Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/380400-dc2e-494a-891a-2f2300b6e3d9/1/p6dBq0SmngrcOur53_sJLHurf_o.roa
File: p6dBq0SmngrcOur53_sJLHurf_o.roa (raw, json)
Hash identifier: NUaDJz2b5g9UIwl77geB5KKb3AfSPu95cZD545bWijw=
Subject key identifier: A7:A7:41:AB:44:A6:9E:0A:DC:3A:EA:F9:DF:FB:09:2C:7B:AB:7F:FA
Certificate issuer: /CN=7e2eda6952b03e8ba45997be615d7abee1784f83
Certificate serial: 0187C8098C09E03E9BCEAFFD4D9F4105BC1A
Authority key identifier: 7E:2E:DA:69:52:B0:3E:8B:A4:59:97:BE:61:5D:7A:BE:E1:78:4F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fi7aaVKwPoukWZe-YV16vuF4T4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/380400-dc2e-494a-891a-2f2300b6e3d9/1/p6dBq0SmngrcOur53_sJLHurf_o.roa
Signing time: Fri 28 Apr 2023 13:24:41 +0000
ROA not before: Fri 28 Apr 2023 13:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41960
IP address blocks: 87.239.96.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c8:09:8c:09:e0:3e:9b:ce:af:fd:4d:9f:41:05:bc:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e2eda6952b03e8ba45997be615d7abee1784f83
Validity
Not Before: Apr 28 13:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7a741ab44a69e0adc3aeaf9dffb092c7bab7ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1d:5d:65:bf:b0:84:50:f0:88:2b:05:a6:13:
52:18:14:e7:f7:3a:1e:20:30:54:d6:fd:02:e8:a4:
56:08:4f:93:d9:68:98:06:a6:08:76:ed:4d:29:01:
74:6e:ce:47:f5:d8:e0:1a:a1:b2:9d:f8:13:12:01:
a3:4b:90:8d:47:d6:89:d6:f5:59:0b:4d:de:e7:fb:
20:03:21:8d:78:29:60:75:72:c0:06:3f:65:82:2a:
31:c1:f5:d7:16:d3:e1:b1:d6:4f:db:1b:8a:66:d6:
ed:ef:97:36:da:85:c8:2f:51:c2:97:58:cd:6a:8e:
67:af:32:08:02:b6:7a:42:81:79:7f:df:c1:36:6d:
2e:99:0d:de:b5:25:58:b6:34:2a:5c:8a:e1:8c:17:
bd:4d:0c:13:bf:90:c6:62:65:8f:c7:ea:c9:08:ad:
09:ef:68:93:0a:d6:49:3c:d7:4f:cb:9e:37:89:e9:
61:7c:32:34:1b:c0:32:ae:bd:41:28:d9:cc:05:12:
b7:6c:52:7a:ed:71:66:dc:1a:78:f6:42:55:fb:05:
21:0e:f5:1e:26:ba:0d:35:41:90:05:8a:bd:d9:b2:
b9:df:9a:15:7b:04:d5:d8:81:dc:17:61:06:62:35:
ad:ce:bd:6e:ec:23:e1:48:51:18:74:f7:d5:6f:2d:
ee:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:A7:41:AB:44:A6:9E:0A:DC:3A:EA:F9:DF:FB:09:2C:7B:AB:7F:FA
X509v3 Authority Key Identifier:
keyid:7E:2E:DA:69:52:B0:3E:8B:A4:59:97:BE:61:5D:7A:BE:E1:78:4F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fi7aaVKwPoukWZe-YV16vuF4T4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/380400-dc2e-494a-891a-2f2300b6e3d9/1/p6dBq0SmngrcOur53_sJLHurf_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/380400-dc2e-494a-891a-2f2300b6e3d9/1/fi7aaVKwPoukWZe-YV16vuF4T4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.96.0/21
Signature Algorithm: sha256WithRSAEncryption
99:e9:82:8e:44:92:7a:6a:81:94:4b:0d:10:f7:2b:e4:7e:de:
5f:29:e1:80:e6:50:98:9d:ca:fc:7d:a6:ce:0b:dd:36:3f:e4:
54:35:e2:b4:da:47:d6:5f:34:e1:a5:ae:63:a6:13:c4:fc:fb:
a5:17:12:31:c8:e8:b5:a2:54:5c:e2:14:f6:da:4d:e1:dd:81:
d4:a6:48:b1:91:16:23:1c:8b:2d:1c:0e:93:69:90:88:89:86:
9c:6a:4f:21:e6:f2:50:93:13:d9:09:9b:78:66:c0:61:26:80:
49:62:a6:93:28:d7:e3:de:dd:5c:21:63:35:96:36:2a:7a:84:
15:28:27:3b:24:c0:b1:4d:83:02:69:9e:01:fa:80:23:86:bc:
73:20:a4:55:3f:15:70:a8:2d:63:24:ba:27:d2:e1:a1:be:69:
69:18:73:e0:ce:1d:3e:c2:19:e4:ae:0f:20:94:cc:dd:f5:cb:
69:b7:be:59:22:cd:3e:9e:44:38:99:03:45:7b:20:29:c2:eb:
a5:c1:0b:b0:43:83:66:fb:1e:42:8b:99:98:de:be:b0:01:0d:
2a:63:c7:fe:bf:fa:e0:f6:7d:b9:5b:31:23:10:06:6c:a3:f8:
5a:e3:70:1f:be:60:65:67:aa:e8:6d:e7:8d:3e:eb:c8:c1:9f:
07:4d:12:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfICYwJ4D6bzq/9TZ9BBbwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMmVkYTY5NTJiMDNlOGJhNDU5OTdiZTYxNWQ3YWJlZTE3
ODRmODMwHhcNMjMwNDI4MTMyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2E3NDFhYjQ0YTY5ZTBhZGMzYWVhZjlkZmZiMDkyYzdiYWI3ZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjB1dZb+whFDwiCsFphNSGBTn9zoe
IDBU1v0C6KRWCE+T2WiYBqYIdu1NKQF0bs5H9djgGqGynfgTEgGjS5CNR9aJ1vVZ
C03e5/sgAyGNeClgdXLABj9lgioxwfXXFtPhsdZP2xuKZtbt75c22oXIL1HCl1jN
ao5nrzIIArZ6QoF5f9/BNm0umQ3etSVYtjQqXIrhjBe9TQwTv5DGYmWPx+rJCK0J
72iTCtZJPNdPy543ielhfDI0G8Ayrr1BKNnMBRK3bFJ67XFm3Bp49kJV+wUhDvUe
JroNNUGQBYq92bK535oVewTV2IHcF2EGYjWtzr1u7CPhSFEYdPfVby3uMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKenQatEpp4K3Drq+d/7CSx7q3/6MB8GA1UdIwQY
MBaAFH4u2mlSsD6LpFmXvmFder7heE+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmk3YWFWS3dQb3VrV1plLVlWMTZ2dUY0VDRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zODA0MDAtZGMyZS00OTRhLTg5MWEt
MmYyMzAwYjZlM2Q5LzEvcDZkQnEwU21uZ3JjT3VyNTNfc0pMSHVyZl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zODA0MDAtZGMyZS00OTRhLTg5MWEtMmYyMzAwYjZlM2Q5
LzEvZmk3YWFWS3dQb3VrV1plLVlWMTZ2dUY0VDRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDV+9gMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ6YKORJJ6aoGUSw0Q9yvkft5fKeGA5lCYncr8fabO
C902P+RUNeK02kfWXzThpa5jphPE/PulFxIxyOi1olRc4hT22k3h3YHUpkixkRYj
HIstHA6TaZCIiYacak8h5vJQkxPZCZt4ZsBhJoBJYqaTKNfj3t1cIWM1ljYqeoQV
KCc7JMCxTYMCaZ4B+oAjhrxzIKRVPxVwqC1jJLon0uGhvmlpGHPgzh0+whnkrg8g
lMzd9ctpt75ZIs0+nkQ4mQNFeyApwuulwQuwQ4Nm+x5Ci5mY3r6wAQ0qY8f+v/rg
9n25WzEjEAZso/ha43AfvmBlZ6robeeNPuvIwZ8HTRL8
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:25:24 2025 by rpki-client