Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/t60I-nhlZpIql70ul7rv-QjqEcQ.roa
File: t60I-nhlZpIql70ul7rv-QjqEcQ.roa (raw, json)
Hash identifier: oT3U7obrlXPxT/LpN77s/DkjF5RDTS1MW5sRpwxGAbQ=
Subject key identifier: B7:AD:08:FA:78:65:66:92:2A:97:BD:2E:97:BA:EF:F9:08:EA:11:C4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01856DCAFD9276F3BF81974B3A512D4D3B4A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/t60I-nhlZpIql70ul7rv-QjqEcQ.roa
Signing time: Sun 01 Jan 2023 14:44:57 +0000
ROA not before: Sun 01 Jan 2023 14:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400601
IP address blocks: 194.33.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:fd:92:76:f3:bf:81:97:4b:3a:51:2d:4d:3b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 14:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7ad08fa786566922a97bd2e97baeff908ea11c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:38:c3:9a:8f:6b:99:ce:03:e3:07:9a:a9:ec:
1c:90:03:ff:6b:e9:ae:d6:85:8c:b0:52:68:da:a3:
ec:86:cb:a5:17:69:be:96:61:62:3b:80:e6:73:49:
17:86:4d:91:26:69:56:9c:e0:2a:5d:c2:33:0a:9f:
7a:cd:e4:ab:a6:30:15:2a:d5:b3:16:62:52:a6:59:
53:c5:c6:2c:8a:9b:8d:be:db:c6:9d:b7:11:be:2f:
9d:24:f0:61:3d:a0:67:9d:ee:c5:b1:7f:30:56:20:
11:91:c8:99:ae:e3:13:c4:3d:5f:1c:ec:cf:e6:88:
72:6b:c1:a2:93:00:c4:fc:38:43:8c:af:69:d6:a6:
28:5e:4e:9b:5b:f9:e5:f1:59:71:eb:31:d2:5c:e6:
6c:0b:1c:e9:3a:00:b0:31:7e:ca:98:0a:d9:62:8b:
05:a7:90:32:2e:32:65:00:06:94:a0:f5:82:5a:72:
bd:f1:2a:20:60:bf:bf:6a:3e:4c:2b:98:1a:72:fa:
6e:2d:1c:c9:8b:9f:47:88:5e:02:0c:cb:af:57:b4:
4d:74:ea:f9:a1:e7:b3:e5:13:b7:d3:08:dc:fe:a2:
4b:a9:64:c5:47:37:0f:ed:24:53:d6:26:f3:ba:43:
77:9e:04:a2:a0:a5:7e:c0:79:74:89:16:9f:e2:6b:
e2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:AD:08:FA:78:65:66:92:2A:97:BD:2E:97:BA:EF:F9:08:EA:11:C4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/t60I-nhlZpIql70ul7rv-QjqEcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.32.0/24
Signature Algorithm: sha256WithRSAEncryption
19:63:db:15:e3:b4:c6:ff:b2:bc:ca:25:f7:99:96:c7:c2:f0:
6e:09:6a:ab:f8:42:f3:c4:03:43:eb:16:d6:8a:f7:bd:fc:e3:
52:b9:41:3d:45:c8:04:f7:87:81:0c:d4:ec:dc:a0:d3:cd:d9:
a7:85:68:98:3b:de:9e:9e:42:cc:5e:9f:ec:a4:4b:a0:61:a8:
14:3b:5e:ee:c7:32:4b:dd:eb:46:ab:b5:02:19:6e:12:0a:33:
08:94:74:dd:c2:db:74:c4:fe:e3:e5:bb:b1:af:45:b9:f1:03:
34:e7:ba:e4:76:bb:60:15:b4:23:59:c9:7f:03:31:10:29:5a:
07:f2:f1:35:3c:c7:42:d3:45:c8:26:e3:7f:03:35:64:c4:bf:
38:7e:f9:82:8b:05:d8:6a:e0:bc:21:c9:e7:65:16:e1:12:93:
38:95:fc:e8:a6:36:79:b9:29:8d:c9:b8:65:5a:d6:99:9c:af:
09:ad:a4:2a:bb:e9:a2:de:e4:7d:90:e9:3c:2b:c1:23:55:41:
0e:21:cc:b0:68:ac:67:88:7a:2c:20:10:80:c3:23:cb:ad:50:
a2:28:41:02:ce:7f:b8:4c:0d:c7:45:3a:2e:e3:94:1b:2a:6f:
ad:07:47:0c:40:41:b1:e4:0c:d7:90:72:4e:cb:ad:7a:0a:a1:
51:5e:ce:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyv2SdvO/gZdLOlEtTTtKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2FkMDhmYTc4NjU2NjkyMmE5N2JkMmU5N2JhZWZmOTA4ZWExMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjjDmo9rmc4D4weaqewckAP/a+mu
1oWMsFJo2qPshsulF2m+lmFiO4Dmc0kXhk2RJmlWnOAqXcIzCp96zeSrpjAVKtWz
FmJSpllTxcYsipuNvtvGnbcRvi+dJPBhPaBnne7FsX8wViARkciZruMTxD1fHOzP
5ohya8GikwDE/DhDjK9p1qYoXk6bW/nl8Vlx6zHSXOZsCxzpOgCwMX7KmArZYosF
p5AyLjJlAAaUoPWCWnK98SogYL+/aj5MK5gacvpuLRzJi59HiF4CDMuvV7RNdOr5
oeez5RO30wjc/qJLqWTFRzcP7SRT1ibzukN3ngSioKV+wHl0iRaf4mviKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLetCPp4ZWaSKpe9Lpe67/kI6hHEMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdDYwSS1uaGxacElxbDcwdWw3cnYtUWpxRWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiEgMA0G
CSqGSIb3DQEBCwUAA4IBAQAZY9sV47TG/7K8yiX3mZbHwvBuCWqr+ELzxAND6xbW
ive9/ONSuUE9RcgE94eBDNTs3KDTzdmnhWiYO96enkLMXp/spEugYagUO17uxzJL
3etGq7UCGW4SCjMIlHTdwtt0xP7j5buxr0W58QM057rkdrtgFbQjWcl/AzEQKVoH
8vE1PMdC00XIJuN/AzVkxL84fvmCiwXYauC8IcnnZRbhEpM4lfzopjZ5uSmNybhl
WtaZnK8JraQqu+mi3uR9kOk8K8EjVUEOIcywaKxniHosIBCAwyPLrVCiKEECzn+4
TA3HRTou45QbKm+tB0cMQEGx5AzXkHJOy616CqFRXs4u
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:28:30 2025 by rpki-client