Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/a5b368-3313-4132-9897-d017957ea39e/1/ehPZZPzfBnLClCs1ah8ttBRIu54.roa
File: ehPZZPzfBnLClCs1ah8ttBRIu54.roa (raw, json)
Hash identifier: LD24EczXSFAvVB5CRQK5+pMnLAh7muCVCKGZ0eW0ZI8=
Subject key identifier: 7A:13:D9:64:FC:DF:06:72:C2:94:2B:35:6A:1F:2D:B4:14:48:BB:9E
Certificate issuer: /CN=04b1e756edb1c3bd2f57669f582bf6a951b83f48
Certificate serial: 12E1C51A
Authority key identifier: 04:B1:E7:56:ED:B1:C3:BD:2F:57:66:9F:58:2B:F6:A9:51:B8:3F:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BLHnVu2xw70vV2afWCv2qVG4P0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/a5b368-3313-4132-9897-d017957ea39e/1/ehPZZPzfBnLClCs1ah8ttBRIu54.roa
Signing time: Sat 01 Jan 2022 01:58:08 +0000
ROA not before: Sat 01 Jan 2022 01:58:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 192.124.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 316785946 (0x12e1c51a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04b1e756edb1c3bd2f57669f582bf6a951b83f48
Validity
Not Before: Jan 1 01:58:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a13d964fcdf0672c2942b356a1f2db41448bb9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0f:fa:4a:a9:be:4c:a1:1c:7f:bc:80:e5:75:
12:cf:8e:49:89:a6:c3:68:c0:7b:d8:a2:04:bd:a3:
f3:62:c2:fc:03:ab:49:83:78:ce:42:31:fe:e5:e2:
94:06:39:ee:22:eb:03:31:bd:6c:33:44:4a:4c:46:
e3:54:de:27:50:de:d4:bd:60:23:e9:74:2a:17:a4:
dd:de:79:66:8c:35:2b:2d:31:6c:0b:71:54:55:e7:
6c:f8:d3:d4:c0:7b:98:7b:13:85:78:0d:cd:21:2b:
1c:8f:b7:63:af:c2:ec:ab:ff:2c:2b:4b:cc:37:1f:
5e:ba:c2:37:b4:5a:7b:28:5b:a1:c8:d1:00:ec:8a:
0f:63:21:56:ac:c7:6c:d0:c2:86:9c:42:08:53:e8:
b4:05:bc:41:a8:2a:3a:5e:9f:09:c9:cf:cc:65:ed:
30:ab:0b:ea:06:36:e9:dc:7a:9f:3c:a5:a5:39:4b:
83:e1:94:00:f6:1d:cb:c7:45:d5:c7:d4:58:04:4a:
3b:b5:dc:cd:9f:a0:7e:bd:78:43:a8:40:e4:79:42:
5c:76:d6:c0:6f:f7:76:53:a7:a3:27:ea:ab:06:56:
e8:c7:c5:3f:12:b7:59:84:6a:37:83:9a:c1:42:4c:
9b:d8:4c:6e:1a:1b:f5:36:2f:0f:92:57:eb:4f:ff:
59:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:13:D9:64:FC:DF:06:72:C2:94:2B:35:6A:1F:2D:B4:14:48:BB:9E
X509v3 Authority Key Identifier:
keyid:04:B1:E7:56:ED:B1:C3:BD:2F:57:66:9F:58:2B:F6:A9:51:B8:3F:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BLHnVu2xw70vV2afWCv2qVG4P0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a5b368-3313-4132-9897-d017957ea39e/1/ehPZZPzfBnLClCs1ah8ttBRIu54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a5b368-3313-4132-9897-d017957ea39e/1/BLHnVu2xw70vV2afWCv2qVG4P0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.245.0/24
Signature Algorithm: sha256WithRSAEncryption
66:78:82:3d:52:ff:8b:f5:d4:78:53:26:e4:78:f0:2f:89:8d:
cd:08:81:96:b9:4b:7e:34:a1:b2:35:9c:df:05:d6:48:90:d1:
37:43:6d:11:1d:b0:6b:e7:7d:7e:35:a1:58:71:4c:f8:96:3f:
50:e7:e0:c4:d8:00:2d:25:ee:33:c8:3c:29:1e:5e:6d:7d:17:
56:aa:f4:8b:ae:b7:df:b1:18:b0:71:15:5b:87:4c:7e:d1:1b:
cb:61:34:1b:35:91:21:cd:82:f6:7e:2d:4a:e2:b6:af:26:69:
31:6d:fd:77:66:1f:f3:25:9d:73:72:3f:d8:14:bc:b7:ec:4e:
f0:20:ba:ef:b9:36:e8:6a:60:01:49:9f:2d:5a:84:24:37:5c:
9c:a9:51:bf:46:0d:ed:79:1b:db:7c:97:2d:87:92:d9:66:f6:
fa:cc:e5:f3:7d:cb:30:89:57:13:29:82:f2:30:a0:04:b8:17:
f6:68:24:64:a5:61:81:53:de:ae:9f:00:e3:aa:d5:4a:97:5e:
41:e9:e9:20:7d:c2:0d:ff:70:21:92:10:f8:04:be:47:e0:ed:
d9:e1:eb:dc:98:cb:07:8f:b5:76:2c:e8:45:ea:0b:12:eb:bf:
f7:3c:c3:ac:7d:0a:52:e8:de:ea:ff:d6:c6:4b:13:4f:9b:87:
24:17:d7:d2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEuHFGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGIxZTc1NmVkYjFjM2JkMmY1NzY2OWY1ODJiZjZhOTUxYjgzZjQ4MB4XDTIyMDEw
MTAxNTgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ExM2Q5NjRmY2Rm
MDY3MmMyOTQyYjM1NmExZjJkYjQxNDQ4YmI5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoP+kqpvkyhHH+8gOV1Es+OSYmmw2jAe9iiBL2j82LC/AOr
SYN4zkIx/uXilAY57iLrAzG9bDNESkxG41TeJ1De1L1gI+l0Khek3d55Zow1Ky0x
bAtxVFXnbPjT1MB7mHsThXgNzSErHI+3Y6/C7Kv/LCtLzDcfXrrCN7RaeyhbocjR
AOyKD2MhVqzHbNDChpxCCFPotAW8QagqOl6fCcnPzGXtMKsL6gY26dx6nzylpTlL
g+GUAPYdy8dF1cfUWARKO7XczZ+gfr14Q6hA5HlCXHbWwG/3dlOnoyfqqwZW6MfF
PxK3WYRqN4OawUJMm9hMbhob9TYvD5JX60//WSsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR6E9lk/N8GcsKUKzVqHy20FEi7njAfBgNVHSMEGDAWgBQEsedW7bHDvS9X
Zp9YK/apUbg/SDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JMSG5WdTJ4dzcwdlYyYWZXQ3YycVZHNFAwZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvYTViMzY4LTMzMTMtNDEzMi05ODk3LWQwMTc5NTdlYTM5ZS8x
L2VoUFpaUHpmQm5MQ2xDczFhaDh0dEJSSXU1NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
YTViMzY4LTMzMTMtNDEzMi05ODk3LWQwMTc5NTdlYTM5ZS8xL0JMSG5WdTJ4dzcw
dlYyYWZXQ3YycVZHNFAwZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMB89TANBgkqhkiG9w0BAQsFAAOC
AQEAZniCPVL/i/XUeFMm5HjwL4mNzQiBlrlLfjShsjWc3wXWSJDRN0NtER2wa+d9
fjWhWHFM+JY/UOfgxNgALSXuM8g8KR5ebX0XVqr0i66337EYsHEVW4dMftEby2E0
GzWRIc2C9n4tSuK2ryZpMW39d2Yf8yWdc3I/2BS8t+xO8CC677k26GpgAUmfLVqE
JDdcnKlRv0YN7Xkb23yXLYeS2Wb2+szl833LMIlXEymC8jCgBLgX9mgkZKVhgVPe
rp8A46rVSpdeQenpIH3CDf9wIZIQ+AS+R+Dt2eHr3JjLB4+1dizoReoLEuu/9zzD
rH0KUuje6v/WxksTT5uHJBfX0g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:37 2025 by rpki-client