Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/t7EfJFIlgM3m-3FMSGMe6BHYysE.roa
File: t7EfJFIlgM3m-3FMSGMe6BHYysE.roa (raw, json)
Hash identifier: Bo5JnkzI/En7UbX+JF4mNF4wt+sjm3+3QKKqldzGdCM=
Subject key identifier: B7:B1:1F:24:52:25:80:CD:E6:FB:71:4C:48:63:1E:E8:11:D8:CA:C1
Certificate issuer: /CN=fce25aca434feeb6f573aa463a12c6940bc4d198
Certificate serial: 0B4B0D70
Authority key identifier: FC:E2:5A:CA:43:4F:EE:B6:F5:73:AA:46:3A:12:C6:94:0B:C4:D1:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OJaykNP7rb1c6pGOhLGlAvE0Zg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/t7EfJFIlgM3m-3FMSGMe6BHYysE.roa
Signing time: Sat 01 Jan 2022 08:55:57 +0000
ROA not before: Sat 01 Jan 2022 08:55:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21351
IP address blocks: 93.121.128.0/17 maxlen: 24
95.138.0.0/17 maxlen: 24
213.188.160.0/19 maxlen: 24
5.187.96.0/19 maxlen: 24
213.16.0.0/19 maxlen: 24
185.29.48.0/22 maxlen: 24
46.238.128.0/18 maxlen: 24
2a02:1390::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 189468016 (0xb4b0d70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fce25aca434feeb6f573aa463a12c6940bc4d198
Validity
Not Before: Jan 1 08:55:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7b11f24522580cde6fb714c48631ee811d8cac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:70:16:be:e7:5a:97:80:23:d0:8f:b0:af:e1:
28:d4:b8:fa:b5:16:9c:a2:21:a6:3a:19:78:a5:f8:
37:56:3f:9a:dd:ac:80:be:56:0e:17:d9:e7:60:34:
6a:3b:0a:c6:2b:38:fc:9a:08:e8:fb:66:cd:32:01:
aa:5b:4f:04:57:4a:cb:bd:4d:21:fa:54:4d:dc:8c:
97:cb:dd:e5:a5:35:47:b9:6d:d6:3e:2b:1e:59:a6:
f3:ad:af:a8:b4:24:a1:64:1d:8c:aa:b8:39:78:fa:
0f:e0:9f:86:b3:81:a7:57:56:65:a8:b1:80:66:cf:
ed:44:4d:61:28:ba:c1:f6:ec:7d:2e:e5:a9:a0:ab:
5b:c5:71:ee:a0:bc:f1:ca:6a:42:04:cd:47:5a:7f:
36:66:27:04:61:b3:c8:54:cd:61:72:a5:41:45:f5:
7d:2e:7b:fe:15:f2:be:04:22:1c:d2:e9:2b:48:a2:
6a:42:5b:fd:9a:2d:11:d3:4d:be:16:b0:ff:e8:4f:
a5:33:a3:38:a1:76:89:dc:91:2b:48:7a:e5:ff:26:
9f:8a:ee:6e:54:5c:81:a3:7b:6d:53:1e:bc:f4:2e:
41:9f:70:6b:9b:a6:cf:a2:da:1b:28:85:3d:8d:23:
62:9a:e7:93:36:b8:3c:bf:d5:50:e9:48:39:9f:e1:
cd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B1:1F:24:52:25:80:CD:E6:FB:71:4C:48:63:1E:E8:11:D8:CA:C1
X509v3 Authority Key Identifier:
keyid:FC:E2:5A:CA:43:4F:EE:B6:F5:73:AA:46:3A:12:C6:94:0B:C4:D1:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OJaykNP7rb1c6pGOhLGlAvE0Zg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/t7EfJFIlgM3m-3FMSGMe6BHYysE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/_OJaykNP7rb1c6pGOhLGlAvE0Zg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.96.0/19
46.238.128.0/18
93.121.128.0/17
95.138.0.0/17
185.29.48.0/22
213.16.0.0/19
213.188.160.0/19
IPv6:
2a02:1390::/29
Signature Algorithm: sha256WithRSAEncryption
11:4e:23:ea:ec:95:47:fc:6f:15:a4:78:83:83:5c:ce:c2:70:
88:ee:25:0e:c2:e9:65:5d:68:cd:b7:3d:ee:7f:cc:c5:6f:f8:
86:27:a0:f9:07:92:26:80:5c:35:91:f8:73:ce:51:8b:0b:43:
fa:77:41:4f:c4:f5:b1:8c:fb:77:cd:53:dc:ce:1c:5e:e4:9e:
bf:49:a7:ba:e0:85:0f:98:66:19:b1:b6:56:a4:8d:2e:2e:24:
43:27:65:7d:fe:b6:93:38:d2:d8:67:9b:db:00:e8:ec:64:ad:
18:09:d4:af:57:66:5b:50:ba:a8:c2:2d:f7:ed:8c:51:79:e2:
46:d8:ba:86:c7:df:cd:5c:a4:94:01:94:0c:b2:94:c7:13:07:
07:e3:0d:e6:fb:3d:c9:12:ab:86:0b:5c:e3:d8:b5:08:40:37:
5d:9d:5a:07:50:84:18:47:93:36:5d:bf:f0:21:a1:a1:fb:fc:
a8:86:b4:7e:ad:c0:12:a1:f5:fb:19:dc:d2:51:7c:d1:ac:76:
30:20:ec:de:9b:58:62:7c:bf:a7:78:17:50:40:b0:6c:8a:bd:
a8:f8:d9:5c:fc:25:e4:40:47:27:b9:f0:7a:19:ba:8b:7f:11:
16:e7:b2:4f:29:72:01:e7:72:4d:58:71:b7:97:4a:a2:2b:51:
76:de:cd:d5
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEC0sNcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Y2UyNWFjYTQzNGZlZWI2ZjU3M2FhNDYzYTEyYzY5NDBiYzRkMTk4MB4XDTIyMDEw
MTA4NTU1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjdiMTFmMjQ1MjI1
ODBjZGU2ZmI3MTRjNDg2MzFlZTgxMWQ4Y2FjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO5wFr7nWpeAI9CPsK/hKNS4+rUWnKIhpjoZeKX4N1Y/mt2s
gL5WDhfZ52A0ajsKxis4/JoI6PtmzTIBqltPBFdKy71NIfpUTdyMl8vd5aU1R7lt
1j4rHlmm862vqLQkoWQdjKq4OXj6D+CfhrOBp1dWZaixgGbP7URNYSi6wfbsfS7l
qaCrW8Vx7qC88cpqQgTNR1p/NmYnBGGzyFTNYXKlQUX1fS57/hXyvgQiHNLpK0ii
akJb/ZotEdNNvhaw/+hPpTOjOKF2idyRK0h65f8mn4rublRcgaN7bVMevPQuQZ9w
a5umz6LaGyiFPY0jYprnkza4PL/VUOlIOZ/hzXECAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBS3sR8kUiWAzeb7cUxIYx7oEdjKwTAfBgNVHSMEGDAWgBT84lrKQ0/utvVz
qkY6EsaUC8TRmDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19PSmF5a05QN3JiMWM2cEdPaExHbEF2RTBaZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvMGM5ZGJiLWYyZWYtNGYxNS04YjJlLTY0M2U0NDc0NDRkNi8x
L3Q3RWZKRklsZ00zbS0zRk1TR01lNkJIWXlzRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
MGM5ZGJiLWYyZWYtNGYxNS04YjJlLTY0M2U0NDc0NDRkNi8xL19PSmF5a05QN3Ji
MWM2cEdPaExHbEF2RTBaZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBQW7YAMEBi7ugAMEB115gAMEB1+K
AAMEArkdMAMEBdUQAAMEBdW8oDANBAIAAjAHAwUDKgITkDANBgkqhkiG9w0BAQsF
AAOCAQEAEU4j6uyVR/xvFaR4g4NczsJwiO4lDsLpZV1ozbc97n/MxW/4hieg+QeS
JoBcNZH4c85RiwtD+ndBT8T1sYz7d81T3M4cXuSev0mnuuCFD5hmGbG2VqSNLi4k
Qydlff62kzjS2Geb2wDo7GStGAnUr1dmW1C6qMIt9+2MUXniRti6hsffzVyklAGU
DLKUxxMHB+MN5vs9yRKrhgtc49i1CEA3XZ1aB1CEGEeTNl2/8CGhofv8qIa0fq3A
EqH1+xnc0lF80ax2MCDs3ptYYny/p3gXUECwbIq9qPjZXPwl5EBHJ7nwehm6i38R
FueyTylyAedyTVhxt5dKoitRdt7N1Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:35 2025 by rpki-client