Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/c89a46-7911-4fdb-a93b-29922b2d291b/1/ELfKZmyr86hns0xUjeV8nqoj7is.roa
File: ELfKZmyr86hns0xUjeV8nqoj7is.roa (raw, json)
Hash identifier: IXRJ0ypMvMYbgqxdS8tancFFiW4SQIav+14xxSflXZk=
Subject key identifier: 10:B7:CA:66:6C:AB:F3:A8:67:B3:4C:54:8D:E5:7C:9E:AA:23:EE:2B
Certificate issuer: /CN=1a9b70ef99760a0659deaefa660345a0e6115423
Certificate serial: 01856F2FE7183BC4BB63E4EF599AEFFF203B
Authority key identifier: 1A:9B:70:EF:99:76:0A:06:59:DE:AE:FA:66:03:45:A0:E6:11:54:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gptw75l2CgZZ3q76ZgNFoOYRVCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/c89a46-7911-4fdb-a93b-29922b2d291b/1/ELfKZmyr86hns0xUjeV8nqoj7is.roa
Signing time: Sun 01 Jan 2023 21:14:48 +0000
ROA not before: Sun 01 Jan 2023 21:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 559
IP address blocks: 128.178.0.0/15 maxlen: 16
192.26.28.0/22 maxlen: 22
192.26.32.0/21 maxlen: 21
192.33.192.0/20 maxlen: 20
192.26.40.0/22 maxlen: 22
192.26.44.0/24 maxlen: 24
192.26.46.0/23 maxlen: 23
192.33.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:e7:18:3b:c4:bb:63:e4:ef:59:9a:ef:ff:20:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a9b70ef99760a0659deaefa660345a0e6115423
Validity
Not Before: Jan 1 21:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10b7ca666cabf3a867b34c548de57c9eaa23ee2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fa:20:86:1f:ce:be:b0:e9:08:e7:b6:84:a6:
7c:cc:bc:c1:64:94:3d:04:ae:8b:fa:24:74:89:73:
08:7d:60:60:90:ad:33:0a:3e:91:c3:e2:af:9a:47:
18:5a:66:8a:d6:90:1c:2a:04:0d:84:be:f2:b0:dd:
84:d2:31:6a:2c:02:c6:06:e7:2a:0e:08:6b:f5:fd:
57:10:af:d2:9c:4e:66:4d:5e:c8:72:2c:39:fa:16:
30:bf:50:7a:d0:87:5e:85:1d:d8:4a:93:51:53:a2:
7a:92:d1:34:61:18:d0:ff:a0:8a:8f:c8:16:6f:fe:
4a:82:58:8d:43:75:46:db:f0:31:ff:4f:01:43:1d:
fd:bf:61:fd:fd:11:ad:18:e5:05:ad:5e:ce:92:07:
e2:4d:ef:da:7e:58:d0:39:2a:9d:eb:9e:6d:20:17:
f1:0f:ea:8c:c3:b2:1c:6b:3a:9a:05:6e:21:f9:fd:
ea:69:b8:fc:bf:81:18:f0:bc:04:e6:d4:34:66:c1:
88:33:92:7e:f4:ea:21:34:55:ac:9d:cb:7b:42:53:
fe:43:97:0a:ac:f5:55:d2:af:55:00:fb:e6:7d:27:
10:4e:0a:63:f6:d1:15:cf:c0:b7:4d:30:54:b3:7c:
1f:47:8b:26:c5:7b:d5:db:67:47:ac:9f:32:c8:cd:
ec:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B7:CA:66:6C:AB:F3:A8:67:B3:4C:54:8D:E5:7C:9E:AA:23:EE:2B
X509v3 Authority Key Identifier:
keyid:1A:9B:70:EF:99:76:0A:06:59:DE:AE:FA:66:03:45:A0:E6:11:54:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gptw75l2CgZZ3q76ZgNFoOYRVCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/c89a46-7911-4fdb-a93b-29922b2d291b/1/ELfKZmyr86hns0xUjeV8nqoj7is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/c89a46-7911-4fdb-a93b-29922b2d291b/1/Gptw75l2CgZZ3q76ZgNFoOYRVCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.178.0.0/15
192.26.28.0-192.26.44.255
192.26.46.0/23
192.33.192.0-192.33.211.255
Signature Algorithm: sha256WithRSAEncryption
84:8f:90:6e:73:19:07:15:19:a3:89:31:c4:be:57:37:b5:b6:
dc:39:f6:e5:34:7a:24:26:1b:b6:3c:63:04:89:13:88:1a:95:
34:1f:e9:7d:8e:3d:81:e3:20:fc:66:51:c3:9e:0c:95:7d:9b:
ce:53:f2:60:f6:a3:f9:1d:e8:80:81:56:d7:98:04:2d:9f:8d:
09:cb:5f:a3:1c:55:37:3b:15:9e:c1:51:54:24:c7:f4:33:2b:
6c:79:6d:16:58:dd:a8:62:da:3e:73:20:cf:36:7b:77:f4:2b:
69:80:c4:b6:38:a8:13:ab:94:57:10:ad:5d:30:a1:65:25:50:
87:c6:36:52:fd:1f:01:e5:fa:14:29:38:d7:69:04:d3:0b:71:
14:49:f7:6d:dc:a1:b3:fe:67:a3:9d:b3:16:be:c5:17:db:4c:
f8:fb:58:30:ac:3e:f2:6a:e2:90:14:4c:be:4a:43:9b:b3:05:
7f:51:63:a2:71:db:78:15:00:40:71:c0:fb:2d:3d:0f:d5:a4:
c4:b5:d7:ce:b6:be:81:fc:2f:bc:19:98:7c:2e:40:c4:ab:df:
e9:f3:99:79:0c:69:17:3f:d8:f8:82:a1:65:28:b3:80:7c:7f:
0b:e8:91:47:5e:10:0d:40:78:29:0a:fd:5b:0e:14:83:51:c5:
3a:ac:7e:e3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvL+cYO8S7Y+TvWZrv/yA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOWI3MGVmOTk3NjBhMDY1OWRlYWVmYTY2MDM0NWEwZTYx
MTU0MjMwHhcNMjMwMTAxMjExNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGI3Y2E2NjZjYWJmM2E4NjdiMzRjNTQ4ZGU1N2M5ZWFhMjNlZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/oghh/OvrDpCOe2hKZ8zLzBZJQ9
BK6L+iR0iXMIfWBgkK0zCj6Rw+KvmkcYWmaK1pAcKgQNhL7ysN2E0jFqLALGBucq
Dghr9f1XEK/SnE5mTV7Iciw5+hYwv1B60IdehR3YSpNRU6J6ktE0YRjQ/6CKj8gW
b/5KgliNQ3VG2/Ax/08BQx39v2H9/RGtGOUFrV7OkgfiTe/afljQOSqd655tIBfx
D+qMw7IcazqaBW4h+f3qabj8v4EY8LwE5tQ0ZsGIM5J+9OohNFWsnct7QlP+Q5cK
rPVV0q9VAPvmfScQTgpj9tEVz8C3TTBUs3wfR4smxXvV22dHrJ8yyM3sFwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBC3ymZsq/OoZ7NMVI3lfJ6qI+4rMB8GA1UdIwQY
MBaAFBqbcO+ZdgoGWd6u+mYDRaDmEVQjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3B0dzc1bDJDZ1paM3E3NlpnTkZvT1lSVkNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jODlhNDYtNzkxMS00ZmRiLWE5M2It
Mjk5MjJiMmQyOTFiLzEvRUxmS1pteXI4NmhuczB4VWplVjhucW9qN2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jODlhNDYtNzkxMS00ZmRiLWE5M2ItMjk5MjJiMmQyOTFi
LzEvR3B0dzc1bDJDZ1paM3E3NlpnTkZvT1lSVkNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwMBgLIwDAME
AsAaHAMEAMAaLAMEAcAaLjAMAwQGwCHAAwQCwCHQMA0GCSqGSIb3DQEBCwUAA4IB
AQCEj5BucxkHFRmjiTHEvlc3tbbcOfblNHokJhu2PGMEiROIGpU0H+l9jj2B4yD8
ZlHDngyVfZvOU/Jg9qP5HeiAgVbXmAQtn40Jy1+jHFU3OxWewVFUJMf0MytseW0W
WN2oYto+cyDPNnt39CtpgMS2OKgTq5RXEK1dMKFlJVCHxjZS/R8B5foUKTjXaQTT
C3EUSfdt3KGz/mejnbMWvsUX20z4+1gwrD7yauKQFEy+SkObswV/UWOicdt4FQBA
ccD7LT0P1aTEtdfOtr6B/C+8GZh8LkDEq9/p85l5DGkXP9j4gqFlKLOAfH8L6JFH
XhANQHgpCv1bDhSDUcU6rH7j
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:44:39 2025 by rpki-client