Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/EQKAUASqi3h5kZ72rW4qCvVk1Os.roa
File: EQKAUASqi3h5kZ72rW4qCvVk1Os.roa (raw, json)
Hash identifier: dYITF91tx1c5lr/Vq6dhIno/vOz8pkrsMo/F+lGboJI=
Subject key identifier: 11:02:80:50:04:AA:8B:78:79:91:9E:F6:AD:6E:2A:0A:F5:64:D4:EB
Certificate issuer: /CN=7fe0e759354e83cc19320381109de22da0f1a700
Certificate serial: 01856C093A6AD52666C7EB904ABA28D331C5
Authority key identifier: 7F:E0:E7:59:35:4E:83:CC:19:32:03:81:10:9D:E2:2D:A0:F1:A7:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/EQKAUASqi3h5kZ72rW4qCvVk1Os.roa
Signing time: Sun 01 Jan 2023 06:33:41 +0000
ROA not before: Sun 01 Jan 2023 06:33:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49814
IP address blocks: 176.65.32.0/19 maxlen: 19
31.24.24.0/21 maxlen: 21
2a00:9700::/32 maxlen: 32
2a00:9700::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:09:3a:6a:d5:26:66:c7:eb:90:4a:ba:28:d3:31:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fe0e759354e83cc19320381109de22da0f1a700
Validity
Not Before: Jan 1 06:33:41 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1102805004aa8b7879919ef6ad6e2a0af564d4eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c1:af:cd:44:4f:02:45:dd:d8:32:3d:c2:15:
76:0c:e2:b5:7b:c0:2f:a9:94:56:16:6d:03:6c:16:
04:9e:03:4a:e5:07:3c:67:bb:cc:db:7e:06:b2:1d:
be:8e:8d:bf:7e:ec:4f:ed:31:50:b9:1e:d2:72:f0:
e4:20:78:c3:20:dd:c9:6c:3d:4b:07:54:80:d4:35:
a8:2e:81:fd:fe:13:0e:cc:00:fe:80:56:bd:3f:e2:
16:0a:b3:fb:60:0f:a8:5f:8a:08:8b:9b:65:13:69:
8c:ed:67:a6:f1:f8:ea:95:6d:66:11:10:35:b2:d6:
a6:06:64:7a:da:93:bf:26:ae:8f:cd:44:3d:ca:b5:
bc:14:20:8b:a6:de:b4:1a:37:bf:82:dd:a2:4b:e6:
10:64:aa:cd:bf:8e:ab:5b:98:30:1c:f7:73:f2:02:
50:22:df:f5:38:9a:1e:9e:9b:ef:5d:70:c9:6e:51:
2a:3f:c2:c4:77:7f:27:35:6d:9a:40:d2:0b:a8:70:
ec:13:8a:29:50:cc:c9:70:03:67:cd:b2:0d:c7:d7:
3c:84:ad:59:75:0a:0b:6f:f4:d3:dc:75:ce:a6:35:
2a:66:d5:89:6f:eb:ce:e5:b4:ab:f5:9f:d2:3e:79:
88:e9:de:8b:d0:93:2a:11:24:35:b3:56:a1:6d:ce:
db:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:02:80:50:04:AA:8B:78:79:91:9E:F6:AD:6E:2A:0A:F5:64:D4:EB
X509v3 Authority Key Identifier:
keyid:7F:E0:E7:59:35:4E:83:CC:19:32:03:81:10:9D:E2:2D:A0:F1:A7:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/EQKAUASqi3h5kZ72rW4qCvVk1Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.24.0/21
176.65.32.0/19
IPv6:
2a00:9700::/32
Signature Algorithm: sha256WithRSAEncryption
10:0d:fc:fa:2b:ba:78:69:f8:7a:0f:c8:fd:52:c5:08:a3:0d:
ef:56:b0:f4:07:64:65:38:26:88:63:d5:c7:ac:39:59:57:b8:
15:b4:da:b3:1c:93:f9:0a:5d:92:3c:85:99:15:8a:72:6f:67:
d1:e5:19:31:9d:4e:e6:bc:81:a9:9a:c9:1c:01:60:05:7c:4c:
33:77:8b:29:27:b2:43:4e:8b:4c:10:2e:76:61:61:d3:c5:57:
30:31:de:87:87:09:20:58:16:96:d7:48:3c:b8:c2:2b:e9:f0:
2f:d7:b4:74:55:c8:02:4b:fc:95:bb:77:0c:10:a9:40:ee:97:
95:db:1b:d6:00:56:57:ff:3a:0f:49:16:85:37:93:6f:ae:1a:
9c:9b:fa:6e:9f:8c:a1:f2:5d:a8:88:2a:db:73:a1:c4:29:03:
4f:0b:d3:40:f3:65:6a:b1:90:fc:7e:c5:b9:e0:61:94:01:00:
79:09:15:7c:52:9d:27:d4:b4:90:eb:d9:a9:a8:b8:da:d2:a2:
e0:a3:ed:dd:fc:57:56:9e:3e:09:62:23:f8:38:e0:36:49:2b:
d2:87:5f:89:ff:bb:af:9a:eb:88:85:34:f5:98:28:c1:f5:a9:
51:91:bd:dd:4c:b1:44:5a:ca:11:3b:f9:0c:b5:c2:ce:c1:a8:
ae:08:4f:43
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsCTpq1SZmx+uQSroo0zHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmZTBlNzU5MzU0ZTgzY2MxOTMyMDM4MTEwOWRlMjJkYTBm
MWE3MDAwHhcNMjMwMTAxMDYzMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTAyODA1MDA0YWE4Yjc4Nzk5MTllZjZhZDZlMmEwYWY1NjRkNGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncGvzURPAkXd2DI9whV2DOK1e8Av
qZRWFm0DbBYEngNK5Qc8Z7vM234Gsh2+jo2/fuxP7TFQuR7ScvDkIHjDIN3JbD1L
B1SA1DWoLoH9/hMOzAD+gFa9P+IWCrP7YA+oX4oIi5tlE2mM7Wem8fjqlW1mERA1
stamBmR62pO/Jq6PzUQ9yrW8FCCLpt60Gje/gt2iS+YQZKrNv46rW5gwHPdz8gJQ
It/1OJoenpvvXXDJblEqP8LEd38nNW2aQNILqHDsE4opUMzJcANnzbINx9c8hK1Z
dQoLb/TT3HXOpjUqZtWJb+vO5bSr9Z/SPnmI6d6L0JMqESQ1s1ahbc7b1wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBECgFAEqot4eZGe9q1uKgr1ZNTrMB8GA1UdIwQY
MBaAFH/g51k1ToPMGTIDgRCd4i2g8acAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZi1EbldUVk9nOHdaTWdPQkVKM2lMYUR4cHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8wYzcyNDMtMWZmYi00OWQyLWI1YzEt
YjQwMmU4YTFkOTM0LzEvRVFLQVVBU3FpM2g1a1o3MnJXNHFDdlZrMU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8wYzcyNDMtMWZmYi00OWQyLWI1YzEtYjQwMmU4YTFkOTM0
LzEvZi1EbldUVk9nOHdaTWdPQkVKM2lMYUR4cHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHxgYAwQF
sEEgMA0EAgACMAcDBQAqAJcAMA0GCSqGSIb3DQEBCwUAA4IBAQAQDfz6K7p4afh6
D8j9UsUIow3vVrD0B2RlOCaIY9XHrDlZV7gVtNqzHJP5Cl2SPIWZFYpyb2fR5Rkx
nU7mvIGpmskcAWAFfEwzd4spJ7JDTotMEC52YWHTxVcwMd6HhwkgWBaW10g8uMIr
6fAv17R0VcgCS/yVu3cMEKlA7peV2xvWAFZX/zoPSRaFN5Nvrhqcm/pun4yh8l2o
iCrbc6HEKQNPC9NA82VqsZD8fsW54GGUAQB5CRV8Up0n1LSQ69mpqLja0qLgo+3d
/FdWnj4JYiP4OOA2SSvSh1+J/7uvmuuIhTT1mCjB9alRkb3dTLFEWsoRO/kMtcLO
waiuCE9D
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:59 2025 by rpki-client