Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/7vzxpa2qONV7DYxrd9tzE1j9l_4.roa
File: 7vzxpa2qONV7DYxrd9tzE1j9l_4.roa (raw, json)
Hash identifier: Tc5PdeOf6RrQvR8wxRUVxDbsHRZX2sRmjcTHpqDe3tw=
Subject key identifier: EE:FC:F1:A5:AD:AA:38:D5:7B:0D:8C:6B:77:DB:73:13:58:FD:97:FE
Certificate issuer: /CN=e3280c6352a0bfbb79d249c8875ed186ecce8a86
Certificate serial: 01856DDD297339D625DC6FE0153CB97121DB
Authority key identifier: E3:28:0C:63:52:A0:BF:BB:79:D2:49:C8:87:5E:D1:86:EC:CE:8A:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ygMY1Kgv7t50knIh17RhuzOioY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/7vzxpa2qONV7DYxrd9tzE1j9l_4.roa
Signing time: Sun 01 Jan 2023 15:04:48 +0000
ROA not before: Sun 01 Jan 2023 15:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57469
IP address blocks: 159.48.56.0/21 maxlen: 22
31.207.96.0/19 maxlen: 22
185.177.32.0/22 maxlen: 22
159.48.16.0/20 maxlen: 22
159.48.48.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:29:73:39:d6:25:dc:6f:e0:15:3c:b9:71:21:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3280c6352a0bfbb79d249c8875ed186ecce8a86
Validity
Not Before: Jan 1 15:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eefcf1a5adaa38d57b0d8c6b77db731358fd97fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:13:b9:dc:9f:d3:81:30:7d:10:03:17:46:81:
05:83:90:8f:ff:20:08:cc:ee:db:6a:6c:b0:78:4b:
60:e5:77:fd:ea:5e:0c:d5:df:ce:a3:9e:15:73:4d:
5c:9f:88:2b:00:61:d1:6f:fc:12:89:df:4b:ec:df:
ed:50:1d:d2:76:e9:fb:36:fc:eb:ba:be:64:59:ca:
12:79:d5:51:2f:87:34:c9:cf:a7:85:e3:ea:30:eb:
77:49:16:9c:3a:13:b5:9b:40:e6:f1:88:83:ba:95:
01:2b:79:8e:17:f9:0a:23:99:b1:39:66:f3:bf:8f:
c7:34:29:cd:33:59:d9:47:cb:d9:ba:30:9a:85:32:
23:6a:ec:e1:08:3a:30:3d:50:39:64:eb:ef:d3:ef:
a2:39:e2:30:69:ea:2f:20:b7:d4:bf:be:99:a0:a4:
a3:1b:94:e3:10:4e:69:9d:a0:13:80:18:2e:42:6d:
74:82:93:31:18:4c:ad:6f:c1:c8:73:28:a1:6b:dc:
8c:87:28:6b:6c:e1:3d:d7:de:5e:e5:89:bf:d0:83:
c7:02:db:37:97:e8:71:a7:00:8c:26:96:f0:50:17:
b1:cb:f1:b2:fc:54:59:2c:9a:eb:2a:a5:fb:de:b1:
f9:56:f9:4a:de:e9:b7:b2:35:11:70:d9:6d:a0:a1:
bd:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:FC:F1:A5:AD:AA:38:D5:7B:0D:8C:6B:77:DB:73:13:58:FD:97:FE
X509v3 Authority Key Identifier:
keyid:E3:28:0C:63:52:A0:BF:BB:79:D2:49:C8:87:5E:D1:86:EC:CE:8A:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ygMY1Kgv7t50knIh17RhuzOioY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/7vzxpa2qONV7DYxrd9tzE1j9l_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/4ygMY1Kgv7t50knIh17RhuzOioY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.96.0/19
159.48.16.0/20
159.48.48.0/22
159.48.56.0/21
185.177.32.0/22
Signature Algorithm: sha256WithRSAEncryption
23:ed:c7:4c:97:ac:ca:4e:36:9b:2d:6e:7f:26:95:38:e1:0a:
2f:dc:87:6f:86:e6:71:7f:5e:12:c6:b7:83:6f:e3:56:70:2f:
b6:40:e0:b7:fc:ff:56:3a:26:4c:79:95:40:c8:a7:2d:01:74:
a1:fc:70:c3:00:45:47:b9:ea:8d:9c:30:49:31:b4:ee:70:d7:
4e:5f:98:73:3b:d0:00:de:4a:2c:6f:d3:e6:6d:9f:01:09:0c:
94:16:14:4d:52:ae:1e:f1:df:8a:1c:19:90:f7:20:18:0a:30:
ca:86:10:e4:a8:53:30:23:4e:95:75:7c:ee:a2:d2:37:62:88:
99:0c:79:39:81:4d:27:18:b1:9d:ce:30:53:e0:fa:9c:4a:35:
8d:70:49:00:d7:9e:f4:73:a5:bd:1e:e5:13:e3:ed:ae:dd:0b:
5d:a9:02:52:da:3d:3d:bb:a0:36:1f:8a:29:8b:35:47:2b:40:
86:59:7d:f2:51:b8:a7:d3:89:67:f1:5c:a8:e0:f9:9e:09:7a:
28:6c:6e:28:52:b2:03:84:be:c5:04:c8:08:62:77:69:35:1c:
ec:81:2d:d5:86:17:37:c2:2c:e2:d8:ee:48:a5:90:e2:86:62:
96:e5:07:79:47:a4:3b:34:dc:be:e6:bc:6e:bf:61:74:95:4f:
24:27:d7:da
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVt3SlzOdYl3G/gFTy5cSHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMjgwYzYzNTJhMGJmYmI3OWQyNDljODg3NWVkMTg2ZWNj
ZThhODYwHhcNMjMwMTAxMTUwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWZjZjFhNWFkYWEzOGQ1N2IwZDhjNmI3N2RiNzMxMzU4ZmQ5N2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRO53J/TgTB9EAMXRoEFg5CP/yAI
zO7bamyweEtg5Xf96l4M1d/Oo54Vc01cn4grAGHRb/wSid9L7N/tUB3Sdun7Nvzr
ur5kWcoSedVRL4c0yc+nhePqMOt3SRacOhO1m0Dm8YiDupUBK3mOF/kKI5mxOWbz
v4/HNCnNM1nZR8vZujCahTIjauzhCDowPVA5ZOvv0++iOeIwaeovILfUv76ZoKSj
G5TjEE5pnaATgBguQm10gpMxGEytb8HIcyiha9yMhyhrbOE9195e5Ym/0IPHAts3
l+hxpwCMJpbwUBexy/Gy/FRZLJrrKqX73rH5VvlK3um3sjURcNltoKG9XwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFO788aWtqjjVew2Ma3fbcxNY/Zf+MB8GA1UdIwQY
MBaAFOMoDGNSoL+7edJJyIde0YbszoqGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHlnTVkxS2d2N3Q1MGtuSWgxN1JodXpPaW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81OWEwMzItYzM4NC00M2RmLThjOWQt
ZWYwYjgyMTg5NDQ0LzEvN3Z6eHBhMnFPTlY3RFl4cmQ5dHpFMWo5bF80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81OWEwMzItYzM4NC00M2RmLThjOWQtZWYwYjgyMTg5NDQ0
LzEvNHlnTVkxS2d2N3Q1MGtuSWgxN1JodXpPaW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFH89gAwQE
nzAQAwQCnzAwAwQDnzA4AwQCubEgMA0GCSqGSIb3DQEBCwUAA4IBAQAj7cdMl6zK
TjabLW5/JpU44Qov3IdvhuZxf14SxreDb+NWcC+2QOC3/P9WOiZMeZVAyKctAXSh
/HDDAEVHueqNnDBJMbTucNdOX5hzO9AA3kosb9PmbZ8BCQyUFhRNUq4e8d+KHBmQ
9yAYCjDKhhDkqFMwI06VdXzuotI3YoiZDHk5gU0nGLGdzjBT4PqcSjWNcEkA1570
c6W9HuUT4+2u3QtdqQJS2j09u6A2H4opizVHK0CGWX3yUbin04ln8Vyo4PmeCXoo
bG4oUrIDhL7FBMgIYndpNRzsgS3Vhhc3wizi2O5IpZDihmKW5Qd5R6Q7NNy+5rxu
v2F0lU8kJ9fa
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:26:30 2025 by rpki-client