Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/66bd3a-5121-490d-8c92-6ea94a961d4c/1/ek9hgqykZr-rqHJvvWPqp02Di8o.roa
File: ek9hgqykZr-rqHJvvWPqp02Di8o.roa (raw, json)
Hash identifier: WnWFjzfi13keJ+dDTTwN1eeyhesOMFqU14TG2U/9jHY=
Subject key identifier: 7A:4F:61:82:AC:A4:66:BF:AB:A8:72:6F:BD:63:EA:A7:4D:83:8B:CA
Certificate issuer: /CN=4f4da09fbbe90fb79f0f08b207f835f0f0da29fe
Certificate serial: 01856D4192687E1FF20C1F3488E39DF1C59D
Authority key identifier: 4F:4D:A0:9F:BB:E9:0F:B7:9F:0F:08:B2:07:F8:35:F0:F0:DA:29:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T02gn7vpD7efDwiyB_g18PDaKf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/66bd3a-5121-490d-8c92-6ea94a961d4c/1/ek9hgqykZr-rqHJvvWPqp02Di8o.roa
Signing time: Sun 01 Jan 2023 12:14:51 +0000
ROA not before: Sun 01 Jan 2023 12:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15576
IP address blocks: 185.75.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:92:68:7e:1f:f2:0c:1f:34:88:e3:9d:f1:c5:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f4da09fbbe90fb79f0f08b207f835f0f0da29fe
Validity
Not Before: Jan 1 12:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a4f6182aca466bfaba8726fbd63eaa74d838bca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2d:f6:3a:d4:64:24:af:32:8a:db:d7:a2:17:
51:e5:18:23:2f:cf:a2:af:56:64:12:09:0f:27:b5:
6f:2c:e9:f1:16:06:ca:eb:3b:99:ea:d2:56:ea:6c:
ba:2b:40:ce:1b:e4:aa:47:be:6e:cc:96:7e:fb:0d:
b5:9f:a8:a9:de:ee:a2:9c:7a:c5:6a:26:83:98:d4:
e2:be:33:aa:af:22:c7:26:e3:14:19:70:fd:ef:fe:
2f:5f:7b:26:08:a4:e0:7c:48:f9:21:86:14:a8:65:
4c:ea:d7:e0:43:90:d4:64:86:9f:6b:11:9a:ad:83:
54:9b:4d:46:f8:b0:27:bf:a4:4c:22:c5:26:8e:7f:
29:f1:f3:0a:a4:1a:ec:c1:c7:51:8b:30:1b:58:a9:
bf:d5:f4:f7:88:54:18:54:e1:ff:7b:13:b5:ad:bd:
4d:b5:cf:e2:67:6b:06:75:6b:ee:64:7c:77:87:da:
33:c2:e6:35:d3:95:db:aa:32:22:f4:bf:f3:3b:b4:
32:e3:9d:7f:27:00:52:e8:25:d6:31:3f:bf:4d:61:
65:85:f4:16:17:0d:b5:55:68:ee:4d:af:79:bb:9c:
4c:8f:40:07:d8:9e:68:09:0a:93:0d:9c:92:42:98:
21:ab:d0:81:4a:4a:07:32:aa:d4:46:a8:e8:2c:2b:
e5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4F:61:82:AC:A4:66:BF:AB:A8:72:6F:BD:63:EA:A7:4D:83:8B:CA
X509v3 Authority Key Identifier:
keyid:4F:4D:A0:9F:BB:E9:0F:B7:9F:0F:08:B2:07:F8:35:F0:F0:DA:29:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T02gn7vpD7efDwiyB_g18PDaKf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/66bd3a-5121-490d-8c92-6ea94a961d4c/1/ek9hgqykZr-rqHJvvWPqp02Di8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/66bd3a-5121-490d-8c92-6ea94a961d4c/1/T02gn7vpD7efDwiyB_g18PDaKf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.153.0/24
Signature Algorithm: sha256WithRSAEncryption
38:87:10:d7:02:73:a2:53:b1:81:7c:8f:cf:53:ca:1a:c6:12:
ca:bf:14:e5:34:2c:12:52:df:ab:eb:39:5f:56:06:dc:54:62:
f0:9d:69:b8:d9:9e:89:8c:23:16:ed:a6:ce:2c:f5:92:66:db:
e0:ce:33:c7:5d:fd:2c:21:4a:6d:8c:8f:eb:a2:6e:1e:e1:32:
28:c1:a6:4c:b5:5b:5f:41:6b:69:ab:63:9c:7f:e0:82:70:e1:
56:c7:30:d4:34:c0:44:bc:2d:80:e3:f6:a1:3f:ba:95:c5:02:
04:ac:38:f0:2a:8b:bc:af:ed:b3:97:ea:e8:7c:fc:3f:e0:49:
75:ce:fe:7d:26:d1:42:bc:77:28:d6:14:ec:67:a3:ad:e8:39:
48:48:bf:89:2d:6d:f7:99:61:38:f9:4e:95:20:6a:c7:7d:ba:
62:12:fd:df:25:38:77:62:d5:01:9a:8a:d3:d4:8a:e0:9c:51:
0b:69:2a:56:11:1d:84:4c:62:06:03:42:75:e2:d3:e4:ef:bf:
2f:be:fc:ed:00:3e:14:b6:7f:92:c3:d5:37:b3:3a:17:fe:3e:
f2:bf:0d:b3:91:56:bc:11:20:a5:7e:5f:ad:48:8f:7b:fa:7c:
1e:10:49:00:b4:80:40:c3:94:b6:c1:f5:af:1a:ff:e7:7a:69:
7f:b6:60:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQZJofh/yDB80iOOd8cWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNGRhMDlmYmJlOTBmYjc5ZjBmMDhiMjA3ZjgzNWYwZjBk
YTI5ZmUwHhcNMjMwMTAxMTIxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTRmNjE4MmFjYTQ2NmJmYWJhODcyNmZiZDYzZWFhNzRkODM4YmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS32OtRkJK8yitvXohdR5RgjL8+i
r1ZkEgkPJ7VvLOnxFgbK6zuZ6tJW6my6K0DOG+SqR75uzJZ++w21n6ip3u6inHrF
aiaDmNTivjOqryLHJuMUGXD97/4vX3smCKTgfEj5IYYUqGVM6tfgQ5DUZIafaxGa
rYNUm01G+LAnv6RMIsUmjn8p8fMKpBrswcdRizAbWKm/1fT3iFQYVOH/exO1rb1N
tc/iZ2sGdWvuZHx3h9ozwuY105XbqjIi9L/zO7Qy451/JwBS6CXWMT+/TWFlhfQW
Fw21VWjuTa95u5xMj0AH2J5oCQqTDZySQpghq9CBSkoHMqrURqjoLCvlbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHpPYYKspGa/q6hyb71j6qdNg4vKMB8GA1UdIwQY
MBaAFE9NoJ+76Q+3nw8Isgf4NfDw2in+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDAyZ243dnBEN2VmRHdpeUJfZzE4UERhS2Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My82NmJkM2EtNTEyMS00OTBkLThjOTIt
NmVhOTRhOTYxZDRjLzEvZWs5aGdxeWtaci1ycUhKdnZXUHFwMDJEaThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My82NmJkM2EtNTEyMS00OTBkLThjOTItNmVhOTRhOTYxZDRj
LzEvVDAyZ243dnBEN2VmRHdpeUJfZzE4UERhS2Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUuZMA0G
CSqGSIb3DQEBCwUAA4IBAQA4hxDXAnOiU7GBfI/PU8oaxhLKvxTlNCwSUt+r6zlf
VgbcVGLwnWm42Z6JjCMW7abOLPWSZtvgzjPHXf0sIUptjI/rom4e4TIowaZMtVtf
QWtpq2Ocf+CCcOFWxzDUNMBEvC2A4/ahP7qVxQIErDjwKou8r+2zl+rofPw/4El1
zv59JtFCvHco1hTsZ6Ot6DlISL+JLW33mWE4+U6VIGrHfbpiEv3fJTh3YtUBmorT
1IrgnFELaSpWER2ETGIGA0J14tPk778vvvztAD4Utn+Sw9U3szoX/j7yvw2zkVa8
ESClfl+tSI97+nweEEkAtIBAw5S2wfWvGv/neml/tmAx
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:02 2025 by rpki-client