Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7mTcG8OWwX-aWNgmQaWfUO-xFTk.roa
File: 7mTcG8OWwX-aWNgmQaWfUO-xFTk.roa (raw, json)
Hash identifier: 2YxmD5pAUJ+3OCw0kgSHXRGUh7yT3gX2yTAQ1JGs8Zc=
Subject key identifier: EE:64:DC:1B:C3:96:C1:7F:9A:58:D8:26:41:A5:9F:50:EF:B1:15:39
Certificate issuer: /CN=ee4c3fc0122d831fbea8abb20a4e9b65c54039b2
Certificate serial: 018C35114AB4227A25B5FD29DC752AFD422C
Authority key identifier: EE:4C:3F:C0:12:2D:83:1F:BE:A8:AB:B2:0A:4E:9B:65:C5:40:39:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7mTcG8OWwX-aWNgmQaWfUO-xFTk.roa
Signing time: Mon 04 Dec 2023 13:42:54 +0000
ROA not before: Mon 04 Dec 2023 13:42:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197425
IP address blocks: 139.58.0.0/16 maxlen: 24
136.163.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:11:4a:b4:22:7a:25:b5:fd:29:dc:75:2a:fd:42:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee4c3fc0122d831fbea8abb20a4e9b65c54039b2
Validity
Not Before: Dec 4 13:42:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee64dc1bc396c17f9a58d82641a59f50efb11539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:32:2e:7f:f3:e9:ba:6d:c4:fd:33:3e:f9:37:
eb:f4:d3:55:54:5d:71:12:14:5e:b8:93:b8:02:00:
67:81:6a:cd:6e:f3:f4:2b:d7:3e:19:6b:e6:57:b3:
bb:a2:49:d3:2e:fc:8b:b6:e0:62:91:1e:8d:b7:ea:
17:f7:8b:ca:e1:ca:9b:d4:cb:dc:36:1e:8f:c8:f0:
19:6c:05:cd:9a:96:2c:a5:09:d4:b5:a8:ca:06:88:
1a:03:a2:5e:74:b0:3f:76:e2:aa:2f:04:55:e3:af:
5f:d5:16:b8:09:be:10:a3:fd:62:d2:ad:49:8d:d2:
27:d4:38:4b:54:5c:2a:2a:5d:77:1a:b8:a2:b2:f2:
f6:4b:57:2e:50:9b:33:20:4c:62:4d:11:90:6a:8f:
7f:ed:f6:79:da:68:7c:74:d6:2b:6e:9a:f1:25:c5:
f7:a1:3b:de:2e:30:8a:c5:50:57:4c:ec:8d:18:68:
11:fd:c2:ec:8a:0d:e6:19:3c:9e:59:02:66:b8:72:
87:a0:52:04:89:ce:3a:64:ec:ce:f5:75:cb:4c:d6:
ca:5f:91:78:90:a9:61:35:ab:d8:26:34:e4:fe:47:
4e:d1:72:19:a7:41:6b:26:8c:f3:e3:dc:1f:47:e7:
4c:3f:18:20:db:d8:44:4e:87:61:43:26:15:dd:f5:
e1:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:64:DC:1B:C3:96:C1:7F:9A:58:D8:26:41:A5:9F:50:EF:B1:15:39
X509v3 Authority Key Identifier:
keyid:EE:4C:3F:C0:12:2D:83:1F:BE:A8:AB:B2:0A:4E:9B:65:C5:40:39:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7mTcG8OWwX-aWNgmQaWfUO-xFTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7kw_wBItgx--qKuyCk6bZcVAObI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.163.0.0/16
139.58.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:7a:21:cc:78:ee:86:a2:8e:04:12:2c:d9:ed:a0:68:d1:a9:
e6:00:e4:15:d2:66:f0:f3:a0:84:40:9d:f9:30:b0:a2:e7:f3:
20:1c:0d:ca:93:0e:17:2c:56:70:bb:f0:fe:4e:91:b8:78:b8:
96:8c:1a:01:5b:62:0e:90:62:67:32:ae:d8:64:b1:24:9c:4a:
ba:bb:15:5c:4a:68:5f:7c:2d:a5:c5:1b:ae:97:70:23:da:dc:
ca:20:64:cb:34:ab:bd:40:ea:48:aa:a4:f0:51:1b:e1:c3:bf:
2e:b2:53:88:2e:98:04:e7:94:b3:57:cc:2c:01:c3:54:af:69:
4d:90:99:1c:62:7b:e6:cb:1e:14:e3:f9:d2:da:45:75:6d:e4:
cd:4a:6f:0b:be:53:04:1f:71:e2:56:75:be:a0:3f:35:39:12:
bb:1b:3d:f4:9a:d9:2e:35:f8:9a:49:27:1c:91:04:ce:f7:ab:
22:60:55:f9:7a:36:89:68:c1:9d:26:36:d2:c1:e0:fc:e8:d9:
52:11:21:03:13:13:9a:a6:38:fe:e1:61:16:83:53:a8:f0:51:
cb:80:d8:6f:df:6b:f5:a6:ab:ae:73:eb:62:8d:52:4d:16:32:
38:24:bc:d3:16:92:0e:ab:20:e5:91:cf:8e:1d:17:76:ba:7a:
09:07:5f:14
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYw1EUq0Inoltf0p3HUq/UIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNGMzZmMwMTIyZDgzMWZiZWE4YWJiMjBhNGU5YjY1YzU0
MDM5YjIwHhcNMjMxMjA0MTM0MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTY0ZGMxYmMzOTZjMTdmOWE1OGQ4MjY0MWE1OWY1MGVmYjExNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjIuf/Ppum3E/TM++Tfr9NNVVF1x
EhReuJO4AgBngWrNbvP0K9c+GWvmV7O7oknTLvyLtuBikR6Nt+oX94vK4cqb1Mvc
Nh6PyPAZbAXNmpYspQnUtajKBogaA6JedLA/duKqLwRV469f1Ra4Cb4Qo/1i0q1J
jdIn1DhLVFwqKl13GriisvL2S1cuUJszIExiTRGQao9/7fZ52mh8dNYrbprxJcX3
oTveLjCKxVBXTOyNGGgR/cLsig3mGTyeWQJmuHKHoFIEic46ZOzO9XXLTNbKX5F4
kKlhNavYJjTk/kdO0XIZp0FrJozz49wfR+dMPxgg29hETodhQyYV3fXh9QIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFO5k3BvDlsF/mljYJkGln1DvsRU5MB8GA1UdIwQY
MBaAFO5MP8ASLYMfvqirsgpOm2XFQDmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2t3X3dCSXRneC0tcUt1eUNrNmJaY1ZBT2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9lY2QxYmItZmJkYS00ZGQ5LTllZjkt
M2FjN2Q5NjIzMjkxLzEvN21UY0c4T1d3WC1hV05nbVFhV2ZVTy14RlRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9lY2QxYmItZmJkYS00ZGQ5LTllZjktM2FjN2Q5NjIzMjkx
LzEvN2t3X3dCSXRneC0tcUt1eUNrNmJaY1ZBT2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAiKMDAwCL
OjANBgkqhkiG9w0BAQsFAAOCAQEAD3ohzHjuhqKOBBIs2e2gaNGp5gDkFdJm8POg
hECd+TCwoufzIBwNypMOFyxWcLvw/k6RuHi4lowaAVtiDpBiZzKu2GSxJJxKursV
XEpoX3wtpcUbrpdwI9rcyiBkyzSrvUDqSKqk8FEb4cO/LrJTiC6YBOeUs1fMLAHD
VK9pTZCZHGJ75sseFOP50tpFdW3kzUpvC75TBB9x4lZ1vqA/NTkSuxs99JrZLjX4
mkknHJEEzverImBV+Xo2iWjBnSY20sHg/OjZUhEhAxMTmqY4/uFhFoNTqPBRy4DY
b99r9aarrnPrYo1STRYyOCS80xaSDqsg5ZHPjh0Xdrp6CQdfFA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:31:16 2025 by rpki-client