Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/K21BiyJuf7J015VWjTNWX7eFwjo.roa
File: K21BiyJuf7J015VWjTNWX7eFwjo.roa (raw, json)
Hash identifier: hbxCBx1MyjBDchyHNia+KyeOLOLDbK3aWRClAGUtHEQ=
Subject key identifier: 2B:6D:41:8B:22:6E:7F:B2:74:D7:95:56:8D:33:56:5F:B7:85:C2:3A
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 01856F949B42B02F0804AF803014BADBDD8A
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/K21BiyJuf7J015VWjTNWX7eFwjo.roa
Signing time: Sun 01 Jan 2023 23:04:48 +0000
ROA not before: Sun 01 Jan 2023 23:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51358
IP address blocks: 192.109.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:9b:42:b0:2f:08:04:af:80:30:14:ba:db:dd:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 1 23:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b6d418b226e7fb274d795568d33565fb785c23a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:06:ad:45:e1:b3:7e:96:30:bd:7b:31:f1:18:
3c:2c:b6:51:6a:7c:8e:5e:02:cd:70:b2:b4:db:0c:
39:10:62:65:d0:6b:28:a0:b0:b5:33:1d:29:36:ec:
c0:30:49:db:94:c3:37:e4:ad:2a:66:70:1a:87:a7:
60:a7:63:0d:c4:ad:cb:dc:92:ed:d9:d3:63:d9:40:
4e:e5:7f:8d:9e:3e:eb:e9:16:2f:24:0f:f3:82:46:
d5:00:c9:3d:0f:ce:97:c8:1f:9c:1e:3f:a2:4f:e2:
7f:7d:ca:29:d6:2c:7d:05:6f:a1:10:d7:13:3d:76:
31:05:ef:9a:a6:2a:c6:91:06:32:18:fd:e8:cb:8a:
97:ca:96:a8:27:4f:89:cf:f3:0b:4c:4d:86:c6:71:
41:84:22:95:5b:dd:99:31:68:5e:22:16:ef:27:05:
c9:e4:bd:d5:53:8f:a7:2c:8d:da:08:e6:a8:bf:5d:
dc:2a:ce:16:76:6d:87:0c:2a:fb:b0:b6:f1:3b:d4:
4d:3b:69:b8:f8:89:59:be:1e:ca:25:cf:23:c2:fc:
e3:2b:75:36:c0:b6:00:2a:12:58:00:b2:c6:2d:a8:
4f:4b:a5:8b:e1:5b:19:51:88:a8:00:50:b4:f7:96:
b0:44:96:96:c5:e2:9f:1f:5b:23:3b:58:9e:b5:ec:
2e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:6D:41:8B:22:6E:7F:B2:74:D7:95:56:8D:33:56:5F:B7:85:C2:3A
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/K21BiyJuf7J015VWjTNWX7eFwjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.138.0/24
Signature Algorithm: sha256WithRSAEncryption
54:cc:dc:b4:39:de:29:3c:ba:27:e4:56:69:2c:74:f2:7c:db:
41:46:7f:30:ed:37:e3:03:f5:ca:91:44:a9:27:13:22:2e:bf:
f5:2c:a2:a3:6d:d1:69:e7:02:ea:83:e6:ac:22:9c:53:77:21:
9c:f4:88:b6:1b:86:5b:f0:28:2f:fd:02:ae:9c:eb:f2:71:47:
62:00:90:d0:40:af:05:f2:52:f6:f0:47:f1:64:85:e5:6b:e3:
d5:b0:df:2e:59:5b:f7:44:53:d6:fc:f5:69:d1:32:45:e9:80:
85:0e:3b:81:f8:bf:a8:07:f1:f1:fa:79:c7:42:07:a8:24:ca:
04:b4:3b:c5:1c:01:ae:fb:69:89:e2:0f:91:d9:08:e9:64:2f:
65:46:22:dc:11:00:66:8c:b6:fa:63:fc:2e:3f:5e:ef:1e:3a:
9c:9f:1e:1a:d5:f1:0a:76:b8:e0:12:4b:13:1b:1c:fb:e5:60:
a2:be:07:9c:c1:a6:8f:26:16:1f:6d:1d:0f:36:7e:cc:33:45:
d5:c2:a7:bd:2b:05:43:82:c2:90:71:13:9b:c7:1b:1e:9f:59:
6b:b9:30:50:8c:27:56:89:1e:c1:2d:e4:af:5b:22:62:67:ea:
d9:a3:7c:ff:89:21:e6:53:e2:1a:76:88:ca:3c:30:cb:32:3d:
4f:64:2f:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlJtCsC8IBK+AMBS6292KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjMwMTAxMjMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjZkNDE4YjIyNmU3ZmIyNzRkNzk1NTY4ZDMzNTY1ZmI3ODVjMjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwatReGzfpYwvXsx8Rg8LLZRanyO
XgLNcLK02ww5EGJl0GsooLC1Mx0pNuzAMEnblMM35K0qZnAah6dgp2MNxK3L3JLt
2dNj2UBO5X+Nnj7r6RYvJA/zgkbVAMk9D86XyB+cHj+iT+J/fcop1ix9BW+hENcT
PXYxBe+apirGkQYyGP3oy4qXypaoJ0+Jz/MLTE2GxnFBhCKVW92ZMWheIhbvJwXJ
5L3VU4+nLI3aCOaov13cKs4Wdm2HDCr7sLbxO9RNO2m4+IlZvh7KJc8jwvzjK3U2
wLYAKhJYALLGLahPS6WL4VsZUYioAFC095awRJaWxeKfH1sjO1ietewuZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCttQYsibn+ydNeVVo0zVl+3hcI6MB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvSzIxQml5SnVmN0owMTVWV2pUTldYN2VGd2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2KMA0G
CSqGSIb3DQEBCwUAA4IBAQBUzNy0Od4pPLon5FZpLHTyfNtBRn8w7TfjA/XKkUSp
JxMiLr/1LKKjbdFp5wLqg+asIpxTdyGc9Ii2G4Zb8Cgv/QKunOvycUdiAJDQQK8F
8lL28EfxZIXla+PVsN8uWVv3RFPW/PVp0TJF6YCFDjuB+L+oB/Hx+nnHQgeoJMoE
tDvFHAGu+2mJ4g+R2QjpZC9lRiLcEQBmjLb6Y/wuP17vHjqcnx4a1fEKdrjgEksT
Gxz75WCivgecwaaPJhYfbR0PNn7MM0XVwqe9KwVDgsKQcRObxxsen1lruTBQjCdW
iR7BLeSvWyJiZ+rZo3z/iSHmU+IadojKPDDLMj1PZC+z
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:54 2025 by rpki-client