Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/H7GN57PL02shAlxPb-sMwryopkg.roa
File: H7GN57PL02shAlxPb-sMwryopkg.roa (raw, json)
Hash identifier: 8n+/pmBZAs6XeL/cOuS8t8R1uGmVh2pgW8Zi6vStbjI=
Subject key identifier: 1F:B1:8D:E7:B3:CB:D3:6B:21:02:5C:4F:6F:EB:0C:C2:BC:A8:A6:48
Certificate issuer: /CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Certificate serial: 0185715E6897A0ED214057183C5D6DA4729D
Authority key identifier: 12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/H7GN57PL02shAlxPb-sMwryopkg.roa
Signing time: Mon 02 Jan 2023 07:24:50 +0000
ROA not before: Mon 02 Jan 2023 07:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8628
IP address blocks: 109.121.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:68:97:a0:ed:21:40:57:18:3c:5d:6d:a4:72:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Validity
Not Before: Jan 2 07:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fb18de7b3cbd36b21025c4f6feb0cc2bca8a648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8d:e7:bf:17:ff:52:e7:b4:7a:09:08:7c:d1:
b2:74:72:d1:04:6e:cb:60:1f:eb:d5:c9:11:e7:2f:
a0:96:ef:a5:9e:10:25:1b:b2:6b:e5:f8:dc:ba:1d:
fb:e8:7a:ec:36:d8:8c:3a:4e:80:37:f6:25:ac:47:
ac:11:b3:df:96:28:94:9b:78:cb:4a:ea:87:75:d4:
c6:23:f3:d3:5b:fe:5f:19:b9:d5:50:31:cb:a7:12:
e3:79:4e:f4:7b:7c:d7:3d:1f:03:7e:60:2b:54:61:
73:9a:3d:f5:32:3a:6a:fe:be:7e:56:98:fd:91:54:
66:e1:8c:43:b0:36:ba:f8:2e:75:b0:1e:5b:1a:65:
9b:dd:56:e5:07:23:66:a9:44:98:25:2e:5c:8d:7f:
0c:04:ad:6a:2b:b1:b8:f9:2a:f7:44:8a:e1:c9:d4:
2b:f2:af:9b:f3:46:1a:41:ed:c8:7e:8c:6a:ea:a1:
04:56:83:d4:75:0c:e8:6c:aa:25:42:f9:be:ab:6a:
a5:db:38:3d:c3:bb:2a:72:8c:51:95:07:3f:ce:1e:
ea:96:40:3a:22:78:10:e0:de:07:35:0b:b8:bc:62:
00:5b:fb:6e:67:86:8a:88:31:bb:0f:a2:22:9b:39:
b2:95:08:65:d4:75:81:f7:08:44:eb:b7:d6:84:97:
70:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:B1:8D:E7:B3:CB:D3:6B:21:02:5C:4F:6F:EB:0C:C2:BC:A8:A6:48
X509v3 Authority Key Identifier:
keyid:12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/H7GN57PL02shAlxPb-sMwryopkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.133.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:69:3b:85:af:e5:97:9e:a3:8a:23:d2:8a:ce:13:0e:55:9f:
05:f0:41:aa:d2:db:dc:45:e6:36:73:0e:5b:3a:ad:6b:b5:d9:
da:a9:ad:2e:db:69:40:3e:2c:00:11:c4:cd:91:68:3d:f7:16:
1f:19:62:2b:83:ce:ff:d8:ad:97:2a:dc:ad:8f:81:5d:05:31:
d5:77:3b:9a:99:b6:15:42:b4:c4:eb:13:2b:0f:aa:48:a5:d8:
77:05:57:dc:65:0c:1f:01:e0:b2:56:f6:d8:f0:57:33:35:49:
54:9e:96:ba:97:52:b2:07:44:eb:eb:cc:23:b2:f9:bd:87:04:
ae:48:cb:e0:32:ce:30:53:82:b4:d5:1f:5a:d2:d4:32:7f:83:
ea:c7:db:74:94:cd:5d:d5:0f:c3:10:75:42:8d:41:41:3c:bb:
0b:87:21:3e:23:c9:22:15:f0:c2:11:00:e3:61:dc:58:84:9c:
c9:f0:94:8c:db:e3:08:db:33:69:7f:1f:56:25:ef:82:ed:7a:
fc:44:a6:22:5b:60:8e:3b:8a:e6:14:4d:f0:d2:b7:6e:62:42:
df:cd:38:8c:ea:2c:c2:11:b2:d5:47:84:fd:ea:24:b5:ad:cc:
3e:31:96:ed:ed:f0:8d:a3:ea:cc:82:ae:2c:d2:a3:26:4f:03:
ad:96:9f:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXmiXoO0hQFcYPF1tpHKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZWY5ZTQ5ZmVjZjI1MDllYjY3NjllZWUyY2RkNGE1MjUz
YjcxYzUwHhcNMjMwMTAyMDcyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmIxOGRlN2IzY2JkMzZiMjEwMjVjNGY2ZmViMGNjMmJjYThhNjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApY3nvxf/Uue0egkIfNGydHLRBG7L
YB/r1ckR5y+glu+lnhAlG7Jr5fjcuh376HrsNtiMOk6AN/YlrEesEbPfliiUm3jL
SuqHddTGI/PTW/5fGbnVUDHLpxLjeU70e3zXPR8DfmArVGFzmj31Mjpq/r5+Vpj9
kVRm4YxDsDa6+C51sB5bGmWb3VblByNmqUSYJS5cjX8MBK1qK7G4+Sr3RIrhydQr
8q+b80YaQe3Ifoxq6qEEVoPUdQzobKolQvm+q2ql2zg9w7sqcoxRlQc/zh7qlkA6
IngQ4N4HNQu4vGIAW/tuZ4aKiDG7D6IimzmylQhl1HWB9whE67fWhJdwGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB+xjeezy9NrIQJcT2/rDMK8qKZIMB8GA1UdIwQY
MBaAFBLvnkn+zyUJ62dp7uLN1KUlO3HFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTIt
MWQ1ZDk0NWEwNWEzLzEvSDdHTjU3UEwwMnNoQWx4UGItc013cnlvcGtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTItMWQ1ZDk0NWEwNWEz
LzEvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXmFMA0G
CSqGSIb3DQEBCwUAA4IBAQA6aTuFr+WXnqOKI9KKzhMOVZ8F8EGq0tvcReY2cw5b
Oq1rtdnaqa0u22lAPiwAEcTNkWg99xYfGWIrg87/2K2XKtytj4FdBTHVdzuambYV
QrTE6xMrD6pIpdh3BVfcZQwfAeCyVvbY8FczNUlUnpa6l1KyB0Tr68wjsvm9hwSu
SMvgMs4wU4K01R9a0tQyf4Pqx9t0lM1d1Q/DEHVCjUFBPLsLhyE+I8kiFfDCEQDj
YdxYhJzJ8JSM2+MI2zNpfx9WJe+C7Xr8RKYiW2COO4rmFE3w0rduYkLfzTiM6izC
EbLVR4T96iS1rcw+MZbt7fCNo+rMgq4s0qMmTwOtlp/G
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:57:02 2025 by rpki-client