Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/7940ab-f7ca-4c07-a123-a6fb4df5481e/1/e0J3TtoJUaHZr5-J-fGLj8-859E.roa
File: e0J3TtoJUaHZr5-J-fGLj8-859E.roa (raw, json)
Hash identifier: Vnq0yj30BJq5hT0EFigD6WmPvVp1T4sBhu4DRFdngAk=
Subject key identifier: 7B:42:77:4E:DA:09:51:A1:D9:AF:9F:89:F9:F1:8B:8F:CF:BC:E7:D1
Certificate issuer: /CN=5a5125afc5ec978b2a321291c2a5570fe619159e
Certificate serial: 018572CCB806153EA9B194A7E22ECF05694A
Authority key identifier: 5A:51:25:AF:C5:EC:97:8B:2A:32:12:91:C2:A5:57:0F:E6:19:15:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WlElr8Xsl4sqMhKRwqVXD-YZFZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/7940ab-f7ca-4c07-a123-a6fb4df5481e/1/e0J3TtoJUaHZr5-J-fGLj8-859E.roa
Signing time: Mon 02 Jan 2023 14:04:57 +0000
ROA not before: Mon 02 Jan 2023 14:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 192.109.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:b8:06:15:3e:a9:b1:94:a7:e2:2e:cf:05:69:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5125afc5ec978b2a321291c2a5570fe619159e
Validity
Not Before: Jan 2 14:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b42774eda0951a1d9af9f89f9f18b8fcfbce7d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d0:4c:0c:eb:58:b5:df:d1:d2:40:8d:07:45:
5b:05:b9:ef:d8:56:ac:2e:c3:e2:0e:6f:0c:3a:d0:
04:fa:21:a8:a8:ed:0e:a8:54:14:7b:84:f2:eb:f5:
69:d0:a3:72:59:68:ce:65:a9:49:5d:aa:9d:87:ed:
b4:d6:5d:0d:86:44:0a:82:e4:18:82:2b:9a:43:de:
87:5e:14:42:33:1d:99:c3:72:63:2d:09:db:6f:fa:
7f:0a:f9:58:33:5b:3a:61:7b:f1:f1:64:cd:de:a8:
d4:11:49:da:e8:3a:58:ba:2e:de:99:fd:5c:f4:f2:
17:1b:b8:66:c5:e2:26:84:61:06:af:20:21:fc:3a:
50:c9:dd:a7:25:72:cd:98:1b:50:33:a1:36:2f:6a:
c2:b3:e8:6c:61:7e:3f:dd:26:92:7b:48:21:c3:f1:
a1:c8:fc:9e:0e:69:4d:ad:18:4a:a5:6c:2c:9a:1b:
11:6d:ce:1e:a6:25:df:5a:8c:7d:ac:d1:1b:c4:d8:
e6:88:24:7e:2a:ed:fd:c9:17:b0:51:60:ea:21:d1:
e1:49:ed:36:d0:6c:cb:e0:a0:37:c7:75:da:4b:57:
1a:32:ed:ab:f9:39:13:68:90:09:40:21:67:ab:c4:
a9:d7:97:2e:f6:7d:ad:69:c1:75:fd:2f:fb:b9:aa:
ca:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:42:77:4E:DA:09:51:A1:D9:AF:9F:89:F9:F1:8B:8F:CF:BC:E7:D1
X509v3 Authority Key Identifier:
keyid:5A:51:25:AF:C5:EC:97:8B:2A:32:12:91:C2:A5:57:0F:E6:19:15:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WlElr8Xsl4sqMhKRwqVXD-YZFZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7940ab-f7ca-4c07-a123-a6fb4df5481e/1/e0J3TtoJUaHZr5-J-fGLj8-859E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7940ab-f7ca-4c07-a123-a6fb4df5481e/1/WlElr8Xsl4sqMhKRwqVXD-YZFZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.101.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:92:b8:6d:6c:63:d9:d1:e5:3f:e2:a0:69:79:bf:d9:4b:be:
49:e9:dc:ef:e2:4a:dc:88:4b:ee:c5:af:d2:2e:99:09:ab:61:
18:f5:c1:b8:4d:dd:18:31:06:52:4f:4c:ab:3f:b7:fb:74:13:
04:4d:4b:31:be:56:18:56:bb:40:13:c7:7a:44:a2:31:3f:74:
5d:48:85:fe:e8:7a:5f:7f:c8:47:f1:f8:b6:67:a8:a4:0a:99:
15:1a:59:05:63:0c:b1:7f:27:df:41:2f:9f:59:42:3b:fc:45:
62:15:5f:a1:ed:d8:76:d1:b6:dc:f1:42:85:41:6f:17:0b:c1:
bf:87:70:dd:f0:56:c4:b8:fc:5d:8a:68:c1:51:14:b1:ef:a0:
17:31:1f:df:3f:75:2a:46:b5:cf:69:fe:3c:d9:6b:b6:55:b9:
28:91:d4:b4:fd:d6:53:3e:34:79:45:24:19:58:00:f9:85:e1:
54:c8:75:06:9c:41:69:ea:cd:71:be:25:fd:98:e8:2b:d6:f4:
12:9d:f3:fe:9d:3c:2c:79:1d:10:fc:5d:be:c8:3c:31:46:71:
17:d4:75:10:22:a2:71:d4:4c:d8:42:ec:82:16:46:98:37:92:
8c:3a:c0:b3:f1:91:38:7e:d0:f9:88:94:70:92:70:19:b9:bf:
ca:03:d7:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzLgGFT6psZSn4i7PBWlKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNTEyNWFmYzVlYzk3OGIyYTMyMTI5MWMyYTU1NzBmZTYx
OTE1OWUwHhcNMjMwMTAyMTQwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjQyNzc0ZWRhMDk1MWExZDlhZjlmODlmOWYxOGI4ZmNmYmNlN2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9BMDOtYtd/R0kCNB0VbBbnv2Fas
LsPiDm8MOtAE+iGoqO0OqFQUe4Ty6/Vp0KNyWWjOZalJXaqdh+201l0NhkQKguQY
giuaQ96HXhRCMx2Zw3JjLQnbb/p/CvlYM1s6YXvx8WTN3qjUEUna6DpYui7emf1c
9PIXG7hmxeImhGEGryAh/DpQyd2nJXLNmBtQM6E2L2rCs+hsYX4/3SaSe0ghw/Gh
yPyeDmlNrRhKpWwsmhsRbc4epiXfWox9rNEbxNjmiCR+Ku39yRewUWDqIdHhSe02
0GzL4KA3x3XaS1caMu2r+TkTaJAJQCFnq8Sp15cu9n2tacF1/S/7uarKVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHtCd07aCVGh2a+fifnxi4/PvOfRMB8GA1UdIwQY
MBaAFFpRJa/F7JeLKjISkcKlVw/mGRWeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2xFbHI4WHNsNHNxTWhLUndxVlhELVlaRlo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy83OTQwYWItZjdjYS00YzA3LWExMjMt
YTZmYjRkZjU0ODFlLzEvZTBKM1R0b0pVYUhacjUtSi1mR0xqOC04NTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy83OTQwYWItZjdjYS00YzA3LWExMjMtYTZmYjRkZjU0ODFl
LzEvV2xFbHI4WHNsNHNxTWhLUndxVlhELVlaRlo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG1lMA0G
CSqGSIb3DQEBCwUAA4IBAQAPkrhtbGPZ0eU/4qBpeb/ZS75J6dzv4krciEvuxa/S
LpkJq2EY9cG4Td0YMQZST0yrP7f7dBMETUsxvlYYVrtAE8d6RKIxP3RdSIX+6Hpf
f8hH8fi2Z6ikCpkVGlkFYwyxfyffQS+fWUI7/EViFV+h7dh20bbc8UKFQW8XC8G/
h3Dd8FbEuPxdimjBURSx76AXMR/fP3UqRrXPaf482Wu2VbkokdS0/dZTPjR5RSQZ
WAD5heFUyHUGnEFp6s1xviX9mOgr1vQSnfP+nTwseR0Q/F2+yDwxRnEX1HUQIqJx
1EzYQuyCFkaYN5KMOsCz8ZE4ftD5iJRwknAZub/KA9d8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:30 2025 by rpki-client