Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/wsJKVZtrCDSIgFo6M1kn9UXjzZY.roa
File: wsJKVZtrCDSIgFo6M1kn9UXjzZY.roa (raw, json)
Hash identifier: eXN9D/J6+j1107/pvTfI5vw/djF96z3oSRWCUQxgvw4=
Subject key identifier: C2:C2:4A:55:9B:6B:08:34:88:80:5A:3A:33:59:27:F5:45:E3:CD:96
Certificate issuer: /CN=7ca04cc67ef96d9022f3d0bfc51eadb4a4b63ee6
Certificate serial: 07A61CCD
Authority key identifier: 7C:A0:4C:C6:7E:F9:6D:90:22:F3:D0:BF:C5:1E:AD:B4:A4:B6:3E:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKBMxn75bZAi89C_xR6ttKS2PuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/wsJKVZtrCDSIgFo6M1kn9UXjzZY.roa
Signing time: Sat 01 Jan 2022 10:55:26 +0000
ROA not before: Sat 01 Jan 2022 10:55:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197792
IP address blocks: 159.255.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128326861 (0x7a61ccd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca04cc67ef96d9022f3d0bfc51eadb4a4b63ee6
Validity
Not Before: Jan 1 10:55:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c2c24a559b6b083488805a3a335927f545e3cd96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:00:15:cc:92:5d:8b:35:38:a0:6f:f8:40:02:
be:d6:01:76:00:49:07:cf:99:ee:5c:60:35:3a:bf:
8c:cb:3d:0b:e1:22:91:c1:3e:bb:eb:7e:8d:7d:30:
50:ed:b1:1f:5a:ad:97:81:f7:31:87:28:3a:eb:37:
ac:8f:52:b1:7a:b0:ee:61:f3:d1:b3:7a:cb:db:d5:
63:3c:77:e2:49:ce:0b:cd:83:3f:a0:69:68:65:0f:
00:9a:8f:62:f5:a9:03:43:6d:a6:60:54:19:98:d1:
4b:2c:18:94:ef:0a:75:ef:d0:b2:a5:87:82:ad:35:
6d:47:8a:18:c8:01:69:b8:db:e8:cb:11:60:b6:63:
4e:bd:bf:b9:b2:f2:a5:dd:a1:7e:8d:5c:e4:84:2f:
38:61:5e:5d:c1:79:b8:b0:21:74:f6:71:67:df:ec:
a7:34:d9:e5:46:72:6b:6c:9d:a5:0d:e2:ae:bf:f9:
4e:e1:eb:8c:e6:01:a3:e7:1a:d1:7b:a7:f3:b2:a5:
70:3a:33:c7:61:4a:8f:02:01:99:a6:4f:23:99:07:
ad:9a:f6:81:1e:81:e4:b8:0f:60:14:ec:0a:58:6d:
7f:f8:13:ca:07:12:84:b2:fb:1f:0c:c7:75:ee:a5:
a8:07:ee:b6:c6:ba:6b:51:1c:22:c1:cd:c9:1a:d4:
26:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:C2:4A:55:9B:6B:08:34:88:80:5A:3A:33:59:27:F5:45:E3:CD:96
X509v3 Authority Key Identifier:
keyid:7C:A0:4C:C6:7E:F9:6D:90:22:F3:D0:BF:C5:1E:AD:B4:A4:B6:3E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKBMxn75bZAi89C_xR6ttKS2PuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/wsJKVZtrCDSIgFo6M1kn9UXjzZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/fKBMxn75bZAi89C_xR6ttKS2PuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.40.0/22
Signature Algorithm: sha256WithRSAEncryption
35:6d:d3:c5:66:89:0f:e5:1b:a9:6f:c1:7e:10:bf:0d:a7:c8:
83:12:fe:b5:94:ce:5f:73:3f:35:3c:b9:8a:85:a9:90:74:5b:
90:e7:f7:e8:60:3e:bd:0d:6b:6f:f2:63:2f:b7:a3:8f:a4:a4:
aa:ad:56:8a:b9:09:32:b7:4c:3f:0c:42:0f:30:7d:22:4d:08:
e9:dc:ea:57:c5:ad:d4:4f:0a:bc:93:07:fd:4a:59:64:c5:63:
83:f3:7a:f6:82:e2:a4:aa:c2:24:e9:b9:98:a0:0c:d3:0d:c2:
3f:4b:98:d8:c6:dc:23:e3:0b:2c:45:ef:7b:21:1f:b6:1c:4f:
e1:33:f1:f5:9a:06:6d:70:44:db:72:3d:36:5e:ad:69:9b:d4:
37:d2:2c:11:e3:70:fb:15:0d:de:d8:18:c8:ac:e6:04:9b:93:
1b:7d:30:bf:1b:b9:44:27:bf:98:9d:0e:9d:36:46:fc:09:b9:
be:93:d2:c9:9d:a4:f7:fd:06:9a:1e:9a:29:e0:15:9c:50:29:
09:78:5e:ab:3e:af:ce:91:67:88:46:00:d2:fe:83:97:d8:75:
50:b4:9b:96:74:56:3a:9b:b2:5e:38:79:2d:02:00:39:64:8c:
55:ca:a0:32:00:c9:0d:69:b9:19:69:cc:81:42:e1:74:78:df:
2d:95:ef:85
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB6YczTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2EwNGNjNjdlZjk2ZDkwMjJmM2QwYmZjNTFlYWRiNGE0YjYzZWU2MB4XDTIyMDEw
MTEwNTUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzJjMjRhNTU5YjZi
MDgzNDg4ODA1YTNhMzM1OTI3ZjU0NWUzY2Q5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsAFcySXYs1OKBv+EACvtYBdgBJB8+Z7lxgNTq/jMs9C+Ei
kcE+u+t+jX0wUO2xH1qtl4H3MYcoOus3rI9SsXqw7mHz0bN6y9vVYzx34knOC82D
P6BpaGUPAJqPYvWpA0NtpmBUGZjRSywYlO8Kde/QsqWHgq01bUeKGMgBabjb6MsR
YLZjTr2/ubLypd2hfo1c5IQvOGFeXcF5uLAhdPZxZ9/spzTZ5UZya2ydpQ3irr/5
TuHrjOYBo+ca0Xun87KlcDozx2FKjwIBmaZPI5kHrZr2gR6B5LgPYBTsClhtf/gT
ygcShLL7HwzHde6lqAfutsa6a1EcIsHNyRrUJqUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTCwkpVm2sINIiAWjozWSf1RePNljAfBgNVHSMEGDAWgBR8oEzGfvltkCLz
0L/FHq20pLY+5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZLQk14bjc1YlpBaTg5Q194UjZ0dEtTMlB1WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvOWI5NGUyLWQyMWQtNGQ4MS04YWVhLWE1NTY4ZTBmYmI2ZC8x
L3dzSktWWnRyQ0RTSWdGbzZNMWtuOVVYanpaWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
OWI5NGUyLWQyMWQtNGQ4MS04YWVhLWE1NTY4ZTBmYmI2ZC8xL2ZLQk14bjc1YlpB
aTg5Q194UjZ0dEtTMlB1WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAp//KDANBgkqhkiG9w0BAQsFAAOC
AQEANW3TxWaJD+UbqW/BfhC/DafIgxL+tZTOX3M/NTy5ioWpkHRbkOf36GA+vQ1r
b/JjL7ejj6Skqq1WirkJMrdMPwxCDzB9Ik0I6dzqV8Wt1E8KvJMH/UpZZMVjg/N6
9oLipKrCJOm5mKAM0w3CP0uY2MbcI+MLLEXveyEfthxP4TPx9ZoGbXBE23I9Nl6t
aZvUN9IsEeNw+xUN3tgYyKzmBJuTG30wvxu5RCe/mJ0OnTZG/Am5vpPSyZ2k9/0G
mh6aKeAVnFApCXheqz6vzpFniEYA0v6Dl9h1ULSblnRWOpuyXjh5LQIAOWSMVcqg
MgDJDWm5GWnMgULhdHjfLZXvhQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:16:51 2025 by rpki-client