Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/7BIee60J3Djy93lly4S0AkdYLsg.roa
File: 7BIee60J3Djy93lly4S0AkdYLsg.roa (raw, json)
Hash identifier: UQRNH8viR/wyRLxSIWmNo/ZE055xiEBeEC6NUpPVbDc=
Subject key identifier: EC:12:1E:7B:AD:09:DC:38:F2:F7:79:65:CB:84:B4:02:47:58:2E:C8
Certificate issuer: /CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Certificate serial: 01856F1DAFD24DD9B24BB47FFBD49F7618E8
Authority key identifier: 9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/7BIee60J3Djy93lly4S0AkdYLsg.roa
Signing time: Sun 01 Jan 2023 20:54:54 +0000
ROA not before: Sun 01 Jan 2023 20:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20594
IP address blocks: 2a01:8180:2000::/36 maxlen: 42
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:af:d2:4d:d9:b2:4b:b4:7f:fb:d4:9f:76:18:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Validity
Not Before: Jan 1 20:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec121e7bad09dc38f2f77965cb84b40247582ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:94:dd:d5:0e:f1:39:a5:5a:6c:d0:eb:db:30:
de:af:69:88:83:44:59:1c:2b:8c:d3:72:9e:4a:a2:
16:30:25:f6:3a:5d:64:21:9f:91:63:7e:91:9d:05:
b1:c5:fe:6d:86:c9:e0:0a:2c:18:07:c7:9d:81:c4:
65:78:5d:b4:70:3c:fb:5f:32:b0:44:13:32:df:ee:
be:47:1b:48:03:94:72:07:8a:e8:da:6e:9d:d3:f0:
2d:d7:5a:ad:d2:5e:9c:e3:79:46:36:70:51:77:ec:
0a:2e:7d:25:92:ef:38:32:12:0c:bb:3a:c3:05:e4:
85:24:d0:30:c4:67:84:69:1a:3d:21:a6:70:03:0f:
46:1a:53:62:51:9f:b7:14:36:68:dd:8d:61:31:2b:
8c:ae:cc:44:89:6b:7f:b4:40:f4:be:f2:56:61:0e:
a6:b3:4e:20:07:99:cb:c9:dc:26:2d:bc:f9:51:4d:
ca:03:2c:8a:d2:8a:32:2f:13:ae:a4:37:93:e8:72:
24:8a:ca:25:e8:c6:26:46:9d:d3:09:5c:f5:5d:ed:
ac:fa:63:0c:ae:dc:70:8a:6e:93:04:12:3e:17:1c:
5f:f0:10:64:42:24:0b:1c:46:1c:70:51:79:a9:39:
a6:67:63:d4:ca:f5:f7:1c:29:9a:dd:5c:4a:fc:e4:
ac:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:12:1E:7B:AD:09:DC:38:F2:F7:79:65:CB:84:B4:02:47:58:2E:C8
X509v3 Authority Key Identifier:
keyid:9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/7BIee60J3Djy93lly4S0AkdYLsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/nV3kkP-HTpaJzs9ybLtOL1H2xzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:8180:2000::/36
Signature Algorithm: sha256WithRSAEncryption
0f:b2:e9:a3:c5:1e:7a:20:dc:30:bd:03:79:08:53:e9:2a:68:
f0:15:6d:99:b3:f9:2c:1f:95:fe:5d:4e:88:92:06:21:b7:66:
b4:8b:04:f5:b4:ea:51:9c:f9:02:8c:6a:f6:33:8c:56:b9:9f:
4c:f5:74:2c:06:18:65:16:c7:89:3c:22:8e:01:56:70:89:78:
9c:40:eb:a4:16:8a:2e:20:a1:34:6c:0e:2d:63:a7:82:2a:04:
b3:c4:55:86:78:de:0f:e3:e7:59:6f:0e:51:ab:ca:00:5c:1e:
c8:ec:bf:01:39:a0:33:06:60:c9:b3:eb:52:83:0b:2e:61:a7:
fb:70:7f:bd:b1:72:60:32:ce:d2:b8:ba:de:c8:a8:1d:62:21:
e9:54:51:df:39:8a:9f:e1:55:5f:02:f7:87:53:21:f0:bc:d4:
35:19:d3:c8:cd:c8:7f:b8:38:31:34:ab:9a:da:07:7c:f9:9d:
15:89:ec:f2:c9:eb:9f:01:7c:c8:31:cb:fa:c0:47:d9:a5:fd:
b0:be:3e:11:ff:a2:2a:d9:78:d9:3c:88:08:64:d0:35:fe:bf:
48:1b:4f:31:d4:10:b6:1a:5d:f5:40:2e:01:d4:c4:e3:e3:f7:
98:96:fa:b1:94:5e:c9:57:92:6c:d6:58:9a:9e:41:1d:97:da:
92:ae:d7:2e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvHa/STdmyS7R/+9SfdhjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNWRlNDkwZmY4NzRlOTY4OWNlY2Y3MjZjYmI0ZTJmNTFm
NmM3MzEwHhcNMjMwMTAxMjA1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzEyMWU3YmFkMDlkYzM4ZjJmNzc5NjVjYjg0YjQwMjQ3NTgyZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJTd1Q7xOaVabNDr2zDer2mIg0RZ
HCuM03KeSqIWMCX2Ol1kIZ+RY36RnQWxxf5thsngCiwYB8edgcRleF20cDz7XzKw
RBMy3+6+RxtIA5RyB4ro2m6d0/At11qt0l6c43lGNnBRd+wKLn0lku84MhIMuzrD
BeSFJNAwxGeEaRo9IaZwAw9GGlNiUZ+3FDZo3Y1hMSuMrsxEiWt/tED0vvJWYQ6m
s04gB5nLydwmLbz5UU3KAyyK0ooyLxOupDeT6HIkisol6MYmRp3TCVz1Xe2s+mMM
rtxwim6TBBI+Fxxf8BBkQiQLHEYccFF5qTmmZ2PUyvX3HCma3VxK/OSsZwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOwSHnutCdw48vd5ZcuEtAJHWC7IMB8GA1UdIwQY
MBaAFJ1d5JD/h06Wic7Pcmy7Ti9R9scxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUt
Y2VjMzNiYTFiZGY1LzEvN0JJZWU2MEozRGp5OTNsbHk0UzBBa2RZTHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUtY2VjMzNiYTFiZGY1
LzEvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgGBgCAw
DQYJKoZIhvcNAQELBQADggEBAA+y6aPFHnog3DC9A3kIU+kqaPAVbZmz+Swflf5d
ToiSBiG3ZrSLBPW06lGc+QKMavYzjFa5n0z1dCwGGGUWx4k8Io4BVnCJeJxA66QW
ii4goTRsDi1jp4IqBLPEVYZ43g/j51lvDlGrygBcHsjsvwE5oDMGYMmz61KDCy5h
p/twf72xcmAyztK4ut7IqB1iIelUUd85ip/hVV8C94dTIfC81DUZ08jNyH+4ODE0
q5raB3z5nRWJ7PLJ658BfMgxy/rAR9ml/bC+PhH/oirZeNk8iAhk0DX+v0gbTzHU
ELYaXfVALgHUxOPj95iW+rGUXslXkmzWWJqeQR2X2pKu1y4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:28 2025 by rpki-client