Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o7rf6w3uppBF_wR0yIz41rl4CEY.roa
File: o7rf6w3uppBF_wR0yIz41rl4CEY.roa (raw, json)
Hash identifier: 0DXgvmHXkhO1ZKyt0rqqKpjI05/V8c9bVelD8yGBRjQ=
Subject key identifier: A3:BA:DF:EB:0D:EE:A6:90:45:FF:04:74:C8:8C:F8:D6:B9:78:08:46
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01891464D22BCD5A8A83316E85B29F6A65DD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o7rf6w3uppBF_wR0yIz41rl4CEY.roa
Signing time: Sun 02 Jul 2023 02:18:18 +0000
ROA not before: Sun 02 Jul 2023 02:18:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a0e:b107:1870::/48 maxlen: 48
2a0c:3b87:ff00::/40 maxlen: 48
2a10:ccc0:cc0a::/48 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0c:3b87:ffff::/48 maxlen: 48
2a0e:97c0:791::/48 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a0e:97c0:792::/48 maxlen: 48
2a0e:b107:5d0::/44 maxlen: 48
2a0e:97c0:750::/48 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a10:ccc3:ccca::/48 maxlen: 48
2a10:ccc7:9000::/38 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:97c0:76f::/48 maxlen: 48
2a0e:97c0:73f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:14:64:d2:2b:cd:5a:8a:83:31:6e:85:b2:9f:6a:65:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 2 02:18:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3badfeb0deea69045ff0474c88cf8d6b9780846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:56:47:f0:50:41:76:52:53:d3:14:6f:c8:09:
ed:78:88:64:62:32:1a:84:5a:41:5c:60:c7:5c:f6:
fb:b7:94:85:4c:40:c4:73:de:fe:f5:65:5f:d0:a3:
25:5e:b3:a4:57:2f:3a:3f:cd:af:19:06:54:3c:a3:
81:c5:ab:df:28:95:19:f4:4c:63:28:ca:cc:7c:47:
2e:56:77:e9:56:76:d9:f5:a5:45:ef:bf:3a:7e:71:
61:98:b5:df:c1:cf:74:c2:86:d1:ff:9b:50:c6:d2:
fc:3c:6c:11:f9:3c:85:ec:09:4a:27:fe:a1:73:49:
64:19:65:39:65:26:3f:2a:2d:c6:df:42:b2:5e:e6:
04:b8:e5:f2:8b:33:a1:32:9a:3f:7f:b4:e3:f9:dc:
2f:55:09:4b:8d:2d:b8:af:e0:b1:03:20:2f:7e:82:
de:52:9e:cc:1d:2e:ee:3d:1d:8f:04:3c:c5:98:9c:
89:a0:db:08:3b:85:46:ae:0e:3f:46:fd:91:7d:0a:
47:03:4a:2e:7e:a9:2d:44:79:85:77:07:15:ed:fc:
1a:9b:16:6b:1b:7e:87:51:79:9f:8f:3c:bc:31:b0:
34:92:5b:e6:99:d9:de:cb:04:a9:15:b1:db:ef:df:
1c:9f:bd:60:75:5e:12:35:70:ed:a3:0a:50:25:1b:
c6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:BA:DF:EB:0D:EE:A6:90:45:FF:04:74:C8:8C:F8:D6:B9:78:08:46
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o7rf6w3uppBF_wR0yIz41rl4CEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:3b87:ff00::/40
2a0e:97c0:73f::/48
2a0e:97c0:750::/48
2a0e:97c0:76f::/48
2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
2a0e:b107:5d0::/44
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
2a10:ccc0:cc0a::/48
2a10:ccc3:ccca::/48
2a10:ccc7:9000::/38
Signature Algorithm: sha256WithRSAEncryption
62:22:7f:d1:1f:39:fc:d6:c3:3f:4e:f7:67:3c:32:47:ed:30:
89:5c:20:34:99:77:a6:9d:94:1b:e0:6f:ae:da:e4:75:d7:ac:
73:1f:82:64:f6:a7:2f:14:58:ff:b1:41:12:0e:c0:f7:15:d6:
48:cf:9b:04:50:87:74:84:5c:0d:0f:78:b9:6e:21:ae:bb:a9:
5a:15:f3:b6:4d:fa:9e:9c:44:de:40:f7:af:95:b9:ae:c0:2b:
86:e2:39:67:b1:b2:82:8e:0f:65:c7:53:6e:c2:96:79:88:22:
e3:b3:aa:08:ac:09:43:b3:fb:93:6a:c2:85:61:f2:4c:72:3c:
fa:5f:e6:04:2d:55:44:8d:8d:4e:5a:af:8e:53:6c:8c:31:b0:
36:30:69:4c:86:f3:23:12:16:0a:1a:cc:3e:bf:2b:00:4b:56:
ba:65:7d:37:71:d5:25:70:ff:1d:62:8b:c8:ac:c2:43:cc:3d:
93:81:67:a6:bf:7e:23:1d:dd:13:9f:bb:94:30:c9:8d:9c:4f:
43:57:91:28:e9:48:83:c2:6b:26:62:ae:c4:03:60:32:45:83:
b1:46:ec:b2:6c:21:86:5f:5a:80:46:1c:a3:41:1b:d1:79:d6:
be:93:dd:81:de:66:21:5b:e2:29:50:4d:6e:37:3f:eb:26:f2:
99:13:2b:2b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAYkUZNIrzVqKgzFuhbKfamXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzAyMDIxODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2JhZGZlYjBkZWVhNjkwNDVmZjA0NzRjODhjZjhkNmI5NzgwODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylZH8FBBdlJT0xRvyAnteIhkYjIa
hFpBXGDHXPb7t5SFTEDEc97+9WVf0KMlXrOkVy86P82vGQZUPKOBxavfKJUZ9Exj
KMrMfEcuVnfpVnbZ9aVF7786fnFhmLXfwc90wobR/5tQxtL8PGwR+TyF7AlKJ/6h
c0lkGWU5ZSY/Ki3G30KyXuYEuOXyizOhMpo/f7Tj+dwvVQlLjS24r+CxAyAvfoLe
Up7MHS7uPR2PBDzFmJyJoNsIO4VGrg4/Rv2RfQpHA0oufqktRHmFdwcV7fwamxZr
G36HUXmfjzy8MbA0klvmmdneywSpFbHb798cn71gdV4SNXDtowpQJRvGywIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFKO63+sN7qaQRf8EdMiM+Na5eAhGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbzdyZjZ3M3VwcEJGX3dSMHlJejQxcmw0Q0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTCBjgQCAAIwgYcDBgAq
DDuH/wMHACoOl8AHPwMHACoOl8AHUAMHACoOl8AHbzASAwcAKg6XwAeRAwcAKg6X
wAeSAwcEKg6xBwXQAwcAKg6xBwn0AwcAKg6xBwn2AwcAKg6xBw3yAwcAKg6xBxhw
AwcAKg6xBxueAwcAKhDMwMwKAwcAKhDMw8zKAwYCKhDMx5AwDQYJKoZIhvcNAQEL
BQADggEBAGIif9EfOfzWwz9O92c8MkftMIlcIDSZd6adlBvgb67a5HXXrHMfgmT2
py8UWP+xQRIOwPcV1kjPmwRQh3SEXA0PeLluIa67qVoV87ZN+p6cRN5A96+Vua7A
K4biOWexsoKOD2XHU27ClnmIIuOzqgisCUOz+5NqwoVh8kxyPPpf5gQtVUSNjU5a
r45TbIwxsDYwaUyG8yMSFgoazD6/KwBLVrplfTdx1SVw/x1ii8iswkPMPZOBZ6a/
fiMd3ROfu5QwyY2cT0NXkSjpSIPCayZirsQDYDJFg7FG7LJsIYZfWoBGHKNBG9F5
1r6T3YHeZiFb4ilQTW43P+sm8pkTKys=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:45:41 2025 by rpki-client