMGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBqDNnkAFw3W68s00WTSBFC5yLpT
SQw+EbJctPcPZKkV8uW2CuTlKiQC6L/l2bzpTmlPwXJQ10NComu7QS2ulWO+YJFg
SAnwMWFRINOkubGWNwYXzsiDsQMvFqb59can108m7ddMxeWXNGmV/3zLcmGgeQKW
7lcJN4f3zTtbu27pKqTZQKEC55QjJQc4gd6pTI37Caq4g/428GvHElUfk2HTMA73
4EqCQd/xIqLBqgeHHk7XEFUtKcGY78hdN95vzhUPnE2zmsO9hKKLKNFyUIE4YlHo
Vb/C7P1HyP5/Y1Qth3GhqNMfGP8CKnfzxw2wWJvU7ckA0U/tQXsftQn15QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAopvTcvfU6Ee0bRlsmSvwQzpQCiMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvQ2ltOU55OTlUb1I3UnRHV3laS19CRE9sQUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2LMA0G
CSqGSIb3DQEBCwUAA4IBAQAAkVzi1CsLOXhBSHJjza7ssSIC++EaUupfwGDDebsx
vrmU9bGDsCOp5ImVhjyyeFa/77hquhJP/1KHHx6Gb1zL/s6oFmTgZYyVY1r9tcXE
/RnTbYDxJ0+OhdX/fz7QSQcu0JFQ2wgAXtnVkXot92oSg/g64+xBAXTXUOSsZLNd
yX3vQAUHuSQvewNoHZMeuY+oWxnSk/mrQaXO2CH3n+BlYDRIt9Qrwid9jQvmlD91
DNCu/SJ/OZVF3nIIa7AQ1bXzB+Ex1j90NQjeE4ZzHMdLOdIgHf4WzodwddAlK4Ch
OtpO3Ov9dBr05s578ZvBCTeVQjlWnWpCz4ZnagTU6MmI
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:08 2025 by rpki-client