Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/7bWY7Ce1IucFeGlXx3zx0-tIOrI.roa
File: 7bWY7Ce1IucFeGlXx3zx0-tIOrI.roa (raw, json)
Hash identifier: M4sN9FhCwX4e503d6y/XGyWlUKbX/OSy3RAcDJTD9DU=
Subject key identifier: ED:B5:98:EC:27:B5:22:E7:05:78:69:57:C7:7C:F1:D3:EB:48:3A:B2
Certificate issuer: /CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Certificate serial: 01F73437
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/7bWY7Ce1IucFeGlXx3zx0-tIOrI.roa
Signing time: Sat 01 Jan 2022 15:59:42 +0000
ROA not before: Sat 01 Jan 2022 15:59:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 266260
IP address blocks: 91.123.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32977975 (0x1f73437)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Validity
Not Before: Jan 1 15:59:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=edb598ec27b522e705786957c77cf1d3eb483ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7d:10:3a:19:cc:b1:05:b1:ab:09:1e:8a:a7:
84:67:de:3e:ce:a7:8b:8f:1f:9a:a2:6d:ab:a9:1c:
9b:db:70:59:5c:55:6b:98:98:68:b3:0d:28:19:0c:
5f:f2:35:b9:ae:95:2b:c1:0f:87:c0:74:7e:0a:3c:
c8:86:64:74:7f:f7:10:33:b6:71:d6:3f:1a:47:e1:
60:a5:c2:5e:34:8b:7a:dd:eb:b2:f5:00:1a:a5:9a:
e9:c1:7f:5f:70:40:fe:eb:7a:ed:44:79:ac:3e:7f:
c7:59:1a:6e:ff:43:ce:8a:94:b2:56:d5:51:34:f2:
82:23:f5:a4:52:a3:47:54:6e:7d:01:9e:56:71:73:
02:6d:12:bc:fe:89:88:67:44:d9:2f:0c:12:df:33:
d5:39:e3:7e:80:44:e3:a2:38:88:c2:99:40:36:46:
94:b5:42:5e:f5:5c:15:31:3f:06:52:25:cb:98:52:
a9:70:f8:04:d4:03:4b:af:56:e9:96:c6:1e:f2:9a:
fb:e2:07:f7:5c:cc:ad:d4:56:d8:2a:2d:06:3c:9f:
07:d0:99:b9:0b:90:e0:3d:f5:d5:c7:b5:63:93:f4:
ad:71:05:e0:1a:e2:07:36:fb:dd:ee:43:16:65:6d:
45:1b:71:b7:84:3e:77:49:ba:d3:20:ec:f4:f9:2b:
47:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B5:98:EC:27:B5:22:E7:05:78:69:57:C7:7C:F1:D3:EB:48:3A:B2
X509v3 Authority Key Identifier:
keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/7bWY7Ce1IucFeGlXx3zx0-tIOrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.123.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:fe:a1:52:65:fe:aa:46:24:91:08:0b:e3:f7:40:b4:9b:ce:
51:d4:6d:aa:b8:a9:f3:96:9a:b5:b4:d1:f8:87:4b:7c:4c:57:
27:8e:65:9c:2f:0f:cf:7c:22:88:85:37:a4:ff:d7:38:38:ba:
dd:8b:6d:98:69:03:3b:2b:5e:54:35:27:f4:41:28:da:0a:15:
e0:cd:bf:7e:02:62:f9:d5:5f:cd:fc:23:90:36:47:c3:74:bc:
b6:2a:e2:be:63:1b:47:a1:99:f4:37:29:cc:b2:94:17:fd:25:
34:33:ea:8b:7f:9e:54:7f:6e:f4:f5:fd:b3:88:11:d4:95:b8:
3e:70:5f:88:8c:3e:40:ed:76:23:41:4e:f7:0c:45:a5:6d:38:
c8:5a:89:db:7c:ec:74:d7:38:de:cb:f0:10:d4:30:62:e1:76:
d2:38:ee:b6:5c:da:be:71:43:90:8c:7e:4f:c2:5d:11:19:8c:
df:68:2e:a3:9a:8e:ca:67:20:8c:f4:91:33:d6:b2:ca:be:fb:
19:f8:e5:f1:7e:23:76:f0:a5:95:b4:4c:31:0f:26:ec:ff:6e:
9f:f7:cd:3f:2c:77:49:da:b2:7e:b8:33:3b:ca:84:d0:66:29:
52:5b:9d:28:71:8a:e2:c0:15:6a:e9:e1:7f:ec:fe:d1:8f:b2:
cc:0f:37:9e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAfc0NzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MGNjN2E0NDc0ODJlNTdiMDYwNGJhYmI4MmE1MjQwOWNkZTNiMzZkMB4XDTIyMDEw
MTE1NTk0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWRiNTk4ZWMyN2I1
MjJlNzA1Nzg2OTU3Yzc3Y2YxZDNlYjQ4M2FiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMN9EDoZzLEFsasJHoqnhGfePs6ni48fmqJtq6kcm9twWVxV
a5iYaLMNKBkMX/I1ua6VK8EPh8B0fgo8yIZkdH/3EDO2cdY/GkfhYKXCXjSLet3r
svUAGqWa6cF/X3BA/ut67UR5rD5/x1kabv9DzoqUslbVUTTygiP1pFKjR1RufQGe
VnFzAm0SvP6JiGdE2S8MEt8z1TnjfoBE46I4iMKZQDZGlLVCXvVcFTE/BlIly5hS
qXD4BNQDS69W6ZbGHvKa++IH91zMrdRW2CotBjyfB9CZuQuQ4D311ce1Y5P0rXEF
4BriBzb73e5DFmVtRRtxt4Q+d0m60yDs9PkrR68CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTttZjsJ7Ui5wV4aVfHfPHT60g6sjAfBgNVHSMEGDAWgBTwzHpEdILlewYE
uruCpSQJzeOzbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhNeDZSSFNDNVhzR0JMcTdncVVrQ2MzanMyMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMGU1OGRjLTdjOTAtNDlkNy04ODU1LWZhMzJkMmQ1Mjk2OC8x
LzdiV1k3Q2UxSXVjRmVHbFh4M3p4MC10SU9ySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MGU1OGRjLTdjOTAtNDlkNy04ODU1LWZhMzJkMmQ1Mjk2OC8xLzhNeDZSSFNDNVhz
R0JMcTdncVVrQ2MzanMyMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlt7ADANBgkqhkiG9w0BAQsFAAOC
AQEAoP6hUmX+qkYkkQgL4/dAtJvOUdRtqrip85aatbTR+IdLfExXJ45lnC8Pz3wi
iIU3pP/XODi63YttmGkDOyteVDUn9EEo2goV4M2/fgJi+dVfzfwjkDZHw3S8tiri
vmMbR6GZ9DcpzLKUF/0lNDPqi3+eVH9u9PX9s4gR1JW4PnBfiIw+QO12I0FO9wxF
pW04yFqJ23zsdNc43svwENQwYuF20jjutlzavnFDkIx+T8JdERmM32guo5qOymcg
jPSRM9ayyr77Gfjl8X4jdvCllbRMMQ8m7P9un/fNPyx3SdqyfrgzO8qE0GYpUlud
KHGK4sAVaunhf+z+0Y+yzA83ng==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:10 2025 by rpki-client