Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/fu9yeOrhbc4eJe1IflSMp3BIzoA.roa
File: fu9yeOrhbc4eJe1IflSMp3BIzoA.roa (raw, json)
Hash identifier: b40e1LUwGn1ejtZ5h6MER68sf+lR/UZEISA1MwwqZDA=
Subject key identifier: 7E:EF:72:78:EA:E1:6D:CE:1E:25:ED:48:7E:54:8C:A7:70:48:CE:80
Certificate issuer: /CN=f1bd02ea44a9bee35b63d1ab3e25b14f19a35a55
Certificate serial: 018570DE393AB5A17A0D30376165BCBD8D57
Authority key identifier: F1:BD:02:EA:44:A9:BE:E3:5B:63:D1:AB:3E:25:B1:4F:19:A3:5A:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/fu9yeOrhbc4eJe1IflSMp3BIzoA.roa
Signing time: Mon 02 Jan 2023 05:04:49 +0000
ROA not before: Mon 02 Jan 2023 05:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36007
IP address blocks: 113.30.149.0/24 maxlen: 24
113.30.148.0/24 maxlen: 24
113.30.151.0/24 maxlen: 24
113.30.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:39:3a:b5:a1:7a:0d:30:37:61:65:bc:bd:8d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1bd02ea44a9bee35b63d1ab3e25b14f19a35a55
Validity
Not Before: Jan 2 05:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7eef7278eae16dce1e25ed487e548ca77048ce80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f0:b7:63:4f:00:eb:69:61:b3:ec:ea:b0:39:
61:aa:43:c0:ae:2c:5c:4a:f3:47:69:70:59:57:d4:
25:2c:78:3e:5d:12:75:00:8b:6e:50:68:01:24:ef:
c5:f6:34:5e:8a:c7:f6:6e:e3:fc:92:14:73:c8:58:
5a:b9:83:95:f2:b3:33:81:01:d9:04:f3:cc:d5:b1:
b6:ac:63:52:5f:4f:83:12:c6:2f:26:16:e4:0b:82:
11:35:68:25:f8:cc:57:1a:d4:e9:26:97:79:ba:81:
a7:1b:aa:d4:a5:97:4b:ac:ac:d6:c1:43:6a:e6:6a:
a4:9e:ed:2c:7b:32:ff:52:2f:6d:fe:01:40:76:4f:
c4:1a:91:28:ef:a3:bf:9c:ef:53:19:59:15:d9:21:
18:10:9d:a6:61:05:70:40:cb:0a:de:16:c6:b5:36:
02:5d:cc:cc:1f:6e:47:09:1f:99:64:70:57:bc:84:
30:70:a8:81:ad:77:98:93:2d:b5:80:01:7b:fb:75:
30:33:bb:b5:38:22:b2:f8:4c:a9:b9:2e:88:78:da:
7c:99:9c:b2:99:6f:a8:0e:f0:e4:7f:70:0b:da:3f:
b9:97:8a:7c:62:e4:34:51:66:ec:cb:e9:5f:8e:2f:
5c:91:97:f1:1b:57:1c:10:d0:47:e9:70:72:07:8d:
14:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:EF:72:78:EA:E1:6D:CE:1E:25:ED:48:7E:54:8C:A7:70:48:CE:80
X509v3 Authority Key Identifier:
keyid:F1:BD:02:EA:44:A9:BE:E3:5B:63:D1:AB:3E:25:B1:4F:19:A3:5A:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/fu9yeOrhbc4eJe1IflSMp3BIzoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
113.30.148.0/22
Signature Algorithm: sha256WithRSAEncryption
92:31:9d:51:e5:01:5b:44:6f:26:90:ad:58:4b:d3:90:78:c4:
5c:c5:64:9c:f3:ee:bd:ea:9c:11:ed:ef:e7:e3:7d:7d:15:fe:
af:b4:bb:85:c6:43:24:1a:98:92:f2:83:b9:e6:f4:34:1f:4d:
e3:b8:d6:21:ca:3e:46:db:de:38:f1:62:3c:0d:04:d7:b1:b1:
a3:c4:b9:53:3c:e6:78:f8:f0:03:44:75:b3:dd:d0:5b:d3:28:
56:15:d7:46:e1:4a:e6:8e:7d:39:b7:87:76:1b:0c:3c:1d:9d:
cb:86:3d:ba:87:76:c8:af:90:52:bc:70:5e:f8:17:bc:7b:f6:
4f:d9:4c:46:b5:95:81:aa:2e:3e:b1:da:15:0a:bd:5e:6f:08:
39:10:01:58:c5:15:67:83:5a:ce:dd:75:11:e5:eb:bf:8b:c0:
f9:63:54:7e:e6:0a:fd:a5:d9:6d:68:59:4d:1c:96:eb:b0:4a:
15:7a:09:18:9b:9e:e1:31:b7:1c:f5:91:2b:18:4c:5d:fc:21:
d1:7e:d2:9c:75:0a:29:8f:27:93:41:04:7e:ff:9a:a0:56:2f:
c4:d5:09:eb:db:ac:7f:52:15:2c:c9:b1:51:7a:c0:13:2a:71:
7f:c9:6a:52:98:d6:ce:16:8b:77:8d:44:e3:50:42:2c:44:77:
65:3c:1f:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw3jk6taF6DTA3YWW8vY1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYmQwMmVhNDRhOWJlZTM1YjYzZDFhYjNlMjViMTRmMTlh
MzVhNTUwHhcNMjMwMTAyMDUwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWVmNzI3OGVhZTE2ZGNlMWUyNWVkNDg3ZTU0OGNhNzcwNDhjZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/C3Y08A62lhs+zqsDlhqkPArixc
SvNHaXBZV9QlLHg+XRJ1AItuUGgBJO/F9jReisf2buP8khRzyFhauYOV8rMzgQHZ
BPPM1bG2rGNSX0+DEsYvJhbkC4IRNWgl+MxXGtTpJpd5uoGnG6rUpZdLrKzWwUNq
5mqknu0sezL/Ui9t/gFAdk/EGpEo76O/nO9TGVkV2SEYEJ2mYQVwQMsK3hbGtTYC
XczMH25HCR+ZZHBXvIQwcKiBrXeYky21gAF7+3UwM7u1OCKy+EypuS6IeNp8mZyy
mW+oDvDkf3AL2j+5l4p8YuQ0UWbsy+lfji9ckZfxG1ccENBH6XByB40UZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH7vcnjq4W3OHiXtSH5UjKdwSM6AMB8GA1UdIwQY
MBaAFPG9AupEqb7jW2PRqz4lsU8Zo1pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGIwQzZrU3B2dU5iWTlHclBpV3hUeG1qV2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iNjliYmEtNzIwMC00ZjUyLWI2MzEt
ZmUwYTY1OGQ5ZGVkLzEvZnU5eWVPcmhiYzRlSmUxSWZsU01wM0JJem9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iNjliYmEtNzIwMC00ZjUyLWI2MzEtZmUwYTY1OGQ5ZGVk
LzEvOGIwQzZrU3B2dU5iWTlHclBpV3hUeG1qV2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCcR6UMA0G
CSqGSIb3DQEBCwUAA4IBAQCSMZ1R5QFbRG8mkK1YS9OQeMRcxWSc8+696pwR7e/n
4319Ff6vtLuFxkMkGpiS8oO55vQ0H03juNYhyj5G29448WI8DQTXsbGjxLlTPOZ4
+PADRHWz3dBb0yhWFddG4Urmjn05t4d2Gww8HZ3Lhj26h3bIr5BSvHBe+Be8e/ZP
2UxGtZWBqi4+sdoVCr1ebwg5EAFYxRVng1rO3XUR5eu/i8D5Y1R+5gr9pdltaFlN
HJbrsEoVegkYm57hMbcc9ZErGExd/CHRftKcdQopjyeTQQR+/5qgVi/E1Qnr26x/
UhUsybFResATKnF/yWpSmNbOFot3jUTjUEIsRHdlPB+s
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:38:10 2025 by rpki-client