Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/eG7vKqpIwm6uc-bksO6NXhzlydQ.roa
File: eG7vKqpIwm6uc-bksO6NXhzlydQ.roa (raw, json)
Hash identifier: 4FAJrkNSwzvhceJKT/lcuN4npqy8hKu8xqsMuiBHxNQ=
Subject key identifier: 78:6E:EF:2A:AA:48:C2:6E:AE:73:E6:E4:B0:EE:8D:5E:1C:E5:C9:D4
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 018A648A6C14564B02E6ABEAB3EF65F5582F
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/eG7vKqpIwm6uc-bksO6NXhzlydQ.roa
Signing time: Tue 05 Sep 2023 08:51:47 +0000
ROA not before: Tue 05 Sep 2023 08:51:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210312
IP address blocks: 147.189.216.0/21 maxlen: 21
193.5.17.0/24 maxlen: 24
193.5.16.0/22 maxlen: 22
2a0d:3dc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:64:8a:6c:14:56:4b:02:e6:ab:ea:b3:ef:65:f5:58:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Sep 5 08:51:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=786eef2aaa48c26eae73e6e4b0ee8d5e1ce5c9d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:19:44:06:00:76:80:98:df:74:b2:bf:f4:50:
17:8f:0f:4b:20:cd:db:96:da:2a:e4:b6:10:8a:ea:
99:56:82:be:37:dd:a6:da:3c:7b:9b:2d:70:64:f6:
88:80:cd:3c:6a:5a:31:6b:ca:fc:d8:74:67:5f:83:
83:10:5e:5a:59:5a:13:79:3d:67:13:c7:cd:96:45:
fb:65:57:57:08:dd:a2:85:1c:c6:7a:48:ff:b2:78:
a9:43:78:57:f4:4f:18:bb:22:14:1c:83:29:9f:34:
53:77:71:6e:3c:40:d7:05:a2:09:3c:4c:3d:f9:b5:
03:dd:9f:ed:fc:18:10:dd:5a:cd:35:93:66:b2:4a:
28:b3:13:d0:6c:64:9c:60:d4:ff:bd:1c:db:63:f2:
7a:e3:f2:e2:7c:ff:ea:27:01:59:6a:b9:3a:9e:f5:
db:fc:fc:a9:6e:d4:59:f8:8f:5c:76:39:bd:bd:47:
6d:08:8e:df:17:8f:21:22:1f:ae:35:be:0d:70:bc:
4b:21:63:61:19:8d:55:0a:48:b1:33:34:50:02:17:
14:8b:03:80:24:01:36:de:87:db:65:2d:61:72:92:
7d:b5:3b:ff:8b:d8:be:77:ce:68:95:d1:c0:87:7b:
70:ef:2d:5b:7c:a0:c2:b3:bb:4d:54:4a:45:33:4b:
0c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:6E:EF:2A:AA:48:C2:6E:AE:73:E6:E4:B0:EE:8D:5E:1C:E5:C9:D4
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/eG7vKqpIwm6uc-bksO6NXhzlydQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:97:f3:c7:16:4f:d2:d7:9f:fb:73:41:98:2e:de:62:43:97:
48:b6:91:92:9d:ff:73:f7:7f:57:ac:9c:ef:48:9b:70:44:b1:
07:7e:c2:cc:16:8a:4a:81:0d:9f:b3:75:45:c2:fa:48:55:f4:
d2:87:7c:36:fe:48:f2:37:7f:48:c9:90:72:69:4c:5c:5b:8d:
f6:6b:fe:2b:46:c4:dd:1c:97:22:3e:b4:1b:8e:fe:3c:28:0b:
f2:4f:21:3b:24:a8:17:9c:f1:9d:f1:87:e0:b0:e3:d7:1d:33:
f7:37:a2:c0:06:5c:4a:5e:98:26:d6:06:d0:c6:bb:e6:79:14:
d4:2a:1b:7a:56:be:c7:fc:8e:69:23:47:3a:e2:b1:da:ba:72:
51:38:29:10:8a:94:d7:b1:66:e4:0c:ec:9b:87:d6:23:3d:e9:
bf:54:7c:bb:f2:dd:40:97:bc:27:52:1e:8a:2a:0c:7f:cf:ae:
d4:4d:a6:c9:f3:ad:73:a3:86:06:a5:0d:e4:9b:24:65:e2:ea:
53:94:e3:83:29:d0:1b:a9:d5:4a:61:5a:14:c1:bb:d7:7e:80:
57:5b:b1:dd:a4:7d:40:df:21:3d:6c:4b:67:bc:88:50:b5:c9:
c6:27:66:ae:91:b9:ad:34:af:a6:ef:06:d8:a8:25:0b:62:e6:
11:d6:28:04
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYpkimwUVksC5qvqs+9l9VgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjMwOTA1MDg1MTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODZlZWYyYWFhNDhjMjZlYWU3M2U2ZTRiMGVlOGQ1ZTFjZTVjOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBlEBgB2gJjfdLK/9FAXjw9LIM3b
ltoq5LYQiuqZVoK+N92m2jx7my1wZPaIgM08aloxa8r82HRnX4ODEF5aWVoTeT1n
E8fNlkX7ZVdXCN2ihRzGekj/snipQ3hX9E8YuyIUHIMpnzRTd3FuPEDXBaIJPEw9
+bUD3Z/t/BgQ3VrNNZNmskoosxPQbGScYNT/vRzbY/J64/LifP/qJwFZark6nvXb
/PypbtRZ+I9cdjm9vUdtCI7fF48hIh+uNb4NcLxLIWNhGY1VCkixMzRQAhcUiwOA
JAE23ofbZS1hcpJ9tTv/i9i+d85oldHAh3tw7y1bfKDCs7tNVEpFM0sMtQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHhu7yqqSMJurnPm5LDujV4c5cnUMB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvZUc3dktxcEl3bTZ1Yy1ia3NPNk5YaHpseWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQCLl/PHFk/S15/7
c0GYLt5iQ5dItpGSnf9z939XrJzvSJtwRLEHfsLMFopKgQ2fs3VFwvpIVfTSh3w2
/kjyN39IyZByaUxcW432a/4rRsTdHJciPrQbjv48KAvyTyE7JKgXnPGd8YfgsOPX
HTP3N6LABlxKXpgm1gbQxrvmeRTUKht6Vr7H/I5pI0c64rHaunJROCkQipTXsWbk
DOybh9YjPem/VHy78t1Al7wnUh6KKgx/z67UTabJ861zo4YGpQ3kmyRl4upTlOOD
KdAbqdVKYVoUwbvXfoBXW7HdpH1A3yE9bEtnvIhQtcnGJ2aukbmtNK+m7wbYqCUL
YuYR1igE
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:19:07 2025 by rpki-client