Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/Efpn5h4fF1KUqZrcYKZBKHV2XwE.roa
File: Efpn5h4fF1KUqZrcYKZBKHV2XwE.roa (raw, json)
Hash identifier: uQhxFM30vUUP0DORN17cn4+OjnOD4vhuLnb5KRb3JyA=
Subject key identifier: 11:FA:67:E6:1E:1F:17:52:94:A9:9A:DC:60:A6:41:28:75:76:5F:01
Certificate issuer: /CN=330e640f9d63ba943a97b3dc10d4c6844a5d3dc1
Certificate serial: 0189DEBD0C658391A3C2A811DD2A19A7A277
Authority key identifier: 33:0E:64:0F:9D:63:BA:94:3A:97:B3:DC:10:D4:C6:84:4A:5D:3D:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mw5kD51jupQ6l7PcENTGhEpdPcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/Efpn5h4fF1KUqZrcYKZBKHV2XwE.roa
Signing time: Thu 10 Aug 2023 09:17:58 +0000
ROA not before: Thu 10 Aug 2023 09:17:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5607
IP address blocks: 101.60.0.0/15 maxlen: 15
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:bd:0c:65:83:91:a3:c2:a8:11:dd:2a:19:a7:a2:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=330e640f9d63ba943a97b3dc10d4c6844a5d3dc1
Validity
Not Before: Aug 10 09:17:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11fa67e61e1f175294a99adc60a6412875765f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d2:4c:8f:45:e1:64:4d:c4:16:7c:01:39:b1:
44:25:8a:75:b6:37:b6:eb:cb:28:e2:8b:1a:8c:3f:
52:21:1e:81:c3:e5:6b:a1:76:99:ab:05:ae:ed:e8:
14:8e:83:d7:11:80:9c:53:66:b4:64:a2:2f:76:bb:
e6:6f:5e:69:30:ba:3d:42:36:04:59:a0:bb:85:be:
5a:1b:86:da:91:ec:f6:36:40:1b:16:17:c9:57:05:
d5:e6:1f:81:4d:35:10:7d:34:94:f7:88:af:68:7a:
c7:9b:b3:17:a9:0b:3f:51:b7:42:d4:16:b3:3e:48:
64:cb:67:ff:7d:a4:a1:be:9f:aa:8b:18:3d:44:73:
ec:51:ac:77:84:c7:93:e2:97:66:9e:d7:ec:b7:25:
b2:47:37:15:c3:c1:21:21:8b:5f:32:1d:b8:47:41:
e5:ac:2d:26:6b:f8:da:2c:2e:6e:df:77:35:f4:ad:
28:85:da:70:46:17:3c:f1:77:8f:8e:b3:d6:7c:84:
48:20:86:28:1f:28:2f:18:1a:0e:4f:af:64:ff:63:
30:61:47:11:48:7d:58:9a:b9:cd:ab:64:4a:90:9e:
63:5f:6b:ef:c1:91:0e:ce:2a:8f:54:54:80:99:36:
ac:01:97:83:b9:5c:4a:a8:a1:bd:05:ff:78:74:58:
6e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:FA:67:E6:1E:1F:17:52:94:A9:9A:DC:60:A6:41:28:75:76:5F:01
X509v3 Authority Key Identifier:
keyid:33:0E:64:0F:9D:63:BA:94:3A:97:B3:DC:10:D4:C6:84:4A:5D:3D:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mw5kD51jupQ6l7PcENTGhEpdPcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/Efpn5h4fF1KUqZrcYKZBKHV2XwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/Mw5kD51jupQ6l7PcENTGhEpdPcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
101.60.0.0/15
Signature Algorithm: sha256WithRSAEncryption
07:1f:25:90:19:49:97:a6:56:2c:8b:96:28:28:93:10:ff:2c:
c3:99:5c:96:2d:f4:cd:e8:b5:45:70:e2:cd:0c:db:c7:8b:83:
6e:57:cf:92:47:e8:93:81:98:af:2e:76:ba:6a:2d:7f:82:4c:
63:e1:aa:7c:cf:c6:5d:1e:7c:f7:e2:7a:3c:2f:c1:3b:af:c6:
1c:79:bd:c3:01:c0:25:70:5c:bf:23:f5:1d:8e:d1:4e:f7:03:
7d:70:72:bd:ab:f0:47:de:33:91:0c:d4:76:f7:80:11:0c:d3:
01:d5:be:49:b8:9d:4c:d2:57:f0:d9:b7:1c:88:f9:3a:9b:5c:
f6:7e:25:0b:4f:50:43:0a:4d:6e:0e:bc:24:e1:65:ae:9f:9d:
91:d1:b0:27:36:91:93:34:90:14:89:9f:55:1b:57:39:e7:a1:
9a:c2:4e:14:19:80:1b:cd:91:d2:36:31:da:3a:24:40:f5:19:
de:e3:ce:62:5b:73:46:d5:d0:77:b5:a3:e6:da:b1:e5:32:6c:
85:47:2a:f8:1c:18:2d:48:10:30:81:11:f9:94:f1:16:fe:64:
18:c6:aa:98:d7:bc:03:14:4c:5c:fe:16:f4:60:6e:91:54:bf:
60:e9:20:b1:df:8f:28:4a:9b:79:9f:32:c9:a2:f2:a1:74:c2:
07:db:9e:e3
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYnevQxlg5GjwqgR3SoZp6J3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMGU2NDBmOWQ2M2JhOTQzYTk3YjNkYzEwZDRjNjg0NGE1
ZDNkYzEwHhcNMjMwODEwMDkxNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWZhNjdlNjFlMWYxNzUyOTRhOTlhZGM2MGE2NDEyODc1NzY1ZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9JMj0XhZE3EFnwBObFEJYp1tje2
68so4osajD9SIR6Bw+VroXaZqwWu7egUjoPXEYCcU2a0ZKIvdrvmb15pMLo9QjYE
WaC7hb5aG4bakez2NkAbFhfJVwXV5h+BTTUQfTSU94ivaHrHm7MXqQs/UbdC1Baz
Pkhky2f/faShvp+qixg9RHPsUax3hMeT4pdmntfstyWyRzcVw8EhIYtfMh24R0Hl
rC0ma/jaLC5u33c19K0ohdpwRhc88XePjrPWfIRIIIYoHygvGBoOT69k/2MwYUcR
SH1YmrnNq2RKkJ5jX2vvwZEOziqPVFSAmTasAZeDuVxKqKG9Bf94dFhuywIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFBH6Z+YeHxdSlKma3GCmQSh1dl8BMB8GA1UdIwQY
MBaAFDMOZA+dY7qUOpez3BDUxoRKXT3BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXc1a0Q1MWp1cFE2bDdQY0VOVEdoRXBkUGNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9lNzE4ZTQtNTNiNy00N2JiLWEzMzYt
NWExNzcxOWQ0NDllLzEvRWZwbjVoNGZGMUtVcVpyY1lLWkJLSFYyWHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9lNzE4ZTQtNTNiNy00N2JiLWEzMzYtNWExNzcxOWQ0NDll
LzEvTXc1a0Q1MWp1cFE2bDdQY0VOVEdoRXBkUGNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBZTwwDQYJ
KoZIhvcNAQELBQADggEBAAcfJZAZSZemViyLligokxD/LMOZXJYt9M3otUVw4s0M
28eLg25Xz5JH6JOBmK8udrpqLX+CTGPhqnzPxl0efPfiejwvwTuvxhx5vcMBwCVw
XL8j9R2O0U73A31wcr2r8EfeM5EM1Hb3gBEM0wHVvkm4nUzSV/DZtxyI+TqbXPZ+
JQtPUEMKTW4OvCThZa6fnZHRsCc2kZM0kBSJn1UbVznnoZrCThQZgBvNkdI2Mdo6
JED1Gd7jzmJbc0bV0He1o+baseUybIVHKvgcGC1IEDCBEfmU8Rb+ZBjGqpjXvAMU
TFz+FvRgbpFUv2DpILHfjyhKm3mfMsmi8qF0wgfbnuM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:41 2025 by rpki-client