Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/nUmW9b_aZnPlz_fEw0c3jKz-QxA.roa
File: nUmW9b_aZnPlz_fEw0c3jKz-QxA.roa (raw, json)
Hash identifier: LjSmexM1KMPYQ1bg69LP5zO8lFqmlhp+n0Yr1s0tfxU=
Subject key identifier: 9D:49:96:F5:BF:DA:66:73:E5:CF:F7:C4:C3:47:37:8C:AC:FE:43:10
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018BF3213448975A461B2C18302519B25169
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/nUmW9b_aZnPlz_fEw0c3jKz-QxA.roa
Signing time: Tue 21 Nov 2023 18:25:21 +0000
ROA not before: Tue 21 Nov 2023 18:25:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47159
IP address blocks: 87.229.60.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f3:21:34:48:97:5a:46:1b:2c:18:30:25:19:b2:51:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Nov 21 18:25:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d4996f5bfda6673e5cff7c4c347378cacfe4310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c4:3d:5c:93:b6:34:86:bc:5d:c8:08:02:ac:
00:3d:cf:3e:4f:8c:1a:c5:30:a8:21:92:09:d0:74:
06:63:b1:68:02:98:cf:85:b6:4e:7f:ab:5e:7d:fc:
f7:97:8f:dd:ec:fe:d4:de:36:3a:cd:f4:76:70:39:
3f:31:20:55:d0:6c:f1:06:70:74:b2:ab:8d:3a:5b:
5a:f3:f0:80:bd:d9:ad:67:70:33:05:95:b3:6a:59:
fa:84:b1:05:2a:35:25:58:3f:bf:36:a8:70:c4:ec:
59:82:8b:9a:8d:c0:36:1e:2a:78:ec:fb:70:33:1e:
f4:86:cd:d1:ba:e7:fe:0f:e7:81:e8:74:60:a3:71:
94:ca:19:d9:97:bc:26:68:7e:4d:15:b1:14:af:ff:
bc:c8:2c:42:01:1b:19:21:1e:2b:39:9e:2d:bc:a8:
d7:46:df:f7:e3:5f:9c:f4:42:39:5a:ea:a7:55:29:
5c:5b:0c:0e:1d:c4:bf:f8:b0:7c:9c:0c:a1:0f:66:
04:6a:51:ac:df:e2:9d:d1:bf:25:aa:5a:ce:ad:81:
a9:eb:d7:a2:f2:69:9e:55:a9:b3:05:ea:d1:e9:f9:
80:51:a9:b9:4b:a3:57:d9:0d:38:4e:bb:8b:77:45:
84:a2:ed:78:83:ac:d2:7e:e6:13:ba:e8:1d:b5:c7:
0d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:49:96:F5:BF:DA:66:73:E5:CF:F7:C4:C3:47:37:8C:AC:FE:43:10
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/nUmW9b_aZnPlz_fEw0c3jKz-QxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.60.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:e3:33:86:a5:df:d6:a9:81:d6:0c:14:67:1a:be:46:63:76:
4d:8c:bf:1d:e5:94:3e:0f:34:35:b2:03:56:be:e4:08:9f:05:
f2:90:64:cd:40:e6:52:68:3f:ad:8e:f2:5a:d4:36:c9:93:6e:
3a:7e:7e:c2:c3:ea:cf:5d:5a:89:6c:02:69:b5:f0:03:26:9f:
e0:96:9c:1b:10:2c:75:b7:5b:66:6e:00:01:af:fb:19:2f:b8:
ab:c1:d0:8b:2e:95:b5:97:c3:71:90:c6:f0:8f:14:f8:4f:db:
d4:bd:38:0b:a5:38:3a:a3:2e:65:3a:ac:07:d1:5c:37:0b:76:
10:1c:04:e5:ab:78:8c:2b:db:9f:59:07:54:30:5d:90:8d:43:
bb:f5:ab:26:fb:b3:af:e7:ac:ef:94:10:a9:e3:57:e9:20:7b:
87:a1:d5:bf:a7:fc:7d:8a:e3:bf:42:7c:b7:6f:dd:bb:19:54:
53:29:35:0c:b7:e9:d5:e4:3f:2d:c3:10:3a:c2:0a:1d:da:76:
57:4b:3c:44:96:fb:7d:cc:b2:41:8d:bd:a0:b3:91:9d:7d:78:
ad:87:be:aa:99:3e:94:5c:1e:eb:3c:a5:6b:ea:af:06:ea:29:
b9:ae:75:50:9a:45:a5:bc:6e:f0:af:9c:ee:34:16:46:2e:35:
85:31:06:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvzITRIl1pGGywYMCUZslFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjMxMTIxMTgyNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDQ5OTZmNWJmZGE2NjczZTVjZmY3YzRjMzQ3Mzc4Y2FjZmU0MzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicQ9XJO2NIa8XcgIAqwAPc8+T4wa
xTCoIZIJ0HQGY7FoApjPhbZOf6teffz3l4/d7P7U3jY6zfR2cDk/MSBV0GzxBnB0
squNOlta8/CAvdmtZ3AzBZWzaln6hLEFKjUlWD+/NqhwxOxZgouajcA2Hip47Ptw
Mx70hs3Ruuf+D+eB6HRgo3GUyhnZl7wmaH5NFbEUr/+8yCxCARsZIR4rOZ4tvKjX
Rt/341+c9EI5WuqnVSlcWwwOHcS/+LB8nAyhD2YEalGs3+Kd0b8lqlrOrYGp69ei
8mmeVamzBerR6fmAUam5S6NX2Q04TruLd0WEou14g6zSfuYTuugdtccNkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1JlvW/2mZz5c/3xMNHN4ys/kMQMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvblVtVzliX2FablBsel9mRXcwYzNqS3otUXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCV+U8MA0G
CSqGSIb3DQEBCwUAA4IBAQB64zOGpd/WqYHWDBRnGr5GY3ZNjL8d5ZQ+DzQ1sgNW
vuQInwXykGTNQOZSaD+tjvJa1DbJk246fn7Cw+rPXVqJbAJptfADJp/glpwbECx1
t1tmbgABr/sZL7irwdCLLpW1l8NxkMbwjxT4T9vUvTgLpTg6oy5lOqwH0Vw3C3YQ
HATlq3iMK9ufWQdUMF2QjUO79asm+7Ov56zvlBCp41fpIHuHodW/p/x9iuO/Qny3
b927GVRTKTUMt+nV5D8twxA6wgod2nZXSzxElvt9zLJBjb2gs5GdfXith76qmT6U
XB7rPKVr6q8G6im5rnVQmkWlvG7wr5zuNBZGLjWFMQYg
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:00:45 2025 by rpki-client