Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ac1fa9-4ec8-4016-9add-4c3be9a28d93/1/cTPXemfRoWJ2JxSWccbqUdLbe3w.roa
File: cTPXemfRoWJ2JxSWccbqUdLbe3w.roa (raw, json)
Hash identifier: 9UATQgnKyMhegnWz9+VsIJdRr6jqUhW6e6kNQ9qalUs=
Subject key identifier: 71:33:D7:7A:67:D1:A1:62:76:27:14:96:71:C6:EA:51:D2:DB:7B:7C
Certificate issuer: /CN=7be0af45ab4e57456f5a0a40dfa84f8d80610664
Certificate serial: 01856B6E83CC33A642935BD224C69410DAF7
Authority key identifier: 7B:E0:AF:45:AB:4E:57:45:6F:5A:0A:40:DF:A8:4F:8D:80:61:06:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e-CvRatOV0VvWgpA36hPjYBhBmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ac1fa9-4ec8-4016-9add-4c3be9a28d93/1/cTPXemfRoWJ2JxSWccbqUdLbe3w.roa
Signing time: Sun 01 Jan 2023 03:44:42 +0000
ROA not before: Sun 01 Jan 2023 03:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206922
IP address blocks: 185.67.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:83:cc:33:a6:42:93:5b:d2:24:c6:94:10:da:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7be0af45ab4e57456f5a0a40dfa84f8d80610664
Validity
Not Before: Jan 1 03:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7133d77a67d1a1627627149671c6ea51d2db7b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2a:81:85:41:dc:ab:4f:17:8f:d0:06:6f:95:
9b:dd:f9:77:b0:f2:51:5d:fb:70:05:39:27:a0:bd:
7d:54:b2:4e:69:94:16:3b:b7:67:68:94:dc:61:4b:
b3:12:fd:18:09:a6:9f:f3:26:0a:62:ca:3f:24:88:
26:95:ae:2f:d5:c3:97:07:40:86:6e:f6:bf:be:20:
bb:1e:d7:73:a8:a1:fa:e4:06:24:52:3f:7f:35:56:
76:0a:80:a6:69:2f:d8:a3:77:64:12:31:72:97:e6:
3a:89:e5:18:6b:d3:86:ab:c2:95:a8:14:d9:9c:b2:
a4:ae:43:6b:d7:92:0b:4f:3f:e9:b3:a4:9e:49:13:
72:58:ca:de:be:95:7c:a6:a5:d9:17:06:ca:2d:9f:
2d:24:59:e1:c6:dd:50:7e:4a:f9:f9:d6:bc:86:ea:
43:d2:09:66:bc:4a:be:7a:3b:4d:58:4b:06:cc:df:
16:07:4f:a2:3a:52:32:be:5c:13:37:20:55:b4:18:
a5:b1:a3:05:61:86:8b:5a:71:0c:b3:44:48:bd:7d:
5b:a6:16:a2:39:4d:ee:9c:d8:d8:36:a5:b4:ff:ae:
23:53:dd:1a:2a:82:a7:b2:67:c8:63:3b:9a:62:ae:
a4:f8:ac:d6:ee:8d:67:60:44:5b:92:c1:f0:40:5c:
b6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:33:D7:7A:67:D1:A1:62:76:27:14:96:71:C6:EA:51:D2:DB:7B:7C
X509v3 Authority Key Identifier:
keyid:7B:E0:AF:45:AB:4E:57:45:6F:5A:0A:40:DF:A8:4F:8D:80:61:06:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e-CvRatOV0VvWgpA36hPjYBhBmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ac1fa9-4ec8-4016-9add-4c3be9a28d93/1/cTPXemfRoWJ2JxSWccbqUdLbe3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ac1fa9-4ec8-4016-9add-4c3be9a28d93/1/e-CvRatOV0VvWgpA36hPjYBhBmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.163.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:93:2f:1d:a6:7a:8a:cc:2e:f4:de:85:d6:38:72:61:ab:f7:
14:80:fb:fe:29:5e:d0:ce:13:5e:2c:07:77:66:63:45:0c:24:
4b:23:cf:0b:02:7d:20:71:16:73:4f:70:3b:09:c7:52:8d:37:
43:df:62:cd:49:61:4b:da:89:d5:00:27:d7:66:47:fc:c2:18:
84:9d:8b:12:4b:8a:dd:bd:c2:2e:7a:3a:a5:90:85:85:a5:bd:
b5:fd:35:e3:6a:b9:c2:1e:80:9c:9b:a1:52:72:88:03:f8:c9:
99:8b:51:60:ba:27:3a:6c:1f:b3:0f:4e:f8:68:0d:da:2e:cd:
2d:58:86:8e:dc:27:fa:07:dc:35:07:2e:22:2b:ce:eb:34:87:
37:ac:0d:3d:0e:bb:a2:3d:6e:41:71:09:d3:ab:60:35:0f:7a:
32:bc:b8:d5:4e:95:35:5a:f9:50:2c:8e:2e:43:52:fd:25:55:
b4:c9:e7:98:95:cf:d0:5c:62:b2:52:8c:60:d8:13:85:e5:82:
f1:3c:6f:ff:42:14:5b:29:97:6e:26:e6:e9:62:ff:4d:f1:ca:
69:ad:94:d2:66:a7:a2:d6:e9:60:a9:14:1c:22:91:be:cb:38:
1b:d9:a8:d5:9d:ce:c4:22:94:3d:c5:58:65:cc:0d:32:4e:77:
b9:1a:5d:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrboPMM6ZCk1vSJMaUENr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZTBhZjQ1YWI0ZTU3NDU2ZjVhMGE0MGRmYTg0ZjhkODA2
MTA2NjQwHhcNMjMwMTAxMDM0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTMzZDc3YTY3ZDFhMTYyNzYyNzE0OTY3MWM2ZWE1MWQyZGI3YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSqBhUHcq08Xj9AGb5Wb3fl3sPJR
XftwBTknoL19VLJOaZQWO7dnaJTcYUuzEv0YCaaf8yYKYso/JIgmla4v1cOXB0CG
bva/viC7HtdzqKH65AYkUj9/NVZ2CoCmaS/Yo3dkEjFyl+Y6ieUYa9OGq8KVqBTZ
nLKkrkNr15ILTz/ps6SeSRNyWMrevpV8pqXZFwbKLZ8tJFnhxt1Qfkr5+da8hupD
0glmvEq+ejtNWEsGzN8WB0+iOlIyvlwTNyBVtBilsaMFYYaLWnEMs0RIvX1bphai
OU3unNjYNqW0/64jU90aKoKnsmfIYzuaYq6k+KzW7o1nYERbksHwQFy2ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHEz13pn0aFidicUlnHG6lHS23t8MB8GA1UdIwQY
MBaAFHvgr0WrTldFb1oKQN+oT42AYQZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZS1DdlJhdE9WMFZ2V2dwQTM2aFBqWUJoQm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9hYzFmYTktNGVjOC00MDE2LTlhZGQt
NGMzYmU5YTI4ZDkzLzEvY1RQWGVtZlJvV0oySnhTV2NjYnFVZExiZTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9hYzFmYTktNGVjOC00MDE2LTlhZGQtNGMzYmU5YTI4ZDkz
LzEvZS1DdlJhdE9WMFZ2V2dwQTM2aFBqWUJoQm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUOjMA0G
CSqGSIb3DQEBCwUAA4IBAQAeky8dpnqKzC703oXWOHJhq/cUgPv+KV7QzhNeLAd3
ZmNFDCRLI88LAn0gcRZzT3A7CcdSjTdD32LNSWFL2onVACfXZkf8whiEnYsSS4rd
vcIuejqlkIWFpb21/TXjarnCHoCcm6FScogD+MmZi1Fguic6bB+zD074aA3aLs0t
WIaO3Cf6B9w1By4iK87rNIc3rA09DruiPW5BcQnTq2A1D3oyvLjVTpU1WvlQLI4u
Q1L9JVW0yeeYlc/QXGKyUoxg2BOF5YLxPG//QhRbKZduJubpYv9N8cpprZTSZqei
1ulgqRQcIpG+yzgb2ajVnc7EIpQ9xVhlzA0yTne5Gl2z
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:08 2025 by rpki-client