Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/eXeB_J2mIX4t20XrfQkAYlPTwAk.roa
File: eXeB_J2mIX4t20XrfQkAYlPTwAk.roa (raw, json)
Hash identifier: ioiILWzfTyjMTP4h/4IUuamchP89wp+d9FV3fL9F15o=
Subject key identifier: 79:77:81:FC:9D:A6:21:7E:2D:DB:45:EB:7D:09:00:62:53:D3:C0:09
Certificate issuer: /CN=1dc7522321c23d169ed332ff49879ccc245172db
Certificate serial: 0182166264552759A0F17FDCDEADA445167C
Authority key identifier: 1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/eXeB_J2mIX4t20XrfQkAYlPTwAk.roa
Signing time: Tue 19 Jul 2022 12:15:23 +0000
ROA not before: Tue 19 Jul 2022 12:15:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41008
IP address blocks: 109.233.24.0/21 maxlen: 24
193.58.8.0/21 maxlen: 24
193.201.162.0/24 maxlen: 24
2a02:239c:0:24::/64 maxlen: 64
2a02:2398::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:62:64:55:27:59:a0:f1:7f:dc:de:ad:a4:45:16:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dc7522321c23d169ed332ff49879ccc245172db
Validity
Not Before: Jul 19 12:15:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=797781fc9da6217e2ddb45eb7d09006253d3c009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d3:f0:df:12:39:c1:a1:aa:46:cf:53:96:9f:
2c:2f:af:58:aa:1c:00:58:4d:d3:56:e5:1d:ed:7a:
be:4e:67:6a:c1:4c:d5:31:72:e4:34:3c:8b:01:c3:
bf:e9:03:04:74:49:7f:ec:6d:ca:79:88:c2:92:6f:
67:2c:1d:63:01:92:0f:5e:ec:45:12:a3:d5:00:48:
c8:62:39:d6:5d:46:34:42:43:9f:98:f3:7f:f9:4e:
27:3a:45:7f:05:31:19:01:6a:9c:2f:a7:71:c7:72:
b3:d9:0f:c8:72:f7:f7:8f:7b:d2:2c:a6:1c:82:70:
9a:ac:2b:e8:97:32:26:44:2c:da:26:8e:a4:e5:be:
7d:87:3f:2f:fa:f8:24:4c:d0:29:e4:c0:76:c4:69:
7e:ad:df:11:b4:74:95:a6:1a:e3:b1:83:3b:43:c7:
82:50:d5:52:ac:30:86:21:74:98:51:a6:d1:da:14:
e8:07:9c:aa:7f:6a:a0:38:94:85:65:b6:90:b4:ee:
3f:ce:c7:7a:41:5c:33:23:d6:61:78:e3:00:59:b7:
82:c4:8c:d4:7b:0d:8f:61:ca:cf:4c:12:f6:83:99:
dd:31:02:16:e7:bb:d9:c5:60:a0:da:cc:59:ff:41:
e0:d5:d7:c0:01:dc:e0:9f:a2:af:17:05:ad:b1:0c:
03:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:77:81:FC:9D:A6:21:7E:2D:DB:45:EB:7D:09:00:62:53:D3:C0:09
X509v3 Authority Key Identifier:
keyid:1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/eXeB_J2mIX4t20XrfQkAYlPTwAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/HcdSIyHCPRae0zL_SYeczCRRcts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.24.0/21
193.58.8.0/21
193.201.162.0/24
IPv6:
2a02:2398::/29
Signature Algorithm: sha256WithRSAEncryption
89:b4:1f:8b:04:f5:ee:e3:b6:38:aa:9e:61:1a:14:c3:6e:03:
c5:7f:74:18:a0:42:88:05:2c:ac:db:53:ba:60:d0:c9:05:dd:
da:16:9d:4f:03:73:42:d5:a0:3a:8b:3a:be:d7:e7:5e:8a:2e:
51:f4:3d:53:2f:0d:3c:74:91:ac:26:22:e7:dc:9b:82:c9:ac:
0a:42:a0:84:98:b2:54:8a:b9:23:d3:39:8c:1d:2b:7d:c0:db:
e8:36:e7:87:5a:0b:bf:8e:02:72:b1:a1:52:1a:b3:fe:eb:60:
8b:04:68:db:23:a4:84:8d:80:a8:c3:99:ac:73:99:20:98:6a:
c4:3f:af:95:f9:4c:02:47:0e:09:c0:0c:8a:98:41:d4:00:c4:
22:14:39:ce:53:ec:ea:e4:5c:4e:40:66:0f:b4:4e:3d:95:c8:
ff:c8:8e:d2:a5:87:14:6a:c2:e4:7c:f5:4e:7f:b3:90:9e:2f:
7e:1b:cf:2b:28:9b:6f:83:35:04:1f:5c:74:37:4f:69:57:74:
53:99:e3:4c:a8:79:a5:5d:fc:26:62:f5:a2:80:7f:a7:ad:f7:
e6:da:5d:e3:be:fe:fa:24:1f:74:26:c7:a6:74:db:47:c8:2c:
a3:55:f3:fb:3c:84:9a:02:de:a6:91:52:27:49:69:6e:ae:b8:
82:6a:58:d0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYIWYmRVJ1mg8X/c3q2kRRZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzc1MjIzMjFjMjNkMTY5ZWQzMzJmZjQ5ODc5Y2NjMjQ1
MTcyZGIwHhcNMjIwNzE5MTIxNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTc3ODFmYzlkYTYyMTdlMmRkYjQ1ZWI3ZDA5MDA2MjUzZDNjMDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNPw3xI5waGqRs9Tlp8sL69YqhwA
WE3TVuUd7Xq+TmdqwUzVMXLkNDyLAcO/6QMEdEl/7G3KeYjCkm9nLB1jAZIPXuxF
EqPVAEjIYjnWXUY0QkOfmPN/+U4nOkV/BTEZAWqcL6dxx3Kz2Q/Icvf3j3vSLKYc
gnCarCvolzImRCzaJo6k5b59hz8v+vgkTNAp5MB2xGl+rd8RtHSVphrjsYM7Q8eC
UNVSrDCGIXSYUabR2hToB5yqf2qgOJSFZbaQtO4/zsd6QVwzI9ZheOMAWbeCxIzU
ew2PYcrPTBL2g5ndMQIW57vZxWCg2sxZ/0Hg1dfAAdzgn6KvFwWtsQwDcwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHl3gfydpiF+LdtF630JAGJT08AJMB8GA1UdIwQY
MBaAFB3HUiMhwj0WntMy/0mHnMwkUXLbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNkU0l5SENQUmFlMHpMX1NZZWN6Q1JSY3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81MjBkMDQtZTkxMi00ZjQ2LWE5ZTYt
NzA1NTM5M2Y3NWZlLzEvZVhlQl9KMm1JWDR0MjBYcmZRa0FZbFBUd0FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81MjBkMDQtZTkxMi00ZjQ2LWE5ZTYtNzA1NTM5M2Y3NWZl
LzEvSGNkU0l5SENQUmFlMHpMX1NZZWN6Q1JSY3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDbekYAwQD
wToIAwQAwcmiMA0EAgACMAcDBQMqAiOYMA0GCSqGSIb3DQEBCwUAA4IBAQCJtB+L
BPXu47Y4qp5hGhTDbgPFf3QYoEKIBSys21O6YNDJBd3aFp1PA3NC1aA6izq+1+de
ii5R9D1TLw08dJGsJiLn3JuCyawKQqCEmLJUirkj0zmMHSt9wNvoNueHWgu/jgJy
saFSGrP+62CLBGjbI6SEjYCow5msc5kgmGrEP6+V+UwCRw4JwAyKmEHUAMQiFDnO
U+zq5FxOQGYPtE49lcj/yI7SpYcUasLkfPVOf7OQni9+G88rKJtvgzUEH1x0N09p
V3RTmeNMqHmlXfwmYvWigH+nrffm2l3jvv76JB90JsemdNtHyCyjVfP7PISaAt6m
kVInSWlurriCaljQ
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:08:27 2025 by rpki-client