Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/gE6bZk7JPLKuMB0BjOnj3OIRKC8.roa
File: gE6bZk7JPLKuMB0BjOnj3OIRKC8.roa (raw, json)
Hash identifier: 6DI6r5mDqxsx8tm03UBfrYhiO7PckX9LCi4bhfTwl5w=
Subject key identifier: 80:4E:9B:66:4E:C9:3C:B2:AE:30:1D:01:8C:E9:E3:DC:E2:11:28:2F
Certificate issuer: /CN=107807c2518915138f555123605c0133dfdbb4fa
Certificate serial: 0187B492540FF486B2BDC131E0131320CEF7
Authority key identifier: 10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/gE6bZk7JPLKuMB0BjOnj3OIRKC8.roa
Signing time: Mon 24 Apr 2023 18:41:41 +0000
ROA not before: Mon 24 Apr 2023 18:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35280
IP address blocks: 132.71.0.0/16 maxlen: 16
132.70.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:92:54:0f:f4:86:b2:bd:c1:31:e0:13:13:20:ce:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=107807c2518915138f555123605c0133dfdbb4fa
Validity
Not Before: Apr 24 18:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=804e9b664ec93cb2ae301d018ce9e3dce211282f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c2:6c:af:92:61:ea:fe:cb:ec:c4:93:b8:72:
71:bd:c3:48:51:f3:e9:c3:73:52:b0:3f:6b:aa:bb:
12:2e:7f:c0:56:6a:06:d3:b4:11:17:fa:95:02:41:
79:e8:1e:20:86:62:da:d9:04:bd:2f:87:5a:9a:51:
e0:08:6b:78:68:a2:5f:a6:9b:cb:1c:da:37:ef:0e:
5f:bd:d6:db:cc:39:7a:73:98:96:fa:8a:3d:aa:76:
78:fe:89:a2:e5:d9:b2:58:9a:69:12:f0:12:e6:10:
b3:47:8f:5a:db:af:e5:4b:50:aa:d9:84:a3:cb:fb:
12:35:b9:0d:5e:f1:09:61:89:7d:1f:a8:7f:32:3e:
46:b3:bf:fa:16:4e:99:e1:12:43:4b:95:b2:da:94:
c8:b4:c4:6b:54:6a:8d:32:e8:d4:6f:b1:cd:0d:19:
13:45:02:6b:f4:11:ee:19:17:4c:60:b6:b3:41:b6:
50:5e:fb:f8:3a:15:03:b4:c9:c3:32:0a:22:f8:34:
c5:af:ac:a4:a1:82:05:2e:8a:5a:2e:e0:0f:e3:91:
94:9e:de:80:ef:ef:95:f5:e7:7f:aa:a8:1e:1d:ce:
4e:ad:ef:28:79:ea:b3:98:e0:17:39:06:e2:03:79:
3e:9f:f0:b6:9e:28:99:59:9b:21:45:3d:b5:6d:3d:
69:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:4E:9B:66:4E:C9:3C:B2:AE:30:1D:01:8C:E9:E3:DC:E2:11:28:2F
X509v3 Authority Key Identifier:
keyid:10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/gE6bZk7JPLKuMB0BjOnj3OIRKC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/EHgHwlGJFROPVVEjYFwBM9_btPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.70.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4e:e0:9d:db:10:92:d1:e6:15:4a:e9:f4:18:d7:f0:34:54:2d:
19:14:82:a6:71:b5:fa:22:c1:da:52:28:2e:f6:95:dc:00:15:
2a:b1:46:49:7d:9c:e7:e0:5b:02:ad:36:5c:6b:74:aa:b9:5a:
25:6a:5e:43:fc:15:32:f7:46:97:d7:d9:b9:31:d5:b5:7d:01:
15:f9:8f:ec:b4:d8:9f:9d:41:87:95:7e:0f:2a:d7:02:b7:b9:
b5:df:a3:83:66:f7:4c:ff:2b:42:6e:fe:af:00:a7:28:5f:86:
d3:64:45:b0:92:c6:c0:7c:9d:b7:0e:26:6a:66:47:db:0d:93:
29:f2:26:54:20:47:9b:8b:c4:a7:d5:5d:73:c9:c9:70:7e:ce:
4c:b9:80:d1:00:1f:b1:af:2c:70:69:84:c9:e3:b5:c0:d8:a2:
32:42:a9:f7:81:22:b4:d6:9e:e9:c2:71:f3:1c:60:62:e4:fa:
05:3b:5a:13:77:fc:e3:e4:05:0f:2f:5a:a4:7a:42:eb:51:e3:
b2:df:15:47:25:ea:bf:1c:b2:95:b6:c1:6f:5f:bf:c2:63:3b:
7a:a1:96:19:71:d1:fd:6e:cf:9e:7c:e9:d2:d6:ad:93:cb:08:
46:a3:99:18:16:49:0a:75:c8:6d:60:69:ab:c1:6f:ff:2a:2a:
c3:ee:6c:8a
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYe0klQP9IayvcEx4BMTIM73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzgwN2MyNTE4OTE1MTM4ZjU1NTEyMzYwNWMwMTMzZGZk
YmI0ZmEwHhcNMjMwNDI0MTg0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDRlOWI2NjRlYzkzY2IyYWUzMDFkMDE4Y2U5ZTNkY2UyMTEyODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8Jsr5Jh6v7L7MSTuHJxvcNIUfPp
w3NSsD9rqrsSLn/AVmoG07QRF/qVAkF56B4ghmLa2QS9L4damlHgCGt4aKJfppvL
HNo37w5fvdbbzDl6c5iW+oo9qnZ4/omi5dmyWJppEvAS5hCzR49a26/lS1Cq2YSj
y/sSNbkNXvEJYYl9H6h/Mj5Gs7/6Fk6Z4RJDS5Wy2pTItMRrVGqNMujUb7HNDRkT
RQJr9BHuGRdMYLazQbZQXvv4OhUDtMnDMgoi+DTFr6ykoYIFLopaLuAP45GUnt6A
7++V9ed/qqgeHc5Ore8oeeqzmOAXOQbiA3k+n/C2niiZWZshRT21bT1pvQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFIBOm2ZOyTyyrjAdAYzp49ziESgvMB8GA1UdIwQY
MBaAFBB4B8JRiRUTj1VRI2BcATPf27T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTIt
ZjlhYzE1ZTY2Mzg2LzEvZ0U2YlprN0pQTEt1TUIwQmpPbmozT0lSS0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTItZjlhYzE1ZTY2Mzg2
LzEvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEYwDQYJ
KoZIhvcNAQELBQADggEBAE7gndsQktHmFUrp9BjX8DRULRkUgqZxtfoiwdpSKC72
ldwAFSqxRkl9nOfgWwKtNlxrdKq5WiVqXkP8FTL3RpfX2bkx1bV9ARX5j+y02J+d
QYeVfg8q1wK3ubXfo4Nm90z/K0Ju/q8ApyhfhtNkRbCSxsB8nbcOJmpmR9sNkyny
JlQgR5uLxKfVXXPJyXB+zky5gNEAH7GvLHBphMnjtcDYojJCqfeBIrTWnunCcfMc
YGLk+gU7WhN3/OPkBQ8vWqR6QutR47LfFUcl6r8cspW2wW9fv8JjO3qhlhlx0f1u
z5586dLWrZPLCEajmRgWSQp1yG1gaavBb/8qKsPubIo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:32 2025 by rpki-client