Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/43cd98-6f8a-44cf-95bd-420f9c8eafa4/1/1y-OWbM4H0MhCzpmUiGVlgrfMgc.roa
File: 1y-OWbM4H0MhCzpmUiGVlgrfMgc.roa (raw, json)
Hash identifier: 6XdaRpZ/clSxV0SGvRBFv5OnN2kGTeAvp6GBADbkK6c=
Subject key identifier: D7:2F:8E:59:B3:38:1F:43:21:0B:3A:66:52:21:95:96:0A:DF:32:07
Certificate issuer: /CN=0268b930beeca51fbf3543fe79f9b19345cf13d5
Certificate serial: 01856F7008D4D9193808FACF7D5DD06CF939
Authority key identifier: 02:68:B9:30:BE:EC:A5:1F:BF:35:43:FE:79:F9:B1:93:45:CF:13:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ami5ML7spR-_NUP-efmxk0XPE9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/43cd98-6f8a-44cf-95bd-420f9c8eafa4/1/1y-OWbM4H0MhCzpmUiGVlgrfMgc.roa
Signing time: Sun 01 Jan 2023 22:24:51 +0000
ROA not before: Sun 01 Jan 2023 22:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1064
IP address blocks: 192.76.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:70:08:d4:d9:19:38:08:fa:cf:7d:5d:d0:6c:f9:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0268b930beeca51fbf3543fe79f9b19345cf13d5
Validity
Not Before: Jan 1 22:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d72f8e59b3381f43210b3a66522195960adf3207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:70:1a:dd:54:86:3d:57:4f:76:24:6d:44:0b:
2a:24:79:88:96:11:dc:c6:00:0c:5b:25:d0:ac:d2:
76:62:ab:4d:62:02:09:a8:b1:17:93:c1:53:21:cd:
b0:ec:15:48:5f:8c:97:db:20:01:0e:52:19:28:b5:
02:71:4c:95:d4:cd:72:c7:6f:58:f9:cd:fb:f1:93:
1a:0f:c8:a3:da:70:50:ac:b3:b6:cb:8d:fc:30:ad:
85:29:4c:47:eb:8a:f9:76:27:a3:45:94:c5:6b:cc:
26:1a:2c:cb:37:91:b4:a3:e0:ea:f0:58:72:42:65:
5f:6e:77:bb:b5:6a:53:88:32:92:21:03:2d:e6:da:
7c:ae:47:14:16:88:d0:03:36:b7:a6:01:51:53:c2:
94:09:eb:fa:4d:69:88:36:e2:15:fe:2e:9f:70:87:
72:2c:5d:94:b5:88:19:6a:e4:d5:ec:6d:22:7c:51:
dc:70:0b:11:94:4c:a3:d8:1d:ea:d9:e0:83:8c:d8:
69:81:5b:b1:fe:9e:3a:db:4d:f4:85:8c:e9:4c:cd:
4b:3d:d7:ec:00:ed:fc:25:87:9e:c9:b6:94:5a:c8:
17:96:78:fd:ae:24:22:48:8e:2e:f1:2b:98:ec:b2:
70:ae:88:dd:d9:ec:d3:c8:3d:c5:c7:c4:26:87:c9:
f9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2F:8E:59:B3:38:1F:43:21:0B:3A:66:52:21:95:96:0A:DF:32:07
X509v3 Authority Key Identifier:
keyid:02:68:B9:30:BE:EC:A5:1F:BF:35:43:FE:79:F9:B1:93:45:CF:13:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ami5ML7spR-_NUP-efmxk0XPE9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/43cd98-6f8a-44cf-95bd-420f9c8eafa4/1/1y-OWbM4H0MhCzpmUiGVlgrfMgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/43cd98-6f8a-44cf-95bd-420f9c8eafa4/1/Ami5ML7spR-_NUP-efmxk0XPE9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.76.164.0/24
Signature Algorithm: sha256WithRSAEncryption
07:db:8a:1a:1c:83:de:16:c1:26:58:67:9d:e3:68:8b:1b:6a:
c1:43:3a:9e:67:ec:58:c6:1c:a2:28:d0:af:1a:52:2e:ba:40:
46:4e:7b:e5:a9:20:75:d5:2f:39:4b:72:7b:3c:e8:75:0e:aa:
52:77:32:50:72:3e:4b:c1:54:2d:80:9a:3f:4e:d3:56:c1:d6:
a7:f0:83:a8:93:22:ed:27:3a:21:70:c6:ee:6c:8d:16:e9:b3:
1a:5c:2a:60:2d:11:6d:e0:ea:0c:a2:a5:02:1b:83:f5:14:b5:
ea:6d:7b:0f:c4:86:14:9f:ee:c5:d7:70:9d:7a:96:fa:12:45:
f4:b4:a5:17:84:c4:0c:60:f9:65:75:f3:89:e3:f8:1a:98:cc:
4e:22:91:5f:1a:ca:46:84:1c:65:7c:5f:c7:95:51:84:e9:c2:
49:b0:ad:e8:3a:05:dd:ef:bc:29:78:12:ed:8f:0a:5e:0f:3a:
c7:61:4c:b8:e6:a1:f5:b3:4e:c9:95:ca:f3:3e:31:f3:da:40:
db:6e:74:d6:fc:29:4b:ab:59:52:09:6d:35:7b:6a:b3:67:11:
a9:06:5b:d0:60:2b:21:b6:06:07:4f:69:b4:4c:49:1c:c1:5c:
6d:8a:8a:75:1b:ad:5f:83:cf:13:81:62:7b:17:d5:17:4e:7b:
bd:dd:fb:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvcAjU2Rk4CPrPfV3QbPk5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNjhiOTMwYmVlY2E1MWZiZjM1NDNmZTc5ZjliMTkzNDVj
ZjEzZDUwHhcNMjMwMTAxMjIyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzJmOGU1OWIzMzgxZjQzMjEwYjNhNjY1MjIxOTU5NjBhZGYzMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXAa3VSGPVdPdiRtRAsqJHmIlhHc
xgAMWyXQrNJ2YqtNYgIJqLEXk8FTIc2w7BVIX4yX2yABDlIZKLUCcUyV1M1yx29Y
+c378ZMaD8ij2nBQrLO2y438MK2FKUxH64r5diejRZTFa8wmGizLN5G0o+Dq8Fhy
QmVfbne7tWpTiDKSIQMt5tp8rkcUFojQAza3pgFRU8KUCev6TWmINuIV/i6fcIdy
LF2UtYgZauTV7G0ifFHccAsRlEyj2B3q2eCDjNhpgVux/p462030hYzpTM1LPdfs
AO38JYeeybaUWsgXlnj9riQiSI4u8SuY7LJwrojd2ezTyD3Fx8Qmh8n5jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNcvjlmzOB9DIQs6ZlIhlZYK3zIHMB8GA1UdIwQY
MBaAFAJouTC+7KUfvzVD/nn5sZNFzxPVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW1pNU1MN3NwUi1fTlVQLWVmbXhrMFhQRTlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi80M2NkOTgtNmY4YS00NGNmLTk1YmQt
NDIwZjljOGVhZmE0LzEvMXktT1diTTRIME1oQ3pwbVVpR1ZsZ3JmTWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi80M2NkOTgtNmY4YS00NGNmLTk1YmQtNDIwZjljOGVhZmE0
LzEvQW1pNU1MN3NwUi1fTlVQLWVmbXhrMFhQRTlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEykMA0G
CSqGSIb3DQEBCwUAA4IBAQAH24oaHIPeFsEmWGed42iLG2rBQzqeZ+xYxhyiKNCv
GlIuukBGTnvlqSB11S85S3J7POh1DqpSdzJQcj5LwVQtgJo/TtNWwdan8IOokyLt
JzohcMbubI0W6bMaXCpgLRFt4OoMoqUCG4P1FLXqbXsPxIYUn+7F13Cdepb6EkX0
tKUXhMQMYPlldfOJ4/gamMxOIpFfGspGhBxlfF/HlVGE6cJJsK3oOgXd77wpeBLt
jwpeDzrHYUy45qH1s07JlcrzPjHz2kDbbnTW/ClLq1lSCW01e2qzZxGpBlvQYCsh
tgYHT2m0TEkcwVxtiop1G61fg88TgWJ7F9UXTnu93fsS
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:32:12 2025 by rpki-client