Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/L56dpU5pMFurBkRwmqWW-I9pn8w.roa
File: L56dpU5pMFurBkRwmqWW-I9pn8w.roa (raw, json)
Hash identifier: Nf6GyQNLhW+HGi9Aju+4p4JK0wuTtWcsIMoki68Y64g=
Subject key identifier: 2F:9E:9D:A5:4E:69:30:5B:AB:06:44:70:9A:A5:96:F8:8F:69:9F:CC
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 01856F42BD809948160C8CD7701F9EBFBCD0
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/L56dpU5pMFurBkRwmqWW-I9pn8w.roa
Signing time: Sun 01 Jan 2023 21:35:22 +0000
ROA not before: Sun 01 Jan 2023 21:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56547
IP address blocks: 79.127.8.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:bd:80:99:48:16:0c:8c:d7:70:1f:9e:bf:bc:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 1 21:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f9e9da54e69305bab0644709aa596f88f699fcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:62:ad:d4:4a:bb:d9:48:aa:c2:dd:5b:7f:17:
f0:12:e2:f0:a9:83:66:2f:bd:6f:1b:58:68:94:04:
2d:3a:1e:f2:82:08:95:cf:7c:a4:18:7a:1c:10:90:
54:b6:ad:3b:c2:53:b0:62:7c:ab:db:94:39:66:cd:
f6:e1:ea:87:90:77:cd:ee:85:8e:a7:b0:24:e8:3e:
7a:bc:ac:14:a8:68:34:fd:b4:d4:a8:98:63:3e:ab:
13:b2:b0:0b:db:50:4f:dd:52:11:e0:87:ca:bb:ad:
c3:b2:af:53:dd:ab:ea:3a:1b:0a:2c:07:1e:7c:eb:
c5:52:f1:4a:45:8a:36:ce:2a:6d:45:a1:91:72:a2:
ab:10:1e:43:d4:35:88:07:51:4f:3a:ff:73:ba:4d:
a7:c9:5c:73:c0:a9:0c:e4:de:88:33:fc:bb:63:25:
d3:14:4d:90:74:f1:79:31:58:13:28:60:a1:d2:8e:
11:0c:28:33:fc:46:17:81:f2:bd:3b:ca:03:0c:e1:
bc:fe:30:a1:1e:96:d8:8d:d0:d2:16:a0:07:9e:a4:
2a:1c:a2:54:94:2a:ba:38:d9:a3:f4:12:6b:7a:99:
80:ac:48:31:fb:8d:11:95:92:0a:b3:e3:1e:49:4f:
0d:3e:21:c5:90:86:ef:e5:19:bd:48:c5:ad:42:26:
2b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:9E:9D:A5:4E:69:30:5B:AB:06:44:70:9A:A5:96:F8:8F:69:9F:CC
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/L56dpU5pMFurBkRwmqWW-I9pn8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.127.8.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:37:dd:1d:ee:a7:91:ca:2e:fb:a2:44:5a:b6:f9:26:e2:32:
b5:97:91:27:92:29:55:cc:5c:74:8a:1c:6a:75:0b:63:52:dd:
50:27:5c:ba:61:c2:e7:19:ec:67:5c:a7:d7:69:2d:31:d4:97:
d3:bb:de:05:06:01:4a:3d:9d:d9:4b:0b:99:d3:62:08:cc:4f:
b9:7e:2a:f3:2a:c3:3e:b1:c8:0a:a0:19:a4:66:b8:37:de:8d:
1e:f4:45:f2:3a:58:6e:f8:b2:91:23:3d:c3:2f:76:46:14:ec:
7a:cc:71:c1:d0:50:48:c4:90:62:d9:3b:cf:2a:ad:41:b4:ed:
f4:be:6f:fa:99:1c:63:ed:82:9d:9d:3b:82:19:af:a8:06:cb:
3e:2e:16:be:49:ca:2a:3e:a4:94:b5:f1:b7:6a:e5:59:f1:40:
0d:dd:15:75:76:1f:cf:a9:b4:4f:e4:19:3c:6a:15:41:b9:9a:
8f:9d:ef:ea:de:6c:47:8c:5e:71:8d:3c:65:83:e9:15:38:5d:
66:b3:bb:f2:a0:b5:70:f3:8b:53:dd:6a:07:e0:7e:e3:f5:d6:
95:77:08:0b:5c:a2:7b:35:d1:ac:4c:9b:9b:23:16:70:8a:11:
a2:68:62:1d:2c:d9:b2:b7:7d:f0:71:ac:76:f6:be:85:11:8b:
84:6e:c3:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQr2AmUgWDIzXcB+ev7zQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjMwMTAxMjEzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjllOWRhNTRlNjkzMDViYWIwNjQ0NzA5YWE1OTZmODhmNjk5ZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmKt1Eq72Uiqwt1bfxfwEuLwqYNm
L71vG1holAQtOh7yggiVz3ykGHocEJBUtq07wlOwYnyr25Q5Zs324eqHkHfN7oWO
p7Ak6D56vKwUqGg0/bTUqJhjPqsTsrAL21BP3VIR4IfKu63Dsq9T3avqOhsKLAce
fOvFUvFKRYo2ziptRaGRcqKrEB5D1DWIB1FPOv9zuk2nyVxzwKkM5N6IM/y7YyXT
FE2QdPF5MVgTKGCh0o4RDCgz/EYXgfK9O8oDDOG8/jChHpbYjdDSFqAHnqQqHKJU
lCq6ONmj9BJrepmArEgx+40RlZIKs+MeSU8NPiHFkIbv5Rm9SMWtQiYrDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC+enaVOaTBbqwZEcJqllviPaZ/MMB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvTDU2ZHBVNXBNRnVyQmtSd21xV1ctSTlwbjh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT38IMA0G
CSqGSIb3DQEBCwUAA4IBAQCNN90d7qeRyi77okRatvkm4jK1l5EnkilVzFx0ihxq
dQtjUt1QJ1y6YcLnGexnXKfXaS0x1JfTu94FBgFKPZ3ZSwuZ02IIzE+5firzKsM+
scgKoBmkZrg33o0e9EXyOlhu+LKRIz3DL3ZGFOx6zHHB0FBIxJBi2TvPKq1BtO30
vm/6mRxj7YKdnTuCGa+oBss+Lha+ScoqPqSUtfG3auVZ8UAN3RV1dh/PqbRP5Bk8
ahVBuZqPne/q3mxHjF5xjTxlg+kVOF1ms7vyoLVw84tT3WoH4H7j9daVdwgLXKJ7
NdGsTJubIxZwihGiaGIdLNmyt33wcax29r6FEYuEbsMg
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:04:01 2025 by rpki-client