Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/REjTiVP79K-r_vHIHhyyHzeTdvM.roa
File: REjTiVP79K-r_vHIHhyyHzeTdvM.roa (raw, json)
Hash identifier: +YdDmsiVLbTcKyqlFmqnetXo004IZtHfj3N2Rk/b6K4=
Subject key identifier: 44:48:D3:89:53:FB:F4:AF:AB:FE:F1:C8:1E:1C:B2:1F:37:93:76:F3
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 066B601D
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/REjTiVP79K-r_vHIHhyyHzeTdvM.roa
Signing time: Thu 21 Apr 2022 12:09:57 +0000
ROA not before: Thu 21 Apr 2022 12:09:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198774
IP address blocks: 128.127.145.0/24 maxlen: 24
128.127.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107700253 (0x66b601d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Apr 21 12:09:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4448d38953fbf4afabfef1c81e1cb21f379376f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ab:d1:00:70:df:83:57:70:dc:b8:74:fd:9b:
dd:ea:2f:3d:4b:f3:b5:4f:f7:4e:4d:1d:76:4b:b0:
30:b3:18:0b:3a:1c:23:1c:6e:79:a0:52:ce:4a:94:
74:e7:74:47:5c:8a:3f:01:71:00:2e:56:aa:84:1e:
67:49:2e:e7:1d:d8:cd:ca:82:ce:21:3f:e9:9f:bf:
73:7b:50:16:23:77:c6:ed:74:57:be:b9:7d:66:5e:
4c:69:bd:22:57:87:4a:f1:76:95:66:ee:24:a9:dc:
c5:65:a1:c0:07:87:90:75:e4:f0:b8:58:7a:a4:20:
c7:a7:35:19:ba:98:bb:5c:ff:65:c7:81:20:f0:29:
72:c1:11:2c:d5:f1:94:06:ea:c1:1a:d3:80:78:16:
75:d8:c6:6e:90:08:1d:f1:01:46:55:ca:d4:40:c9:
2b:a3:be:ce:9a:bd:03:3d:06:4e:db:0a:61:c1:f2:
a3:82:40:98:bf:53:e2:b3:5c:e4:28:19:bf:fe:a5:
24:7b:92:93:b8:2b:28:f2:97:31:59:1f:e3:21:f4:
33:2c:e6:03:b2:8c:22:77:49:c2:ee:91:f5:b6:56:
1f:3e:cd:78:20:ae:44:58:b8:b0:df:ba:89:44:fc:
31:3e:59:26:62:f0:bd:61:78:fe:78:d1:67:74:d7:
44:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:48:D3:89:53:FB:F4:AF:AB:FE:F1:C8:1E:1C:B2:1F:37:93:76:F3
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/REjTiVP79K-r_vHIHhyyHzeTdvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.144.0/23
Signature Algorithm: sha256WithRSAEncryption
16:89:54:cb:88:13:de:bc:99:1b:54:86:8e:be:96:e3:39:38:
7e:22:15:27:0f:10:93:d6:93:55:29:b4:e7:ed:f8:1d:58:53:
b4:d7:82:48:4a:7f:0a:00:ed:11:e7:1e:93:16:8a:72:20:a7:
25:31:6b:bf:a6:14:2c:16:58:7d:a5:73:1f:9a:22:24:19:91:
c7:e1:75:6c:d2:1e:ca:ce:91:e0:87:91:73:6c:3f:1c:58:86:
b2:ec:e6:16:25:77:46:e3:20:5c:9a:bf:73:5d:7b:f7:39:be:
88:d4:fa:50:c9:93:c3:42:17:36:38:dc:42:c5:e1:c9:f3:83:
2e:e3:62:c8:02:ae:06:2a:f1:27:f9:1f:23:dd:96:ef:46:b6:
69:36:a4:3e:a0:2e:9b:20:de:78:00:20:0a:39:82:1b:be:2e:
8e:0e:37:15:5d:8a:69:18:da:2e:eb:77:00:69:44:8a:04:be:
12:30:cc:36:88:4b:ac:7a:8f:28:2e:f1:7e:0a:66:2a:81:06:
0c:7c:62:3c:9d:6c:49:f7:65:fc:ba:24:9a:7c:b2:da:2c:60:
13:d3:e6:df:6a:8e:a6:ec:c6:cd:ad:24:3e:8c:7b:72:e9:4e:
c3:b9:a5:98:be:d2:9a:4e:26:be:8a:e6:10:6b:f5:da:2d:78:
68:ca:bd:be
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBmtgHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzM4ZWY0MWIyYzAxMDVhOTFjY2JiOWM4OTMzN2ZhZWIxMjlmZjg0MB4XDTIyMDQy
MTEyMDk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ0OGQzODk1M2Zi
ZjRhZmFiZmVmMWM4MWUxY2IyMWYzNzkzNzZmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyr0QBw34NXcNy4dP2b3eovPUvztU/3Tk0ddkuwMLMYCzoc
IxxueaBSzkqUdOd0R1yKPwFxAC5WqoQeZ0ku5x3YzcqCziE/6Z+/c3tQFiN3xu10
V765fWZeTGm9IleHSvF2lWbuJKncxWWhwAeHkHXk8LhYeqQgx6c1GbqYu1z/ZceB
IPApcsERLNXxlAbqwRrTgHgWddjGbpAIHfEBRlXK1EDJK6O+zpq9Az0GTtsKYcHy
o4JAmL9T4rNc5CgZv/6lJHuSk7grKPKXMVkf4yH0MyzmA7KMIndJwu6R9bZWHz7N
eCCuRFi4sN+6iUT8MT5ZJmLwvWF4/njRZ3TXRLcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRESNOJU/v0r6v+8cgeHLIfN5N28zAfBgNVHSMEGDAWgBSDOO9BssAQWpHM
u5yJM3+usSn/hDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2d6anZRYkxBRUZxUnpMdWNpVE5fcnJFcF80US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNDBkOTk2LWEyY2QtNDFmMS1hNzM4LTI4ZmM3Nzk2Nzc2My8x
L1JFalRpVlA3OUstcl92SElIaHl5SHplVGR2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
NDBkOTk2LWEyY2QtNDFmMS1hNzM4LTI4ZmM3Nzk2Nzc2My8xL2d6anZRYkxBRUZx
UnpMdWNpVE5fcnJFcF80US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAYB/kDANBgkqhkiG9w0BAQsFAAOC
AQEAFolUy4gT3ryZG1SGjr6W4zk4fiIVJw8Qk9aTVSm05+34HVhTtNeCSEp/CgDt
EecekxaKciCnJTFrv6YULBZYfaVzH5oiJBmRx+F1bNIeys6R4IeRc2w/HFiGsuzm
FiV3RuMgXJq/c1179zm+iNT6UMmTw0IXNjjcQsXhyfODLuNiyAKuBirxJ/kfI92W
70a2aTakPqAumyDeeAAgCjmCG74ujg43FV2KaRjaLut3AGlEigS+EjDMNohLrHqP
KC7xfgpmKoEGDHxiPJ1sSfdl/Lokmnyy2ixgE9Pm32qOpuzGza0kPox7culOw7ml
mL7Smk4mvormEGv12i14aMq9vg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:29:34 2025 by rpki-client