Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/7HRbWKD4PPZGZ49LT85b8mxpnPY.roa
File: 7HRbWKD4PPZGZ49LT85b8mxpnPY.roa (raw, json)
Hash identifier: CwPamRvc/0mRCuY4OMmNfW641pXyUnuCEVR4nmrYbBw=
Subject key identifier: EC:74:5B:58:A0:F8:3C:F6:46:67:8F:4B:4F:CE:5B:F2:6C:69:9C:F6
Certificate issuer: /CN=9d7bb004201fd05b49d1221fce4759ea70bec684
Certificate serial: 01857142DA0313E7E1E93FBEA1540B3131D3
Authority key identifier: 9D:7B:B0:04:20:1F:D0:5B:49:D1:22:1F:CE:47:59:EA:70:BE:C6:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nXuwBCAf0FtJ0SIfzkdZ6nC-xoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/7HRbWKD4PPZGZ49LT85b8mxpnPY.roa
Signing time: Mon 02 Jan 2023 06:54:44 +0000
ROA not before: Mon 02 Jan 2023 06:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44842
IP address blocks: 185.86.48.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:da:03:13:e7:e1:e9:3f:be:a1:54:0b:31:31:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d7bb004201fd05b49d1221fce4759ea70bec684
Validity
Not Before: Jan 2 06:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec745b58a0f83cf646678f4b4fce5bf26c699cf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0e:81:6a:d4:c6:3f:7d:20:0a:c9:0f:88:2d:
ef:a8:51:32:83:71:5e:b0:74:3d:a3:7f:eb:39:29:
db:96:a8:19:86:f3:a4:6d:fa:d9:53:4b:ba:69:7d:
e5:d6:c0:11:93:3f:ee:ed:b5:af:38:55:41:7a:d2:
84:2d:05:b9:ff:09:99:67:f7:8a:14:80:87:92:fd:
55:a5:d0:66:de:93:6b:9e:7d:8e:ec:4a:be:05:19:
dd:31:57:94:42:4f:ec:8e:83:5c:54:85:a9:27:c9:
42:59:06:d3:7c:09:5b:95:fd:61:b7:73:5f:7c:72:
d0:75:44:4c:4b:52:64:a8:f3:05:fd:60:d3:da:8f:
fe:aa:25:a3:90:2a:38:a4:e3:9c:ed:81:af:79:25:
89:07:af:0a:8f:53:5e:b5:83:d5:e3:1c:e4:bb:db:
5e:82:41:a5:e2:59:e1:3b:fe:51:23:8a:c2:d2:d4:
dc:15:db:4e:ad:0a:64:6f:81:28:09:b1:5b:03:d2:
46:6f:4c:85:39:b1:ff:06:46:aa:c4:8f:42:98:78:
01:5c:90:aa:0e:12:41:17:30:e5:48:01:4c:79:24:
d5:ad:98:b2:12:f9:51:b6:93:59:53:d4:9d:cd:8b:
65:8b:af:b0:67:f3:56:f2:57:d0:40:84:1f:d3:64:
6f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:74:5B:58:A0:F8:3C:F6:46:67:8F:4B:4F:CE:5B:F2:6C:69:9C:F6
X509v3 Authority Key Identifier:
keyid:9D:7B:B0:04:20:1F:D0:5B:49:D1:22:1F:CE:47:59:EA:70:BE:C6:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nXuwBCAf0FtJ0SIfzkdZ6nC-xoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/7HRbWKD4PPZGZ49LT85b8mxpnPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/nXuwBCAf0FtJ0SIfzkdZ6nC-xoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.48.0/22
Signature Algorithm: sha256WithRSAEncryption
83:67:b9:80:a1:13:d5:f4:be:45:e8:24:c1:c1:6f:98:8b:cb:
bc:d6:bd:3c:8c:60:a8:44:75:88:2e:87:3b:7b:31:39:99:89:
59:58:a0:2f:85:46:9c:42:fb:bd:9a:32:ac:cc:dd:59:05:7f:
8b:35:d7:29:76:a3:0e:4b:e4:c3:c6:8b:76:00:a5:f9:b7:5a:
bb:5d:79:3e:b0:1f:78:f5:15:b9:1d:19:d2:e1:34:49:97:3a:
a1:64:88:cd:87:6a:2e:d4:74:62:eb:9f:d4:ec:fe:de:0b:fb:
77:e9:ec:41:e0:76:18:1d:e4:76:29:c5:67:3f:01:30:be:c8:
49:0c:7b:cb:3d:e1:8e:f6:5b:1f:2a:ef:2b:6d:f0:ac:d9:f2:
e3:30:52:17:38:de:2d:5a:50:a9:eb:54:62:f1:ad:3b:a7:17:
68:c7:7a:9d:37:dc:d0:b0:5b:40:95:e3:b8:d6:2d:eb:c3:b1:
c7:3c:39:d3:66:f6:14:6d:a8:f4:23:51:3d:9e:4a:e0:cd:b4:
ae:d2:e6:15:7e:82:00:ac:d9:ae:19:59:8b:d9:e9:ea:3d:46:
9e:92:a1:43:a9:36:b8:67:6a:fe:5d:a1:f8:6a:e9:6a:78:02:
d2:99:76:60:64:f5:06:43:d1:fc:58:4f:7b:56:4a:40:d9:a4:
81:71:f0:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxQtoDE+fh6T++oVQLMTHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkN2JiMDA0MjAxZmQwNWI0OWQxMjIxZmNlNDc1OWVhNzBi
ZWM2ODQwHhcNMjMwMTAyMDY1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzc0NWI1OGEwZjgzY2Y2NDY2NzhmNGI0ZmNlNWJmMjZjNjk5Y2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApg6BatTGP30gCskPiC3vqFEyg3Fe
sHQ9o3/rOSnblqgZhvOkbfrZU0u6aX3l1sARkz/u7bWvOFVBetKELQW5/wmZZ/eK
FICHkv1VpdBm3pNrnn2O7Eq+BRndMVeUQk/sjoNcVIWpJ8lCWQbTfAlblf1ht3Nf
fHLQdURMS1JkqPMF/WDT2o/+qiWjkCo4pOOc7YGveSWJB68Kj1NetYPV4xzku9te
gkGl4lnhO/5RI4rC0tTcFdtOrQpkb4EoCbFbA9JGb0yFObH/BkaqxI9CmHgBXJCq
DhJBFzDlSAFMeSTVrZiyEvlRtpNZU9SdzYtli6+wZ/NW8lfQQIQf02RvPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOx0W1ig+Dz2RmePS0/OW/JsaZz2MB8GA1UdIwQY
MBaAFJ17sAQgH9BbSdEiH85HWepwvsaEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblh1d0JDQWYwRnRKMFNJZnprZFo2bkMteG9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9hZjE1ZWItN2E0ZC00YjBlLWJlYmIt
ZTliZWRlMDBjNmFmLzEvN0hSYldLRDRQUFpHWjQ5TFQ4NWI4bXhwblBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9hZjE1ZWItN2E0ZC00YjBlLWJlYmItZTliZWRlMDBjNmFm
LzEvblh1d0JDQWYwRnRKMFNJZnprZFo2bkMteG9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVYwMA0G
CSqGSIb3DQEBCwUAA4IBAQCDZ7mAoRPV9L5F6CTBwW+Yi8u81r08jGCoRHWILoc7
ezE5mYlZWKAvhUacQvu9mjKszN1ZBX+LNdcpdqMOS+TDxot2AKX5t1q7XXk+sB94
9RW5HRnS4TRJlzqhZIjNh2ou1HRi65/U7P7eC/t36exB4HYYHeR2KcVnPwEwvshJ
DHvLPeGO9lsfKu8rbfCs2fLjMFIXON4tWlCp61Ri8a07pxdox3qdN9zQsFtAleO4
1i3rw7HHPDnTZvYUbaj0I1E9nkrgzbSu0uYVfoIArNmuGVmL2enqPUaekqFDqTa4
Z2r+XaH4aulqeALSmXZgZPUGQ9H8WE97VkpA2aSBcfCE
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:30:52 2025 by rpki-client