Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/eUhJFnMckTUEP35x2wKOpdlmgYc.roa
File: eUhJFnMckTUEP35x2wKOpdlmgYc.roa (raw, json)
Hash identifier: mAPhTiglO1RpPbJ6JQ5cP9tO/AbTu2A5Z7x3PGPu5aI=
Subject key identifier: 79:48:49:16:73:1C:91:35:04:3F:7E:71:DB:02:8E:A5:D9:66:81:87
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 01856D41894EE74488863F4ED553309BB0F0
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/eUhJFnMckTUEP35x2wKOpdlmgYc.roa
Signing time: Sun 01 Jan 2023 12:14:49 +0000
ROA not before: Sun 01 Jan 2023 12:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1764
IP address blocks: 2a03:e600::/32 maxlen: 32
2001:678:c1c::/48 maxlen: 48
2a01:190::/29 maxlen: 32
2a04:9300::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:89:4e:e7:44:88:86:3f:4e:d5:53:30:9b:b0:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Jan 1 12:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79484916731c9135043f7e71db028ea5d9668187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ad:b5:7a:ad:cc:24:93:41:2e:39:4c:39:46:
82:e1:7e:25:3e:ca:0f:ec:29:ee:fa:bd:82:9a:c0:
5f:2e:3b:3c:90:85:18:bc:78:c2:63:18:57:a8:1d:
7f:f0:51:2d:a3:c9:c3:d7:06:f6:cd:20:ee:7e:89:
10:1e:35:4b:82:14:69:17:ba:48:18:21:01:9f:1d:
5e:aa:b4:fb:d5:45:bc:56:6d:53:cf:c5:a8:4a:98:
ab:b7:47:b1:7f:1d:52:41:88:e8:cd:c1:97:b7:9c:
be:cb:1d:bc:3d:cf:e5:61:17:af:45:d9:07:dc:bb:
02:a5:6d:26:72:29:67:60:86:2f:82:a9:4a:b4:21:
54:7d:27:c4:c5:4c:4a:2d:f0:02:68:0b:dc:74:e2:
61:0f:c6:ea:a5:92:62:5c:89:cc:7b:ef:4a:32:2f:
fa:30:9d:39:e5:fe:e6:a4:bd:0e:88:d1:93:7f:a5:
33:a7:11:ad:c9:7b:0a:db:6f:9b:89:bd:c2:36:f7:
43:4d:36:8a:64:3b:66:48:7c:ed:c2:42:3b:f4:5d:
79:9a:a9:5b:dd:69:ef:5a:5a:a1:54:f8:2e:22:e3:
54:ec:5e:bc:80:65:46:7e:1d:18:58:a1:9d:e3:ec:
ff:5b:14:76:9a:b6:23:41:12:69:65:b2:92:55:df:
43:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:48:49:16:73:1C:91:35:04:3F:7E:71:DB:02:8E:A5:D9:66:81:87
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/eUhJFnMckTUEP35x2wKOpdlmgYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c1c::/48
2a01:190::/29
2a03:e600::/32
2a04:9300::/29
Signature Algorithm: sha256WithRSAEncryption
0f:09:b3:0e:b7:ae:11:9c:06:73:c6:65:69:80:11:69:fe:d7:
e4:ea:71:58:e5:27:01:25:43:28:01:10:93:16:fc:de:ec:1b:
9b:6f:b9:f5:a5:a9:f5:54:d1:4f:c4:ef:ac:db:a4:09:10:7c:
1c:e8:85:7a:a8:93:9a:78:db:93:84:9a:b1:50:e7:85:95:14:
b1:65:dc:d7:44:04:85:f2:39:7a:53:f0:65:c3:ed:13:46:b5:
16:99:42:b4:e6:eb:9d:4e:ad:50:fc:69:2d:d2:58:d3:a1:8c:
e4:db:86:93:b5:88:ea:b9:23:75:27:d1:66:3e:b7:5d:5d:7b:
5f:95:34:40:f2:49:ac:40:d8:ea:3e:99:7b:9d:bf:4b:95:d1:
d1:2a:f8:51:7e:20:dd:92:7d:ee:bc:e5:6e:af:7e:ef:6b:11:
29:94:cd:a5:77:20:f7:f8:1b:74:22:97:df:34:01:9d:22:e8:
e9:b2:e7:02:9d:67:8e:de:f1:71:50:f9:3b:1e:8d:6d:6a:f1:
0c:ce:31:2d:22:18:a8:b5:b7:45:47:4a:b9:30:ef:a4:b7:e0:
91:47:f8:72:41:c2:10:08:25:91:98:8e:83:78:f2:e3:78:e5:
54:b3:d7:f0:d9:b2:6c:62:eb:8d:2d:81:89:b1:3a:bc:2b:ae:
b7:00:66:a0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVtQYlO50SIhj9O1VMwm7DwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NzNkODQ5YjdkNTA0NzM3NmQ1N2U2Zjc5NmYwMDE4Yjcw
YjQ1MDYwHhcNMjMwMTAxMTIxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTQ4NDkxNjczMWM5MTM1MDQzZjdlNzFkYjAyOGVhNWQ5NjY4MTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq21eq3MJJNBLjlMOUaC4X4lPsoP
7Cnu+r2CmsBfLjs8kIUYvHjCYxhXqB1/8FEto8nD1wb2zSDufokQHjVLghRpF7pI
GCEBnx1eqrT71UW8Vm1Tz8WoSpirt0exfx1SQYjozcGXt5y+yx28Pc/lYRevRdkH
3LsCpW0mcilnYIYvgqlKtCFUfSfExUxKLfACaAvcdOJhD8bqpZJiXInMe+9KMi/6
MJ055f7mpL0OiNGTf6UzpxGtyXsK22+bib3CNvdDTTaKZDtmSHztwkI79F15mqlb
3WnvWlqhVPguIuNU7F68gGVGfh0YWKGd4+z/WxR2mrYjQRJpZbKSVd9D0QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHlISRZzHJE1BD9+cdsCjqXZZoGHMB8GA1UdIwQY
MBaAFNZz2Em31QRzdtV+b3lvABi3C0UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgt
OGVlYjc1N2NmNTQ1LzEvZVVoSkZuTWNrVFVFUDM1eDJ3S09wZGxtZ1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgtOGVlYjc1N2NmNTQ1
LzEvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwcAIAEGeAwc
AwUDKgEBkAMFACoD5gADBQMqBJMAMA0GCSqGSIb3DQEBCwUAA4IBAQAPCbMOt64R
nAZzxmVpgBFp/tfk6nFY5ScBJUMoARCTFvze7Bubb7n1pan1VNFPxO+s26QJEHwc
6IV6qJOaeNuThJqxUOeFlRSxZdzXRASF8jl6U/Blw+0TRrUWmUK05uudTq1Q/Gkt
0ljToYzk24aTtYjquSN1J9FmPrddXXtflTRA8kmsQNjqPpl7nb9LldHRKvhRfiDd
kn3uvOVur37vaxEplM2ldyD3+Bt0IpffNAGdIujpsucCnWeO3vFxUPk7Ho1tavEM
zjEtIhiotbdFR0q5MO+kt+CRR/hyQcIQCCWRmI6DePLjeOVUs9fw2bJsYuuNLYGJ
sTq8K663AGag
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:18:08 2025 by rpki-client