Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/7LkS9GQXi2HIB3-cJHiZlkIatUU.roa
File: 7LkS9GQXi2HIB3-cJHiZlkIatUU.roa (raw, json)
Hash identifier: JXTk4q3EHzSUVupP5nwYRic6nBL/QbTHUiStFMvmUeQ=
Subject key identifier: EC:B9:12:F4:64:17:8B:61:C8:07:7F:9C:24:78:99:96:42:1A:B5:45
Certificate issuer: /CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Certificate serial: 018CA7B7AAC9B8B3EAFFA985B73115011A7B
Authority key identifier: 87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/7LkS9GQXi2HIB3-cJHiZlkIatUU.roa
Signing time: Tue 26 Dec 2023 20:01:20 +0000
ROA not before: Tue 26 Dec 2023 20:01:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6079
IP address blocks: 82.146.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a7:b7:aa:c9:b8:b3:ea:ff:a9:85:b7:31:15:01:1a:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8756d27768e11d94a0bbcdfb3fbcd740d45a00f4
Validity
Not Before: Dec 26 20:01:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecb912f464178b61c8077f9c24789996421ab545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3c:bb:6a:92:7d:a2:c0:a1:4c:59:bf:32:77:
13:53:e3:aa:e7:a5:43:39:ba:d7:aa:56:e7:21:f7:
78:14:34:ae:58:e7:f0:6f:a6:47:4e:0a:74:e4:e4:
be:58:0d:21:8d:46:61:d0:a7:85:de:7e:2b:bb:ea:
a8:dc:21:f2:36:4b:15:94:90:49:11:68:b2:e1:3c:
20:04:6d:1c:7a:09:4e:e1:10:b3:4f:67:d7:b3:53:
b5:1c:1f:fd:73:02:a5:3f:5c:7c:a5:2f:24:a7:48:
ca:49:26:9d:17:7d:5b:9a:b1:dd:92:ce:fc:2f:0e:
33:77:34:f3:db:78:2a:2b:43:0b:31:ac:5e:1f:02:
92:a2:73:0b:47:fa:0d:cc:26:6c:96:4f:5a:cf:b8:
37:12:aa:5e:6a:5b:56:2b:79:91:32:7e:c7:5b:59:
b1:72:67:43:67:a2:13:c2:e3:93:6d:67:0f:00:67:
f7:d8:7d:b6:0f:97:92:e4:0d:e3:0a:10:78:8e:5d:
e1:b9:3f:3b:b1:bb:d9:eb:06:3b:fb:22:9c:a0:df:
8f:c1:99:5c:3d:1a:d3:da:fc:5b:36:8d:1e:b9:5d:
e4:5b:a8:50:43:ec:c1:f0:23:fe:3b:ea:16:aa:85:
d2:0f:0d:6c:05:5b:39:5b:66:1c:53:4f:94:a5:10:
1f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B9:12:F4:64:17:8B:61:C8:07:7F:9C:24:78:99:96:42:1A:B5:45
X509v3 Authority Key Identifier:
keyid:87:56:D2:77:68:E1:1D:94:A0:BB:CD:FB:3F:BC:D7:40:D4:5A:00:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1bSd2jhHZSgu837P7zXQNRaAPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/7LkS9GQXi2HIB3-cJHiZlkIatUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/957bb3-2de5-45cf-acf3-c3a02d7c0697/1/h1bSd2jhHZSgu837P7zXQNRaAPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.16.0/22
Signature Algorithm: sha256WithRSAEncryption
00:fe:32:77:32:73:d7:e9:cd:ac:52:8a:16:cc:1d:d5:96:a6:
67:ad:97:43:1f:c7:c5:d0:f9:78:7c:da:80:d7:c7:47:df:5f:
1f:09:bf:cf:42:bd:c2:22:e0:3b:92:87:f0:f7:ce:9f:ff:21:
f0:69:4b:45:d1:14:9e:8f:83:bc:fe:1a:63:63:0a:1f:13:c8:
19:d9:fd:c7:0f:57:dd:9e:e3:1a:72:7a:d2:4d:51:d4:fc:37:
1e:6c:c0:e0:30:af:f8:bd:7a:92:5a:7a:ca:82:72:1a:fa:c2:
90:21:38:65:15:ba:a9:18:ed:01:07:bb:e2:22:e9:e7:ab:e9:
1d:d4:d4:5b:4f:82:f5:b8:6d:62:eb:64:2b:8b:39:e1:51:40:
28:da:5c:11:11:5b:d5:d3:d7:53:9f:04:d9:c0:60:44:70:9f:
24:d8:b1:a3:95:44:0e:70:3a:54:1b:28:a6:67:d3:de:77:b8:
dd:eb:e1:68:6e:ee:cb:a7:37:b8:8a:23:19:61:a1:e0:59:6d:
f1:19:d0:e6:3e:d8:69:72:7e:64:d6:09:00:71:ae:a1:e9:99:
4a:22:3b:8b:cc:7f:c8:55:3f:3d:18:96:e8:9b:d4:f7:69:73:
fc:d0:37:d5:ce:77:bd:3a:ba:8d:f2:96:fc:0c:b5:45:27:60:
34:f5:ba:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYynt6rJuLPq/6mFtzEVARp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTZkMjc3NjhlMTFkOTRhMGJiY2RmYjNmYmNkNzQwZDQ1
YTAwZjQwHhcNMjMxMjI2MjAwMTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2I5MTJmNDY0MTc4YjYxYzgwNzdmOWMyNDc4OTk5NjQyMWFiNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzy7apJ9osChTFm/MncTU+Oq56VD
ObrXqlbnIfd4FDSuWOfwb6ZHTgp05OS+WA0hjUZh0KeF3n4ru+qo3CHyNksVlJBJ
EWiy4TwgBG0ceglO4RCzT2fXs1O1HB/9cwKlP1x8pS8kp0jKSSadF31bmrHdks78
Lw4zdzTz23gqK0MLMaxeHwKSonMLR/oNzCZslk9az7g3EqpealtWK3mRMn7HW1mx
cmdDZ6ITwuOTbWcPAGf32H22D5eS5A3jChB4jl3huT87sbvZ6wY7+yKcoN+PwZlc
PRrT2vxbNo0euV3kW6hQQ+zB8CP+O+oWqoXSDw1sBVs5W2YcU0+UpRAfdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOy5EvRkF4thyAd/nCR4mZZCGrVFMB8GA1UdIwQY
MBaAFIdW0ndo4R2UoLvN+z+810DUWgD0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMt
YzNhMDJkN2MwNjk3LzEvN0xrUzlHUVhpMkhJQjMtY0pIaVpsa0lhdFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85NTdiYjMtMmRlNS00NWNmLWFjZjMtYzNhMDJkN2MwNjk3
LzEvaDFiU2QyamhIWlNndTgzN1A3elhRTlJhQVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUpIQMA0G
CSqGSIb3DQEBCwUAA4IBAQAA/jJ3MnPX6c2sUooWzB3VlqZnrZdDH8fF0Pl4fNqA
18dH318fCb/PQr3CIuA7kofw986f/yHwaUtF0RSej4O8/hpjYwofE8gZ2f3HD1fd
nuMacnrSTVHU/DcebMDgMK/4vXqSWnrKgnIa+sKQIThlFbqpGO0BB7viIunnq+kd
1NRbT4L1uG1i62QriznhUUAo2lwREVvV09dTnwTZwGBEcJ8k2LGjlUQOcDpUGyim
Z9Ped7jd6+Fobu7Lpze4iiMZYaHgWW3xGdDmPthpcn5k1gkAca6h6ZlKIjuLzH/I
VT89GJbom9T3aXP80DfVzne9OrqN8pb8DLVFJ2A09brI
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:27:15 2025 by rpki-client