Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/e7y8kp-_p8ZyiyfgRkr322J_XdE.roa
File: e7y8kp-_p8ZyiyfgRkr322J_XdE.roa (raw, json)
Hash identifier: 4gVvQCnr1m/rh97OP7XADB7VHeXimE5MS7l/tDostho=
Subject key identifier: 7B:BC:BC:92:9F:BF:A7:C6:72:8B:27:E0:46:4A:F7:DB:62:7F:5D:D1
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 018B474E77472134FE90C6BD65AB95E9F8C3
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/e7y8kp-_p8ZyiyfgRkr322J_XdE.roa
Signing time: Thu 19 Oct 2023 09:40:06 +0000
ROA not before: Thu 19 Oct 2023 09:40:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216300
IP address blocks: 2a12:b3c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:4e:77:47:21:34:fe:90:c6:bd:65:ab:95:e9:f8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: Oct 19 09:40:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bbcbc929fbfa7c6728b27e0464af7db627f5dd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:40:13:97:76:96:ef:1e:f5:4e:fc:68:f7:32:
bc:b7:21:43:cd:a3:c9:c8:dd:67:ba:37:23:56:9a:
ae:4a:1d:e8:d7:05:2a:07:e1:47:d7:f3:8b:e6:10:
f8:35:3c:04:48:34:68:ac:30:20:64:a1:70:07:1c:
57:13:d3:8f:ea:3b:1b:01:13:db:c0:ee:59:fe:9e:
c6:c3:8a:28:a6:ef:e8:74:18:85:e8:0d:18:a2:80:
b4:b9:3f:c0:86:74:de:0b:df:8b:0d:81:53:2b:e0:
e5:c5:26:2f:98:38:fb:2e:46:ff:28:98:9c:54:44:
f9:f4:17:3f:6e:96:e9:3d:53:c1:0c:43:e1:8b:53:
cc:47:ff:fe:74:7f:67:60:c7:89:88:77:3d:62:21:
5d:94:4e:a9:19:f3:a6:55:d0:1a:7f:15:c1:b4:25:
6e:da:63:ee:56:34:49:98:4f:e8:d7:87:b0:42:be:
ab:56:d9:d5:40:6b:bb:d8:0e:de:b9:a8:3a:66:6d:
a3:84:1d:f9:87:3e:b9:cc:65:f7:88:08:4b:d4:8c:
8a:f0:e2:af:86:16:aa:6a:86:d8:fc:19:e2:06:26:
d7:e5:51:d6:62:a2:7d:25:79:80:72:66:ad:c1:d1:
5a:7f:66:1b:35:ae:3e:aa:35:c9:35:5b:e1:b0:45:
0e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:BC:BC:92:9F:BF:A7:C6:72:8B:27:E0:46:4A:F7:DB:62:7F:5D:D1
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/e7y8kp-_p8ZyiyfgRkr322J_XdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:b3c0::/48
Signature Algorithm: sha256WithRSAEncryption
15:b1:38:0c:2f:cc:ab:7d:f5:dd:1b:79:e8:d4:d0:fe:da:76:
fb:85:2e:10:04:77:5a:98:dd:cf:a7:5b:b1:ff:19:a7:9f:6f:
bd:80:0a:79:c9:f5:64:c8:a1:f4:90:75:ea:72:bb:0a:82:41:
eb:d9:7b:13:2e:48:4d:8e:7c:00:65:bb:bf:21:ff:9b:d3:3f:
d3:b8:29:a2:9f:46:67:7c:43:0f:5c:d8:0b:0d:4e:34:3d:ca:
91:21:e4:36:b9:5c:0f:77:4d:4e:b3:9e:33:02:e3:b9:57:01:
32:33:db:dd:79:82:6b:5e:16:87:9b:54:64:8d:91:7c:eb:66:
4c:f1:56:f1:46:79:aa:59:d4:a1:08:16:81:4e:77:04:d1:f9:
bc:b2:17:cf:29:35:29:6b:f8:bd:b3:b9:a3:36:65:76:54:f9:
81:d5:91:4c:6f:6a:65:81:31:46:5f:2f:db:aa:24:55:99:cc:
3f:f7:56:07:ca:89:78:ec:b4:df:7b:70:2b:5c:dc:7d:40:44:
d3:30:73:d3:91:7c:81:31:9d:29:bb:ac:9c:90:a7:07:cf:e5:
08:e4:9f:6f:7e:3d:e2:ef:f6:82:1e:9b:6d:b6:a7:dc:16:40:
49:7d:69:5d:11:1e:f1:a0:90:df:0b:86:66:b5:85:16:51:14:
29:15:5d:7a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYtHTndHITT+kMa9ZauV6fjDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjMxMDE5MDk0MDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmJjYmM5MjlmYmZhN2M2NzI4YjI3ZTA0NjRhZjdkYjYyN2Y1ZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkATl3aW7x71Tvxo9zK8tyFDzaPJ
yN1nujcjVpquSh3o1wUqB+FH1/OL5hD4NTwESDRorDAgZKFwBxxXE9OP6jsbARPb
wO5Z/p7Gw4oopu/odBiF6A0YooC0uT/AhnTeC9+LDYFTK+DlxSYvmDj7Lkb/KJic
VET59Bc/bpbpPVPBDEPhi1PMR//+dH9nYMeJiHc9YiFdlE6pGfOmVdAafxXBtCVu
2mPuVjRJmE/o14ewQr6rVtnVQGu72A7euag6Zm2jhB35hz65zGX3iAhL1IyK8OKv
hhaqaobY/BniBibX5VHWYqJ9JXmAcmatwdFaf2YbNa4+qjXJNVvhsEUOkQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHu8vJKfv6fGcosn4EZK99tif13RMB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEvZTd5OGtwLV9wOFp5aXlmZ1JrcjMyMkpfWGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKzwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAVsTgML8yrffXdG3no1ND+2nb7hS4QBHdamN3P
p1ux/xmnn2+9gAp5yfVkyKH0kHXqcrsKgkHr2XsTLkhNjnwAZbu/If+b0z/TuCmi
n0ZnfEMPXNgLDU40PcqRIeQ2uVwPd01Os54zAuO5VwEyM9vdeYJrXhaHm1RkjZF8
62ZM8VbxRnmqWdShCBaBTncE0fm8shfPKTUpa/i9s7mjNmV2VPmB1ZFMb2plgTFG
Xy/bqiRVmcw/91YHyol47LTfe3ArXNx9QETTMHPTkXyBMZ0pu6yckKcHz+UI5J9v
fj3i7/aCHptttqfcFkBJfWldER7xoJDfC4ZmtYUWURQpFV16
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:16:29 2025 by rpki-client