Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/1v-2fpDURfgxVW2-zYyoHKmoA5I.roa
File: 1v-2fpDURfgxVW2-zYyoHKmoA5I.roa (raw, json)
Hash identifier: MV7Zrd0Rft/H8nbAwElddRLQzBtmNDKKw0ZEWujCMjc=
Subject key identifier: D6:FF:B6:7E:90:D4:45:F8:31:55:6D:BE:CD:8C:A8:1C:A9:A8:03:92
Certificate issuer: /CN=ef0efd5de78f93bcaead15e14c006edbbd1b5955
Certificate serial: 01879E425B306A73099AA613E755E3ADAA73
Authority key identifier: EF:0E:FD:5D:E7:8F:93:BC:AE:AD:15:E1:4C:00:6E:DB:BD:1B:59:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7w79XeePk7yurRXhTABu270bWVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/1v-2fpDURfgxVW2-zYyoHKmoA5I.roa
Signing time: Thu 20 Apr 2023 10:42:41 +0000
ROA not before: Thu 20 Apr 2023 10:42:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43529
IP address blocks: 79.121.64.0/21 maxlen: 21
79.121.88.0/21 maxlen: 21
46.251.16.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9e:42:5b:30:6a:73:09:9a:a6:13:e7:55:e3:ad:aa:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef0efd5de78f93bcaead15e14c006edbbd1b5955
Validity
Not Before: Apr 20 10:42:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6ffb67e90d445f831556dbecd8ca81ca9a80392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c4:bb:15:4d:8b:11:4d:a1:f4:f5:28:55:2d:
d0:98:b7:a6:18:f7:f7:cf:a3:3a:24:ed:ec:56:41:
b6:53:e3:a1:c8:26:94:e1:c4:23:22:7b:b4:d7:96:
65:c9:7d:f1:98:83:aa:94:56:2c:48:a3:70:9a:fa:
70:3d:13:06:c9:97:07:3e:f9:7d:25:01:a4:35:3d:
36:ce:35:4b:e4:1d:76:a2:2d:1f:7b:de:b0:08:1c:
7e:d2:0e:a7:c1:5c:f8:df:74:3a:f4:83:c8:0e:a8:
65:22:b1:6a:b7:aa:32:04:e0:ca:fa:94:21:db:fe:
c1:71:62:a3:eb:77:60:4b:87:c1:9a:b4:4e:ec:96:
e9:8b:4a:f0:60:77:e5:6d:32:4b:53:53:c8:3e:84:
9e:b2:a6:ea:d8:cc:d8:6a:f2:4e:7b:e8:3b:76:02:
6b:d0:8c:35:8a:86:ca:c8:1d:87:be:ab:63:48:6d:
88:50:4c:1a:46:6f:20:b7:4d:6e:0b:20:79:7f:73:
9a:b8:e7:38:c9:d4:79:fb:f2:d3:b0:8d:e6:15:15:
fa:d1:5a:00:1b:7f:cb:c7:f4:e6:d1:99:78:e6:53:
6e:3f:83:04:09:c3:cc:69:8d:c4:80:dd:2b:e7:4f:
af:ad:eb:d6:50:d6:7c:f0:86:1a:9a:a6:a4:83:eb:
18:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:FF:B6:7E:90:D4:45:F8:31:55:6D:BE:CD:8C:A8:1C:A9:A8:03:92
X509v3 Authority Key Identifier:
keyid:EF:0E:FD:5D:E7:8F:93:BC:AE:AD:15:E1:4C:00:6E:DB:BD:1B:59:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7w79XeePk7yurRXhTABu270bWVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/1v-2fpDURfgxVW2-zYyoHKmoA5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/7w79XeePk7yurRXhTABu270bWVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.16.0/20
79.121.64.0/21
79.121.88.0/21
Signature Algorithm: sha256WithRSAEncryption
ac:6b:01:1c:92:67:c9:ff:1d:96:a3:a2:ea:4a:f1:39:26:ef:
f3:9f:94:cb:99:40:fe:a8:c5:ed:6e:2c:e8:47:b5:ee:0a:8b:
a7:89:1f:08:89:36:ad:a1:a5:02:5c:41:25:e5:04:70:35:4b:
e0:da:c2:63:c2:64:58:7a:cd:13:65:b5:c9:10:a8:db:be:e5:
89:03:7a:8e:ed:b9:37:05:33:3c:2e:1d:cd:36:ee:61:89:99:
23:66:8f:4e:e6:ae:1e:1b:d3:db:3c:90:78:f3:88:41:de:ae:
22:7e:c6:22:a0:9e:a2:bc:36:0d:40:dc:ac:03:b0:21:df:59:
a8:2d:3c:05:10:b2:03:3a:c7:34:9b:c7:02:e8:f9:7e:56:de:
31:92:23:4f:c6:4c:0a:c1:cf:38:54:14:eb:49:9f:9e:bf:89:
e2:d1:82:4c:da:8b:e2:53:ed:8b:14:68:18:c0:2d:8b:40:1e:
e5:2a:01:3e:d1:a2:e8:f9:18:53:90:a5:5f:a4:be:8e:da:f8:
ee:61:27:bf:58:00:24:d6:6b:5f:5c:e2:fe:2b:da:be:40:53:
b0:b3:7d:ba:4e:c7:ca:8a:1f:ca:14:06:58:d2:62:b0:01:6f:
e8:64:44:f7:b1:1d:62:15:f2:33:26:02:f2:9b:4c:09:dd:a3:
ad:99:e8:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeeQlswanMJmqYT51XjrapzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMGVmZDVkZTc4ZjkzYmNhZWFkMTVlMTRjMDA2ZWRiYmQx
YjU5NTUwHhcNMjMwNDIwMTA0MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmZmYjY3ZTkwZDQ0NWY4MzE1NTZkYmVjZDhjYTgxY2E5YTgwMzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcS7FU2LEU2h9PUoVS3QmLemGPf3
z6M6JO3sVkG2U+OhyCaU4cQjInu015ZlyX3xmIOqlFYsSKNwmvpwPRMGyZcHPvl9
JQGkNT02zjVL5B12oi0fe96wCBx+0g6nwVz433Q69IPIDqhlIrFqt6oyBODK+pQh
2/7BcWKj63dgS4fBmrRO7Jbpi0rwYHflbTJLU1PIPoSesqbq2MzYavJOe+g7dgJr
0Iw1iobKyB2HvqtjSG2IUEwaRm8gt01uCyB5f3OauOc4ydR5+/LTsI3mFRX60VoA
G3/Lx/Tm0Zl45lNuP4MECcPMaY3EgN0r50+vrevWUNZ88IYamqakg+sYYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNb/tn6Q1EX4MVVtvs2MqBypqAOSMB8GA1UdIwQY
MBaAFO8O/V3nj5O8rq0V4UwAbtu9G1lVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3c3OVhlZVBrN3l1clJYaFRBQnUyNzBiV1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lMGY5ZTYtZDY1NS00Mzc3LThkMDkt
ZWE4NjUwOWMzYjMwLzEvMXYtMmZwRFVSZmd4VlcyLXpZeW9IS21vQTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lMGY5ZTYtZDY1NS00Mzc3LThkMDktZWE4NjUwOWMzYjMw
LzEvN3c3OVhlZVBrN3l1clJYaFRBQnUyNzBiV1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQELvsQAwQD
T3lAAwQDT3lYMA0GCSqGSIb3DQEBCwUAA4IBAQCsawEckmfJ/x2Wo6LqSvE5Ju/z
n5TLmUD+qMXtbizoR7XuCouniR8IiTatoaUCXEEl5QRwNUvg2sJjwmRYes0TZbXJ
EKjbvuWJA3qO7bk3BTM8Lh3NNu5hiZkjZo9O5q4eG9PbPJB484hB3q4ifsYioJ6i
vDYNQNysA7Ah31moLTwFELIDOsc0m8cC6Pl+Vt4xkiNPxkwKwc84VBTrSZ+ev4ni
0YJM2oviU+2LFGgYwC2LQB7lKgE+0aLo+RhTkKVfpL6O2vjuYSe/WAAk1mtfXOL+
K9q+QFOws326TsfKih/KFAZY0mKwAW/oZET3sR1iFfIzJgLym0wJ3aOtmejC
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:38:33 2025 by rpki-client