Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/79fbc0-3351-4fff-b9d5-75561cbf104d/1/eCJyNx-jFEbkYmvXO2o1wh6QmCY.roa
File: eCJyNx-jFEbkYmvXO2o1wh6QmCY.roa (raw, json)
Hash identifier: jOIS6vrjga7rxLg2ZOYil7UxW14xRSjam6euwHzO+EY=
Subject key identifier: 78:22:72:37:1F:A3:14:46:E4:62:6B:D7:3B:6A:35:C2:1E:90:98:26
Certificate issuer: /CN=9e1aca341635166f802f98a97e00280ccee64ce2
Certificate serial: 018A414FD1460DAB29CF327DA018940E2FB4
Authority key identifier: 9E:1A:CA:34:16:35:16:6F:80:2F:98:A9:7E:00:28:0C:CE:E6:4C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhrKNBY1Fm-AL5ipfgAoDM7mTOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/79fbc0-3351-4fff-b9d5-75561cbf104d/1/eCJyNx-jFEbkYmvXO2o1wh6QmCY.roa
Signing time: Tue 29 Aug 2023 12:41:04 +0000
ROA not before: Tue 29 Aug 2023 12:41:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200315
IP address blocks: 138.128.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:41:4f:d1:46:0d:ab:29:cf:32:7d:a0:18:94:0e:2f:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1aca341635166f802f98a97e00280ccee64ce2
Validity
Not Before: Aug 29 12:41:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=782272371fa31446e4626bd73b6a35c21e909826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cd:ea:07:c8:98:10:e3:1b:c4:71:da:c0:a2:
e1:9e:4b:28:15:84:e4:00:5c:58:d4:0b:8a:7d:6b:
56:a3:b0:ae:2b:54:af:71:60:16:12:99:ec:74:bf:
8b:b4:41:07:9d:2f:63:9b:ea:47:2b:69:67:b5:ac:
bb:61:40:5b:55:51:b3:75:95:81:00:d4:5c:36:a0:
cc:1f:4b:1e:3a:51:a9:bf:97:64:9f:a2:45:b2:bc:
6f:bf:a2:c3:77:8e:60:6b:bb:47:bb:8c:96:bf:fd:
6b:94:2f:c3:c8:ed:c4:3b:d2:9d:4c:dc:94:0e:45:
5f:26:cb:fb:4e:a5:37:d4:0c:32:6c:1e:e3:c8:b5:
c4:6a:c3:fb:3a:b5:11:87:99:9b:e3:38:73:d1:cc:
73:a6:e2:93:22:63:51:18:25:6f:ba:25:8a:d2:9a:
0c:96:53:67:8e:aa:a6:6a:17:39:dd:85:e3:a9:df:
e4:00:27:f8:4c:d2:7c:22:d3:f0:a4:8c:69:d7:ea:
3f:5d:28:22:92:e3:de:4b:11:80:52:66:04:bc:16:
b6:1b:d8:80:88:34:4a:b9:9a:2f:c4:8a:c9:e5:93:
1c:8c:54:6a:68:19:d2:cf:89:7f:96:69:4e:8a:f4:
d7:5c:4a:bb:99:b7:52:b3:8e:21:b0:5c:31:80:d4:
46:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:22:72:37:1F:A3:14:46:E4:62:6B:D7:3B:6A:35:C2:1E:90:98:26
X509v3 Authority Key Identifier:
keyid:9E:1A:CA:34:16:35:16:6F:80:2F:98:A9:7E:00:28:0C:CE:E6:4C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhrKNBY1Fm-AL5ipfgAoDM7mTOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/79fbc0-3351-4fff-b9d5-75561cbf104d/1/eCJyNx-jFEbkYmvXO2o1wh6QmCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/79fbc0-3351-4fff-b9d5-75561cbf104d/1/nhrKNBY1Fm-AL5ipfgAoDM7mTOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.128.224.0/22
Signature Algorithm: sha256WithRSAEncryption
88:d6:d0:d6:58:de:6f:fc:21:1a:d4:6c:9f:83:4a:ac:a8:cf:
d8:cf:c2:9e:52:a0:f1:c1:44:1b:bd:88:59:c3:05:35:c1:f5:
84:dc:c8:3e:cf:e5:fc:05:8c:d8:ce:d0:74:6a:40:c1:23:c2:
5f:7a:64:a7:34:66:e9:7e:76:a4:0b:74:1f:34:08:6a:5f:d8:
30:9d:d1:e5:82:c4:43:2a:01:0d:42:64:9e:24:08:40:4d:e1:
c5:f3:3a:97:58:63:c0:b4:71:8c:ed:90:35:32:84:15:85:da:
a7:57:16:87:1b:3c:2f:e1:ba:a1:d9:3e:7a:86:9a:c1:30:6d:
01:85:54:fc:0c:e1:df:33:30:cc:96:79:1a:22:84:e8:09:b3:
7e:a4:f9:d0:44:55:cc:df:98:04:d4:e2:0a:5e:e3:7f:ee:cb:
af:74:49:03:c1:fa:54:7b:47:e6:07:42:46:a1:13:16:fd:49:
c5:00:c1:a5:7c:51:24:8d:f3:6f:37:fd:41:52:af:ce:45:8f:
f2:8c:3a:64:ed:b5:84:ee:c3:a9:90:e1:06:2c:d3:2a:b6:71:
85:e8:eb:89:b9:a3:0e:2a:58:7c:9d:42:ce:76:07:cb:f9:dc:
49:df:89:b2:96:90:5a:80:77:51:96:92:f2:21:fd:e6:27:3b:
ee:d1:f4:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpBT9FGDaspzzJ9oBiUDi+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWFjYTM0MTYzNTE2NmY4MDJmOThhOTdlMDAyODBjY2Vl
NjRjZTIwHhcNMjMwODI5MTI0MTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODIyNzIzNzFmYTMxNDQ2ZTQ2MjZiZDczYjZhMzVjMjFlOTA5ODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApM3qB8iYEOMbxHHawKLhnksoFYTk
AFxY1AuKfWtWo7CuK1SvcWAWEpnsdL+LtEEHnS9jm+pHK2lntay7YUBbVVGzdZWB
ANRcNqDMH0seOlGpv5dkn6JFsrxvv6LDd45ga7tHu4yWv/1rlC/DyO3EO9KdTNyU
DkVfJsv7TqU31AwybB7jyLXEasP7OrURh5mb4zhz0cxzpuKTImNRGCVvuiWK0poM
llNnjqqmahc53YXjqd/kACf4TNJ8ItPwpIxp1+o/XSgikuPeSxGAUmYEvBa2G9iA
iDRKuZovxIrJ5ZMcjFRqaBnSz4l/lmlOivTXXEq7mbdSs44hsFwxgNRGIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHgicjcfoxRG5GJr1ztqNcIekJgmMB8GA1UdIwQY
MBaAFJ4ayjQWNRZvgC+YqX4AKAzO5kziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmhyS05CWTFGbS1BTDVpcGZnQW9ETTdtVE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS83OWZiYzAtMzM1MS00ZmZmLWI5ZDUt
NzU1NjFjYmYxMDRkLzEvZUNKeU54LWpGRWJrWW12WE8ybzF3aDZRbUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS83OWZiYzAtMzM1MS00ZmZmLWI5ZDUtNzU1NjFjYmYxMDRk
LzEvbmhyS05CWTFGbS1BTDVpcGZnQW9ETTdtVE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCioDgMA0G
CSqGSIb3DQEBCwUAA4IBAQCI1tDWWN5v/CEa1Gyfg0qsqM/Yz8KeUqDxwUQbvYhZ
wwU1wfWE3Mg+z+X8BYzYztB0akDBI8JfemSnNGbpfnakC3QfNAhqX9gwndHlgsRD
KgENQmSeJAhATeHF8zqXWGPAtHGM7ZA1MoQVhdqnVxaHGzwv4bqh2T56hprBMG0B
hVT8DOHfMzDMlnkaIoToCbN+pPnQRFXM35gE1OIKXuN/7suvdEkDwfpUe0fmB0JG
oRMW/UnFAMGlfFEkjfNvN/1BUq/ORY/yjDpk7bWE7sOpkOEGLNMqtnGF6OuJuaMO
Klh8nULOdgfL+dxJ34mylpBagHdRlpLyIf3mJzvu0fTx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:22 2025 by rpki-client