Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/7916e5-2463-4e0e-ba6d-5314accb0612/1/ghUufaBYD5fwg8eSLAyjeHm7lQE.roa
File: ghUufaBYD5fwg8eSLAyjeHm7lQE.roa (raw, json)
Hash identifier: EwIJiu10rcj6t8i2scMBa3/D5KJZnbMGobgWDRvYJp8=
Subject key identifier: 82:15:2E:7D:A0:58:0F:97:F0:83:C7:92:2C:0C:A3:78:79:BB:95:01
Certificate issuer: /CN=232bbc6f51cce01aeaacba80f2d0d26412e47f93
Certificate serial: 01857662C290E76F741535E664CE51115826
Authority key identifier: 23:2B:BC:6F:51:CC:E0:1A:EA:AC:BA:80:F2:D0:D2:64:12:E4:7F:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iyu8b1HM4BrqrLqA8tDSZBLkf5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/7916e5-2463-4e0e-ba6d-5314accb0612/1/ghUufaBYD5fwg8eSLAyjeHm7lQE.roa
Signing time: Tue 03 Jan 2023 06:47:41 +0000
ROA not before: Tue 03 Jan 2023 06:47:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60905
IP address blocks: 128.0.49.0/24 maxlen: 24
128.0.50.0/24 maxlen: 24
128.0.51.0/24 maxlen: 24
128.0.48.0/24 maxlen: 24
2a10:7bc0:0:1::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:76:62:c2:90:e7:6f:74:15:35:e6:64:ce:51:11:58:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=232bbc6f51cce01aeaacba80f2d0d26412e47f93
Validity
Not Before: Jan 3 06:47:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82152e7da0580f97f083c7922c0ca37879bb9501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:91:da:ad:33:0f:f1:dd:15:ab:2d:65:f5:a0:
db:6d:1f:f6:0a:db:f8:50:7a:d4:0e:5c:59:c3:5b:
e0:36:20:7c:dd:76:12:ea:4f:2d:dc:a7:cd:25:90:
67:eb:84:c6:f1:07:1b:22:86:21:27:c3:8d:8a:ff:
c5:e4:86:24:cb:cf:0a:1f:ba:c2:07:82:2e:77:f9:
d3:b7:a8:d3:20:7d:a4:8b:ea:f5:bd:ea:13:ad:5c:
14:8c:26:1c:6f:14:c4:24:c3:c2:2e:cb:3f:c9:d8:
3f:48:8a:0d:e3:47:bf:ec:ed:70:22:1c:48:d8:a5:
f9:cf:3e:75:6c:f8:ee:13:7c:7e:90:b4:5b:d5:26:
2a:98:af:ff:7c:1f:87:05:6a:2c:b0:07:39:cc:1d:
0a:17:55:43:79:62:84:4c:00:25:2e:2b:cd:b7:9c:
8e:8d:34:ea:11:09:ce:96:06:73:aa:13:ff:d0:dc:
41:5d:19:db:05:de:d9:11:58:99:14:98:31:22:b3:
73:54:f5:62:e1:e9:bc:bd:b2:f1:73:ca:a3:8b:ea:
41:aa:9b:59:b4:c4:1a:80:47:9e:16:c7:1d:ca:f3:
70:b6:76:df:19:0d:d6:13:cf:67:96:ee:d5:5f:88:
12:00:24:0f:cd:37:c0:9c:02:87:3b:ff:0d:34:39:
9f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:15:2E:7D:A0:58:0F:97:F0:83:C7:92:2C:0C:A3:78:79:BB:95:01
X509v3 Authority Key Identifier:
keyid:23:2B:BC:6F:51:CC:E0:1A:EA:AC:BA:80:F2:D0:D2:64:12:E4:7F:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iyu8b1HM4BrqrLqA8tDSZBLkf5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/7916e5-2463-4e0e-ba6d-5314accb0612/1/ghUufaBYD5fwg8eSLAyjeHm7lQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/7916e5-2463-4e0e-ba6d-5314accb0612/1/Iyu8b1HM4BrqrLqA8tDSZBLkf5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.48.0/22
IPv6:
2a10:7bc0:0:1::/64
Signature Algorithm: sha256WithRSAEncryption
24:c7:20:a2:7b:f0:9f:81:b2:8b:a3:df:4e:71:e0:36:c9:6d:
71:c4:e0:89:69:51:14:a5:06:65:df:18:1e:25:b9:e8:fc:81:
92:16:ab:b2:c6:66:ed:a5:d8:b7:53:fb:8b:91:4b:74:8f:45:
07:89:df:27:08:95:7f:43:95:d5:dc:38:12:53:e1:18:c9:35:
f4:94:69:06:db:c6:53:35:fa:8a:0c:65:61:b5:c8:47:76:49:
4e:04:2f:41:eb:57:96:e0:1a:5e:48:2f:3f:47:7c:80:7e:03:
d0:17:cc:b0:d4:18:d9:17:6d:21:f4:21:e1:88:53:71:f1:48:
a1:03:e7:e0:2c:41:5d:a0:d2:d0:1f:c0:2e:4b:e6:6d:27:c8:
1e:f7:8e:d3:20:60:91:07:d6:07:6a:bc:40:c7:28:78:33:82:
e2:b0:13:6a:1a:ee:1b:1a:77:42:9a:1c:56:43:ca:dc:36:02:
e6:38:56:60:f3:5f:69:82:18:25:a0:6f:97:27:aa:75:91:ec:
d7:ca:c4:50:6e:a2:bf:b8:9d:7f:4e:ef:fb:95:9a:55:eb:69:
96:29:14:a2:6b:25:59:89:12:30:67:0d:da:da:6d:1f:74:a0:
43:f7:fb:9f:62:4e:72:2f:1a:64:17:4f:29:f6:c2:97:41:4b:
ee:c8:99:75
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYV2YsKQ5290FTXmZM5REVgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMmJiYzZmNTFjY2UwMWFlYWFjYmE4MGYyZDBkMjY0MTJl
NDdmOTMwHhcNMjMwMTAzMDY0NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjE1MmU3ZGEwNTgwZjk3ZjA4M2M3OTIyYzBjYTM3ODc5YmI5NTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZHarTMP8d0Vqy1l9aDbbR/2Ctv4
UHrUDlxZw1vgNiB83XYS6k8t3KfNJZBn64TG8QcbIoYhJ8ONiv/F5IYky88KH7rC
B4Iud/nTt6jTIH2ki+r1veoTrVwUjCYcbxTEJMPCLss/ydg/SIoN40e/7O1wIhxI
2KX5zz51bPjuE3x+kLRb1SYqmK//fB+HBWossAc5zB0KF1VDeWKETAAlLivNt5yO
jTTqEQnOlgZzqhP/0NxBXRnbBd7ZEViZFJgxIrNzVPVi4em8vbLxc8qji+pBqptZ
tMQagEeeFscdyvNwtnbfGQ3WE89nlu7VX4gSACQPzTfAnAKHO/8NNDmfrQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFIIVLn2gWA+X8IPHkiwMo3h5u5UBMB8GA1UdIwQY
MBaAFCMrvG9RzOAa6qy6gPLQ0mQS5H+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXl1OGIxSE00QnJxckxxQTh0RFNaQkxrZjVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny83OTE2ZTUtMjQ2My00ZTBlLWJhNmQt
NTMxNGFjY2IwNjEyLzEvZ2hVdWZhQllENWZ3ZzhlU0xBeWplSG03bFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny83OTE2ZTUtMjQ2My00ZTBlLWJhNmQtNTMxNGFjY2IwNjEy
LzEvSXl1OGIxSE00QnJxckxxQTh0RFNaQkxrZjVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAMBAIAATAGAwQCgAAwMBEE
AgACMAsDCQAqEHvAAAAAATANBgkqhkiG9w0BAQsFAAOCAQEAJMcgonvwn4Gyi6Pf
TnHgNsltccTgiWlRFKUGZd8YHiW56PyBkharssZm7aXYt1P7i5FLdI9FB4nfJwiV
f0OV1dw4ElPhGMk19JRpBtvGUzX6igxlYbXIR3ZJTgQvQetXluAaXkgvP0d8gH4D
0BfMsNQY2RdtIfQh4YhTcfFIoQPn4CxBXaDS0B/ALkvmbSfIHveO0yBgkQfWB2q8
QMcoeDOC4rATahruGxp3QpocVkPK3DYC5jhWYPNfaYIYJaBvlyeqdZHs18rEUG6i
v7idf07v+5WaVetplikUomslWYkSMGcN2tptH3SgQ/f7n2JOci8aZBdPKfbCl0FL
7siZdQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:02:10 2025 by rpki-client