Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/pf7_R_kNsxd0TvD-Np3sIM_pBsg.roa
File: pf7_R_kNsxd0TvD-Np3sIM_pBsg.roa (raw, json)
Hash identifier: CrdRq4x9h9kylB15QI9dBZi2gFNxo5fF+IpBIIKXYog=
Subject key identifier: A5:FE:FF:47:F9:0D:B3:17:74:4E:F0:FE:36:9D:EC:20:CF:E9:06:C8
Certificate issuer: /CN=9bad10f972e6789e2a4377a2c29ee08bc3a367ca
Certificate serial: 046D18FD
Authority key identifier: 9B:AD:10:F9:72:E6:78:9E:2A:43:77:A2:C2:9E:E0:8B:C3:A3:67:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/pf7_R_kNsxd0TvD-Np3sIM_pBsg.roa
Signing time: Sat 01 Jan 2022 13:57:35 +0000
ROA not before: Sat 01 Jan 2022 13:57:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12843
IP address blocks: 23.252.72.0/24 maxlen: 24
185.179.245.0/24 maxlen: 24
2a10:4cc0::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74258685 (0x46d18fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bad10f972e6789e2a4377a2c29ee08bc3a367ca
Validity
Not Before: Jan 1 13:57:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5feff47f90db317744ef0fe369dec20cfe906c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e9:21:a2:73:d3:8f:1c:f6:36:f4:80:bd:92:
b5:7a:0b:7f:f0:bf:59:08:0e:f5:5b:11:20:b2:73:
02:49:fb:9e:93:28:b1:3a:0f:eb:a3:05:97:d5:96:
38:36:c1:20:17:e6:e6:0e:82:16:f0:34:c2:3b:c8:
f1:b3:0f:10:b0:e2:e0:a7:1b:9b:c9:1d:90:38:fa:
71:56:9d:df:ce:e5:9b:68:31:fd:b4:86:e6:46:a6:
f0:94:a6:f2:c6:11:5e:08:ac:80:eb:7c:f5:d0:3f:
ec:4c:5e:c2:49:df:33:37:06:2d:9e:bf:5f:b4:54:
d8:1c:73:40:92:67:53:44:ec:0e:4f:74:51:65:9a:
29:c7:dc:a9:27:03:b3:d2:17:63:9f:2b:69:a1:4f:
e0:46:44:64:f1:2b:f8:83:ec:d9:38:e4:2c:b2:65:
1a:56:ae:5b:3e:0e:c1:0c:c8:29:2d:5e:b2:a2:04:
36:70:64:4c:9c:41:a9:08:03:f9:a7:b3:a8:05:c1:
e2:b2:99:74:a2:51:54:14:26:50:10:3b:62:bc:03:
c2:46:08:bc:2c:90:63:b3:60:09:1b:f0:dd:1d:c3:
8a:fe:1e:12:86:9d:45:02:82:6e:8e:21:a3:49:dc:
36:23:54:66:dd:df:e3:6a:34:86:a8:87:6f:c6:7f:
1d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:FE:FF:47:F9:0D:B3:17:74:4E:F0:FE:36:9D:EC:20:CF:E9:06:C8
X509v3 Authority Key Identifier:
keyid:9B:AD:10:F9:72:E6:78:9E:2A:43:77:A2:C2:9E:E0:8B:C3:A3:67:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/pf7_R_kNsxd0TvD-Np3sIM_pBsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.252.72.0/24
185.179.245.0/24
IPv6:
2a10:4cc0::/40
Signature Algorithm: sha256WithRSAEncryption
5a:b3:50:50:fd:88:73:3a:e1:62:c8:93:c8:f1:c8:fe:87:31:
9e:f3:de:76:20:43:3a:86:09:fa:03:62:1b:39:ca:fe:87:ee:
60:b0:c5:d4:e0:c7:bd:8c:42:b8:2a:16:d4:d4:7c:42:11:79:
ed:7b:bf:0d:9e:b2:45:5e:05:07:93:21:2a:8b:2c:89:a1:5f:
36:82:d5:45:a2:c0:5f:83:ce:22:84:0e:7f:29:7c:02:e6:1b:
5f:15:31:f0:39:b6:51:54:07:c3:96:69:45:90:57:92:59:d1:
d3:94:fb:5e:ce:13:95:e6:32:a9:cf:ea:6e:73:e3:14:52:a8:
92:1d:0b:13:18:54:02:d9:a9:91:9a:c5:08:e7:3e:c3:07:12:
64:6f:50:75:bd:0a:2d:21:35:89:e3:79:41:25:50:a3:e4:1c:
a3:db:88:2d:d3:d9:ce:c9:cc:20:d9:39:4c:c3:c7:a3:81:70:
90:e5:6d:f9:f4:d3:b0:b1:28:60:2b:14:79:57:12:1f:7e:41:
2b:12:26:75:8a:7e:fe:bd:f9:9f:bd:34:01:57:84:ed:d6:64:
af:34:9a:3e:87:b8:76:65:61:e5:f5:2f:97:ca:87:56:09:ee:
7c:6f:4d:50:31:b4:c0:8a:29:4a:4c:aa:96:6b:be:c6:0a:a5:
48:67:b3:f0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEBG0Y/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YmFkMTBmOTcyZTY3ODllMmE0Mzc3YTJjMjllZTA4YmMzYTM2N2NhMB4XDTIyMDEw
MTEzNTczNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVmZWZmNDdmOTBk
YjMxNzc0NGVmMGZlMzY5ZGVjMjBjZmU5MDZjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzpIaJz048c9jb0gL2StXoLf/C/WQgO9VsRILJzAkn7npMo
sToP66MFl9WWODbBIBfm5g6CFvA0wjvI8bMPELDi4Kcbm8kdkDj6cVad387lm2gx
/bSG5kam8JSm8sYRXgisgOt89dA/7ExewknfMzcGLZ6/X7RU2BxzQJJnU0TsDk90
UWWaKcfcqScDs9IXY58raaFP4EZEZPEr+IPs2TjkLLJlGlauWz4OwQzIKS1esqIE
NnBkTJxBqQgD+aezqAXB4rKZdKJRVBQmUBA7YrwDwkYIvCyQY7NgCRvw3R3Div4e
EoadRQKCbo4ho0ncNiNUZt3f42o0hqiHb8Z/HVkCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBSl/v9H+Q2zF3RO8P42newgz+kGyDAfBgNVHSMEGDAWgBSbrRD5cuZ4nipD
d6LCnuCLw6NnyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L202MFEtWExtZUo0cVEzZWl3cDdnaThPalo4by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvYjRmNmQzLWE0YzAtNDM3Yy1iNGM2LTBkMzgxNGVhNzNjNy8x
L3BmN19SX2tOc3hkMFR2RC1OcDNzSU1fcEJzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
YjRmNmQzLWE0YzAtNDM3Yy1iNGM2LTBkMzgxNGVhNzNjNy8xL202MFEtWExtZUo0
cVEzZWl3cDdnaThPalo4by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwEgQCAAEwDAMEABf8SAMEALmz9TAOBAIAAjAIAwYA
KhBMwAAwDQYJKoZIhvcNAQELBQADggEBAFqzUFD9iHM64WLIk8jxyP6HMZ7z3nYg
QzqGCfoDYhs5yv6H7mCwxdTgx72MQrgqFtTUfEIRee17vw2eskVeBQeTISqLLImh
XzaC1UWiwF+DziKEDn8pfALmG18VMfA5tlFUB8OWaUWQV5JZ0dOU+17OE5XmMqnP
6m5z4xRSqJIdCxMYVALZqZGaxQjnPsMHEmRvUHW9Ci0hNYnjeUElUKPkHKPbiC3T
2c7JzCDZOUzDx6OBcJDlbfn007CxKGArFHlXEh9+QSsSJnWKfv69+Z+9NAFXhO3W
ZK80mj6HuHZlYeX1L5fKh1YJ7nxvTVAxtMCKKUpMqpZrvsYKpUhns/A=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:26 2025 by rpki-client