Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/6OtmEVnKXwGlLTQYSWYtD-n0Eac.roa
File: 6OtmEVnKXwGlLTQYSWYtD-n0Eac.roa (raw, json)
Hash identifier: 2chN2jJy5b0xyIaRhIJIVzVAt/BOlZX5vDZoz18tIkY=
Subject key identifier: E8:EB:66:11:59:CA:5F:01:A5:2D:34:18:49:66:2D:0F:E9:F4:11:A7
Certificate issuer: /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial: 01856F8B6A106A155DB091C08D352AE7CB1D
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/6OtmEVnKXwGlLTQYSWYtD-n0Eac.roa
Signing time: Sun 01 Jan 2023 22:54:45 +0000
ROA not before: Sun 01 Jan 2023 22:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 37.9.176.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:6a:10:6a:15:5d:b0:91:c0:8d:35:2a:e7:cb:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Validity
Not Before: Jan 1 22:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8eb661159ca5f01a52d341849662d0fe9f411a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a4:fa:91:ac:2f:d5:bd:bf:5e:f8:71:99:12:
27:a8:72:a6:ac:f9:d2:fa:84:30:38:09:3e:8c:13:
b9:0a:cc:1b:e2:e6:77:6e:6e:67:6a:2e:8f:d8:fe:
20:ad:43:34:8b:35:e0:d7:a3:b3:c4:de:d3:85:23:
10:f4:dc:53:ab:51:b6:5f:aa:3b:68:66:52:73:31:
ad:0a:5f:68:cc:09:b4:80:63:74:16:06:71:cb:e6:
a0:33:73:74:e5:d1:64:89:6c:4f:6a:e9:0e:93:d2:
35:f3:08:37:d6:36:e2:31:59:e5:0f:e5:f4:3f:6e:
39:3a:4d:15:9a:46:05:ba:1d:52:7c:7b:e3:2f:5c:
91:55:b2:83:34:3e:55:b1:9f:ef:5c:b3:71:7d:ef:
2d:a5:71:ff:52:f5:bb:30:1d:6c:e8:88:a1:8e:d0:
57:37:a9:01:88:2b:21:4e:29:c9:1e:89:f4:07:63:
39:08:06:37:7c:16:a6:77:c0:0b:91:76:c0:b2:d2:
7f:88:a6:58:b3:91:ba:02:b2:4a:a0:53:c8:96:da:
1f:63:47:e9:35:91:b0:2f:6d:6e:6e:1f:03:d5:8d:
36:e6:af:97:64:71:b8:14:ca:9e:f1:25:1f:9f:83:
ca:8d:e1:de:fb:3d:85:6b:9a:90:0b:ad:ee:3b:1a:
de:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:EB:66:11:59:CA:5F:01:A5:2D:34:18:49:66:2D:0F:E9:F4:11:A7
X509v3 Authority Key Identifier:
keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/6OtmEVnKXwGlLTQYSWYtD-n0Eac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.176.0/21
Signature Algorithm: sha256WithRSAEncryption
10:87:3d:6e:c1:eb:4a:30:95:a8:95:6e:24:bf:f4:46:c7:8f:
c4:14:45:f0:02:b0:c0:bf:9c:66:0b:1a:78:ba:b0:fa:2f:9d:
03:6c:f5:a1:a3:87:3c:0b:ad:07:fb:61:d7:b3:5d:62:3c:53:
e7:c2:47:33:ab:a9:92:59:69:e3:17:04:7e:1e:c4:08:79:ae:
b4:94:92:48:c9:36:5c:29:00:b7:71:d2:a5:b5:80:6c:67:14:
c9:35:b6:b2:ee:d4:e3:3c:4d:b2:14:e5:f7:e5:a8:21:91:04:
87:6c:2d:1d:f8:0f:29:6e:68:b6:52:1c:1d:80:1b:44:71:4a:
23:3e:e2:32:6f:c7:2b:b7:57:6c:4d:39:68:4a:39:10:95:6a:
bb:70:8d:3e:6b:32:9f:7f:5d:a1:4a:f3:ab:1f:88:03:29:bb:
0f:95:e9:d7:ef:93:f4:39:7c:ee:b1:89:5f:0e:c3:c7:36:a7:
24:ec:a5:90:00:73:e6:9d:64:0c:25:af:7a:bf:60:dc:1f:e1:
60:b4:0b:da:4b:46:26:21:20:a4:82:4a:23:f2:c4:e2:be:99:
cd:c3:d3:1d:09:77:c8:96:c4:ab:a2:75:47:6a:bc:b6:68:35:
de:d8:83:f3:fe:36:32:3d:d6:eb:c3:5e:20:ed:99:a5:9d:71:
d9:2c:34:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi2oQahVdsJHAjTUq58sdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjcxZmVjMzhmMDBjNDAyZjMwNjZmMTNjNzkyZTFhMGVk
MTZkYjMwHhcNMjMwMTAxMjI1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGViNjYxMTU5Y2E1ZjAxYTUyZDM0MTg0OTY2MmQwZmU5ZjQxMWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqT6kawv1b2/XvhxmRInqHKmrPnS
+oQwOAk+jBO5Cswb4uZ3bm5nai6P2P4grUM0izXg16OzxN7ThSMQ9NxTq1G2X6o7
aGZSczGtCl9ozAm0gGN0FgZxy+agM3N05dFkiWxPaukOk9I18wg31jbiMVnlD+X0
P245Ok0VmkYFuh1SfHvjL1yRVbKDND5VsZ/vXLNxfe8tpXH/UvW7MB1s6IihjtBX
N6kBiCshTinJHon0B2M5CAY3fBamd8ALkXbAstJ/iKZYs5G6ArJKoFPIltofY0fp
NZGwL21ubh8D1Y025q+XZHG4FMqe8SUfn4PKjeHe+z2Fa5qQC63uOxreoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOjrZhFZyl8BpS00GElmLQ/p9BGnMB8GA1UdIwQY
MBaAFA9nH+w48AxALzBm8Tx5LhoO0W2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTIt
OTc3MzA1YzcwMDUxLzEvNk90bUVWbktYd0dsTFRRWVNXWXRELW4wRWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTItOTc3MzA1YzcwMDUx
LzEvRDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJQmwMA0G
CSqGSIb3DQEBCwUAA4IBAQAQhz1uwetKMJWolW4kv/RGx4/EFEXwArDAv5xmCxp4
urD6L50DbPWho4c8C60H+2HXs11iPFPnwkczq6mSWWnjFwR+HsQIea60lJJIyTZc
KQC3cdKltYBsZxTJNbay7tTjPE2yFOX35aghkQSHbC0d+A8pbmi2UhwdgBtEcUoj
PuIyb8crt1dsTTloSjkQlWq7cI0+azKff12hSvOrH4gDKbsPlenX75P0OXzusYlf
DsPHNqck7KWQAHPmnWQMJa96v2DcH+FgtAvaS0YmISCkgkoj8sTivpnNw9MdCXfI
lsSronVHary2aDXe2IPz/jYyPdbrw14g7ZmlnXHZLDTn
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:10:26 2025 by rpki-client