Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c98434-decc-404f-8049-4aa2eeb5267c/1/es1btAbCX_CjXWZHEaO8kGaZYbo.roa
File: es1btAbCX_CjXWZHEaO8kGaZYbo.roa (raw, json)
Hash identifier: UPHvu8TN4M8DIoeUD1QnU2adpmPO8FshIYHQA94RWUQ=
Subject key identifier: 7A:CD:5B:B4:06:C2:5F:F0:A3:5D:66:47:11:A3:BC:90:66:99:61:BA
Certificate issuer: /CN=72673058859cfd7012941d8963adccf6300a19ef
Certificate serial: 01856D78A0DB3F5494F8F002297114A5600B
Authority key identifier: 72:67:30:58:85:9C:FD:70:12:94:1D:89:63:AD:CC:F6:30:0A:19:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cmcwWIWc_XASlB2JY63M9jAKGe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/c98434-decc-404f-8049-4aa2eeb5267c/1/es1btAbCX_CjXWZHEaO8kGaZYbo.roa
Signing time: Sun 01 Jan 2023 13:15:00 +0000
ROA not before: Sun 01 Jan 2023 13:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20805
IP address blocks: 213.167.160.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:a0:db:3f:54:94:f8:f0:02:29:71:14:a5:60:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72673058859cfd7012941d8963adccf6300a19ef
Validity
Not Before: Jan 1 13:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7acd5bb406c25ff0a35d664711a3bc90669961ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1a:30:05:fa:f1:2d:0e:f8:c1:75:9c:e5:00:
6a:a0:65:79:dc:c8:80:2f:bf:1b:7d:e7:a2:91:ce:
59:f9:98:25:a5:be:b6:8d:77:e1:c9:86:44:d6:4c:
e2:c1:ba:ed:66:a7:ac:e1:ca:a6:9a:d1:df:9b:a6:
3f:80:f6:71:da:e1:5d:1a:1c:db:56:05:23:41:b9:
d6:1e:b2:4a:59:5b:43:ef:64:07:df:73:2f:69:aa:
83:c3:7d:8f:29:33:5b:41:6c:69:40:de:62:b9:b1:
81:1d:c9:e7:69:4c:ae:f2:32:31:12:71:c4:f7:b6:
bc:6e:50:00:ce:8e:ee:26:5e:94:a8:58:c6:d5:32:
60:be:f1:00:c3:e0:fa:1d:16:2a:7d:46:36:25:18:
c7:fe:e0:56:13:97:f5:2e:f3:de:32:bd:5a:7e:45:
0c:b9:fa:a5:9e:da:94:64:91:56:fb:6d:30:fd:f1:
02:3f:01:f2:68:70:16:0f:86:2f:89:58:f0:02:84:
9d:91:56:bc:73:b8:fe:06:e9:31:78:b6:34:64:58:
77:67:9d:87:79:0a:92:8d:9d:65:be:82:2b:f7:11:
40:53:46:37:ca:8d:0f:2e:e4:01:56:0c:bb:46:a8:
4b:57:49:d7:e5:3e:6a:8e:c8:30:ed:fe:a9:37:e5:
2a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CD:5B:B4:06:C2:5F:F0:A3:5D:66:47:11:A3:BC:90:66:99:61:BA
X509v3 Authority Key Identifier:
keyid:72:67:30:58:85:9C:FD:70:12:94:1D:89:63:AD:CC:F6:30:0A:19:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cmcwWIWc_XASlB2JY63M9jAKGe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c98434-decc-404f-8049-4aa2eeb5267c/1/es1btAbCX_CjXWZHEaO8kGaZYbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c98434-decc-404f-8049-4aa2eeb5267c/1/cmcwWIWc_XASlB2JY63M9jAKGe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.167.160.0/19
Signature Algorithm: sha256WithRSAEncryption
91:e8:1e:de:6a:9b:09:f3:0a:ed:59:5a:82:66:85:a9:6e:ad:
3c:f4:7c:61:3c:1c:48:9b:4b:c1:18:19:0a:9a:bc:57:6c:af:
09:fc:5f:3a:9a:ed:29:b6:24:3d:56:4f:fd:c5:a5:78:ce:f9:
5a:0b:fb:f3:82:01:bc:f4:ce:22:c1:f0:c1:02:b6:4e:d5:ce:
cc:2d:f5:4a:2d:db:65:31:99:8f:20:cc:96:b3:5d:3e:6c:0c:
95:8d:1f:ed:a2:c6:76:1a:ef:4f:ef:b2:8a:6e:b9:40:bd:83:
c4:69:be:94:dc:60:9e:84:3b:05:63:6b:76:b9:8c:09:4b:e9:
37:bc:0d:89:62:6f:70:f6:a8:91:a0:8e:06:9a:b1:04:b4:30:
c9:c7:1f:50:9e:e4:03:65:eb:95:af:d5:3a:bc:57:17:90:2f:
74:39:98:d5:4c:48:f9:8d:76:9e:97:cc:a4:1e:23:4c:69:93:
bc:ae:a3:a5:ad:06:d5:c2:5e:33:0d:3f:d8:6d:84:02:fe:d0:
be:16:6c:85:9a:77:30:4c:43:10:aa:f1:c5:fd:e4:59:3a:d8:
2b:fe:43:d8:ad:50:44:73:f6:10:fe:93:a8:60:8c:c2:c4:9f:
bb:6c:1b:b1:1c:07:39:11:3c:d8:3f:cd:93:3a:93:67:9f:c1:
a2:91:99:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteKDbP1SU+PACKXEUpWALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNjczMDU4ODU5Y2ZkNzAxMjk0MWQ4OTYzYWRjY2Y2MzAw
YTE5ZWYwHhcNMjMwMTAxMTMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWNkNWJiNDA2YzI1ZmYwYTM1ZDY2NDcxMWEzYmM5MDY2OTk2MWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBowBfrxLQ74wXWc5QBqoGV53MiA
L78bfeeikc5Z+Zglpb62jXfhyYZE1kziwbrtZqes4cqmmtHfm6Y/gPZx2uFdGhzb
VgUjQbnWHrJKWVtD72QH33MvaaqDw32PKTNbQWxpQN5iubGBHcnnaUyu8jIxEnHE
97a8blAAzo7uJl6UqFjG1TJgvvEAw+D6HRYqfUY2JRjH/uBWE5f1LvPeMr1afkUM
ufqlntqUZJFW+20w/fECPwHyaHAWD4YviVjwAoSdkVa8c7j+BukxeLY0ZFh3Z52H
eQqSjZ1lvoIr9xFAU0Y3yo0PLuQBVgy7RqhLV0nX5T5qjsgw7f6pN+UqtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHrNW7QGwl/wo11mRxGjvJBmmWG6MB8GA1UdIwQY
MBaAFHJnMFiFnP1wEpQdiWOtzPYwChnvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY21jd1dJV2NfWEFTbEIySlk2M005akFLR2U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTg0MzQtZGVjYy00MDRmLTgwNDkt
NGFhMmVlYjUyNjdjLzEvZXMxYnRBYkNYX0NqWFdaSEVhTzhrR2FaWWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTg0MzQtZGVjYy00MDRmLTgwNDktNGFhMmVlYjUyNjdj
LzEvY21jd1dJV2NfWEFTbEIySlk2M005akFLR2U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1aegMA0G
CSqGSIb3DQEBCwUAA4IBAQCR6B7eapsJ8wrtWVqCZoWpbq089HxhPBxIm0vBGBkK
mrxXbK8J/F86mu0ptiQ9Vk/9xaV4zvlaC/vzggG89M4iwfDBArZO1c7MLfVKLdtl
MZmPIMyWs10+bAyVjR/tosZ2Gu9P77KKbrlAvYPEab6U3GCehDsFY2t2uYwJS+k3
vA2JYm9w9qiRoI4GmrEEtDDJxx9QnuQDZeuVr9U6vFcXkC90OZjVTEj5jXael8yk
HiNMaZO8rqOlrQbVwl4zDT/YbYQC/tC+FmyFmncwTEMQqvHF/eRZOtgr/kPYrVBE
c/YQ/pOoYIzCxJ+7bBuxHAc5ETzYP82TOpNnn8GikZkO
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:03:43 2025 by rpki-client