Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2Q7OvG0rOuPrg8uRza3wpJZ5Bxw.roa
File: 2Q7OvG0rOuPrg8uRza3wpJZ5Bxw.roa (raw, json)
Hash identifier: 85LSplEpwvyt3riv2p2M/tLn7YQeOI+eMWMJgzeGiVU=
Subject key identifier: D9:0E:CE:BC:6D:2B:3A:E3:EB:83:CB:91:CD:AD:F0:A4:96:79:07:1C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186930A16837F7F7F908FD64105BFE74482
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2Q7OvG0rOuPrg8uRza3wpJZ5Bxw.roa
Signing time: Mon 27 Feb 2023 13:22:37 +0000
ROA not before: Mon 27 Feb 2023 13:22:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16276
IP address blocks: 192.124.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:0a:16:83:7f:7f:7f:90:8f:d6:41:05:bf:e7:44:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 27 13:22:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d90ecebc6d2b3ae3eb83cb91cdadf0a49679071c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:15:33:fb:3b:ec:b7:d8:09:e7:f4:27:f0:93:
26:fb:08:ab:29:95:3e:a2:d9:1a:d1:70:59:29:31:
9a:d6:4a:2d:4b:20:5b:1b:4e:16:34:e6:f9:5c:f4:
57:c3:fe:b9:cc:6c:1a:5f:19:95:4b:84:82:e5:6a:
c8:14:b8:7d:6b:21:6f:4b:af:e2:ef:ed:2a:b3:99:
51:31:df:d6:66:90:76:3f:f7:97:a3:07:fc:92:bd:
41:e4:55:4c:eb:5f:28:98:84:af:6b:b1:d5:c2:b0:
b0:6d:35:7f:7c:25:db:93:df:1b:71:e5:57:97:11:
08:3f:b1:33:c2:c2:4d:6a:1c:76:18:c8:6d:3c:fa:
6f:f6:64:f2:a2:90:61:d7:89:d2:98:4d:46:e6:ab:
29:01:25:13:41:a0:f6:9d:91:73:d9:31:39:7a:45:
92:c5:ba:93:1e:20:e4:3f:cf:6b:b3:ce:e7:97:20:
1d:aa:03:4a:c1:5f:bd:ae:78:88:35:bf:ba:9a:38:
a3:9b:87:98:0c:e6:46:6a:30:53:6e:db:18:67:4f:
72:1a:57:cb:ab:29:f0:84:5b:8d:af:6c:24:17:61:
d8:6a:10:70:47:c0:ea:3a:ce:b0:6b:f5:92:5a:eb:
57:23:0a:56:6c:0c:e1:c8:a9:bf:fd:6b:c8:0c:7b:
51:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:0E:CE:BC:6D:2B:3A:E3:EB:83:CB:91:CD:AD:F0:A4:96:79:07:1C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2Q7OvG0rOuPrg8uRza3wpJZ5Bxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.183.0/24
Signature Algorithm: sha256WithRSAEncryption
06:f6:0b:d8:dd:24:37:c2:5d:f1:59:48:b4:f0:40:09:b6:72:
ca:2f:92:2c:d5:0a:64:21:89:a3:20:72:d1:d4:5e:50:9e:09:
07:08:f8:e3:39:92:d5:00:93:bb:f9:fe:34:e4:83:bf:9e:c8:
81:a0:b0:5e:22:a8:9b:c6:1f:b8:ec:71:5d:54:16:58:f4:36:
05:84:41:a3:98:cb:26:0c:54:95:e3:9d:b5:5b:cc:d6:d0:3d:
dc:b8:26:dd:4a:72:d3:5b:8e:d5:b5:d8:7a:b0:c7:1e:4d:55:
db:f4:09:6d:67:68:a8:72:a0:59:4d:77:72:77:7d:bd:06:7a:
04:03:f6:ab:d2:bc:cd:72:cd:b9:f8:18:fc:10:30:46:87:c4:
14:0a:12:d6:0e:48:83:a4:aa:f9:d0:15:b4:71:9b:85:20:c8:
f2:38:40:58:5c:1f:c4:c3:30:7a:7a:10:33:c6:67:3a:6e:e7:
84:e8:8e:a6:2e:8d:a9:92:1a:3f:c6:f6:d0:30:80:32:fe:ea:
37:85:df:8c:d5:ce:e9:44:1e:9b:e5:07:0e:24:cd:6a:57:79:
b5:3a:9d:69:c1:24:f3:02:0b:77:72:e4:1b:9b:40:44:86:63:
98:d8:61:eb:02:f3:ab:4d:cc:c0:e8:c5:0c:57:f8:63:c4:75:
01:ea:33:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaTChaDf39/kI/WQQW/50SCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMjI3MTMyMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTBlY2ViYzZkMmIzYWUzZWI4M2NiOTFjZGFkZjBhNDk2NzkwNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihUz+zvst9gJ5/Qn8JMm+wirKZU+
otka0XBZKTGa1kotSyBbG04WNOb5XPRXw/65zGwaXxmVS4SC5WrIFLh9ayFvS6/i
7+0qs5lRMd/WZpB2P/eXowf8kr1B5FVM618omISva7HVwrCwbTV/fCXbk98bceVX
lxEIP7EzwsJNahx2GMhtPPpv9mTyopBh14nSmE1G5qspASUTQaD2nZFz2TE5ekWS
xbqTHiDkP89rs87nlyAdqgNKwV+9rniINb+6mjijm4eYDOZGajBTbtsYZ09yGlfL
qynwhFuNr2wkF2HYahBwR8DqOs6wa/WSWutXIwpWbAzhyKm//WvIDHtR1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNkOzrxtKzrj64PLkc2t8KSWeQccMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMlE3T3ZHMHJPdVByZzh1UnphM3dwSlo1Qnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHy3MA0G
CSqGSIb3DQEBCwUAA4IBAQAG9gvY3SQ3wl3xWUi08EAJtnLKL5Is1QpkIYmjIHLR
1F5QngkHCPjjOZLVAJO7+f405IO/nsiBoLBeIqibxh+47HFdVBZY9DYFhEGjmMsm
DFSV4521W8zW0D3cuCbdSnLTW47Vtdh6sMceTVXb9AltZ2iocqBZTXdyd329BnoE
A/ar0rzNcs25+Bj8EDBGh8QUChLWDkiDpKr50BW0cZuFIMjyOEBYXB/EwzB6ehAz
xmc6bueE6I6mLo2pkho/xvbQMIAy/uo3hd+M1c7pRB6b5QcOJM1qV3m1Op1pwSTz
Agt3cuQbm0BEhmOY2GHrAvOrTczA6MUMV/hjxHUB6jOj
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:21:52 2025 by rpki-client