Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/efq6cJ6aq-AJjGcn-0MdhagmqdQ.roa
File: efq6cJ6aq-AJjGcn-0MdhagmqdQ.roa (raw, json)
Hash identifier: nr8InLCNtbHp5VCK3Q093PYcjqi7VJ/ugtLI47P3yD0=
Subject key identifier: 79:FA:BA:70:9E:9A:AB:E0:09:8C:67:27:FB:43:1D:85:A8:26:A9:D4
Certificate issuer: /CN=961ccfa9d02cbf05960e3a2f9079859ccd6ead6d
Certificate serial: 01856DDD3437A79BC6ECC3A0323D376FDEA3
Authority key identifier: 96:1C:CF:A9:D0:2C:BF:05:96:0E:3A:2F:90:79:85:9C:CD:6E:AD:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhzPqdAsvwWWDjovkHmFnM1urW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/efq6cJ6aq-AJjGcn-0MdhagmqdQ.roa
Signing time: Sun 01 Jan 2023 15:04:51 +0000
ROA not before: Sun 01 Jan 2023 15:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34895
IP address blocks: 83.138.64.0/18 maxlen: 18
185.171.136.0/22 maxlen: 22
2a01:4da0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:34:37:a7:9b:c6:ec:c3:a0:32:3d:37:6f:de:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=961ccfa9d02cbf05960e3a2f9079859ccd6ead6d
Validity
Not Before: Jan 1 15:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79faba709e9aabe0098c6727fb431d85a826a9d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7c:31:9a:41:7d:73:76:7b:e7:59:e6:70:9d:
52:80:64:62:e6:7f:fc:ba:c0:46:9f:13:c1:27:cb:
26:b5:a4:0f:18:6b:43:71:32:c8:e5:47:d1:60:fb:
b1:1f:8e:a3:ed:9f:e8:b3:80:be:6c:33:5f:07:05:
b1:8a:c3:5f:90:89:bd:00:7c:2c:bd:f7:d1:f1:29:
f6:49:96:2b:9d:38:6a:33:49:c7:59:e3:5e:f7:6f:
27:62:90:ed:3e:50:3e:67:8f:4b:cf:1f:3f:0e:c5:
e3:7f:3a:65:0d:2c:34:a6:55:31:c8:9d:06:5a:20:
83:ba:b4:4b:75:ac:60:6b:01:34:53:96:f1:82:3a:
03:8b:9c:6c:6b:a4:93:31:28:f7:af:b7:fa:28:37:
a7:5d:69:3f:8b:37:d7:04:e3:a5:84:03:87:54:76:
ec:59:33:72:39:4d:5d:9a:13:95:a2:72:36:27:d3:
ac:35:4d:5a:14:f6:3a:0a:e9:42:ef:c5:c8:8f:88:
86:73:6e:f9:85:51:d4:9a:b8:4a:b7:0d:37:66:14:
4c:be:e4:f6:bf:93:72:17:0d:a5:5e:d1:ad:d4:6b:
48:e5:9d:76:5d:66:d1:cf:fd:a7:ee:5b:d2:f3:9e:
3e:d0:ad:33:f8:64:4f:2c:09:33:13:4e:3b:05:38:
3b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:FA:BA:70:9E:9A:AB:E0:09:8C:67:27:FB:43:1D:85:A8:26:A9:D4
X509v3 Authority Key Identifier:
keyid:96:1C:CF:A9:D0:2C:BF:05:96:0E:3A:2F:90:79:85:9C:CD:6E:AD:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhzPqdAsvwWWDjovkHmFnM1urW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/efq6cJ6aq-AJjGcn-0MdhagmqdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.138.64.0/18
185.171.136.0/22
IPv6:
2a01:4da0::/48
Signature Algorithm: sha256WithRSAEncryption
20:79:10:2b:eb:4f:01:ce:03:ea:05:71:b9:6d:0b:8f:b5:80:
48:41:cd:35:77:91:53:16:2d:a2:b7:01:c1:56:68:3d:a0:8b:
cb:68:c5:7a:6e:95:fe:3f:9d:2e:37:8a:36:a7:02:c6:dc:8c:
7a:c2:77:91:c2:18:9f:ba:dd:29:6e:ed:1e:a3:d9:0e:80:fe:
cb:48:7b:92:70:f6:b7:9b:3a:7d:a1:c8:cb:32:93:41:a8:97:
95:ee:a9:8d:55:7a:ef:61:18:41:f1:4b:3b:d0:51:35:dd:a4:
7c:ab:39:0b:26:af:31:4e:96:d5:f8:46:30:31:07:2d:3c:8d:
fe:95:91:dc:9e:99:ac:fb:14:12:0e:aa:0d:bc:2c:18:e0:6d:
11:39:ff:7c:37:42:b3:e3:08:a5:77:4a:32:f1:a0:c4:d3:b6:
01:de:28:27:6f:81:a8:4f:37:ff:70:8c:a8:08:c1:20:f9:ec:
ad:d0:60:c8:37:05:3f:5f:4e:9b:5e:8d:55:13:11:8c:d7:67:
14:53:a6:3c:61:67:1c:fb:a3:00:e1:4d:2f:63:06:c7:e3:98:
b5:87:c8:e9:7c:2e:aa:44:f2:e6:84:7a:df:8d:52:03:ba:0d:
7c:82:02:a0:fd:f6:c9:fa:27:bb:1d:0e:4d:aa:a4:4c:2d:d1:
d5:ae:07:f6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVt3TQ3p5vG7MOgMj03b96jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MWNjZmE5ZDAyY2JmMDU5NjBlM2EyZjkwNzk4NTljY2Q2
ZWFkNmQwHhcNMjMwMTAxMTUwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWZhYmE3MDllOWFhYmUwMDk4YzY3MjdmYjQzMWQ4NWE4MjZhOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHwxmkF9c3Z751nmcJ1SgGRi5n/8
usBGnxPBJ8smtaQPGGtDcTLI5UfRYPuxH46j7Z/os4C+bDNfBwWxisNfkIm9AHws
vffR8Sn2SZYrnThqM0nHWeNe928nYpDtPlA+Z49Lzx8/DsXjfzplDSw0plUxyJ0G
WiCDurRLdaxgawE0U5bxgjoDi5xsa6STMSj3r7f6KDenXWk/izfXBOOlhAOHVHbs
WTNyOU1dmhOVonI2J9OsNU1aFPY6CulC78XIj4iGc275hVHUmrhKtw03ZhRMvuT2
v5NyFw2lXtGt1GtI5Z12XWbRz/2n7lvS854+0K0z+GRPLAkzE047BTg7qQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHn6unCemqvgCYxnJ/tDHYWoJqnUMB8GA1UdIwQY
MBaAFJYcz6nQLL8Flg46L5B5hZzNbq1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGh6UHFkQXN2d1dXRGpvdmtIbUZuTTF1clcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81NTU3ZmMtNzY1My00MGE5LTk5YzMt
N2VhOTkwNWMzZmJkLzEvZWZxNmNKNmFxLUFKakdjbi0wTWRoYWdtcWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81NTU3ZmMtNzY1My00MGE5LTk5YzMtN2VhOTkwNWMzZmJk
LzEvbGh6UHFkQXN2d1dXRGpvdmtIbUZuTTF1clcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQGU4pAAwQC
uauIMA8EAgACMAkDBwAqAU2gAAAwDQYJKoZIhvcNAQELBQADggEBACB5ECvrTwHO
A+oFcbltC4+1gEhBzTV3kVMWLaK3AcFWaD2gi8toxXpulf4/nS43ijanAsbcjHrC
d5HCGJ+63Slu7R6j2Q6A/stIe5Jw9rebOn2hyMsyk0Gol5XuqY1Veu9hGEHxSzvQ
UTXdpHyrOQsmrzFOltX4RjAxBy08jf6Vkdyemaz7FBIOqg28LBjgbRE5/3w3QrPj
CKV3SjLxoMTTtgHeKCdvgahPN/9wjKgIwSD57K3QYMg3BT9fTptejVUTEYzXZxRT
pjxhZxz7owDhTS9jBsfjmLWHyOl8LqpE8uaEet+NUgO6DXyCAqD99sn6J7sdDk2q
pEwt0dWuB/Y=
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:18:17 2025 by rpki-client