Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/7orHzFEqaUYCMKfMg-BEGfKr2_Q.roa
File: 7orHzFEqaUYCMKfMg-BEGfKr2_Q.roa (raw, json)
Hash identifier: 8aE46f04XDFh+1o9oCZuyGsdXytckRVgp/5qC+VNtko=
Subject key identifier: EE:8A:C7:CC:51:2A:69:46:02:30:A7:CC:83:E0:44:19:F2:AB:DB:F4
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 3DC7B0EA
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/7orHzFEqaUYCMKfMg-BEGfKr2_Q.roa
Signing time: Sat 01 Jan 2022 08:56:54 +0000
ROA not before: Sat 01 Jan 2022 08:56:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 2.255.190.0/24 maxlen: 24
2.255.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1036497130 (0x3dc7b0ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 1 08:56:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee8ac7cc512a69460230a7cc83e04419f2abdbf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c3:95:bc:a9:ee:2a:ba:08:d8:27:30:f4:e2:
a8:c6:23:c9:9d:43:89:aa:b1:85:1e:4d:31:5f:cb:
34:8e:37:01:62:41:ce:1a:65:e9:45:f8:30:38:94:
81:9f:17:84:5e:64:d9:73:18:1f:0e:e5:06:1e:22:
d5:96:64:ae:89:88:c4:69:93:be:a1:55:10:ae:fc:
ae:9d:27:cf:a5:cf:49:e3:40:0e:07:96:a2:f6:f6:
f4:bc:1c:8d:ff:47:00:7f:62:af:67:ad:bf:6c:d7:
af:17:29:17:01:43:89:d7:41:7a:14:1d:d5:49:61:
02:26:19:2b:33:74:81:09:42:eb:f7:96:85:9c:9d:
02:3d:ee:13:ae:96:02:aa:6f:c8:f2:f1:e5:f4:bd:
fd:ab:b5:97:8d:3f:7b:df:13:7a:2a:f7:76:cd:9f:
5a:20:46:34:3c:32:be:0d:da:4c:22:4a:b8:3a:7c:
88:39:20:6b:7e:77:7e:f6:7d:dc:b6:d6:e2:81:39:
13:4b:13:12:a5:16:5f:e4:69:01:3a:cc:67:a7:5d:
e2:8d:1b:e2:13:77:9d:44:6a:74:a9:ac:5b:ff:2f:
2d:53:cd:ce:0b:b3:e4:ec:ac:c9:fc:55:80:f2:80:
38:2c:fa:f9:6f:11:ba:a6:06:86:42:42:01:2f:4e:
9f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:8A:C7:CC:51:2A:69:46:02:30:A7:CC:83:E0:44:19:F2:AB:DB:F4
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/7orHzFEqaUYCMKfMg-BEGfKr2_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.255.190.0/23
Signature Algorithm: sha256WithRSAEncryption
42:bc:7f:2e:a0:f0:70:a7:55:a6:90:1b:de:05:18:8a:96:81:
8d:02:5e:2d:df:6c:5a:7d:59:fe:77:60:12:7a:45:f4:79:b4:
81:a5:e6:8d:15:74:98:99:08:91:8e:36:9c:47:16:4f:43:32:
8e:ac:90:09:ff:c8:9d:9d:73:05:84:0f:b2:a8:f9:86:9c:c1:
cd:c2:f0:36:be:8b:3b:7f:86:9d:53:f0:66:78:49:fc:ca:26:
51:d3:50:a1:dc:19:21:70:61:39:1a:2e:ea:b0:ee:ba:02:72:
c2:9e:22:5e:67:d1:51:bd:74:19:54:08:69:59:1b:62:ea:fd:
f1:6c:d1:39:f5:14:78:87:e1:dc:ef:03:d0:e0:a1:09:2b:83:
a2:65:2d:d1:b9:c5:1a:82:4b:fc:3e:68:cd:58:17:79:51:d9:
e7:37:a3:0f:8e:2c:83:b4:d2:25:79:90:05:d9:58:88:48:cb:
7d:aa:ab:d8:90:3f:b1:43:54:91:07:6c:61:69:93:42:99:7b:
da:98:9b:6a:de:a8:54:5e:79:37:5a:35:9c:23:8d:44:3a:09:
ec:b1:4f:d1:48:cc:e6:92:bb:10:10:34:81:47:71:e5:74:87:
fa:20:2b:0c:00:f9:5b:f5:48:b3:be:18:99:63:4a:76:c1:b3:
11:9b:64:b1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEPcew6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjY4MTM4ZDRlYzJlYTUxY2FjZWYwOWZmMTA1OGEzNzBhNWJlMTkwMB4XDTIyMDEw
MTA4NTY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWU4YWM3Y2M1MTJh
Njk0NjAyMzBhN2NjODNlMDQ0MTlmMmFiZGJmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzDlbyp7iq6CNgnMPTiqMYjyZ1DiaqxhR5NMV/LNI43AWJB
zhpl6UX4MDiUgZ8XhF5k2XMYHw7lBh4i1ZZkromIxGmTvqFVEK78rp0nz6XPSeNA
DgeWovb29Lwcjf9HAH9ir2etv2zXrxcpFwFDiddBehQd1UlhAiYZKzN0gQlC6/eW
hZydAj3uE66WAqpvyPLx5fS9/au1l40/e98Teir3ds2fWiBGNDwyvg3aTCJKuDp8
iDkga353fvZ93LbW4oE5E0sTEqUWX+RpATrMZ6dd4o0b4hN3nURqdKmsW/8vLVPN
zguz5OysyfxVgPKAOCz6+W8RuqYGhkJCAS9On5UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTuisfMUSppRgIwp8yD4EQZ8qvb9DAfBgNVHSMEGDAWgBQfaBONTsLqUcrO
8J/xBYo3ClvhkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gyZ1RqVTdDNmxIS3p2Q2Y4UVdLTndwYjRaQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvYjlhZGY0LWY5MTAtNDM1NS1iZmM4LTYwODU2NDgzOWZkMC8x
Lzdvckh6RkVxYVVZQ01LZk1nLUJFR2ZLcjJfUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
YjlhZGY0LWY5MTAtNDM1NS1iZmM4LTYwODU2NDgzOWZkMC8xL0gyZ1RqVTdDNmxI
S3p2Q2Y4UVdLTndwYjRaQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQL/vjANBgkqhkiG9w0BAQsFAAOC
AQEAQrx/LqDwcKdVppAb3gUYipaBjQJeLd9sWn1Z/ndgEnpF9Hm0gaXmjRV0mJkI
kY42nEcWT0MyjqyQCf/InZ1zBYQPsqj5hpzBzcLwNr6LO3+GnVPwZnhJ/MomUdNQ
odwZIXBhORou6rDuugJywp4iXmfRUb10GVQIaVkbYur98WzROfUUeIfh3O8D0OCh
CSuDomUt0bnFGoJL/D5ozVgXeVHZ5zejD44sg7TSJXmQBdlYiEjLfaqr2JA/sUNU
kQdsYWmTQpl72pibat6oVF55N1o1nCONRDoJ7LFP0UjM5pK7EBA0gUdx5XSH+iAr
DAD5W/VIs74YmWNKdsGzEZtksQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:36 2025 by rpki-client