Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/7PKgSv0hcSx2qYMG_MlX_A8s1fc.roa
File: 7PKgSv0hcSx2qYMG_MlX_A8s1fc.roa (raw, json)
Hash identifier: XfndRFGFdbU+qp3nPC2/HEeMDYzAsmizjEmDWLbygU0=
Subject key identifier: EC:F2:A0:4A:FD:21:71:2C:76:A9:83:06:FC:C9:57:FC:0F:2C:D5:F7
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4F5AF971AE7705A927112FB6037BE
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/7PKgSv0hcSx2qYMG_MlX_A8s1fc.roa
Signing time: Sun 01 Jan 2023 19:35:28 +0000
ROA not before: Sun 01 Jan 2023 19:35:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198833
IP address blocks: 5.8.178.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:f5:af:97:1a:e7:70:5a:92:71:12:fb:60:37:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecf2a04afd21712c76a98306fcc957fc0f2cd5f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ca:8d:d9:6f:ee:06:56:32:f2:c2:ed:d6:95:
9a:e1:5a:5a:57:a0:46:fd:c3:7f:61:07:a1:65:3f:
d3:37:cd:d4:71:96:32:50:00:1d:8e:e1:be:74:8a:
c2:50:59:2a:82:14:e8:37:e9:ad:2c:2a:6b:6f:0f:
89:2b:23:70:c2:a2:7a:7e:a6:bd:25:ba:ac:a1:22:
a6:e6:1b:6f:d6:97:e1:53:9c:eb:ef:4f:2b:33:2d:
c9:f9:57:0b:da:3b:81:bb:e1:52:15:f0:44:45:7d:
e4:ba:50:3d:23:9a:23:85:8e:3c:50:cc:ba:aa:9a:
df:98:75:a3:ff:a5:3f:69:06:d7:d4:c1:77:bd:84:
f5:e3:61:00:c7:ee:0d:f0:4b:8c:91:89:cf:26:2a:
5f:a2:d1:f6:75:8e:8d:8a:4a:6f:f4:43:f1:6f:76:
07:7d:e9:52:45:9d:d5:79:bb:a0:d2:0e:a6:8d:06:
70:7b:59:7c:a8:6c:ec:45:af:4b:ce:d4:99:4b:1a:
f4:f3:17:19:90:91:2c:f7:21:94:92:5b:e7:de:74:
96:be:2e:34:10:75:50:e6:19:cf:00:64:b1:be:75:
f8:46:f3:fc:b0:1a:0d:1c:e4:33:0c:2f:67:a8:49:
f5:7b:78:15:c6:f7:0a:40:23:a5:f5:24:44:87:c3:
99:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:F2:A0:4A:FD:21:71:2C:76:A9:83:06:FC:C9:57:FC:0F:2C:D5:F7
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/7PKgSv0hcSx2qYMG_MlX_A8s1fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.178.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:31:b1:1a:cb:47:d5:ac:da:70:98:27:71:63:a8:c0:a9:cc:
3c:c5:79:c5:36:13:9b:ad:81:99:a6:8c:fc:74:3e:67:e8:46:
92:fe:27:75:72:9a:e1:85:13:10:21:2c:69:87:38:c4:86:fe:
95:35:2a:8b:00:e7:79:68:5a:d9:7e:ce:c0:31:dc:91:6a:17:
a3:53:6c:58:f1:b4:a0:2a:e9:54:fc:5e:df:c0:08:4f:5d:3f:
1e:ce:4c:bc:1c:bf:a5:74:35:87:5b:b9:82:44:5b:69:26:e8:
cc:37:43:ef:b9:52:69:0b:c8:c0:69:1b:20:aa:3a:e4:ff:ca:
ab:21:b4:2c:56:3f:7e:bb:2c:94:af:f0:83:ee:84:b6:f7:c0:
88:8e:fd:5f:aa:41:0e:fd:a9:1d:57:4d:e9:63:25:cc:96:91:
6d:c9:1f:1f:99:1a:1f:09:67:c5:8a:8e:0a:b1:ff:9f:e0:b8:
1b:e8:4b:e7:56:55:57:c7:e7:50:55:02:63:95:76:26:84:7f:
06:f9:cc:c4:87:46:5a:e5:8b:96:56:9d:f2:6a:4d:3e:55:b0:
be:e2:f7:4b:e0:d4:32:67:b0:2d:15:18:93:4f:51:8b:ce:fd:
02:96:84:ab:f9:a0:f3:bc:c1:27:a8:6e:09:26:e2:57:bf:a1:
37:63:9f:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1PWvlxrncFqScRL7YDe+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2YyYTA0YWZkMjE3MTJjNzZhOTgzMDZmY2M5NTdmYzBmMmNkNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisqN2W/uBlYy8sLt1pWa4VpaV6BG
/cN/YQehZT/TN83UcZYyUAAdjuG+dIrCUFkqghToN+mtLCprbw+JKyNwwqJ6fqa9
JbqsoSKm5htv1pfhU5zr708rMy3J+VcL2juBu+FSFfBERX3kulA9I5ojhY48UMy6
qprfmHWj/6U/aQbX1MF3vYT142EAx+4N8EuMkYnPJipfotH2dY6Nikpv9EPxb3YH
felSRZ3Vebug0g6mjQZwe1l8qGzsRa9LztSZSxr08xcZkJEs9yGUklvn3nSWvi40
EHVQ5hnPAGSxvnX4RvP8sBoNHOQzDC9nqEn1e3gVxvcKQCOl9SREh8OZNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOzyoEr9IXEsdqmDBvzJV/wPLNX3MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvN1BLZ1N2MGhjU3gycVlNR19NbFhfQThzMWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQiyMA0G
CSqGSIb3DQEBCwUAA4IBAQAPMbEay0fVrNpwmCdxY6jAqcw8xXnFNhObrYGZpoz8
dD5n6EaS/id1cprhhRMQISxphzjEhv6VNSqLAOd5aFrZfs7AMdyRahejU2xY8bSg
KulU/F7fwAhPXT8ezky8HL+ldDWHW7mCRFtpJujMN0PvuVJpC8jAaRsgqjrk/8qr
IbQsVj9+uyyUr/CD7oS298CIjv1fqkEO/akdV03pYyXMlpFtyR8fmRofCWfFio4K
sf+f4Lgb6EvnVlVXx+dQVQJjlXYmhH8G+czEh0Za5YuWVp3yak0+VbC+4vdL4NQy
Z7AtFRiTT1GLzv0CloSr+aDzvMEnqG4JJuJXv6E3Y5/f
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:41:46 2025 by rpki-client