Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/b266bb-1a3d-4e49-857c-ef38914a8ab0/1/7NbVPYLQX67Kowwl7oGecNkceqQ.roa
File: 7NbVPYLQX67Kowwl7oGecNkceqQ.roa (raw, json)
Hash identifier: od14RFI1EM7avc1wwDhFxM5rnJJ2wE12lEo7Xfjcl9I=
Subject key identifier: EC:D6:D5:3D:82:D0:5F:AE:CA:A3:0C:25:EE:81:9E:70:D9:1C:7A:A4
Certificate issuer: /CN=5a0532e8fda4b27a5615aebb8d7fd0fcafa9f610
Certificate serial: 01856F14DD454DB99D561ADC812500462579
Authority key identifier: 5A:05:32:E8:FD:A4:B2:7A:56:15:AE:BB:8D:7F:D0:FC:AF:A9:F6:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WgUy6P2ksnpWFa67jX_Q_K-p9hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/b266bb-1a3d-4e49-857c-ef38914a8ab0/1/7NbVPYLQX67Kowwl7oGecNkceqQ.roa
Signing time: Sun 01 Jan 2023 20:45:16 +0000
ROA not before: Sun 01 Jan 2023 20:45:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12315
IP address blocks: 185.215.40.0/22 maxlen: 22
213.34.32.0/19 maxlen: 19
193.254.214.0/23 maxlen: 23
2a04:c580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:dd:45:4d:b9:9d:56:1a:dc:81:25:00:46:25:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a0532e8fda4b27a5615aebb8d7fd0fcafa9f610
Validity
Not Before: Jan 1 20:45:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecd6d53d82d05faecaa30c25ee819e70d91c7aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:38:14:1d:2f:ad:21:f5:ef:17:ba:74:38:8b:
8d:e3:7d:24:cc:3e:cc:da:4a:d6:6c:25:0b:50:65:
15:a2:42:6c:b8:bd:5d:e4:a9:bc:1b:18:ba:45:09:
22:74:66:f5:7b:bb:06:01:64:c9:a0:84:80:7f:ef:
ed:25:93:77:8e:bb:38:77:b3:25:13:ed:c0:48:53:
a4:5b:26:83:89:35:31:9b:38:9d:20:33:51:fa:29:
54:c4:8d:60:97:65:e9:47:ee:ad:96:6e:f5:cf:1b:
d3:5e:5f:f9:1e:26:47:72:8b:db:f1:60:6c:2b:44:
8d:5d:fd:af:5d:8c:99:57:72:9a:10:de:6d:51:6c:
0b:68:70:b3:a2:0b:dd:54:c1:36:67:47:48:5b:f9:
97:0c:b8:19:f7:14:c8:06:ed:0f:7b:10:b4:9a:ec:
33:9d:a9:b9:d0:9e:b1:d8:d9:a6:72:9f:96:c9:cd:
05:16:d3:8e:3c:40:8b:88:f8:b1:0b:3a:ba:24:da:
54:08:8f:3a:6b:1d:5e:53:b6:97:80:82:8a:0c:3d:
1a:89:e8:b4:db:68:cc:ec:33:f6:21:a1:12:c7:36:
d0:1f:1d:6e:62:8e:2e:c4:77:d1:8d:fd:96:24:39:
97:37:88:38:d7:7e:ab:4b:b7:28:8a:69:31:b8:df:
8f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D6:D5:3D:82:D0:5F:AE:CA:A3:0C:25:EE:81:9E:70:D9:1C:7A:A4
X509v3 Authority Key Identifier:
keyid:5A:05:32:E8:FD:A4:B2:7A:56:15:AE:BB:8D:7F:D0:FC:AF:A9:F6:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WgUy6P2ksnpWFa67jX_Q_K-p9hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b266bb-1a3d-4e49-857c-ef38914a8ab0/1/7NbVPYLQX67Kowwl7oGecNkceqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/b266bb-1a3d-4e49-857c-ef38914a8ab0/1/WgUy6P2ksnpWFa67jX_Q_K-p9hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.40.0/22
193.254.214.0/23
213.34.32.0/19
IPv6:
2a04:c580::/29
Signature Algorithm: sha256WithRSAEncryption
24:96:d0:55:f4:97:91:9d:18:02:8c:0a:16:be:a2:44:92:26:
0d:ad:23:e9:36:ab:75:fe:21:8b:87:d7:ca:16:0c:08:cb:5e:
55:e9:aa:70:2f:10:5a:6f:2f:91:4a:9b:bd:11:ba:0b:da:7c:
01:29:73:ab:2c:49:b0:77:02:9a:ab:f4:4b:02:c0:1b:a2:5b:
64:d0:e8:04:1b:0f:3c:e5:bc:37:e7:a7:0c:3f:b4:ac:59:bd:
0d:34:af:57:00:dc:a2:f0:d9:5b:50:db:56:6d:74:10:35:80:
05:c3:b3:89:a5:a0:a5:18:5a:24:2e:7d:18:7a:38:da:ab:71:
53:4c:49:d8:59:30:44:c6:79:af:88:72:2f:08:2f:9e:11:89:
bb:27:cc:52:37:f8:11:81:f0:13:a4:d0:b0:8d:81:bc:61:5e:
28:69:96:72:dd:a7:cb:4e:d7:a3:01:e8:4d:87:bd:e2:29:92:
b8:74:de:9c:d2:db:4c:27:df:56:d6:fb:47:10:0c:a9:96:0b:
87:1a:fb:40:e4:36:f8:b3:3e:b3:39:33:91:66:9b:a3:27:85:
ea:ff:4a:0b:66:ed:98:a8:4f:72:26:2e:1b:ce:b0:74:ed:b6:
bb:fd:31:e7:b5:8d:46:d2:bc:02:e1:73:9b:f5:a4:d6:4e:af:
81:42:9e:30
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvFN1FTbmdVhrcgSUARiV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMDUzMmU4ZmRhNGIyN2E1NjE1YWViYjhkN2ZkMGZjYWZh
OWY2MTAwHhcNMjMwMTAxMjA0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2Q2ZDUzZDgyZDA1ZmFlY2FhMzBjMjVlZTgxOWU3MGQ5MWM3YWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzgUHS+tIfXvF7p0OIuN430kzD7M
2krWbCULUGUVokJsuL1d5Km8Gxi6RQkidGb1e7sGAWTJoISAf+/tJZN3jrs4d7Ml
E+3ASFOkWyaDiTUxmzidIDNR+ilUxI1gl2XpR+6tlm71zxvTXl/5HiZHcovb8WBs
K0SNXf2vXYyZV3KaEN5tUWwLaHCzogvdVME2Z0dIW/mXDLgZ9xTIBu0PexC0muwz
nam50J6x2Nmmcp+Wyc0FFtOOPECLiPixCzq6JNpUCI86ax1eU7aXgIKKDD0aiei0
22jM7DP2IaESxzbQHx1uYo4uxHfRjf2WJDmXN4g4136rS7coimkxuN+PcwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOzW1T2C0F+uyqMMJe6BnnDZHHqkMB8GA1UdIwQY
MBaAFFoFMuj9pLJ6VhWuu41/0PyvqfYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2dVeTZQMmtzbnBXRmE2N2pYX1FfSy1wOWhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9iMjY2YmItMWEzZC00ZTQ5LTg1N2Mt
ZWYzODkxNGE4YWIwLzEvN05iVlBZTFFYNjdLb3d3bDdvR2VjTmtjZXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9iMjY2YmItMWEzZC00ZTQ5LTg1N2MtZWYzODkxNGE4YWIw
LzEvV2dVeTZQMmtzbnBXRmE2N2pYX1FfSy1wOWhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCudcoAwQB
wf7WAwQF1SIgMA0EAgACMAcDBQMqBMWAMA0GCSqGSIb3DQEBCwUAA4IBAQAkltBV
9JeRnRgCjAoWvqJEkiYNrSPpNqt1/iGLh9fKFgwIy15V6apwLxBaby+RSpu9EboL
2nwBKXOrLEmwdwKaq/RLAsAboltk0OgEGw885bw356cMP7SsWb0NNK9XANyi8Nlb
UNtWbXQQNYAFw7OJpaClGFokLn0Yejjaq3FTTEnYWTBExnmviHIvCC+eEYm7J8xS
N/gRgfATpNCwjYG8YV4oaZZy3afLTtejAehNh73iKZK4dN6c0ttMJ99W1vtHEAyp
lguHGvtA5Db4sz6zOTORZpujJ4Xq/0oLZu2YqE9yJi4bzrB07ba7/THntY1G0rwC
4XOb9aTWTq+BQp4w
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:08 2025 by rpki-client