Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/3f4e58-d58d-47de-92f7-e89fff97762c/1/7Hz79K3-cow7diyqgC83hOQxlrg.roa
File: 7Hz79K3-cow7diyqgC83hOQxlrg.roa (raw, json)
Hash identifier: tol9Gz13RA0NZRVggHtdgMwZJHfvYXc5jQ6LEJTVvyU=
Subject key identifier: EC:7C:FB:F4:AD:FE:72:8C:3B:76:2C:AA:80:2F:37:84:E4:31:96:B8
Certificate issuer: /CN=b1b5ab262ff281556743318f78ceaeb49f8bd1be
Certificate serial: 01857255802476F21F5AA4FA61CE739CB250
Authority key identifier: B1:B5:AB:26:2F:F2:81:55:67:43:31:8F:78:CE:AE:B4:9F:8B:D1:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sbWrJi_ygVVnQzGPeM6utJ-L0b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/3f4e58-d58d-47de-92f7-e89fff97762c/1/7Hz79K3-cow7diyqgC83hOQxlrg.roa
Signing time: Mon 02 Jan 2023 11:54:44 +0000
ROA not before: Mon 02 Jan 2023 11:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200183
IP address blocks: 185.28.78.0/24 maxlen: 24
185.28.77.0/24 maxlen: 24
185.28.76.0/24 maxlen: 24
185.28.79.0/24 maxlen: 24
2a02:ce80:2::/48 maxlen: 48
2a02:ce80::/48 maxlen: 48
2a02:ce80:3::/48 maxlen: 48
2a02:ce80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:80:24:76:f2:1f:5a:a4:fa:61:ce:73:9c:b2:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1b5ab262ff281556743318f78ceaeb49f8bd1be
Validity
Not Before: Jan 2 11:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec7cfbf4adfe728c3b762caa802f3784e43196b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d9:2a:78:b4:56:9b:c7:0d:fd:86:0e:5f:68:
d5:8a:4b:f2:73:bb:27:ee:56:36:1e:25:26:e6:2b:
62:41:5c:30:80:2c:46:1f:19:3e:ec:cb:7e:b2:c7:
78:33:97:c0:07:7b:e4:b9:57:b9:61:8e:71:92:43:
bd:66:c4:d5:fa:c6:97:88:d9:7c:c3:14:dc:1a:aa:
31:16:2c:b4:d8:3f:64:be:88:ad:77:19:cd:e9:75:
d5:1e:23:f5:8b:e7:35:30:ee:96:78:78:55:67:b9:
60:a9:98:17:d7:c4:7a:0e:ef:61:b6:2f:9e:2e:ac:
a9:d8:3c:7d:56:cd:00:c1:75:8d:36:c1:8a:19:ba:
e2:2b:ca:46:4c:c3:c0:92:08:31:65:65:a4:5a:1c:
0c:39:e4:3f:01:e2:99:bb:ef:70:70:d4:e0:19:86:
eb:a5:7d:69:c2:03:d2:91:47:ff:27:15:67:dc:45:
f7:cc:6b:7e:92:58:91:39:80:87:18:cb:ec:d9:49:
9c:c1:d8:9f:89:9b:b2:96:4f:b7:db:0e:86:06:f0:
e6:dc:20:0a:77:fa:3f:10:0d:b9:2c:b7:1a:b1:57:
28:88:b3:f4:97:bf:1b:a3:d1:fc:2c:8b:b2:dd:76:
7e:14:dc:1e:31:98:1d:72:46:fd:f1:bd:c2:8c:94:
79:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:7C:FB:F4:AD:FE:72:8C:3B:76:2C:AA:80:2F:37:84:E4:31:96:B8
X509v3 Authority Key Identifier:
keyid:B1:B5:AB:26:2F:F2:81:55:67:43:31:8F:78:CE:AE:B4:9F:8B:D1:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbWrJi_ygVVnQzGPeM6utJ-L0b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/3f4e58-d58d-47de-92f7-e89fff97762c/1/7Hz79K3-cow7diyqgC83hOQxlrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/3f4e58-d58d-47de-92f7-e89fff97762c/1/sbWrJi_ygVVnQzGPeM6utJ-L0b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.76.0/22
IPv6:
2a02:ce80::/46
Signature Algorithm: sha256WithRSAEncryption
81:7c:dc:43:af:d5:37:0d:ed:c4:31:8a:5a:b4:f3:22:56:0d:
75:42:c3:e5:f6:4e:b8:c0:20:28:af:d8:2c:eb:77:75:ba:17:
f9:8b:bc:b0:e6:0c:64:9e:f5:21:9d:82:26:42:5e:f4:49:07:
37:5a:59:a2:ad:ae:ae:0f:c5:03:c3:e7:89:13:b8:0a:dd:c8:
03:ba:cc:99:f7:a9:86:39:16:ae:24:0e:52:2d:2c:3b:3e:90:
34:9d:34:82:db:0a:8d:c9:87:1d:1c:fc:69:a1:b9:a5:ba:9f:
8f:9d:7e:ec:d2:71:e1:fe:76:fe:21:69:ec:e6:81:cd:24:88:
2c:0c:55:24:43:cf:ed:31:03:2d:61:73:20:b9:44:f3:ab:53:
0f:9d:c4:01:d0:67:ab:8b:d1:c6:c2:f1:a2:1e:18:46:7b:88:
c7:a1:46:b8:eb:ad:c8:e8:22:43:5a:c9:60:36:dd:01:80:de:
c3:3d:46:ca:8c:38:0f:94:0b:ed:32:71:77:57:b1:dc:cb:80:
e3:bd:83:62:ea:06:7b:e5:6e:c1:2c:fa:0a:2b:51:9b:5b:f0:
cd:56:19:2a:0d:af:94:a4:2c:a3:ed:6a:4f:e4:f5:73:67:31:
b5:3f:17:04:ac:c4:23:87:88:9b:0a:f4:3d:8e:b5:59:53:42:
41:78:d5:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyVYAkdvIfWqT6Yc5znLJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYjVhYjI2MmZmMjgxNTU2NzQzMzE4Zjc4Y2VhZWI0OWY4
YmQxYmUwHhcNMjMwMTAyMTE1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzdjZmJmNGFkZmU3MjhjM2I3NjJjYWE4MDJmMzc4NGU0MzE5NmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNkqeLRWm8cN/YYOX2jVikvyc7sn
7lY2HiUm5itiQVwwgCxGHxk+7Mt+ssd4M5fAB3vkuVe5YY5xkkO9ZsTV+saXiNl8
wxTcGqoxFiy02D9kvoitdxnN6XXVHiP1i+c1MO6WeHhVZ7lgqZgX18R6Du9hti+e
Lqyp2Dx9Vs0AwXWNNsGKGbriK8pGTMPAkggxZWWkWhwMOeQ/AeKZu+9wcNTgGYbr
pX1pwgPSkUf/JxVn3EX3zGt+kliROYCHGMvs2UmcwdifiZuylk+32w6GBvDm3CAK
d/o/EA25LLcasVcoiLP0l78bo9H8LIuy3XZ+FNweMZgdckb98b3CjJR5twIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOx8+/St/nKMO3YsqoAvN4TkMZa4MB8GA1UdIwQY
MBaAFLG1qyYv8oFVZ0Mxj3jOrrSfi9G+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2JXckppX3lnVlZuUXpHUGVNNnV0Si1MMGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8zZjRlNTgtZDU4ZC00N2RlLTkyZjct
ZTg5ZmZmOTc3NjJjLzEvN0h6NzlLMy1jb3c3ZGl5cWdDODNoT1F4bHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8zZjRlNTgtZDU4ZC00N2RlLTkyZjctZTg5ZmZmOTc3NjJj
LzEvc2JXckppX3lnVlZuUXpHUGVNNnV0Si1MMGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuRxMMA8E
AgACMAkDBwIqAs6AAAAwDQYJKoZIhvcNAQELBQADggEBAIF83EOv1TcN7cQxilq0
8yJWDXVCw+X2TrjAICiv2Czrd3W6F/mLvLDmDGSe9SGdgiZCXvRJBzdaWaKtrq4P
xQPD54kTuArdyAO6zJn3qYY5Fq4kDlItLDs+kDSdNILbCo3Jhx0c/GmhuaW6n4+d
fuzSceH+dv4haezmgc0kiCwMVSRDz+0xAy1hcyC5RPOrUw+dxAHQZ6uL0cbC8aIe
GEZ7iMehRrjrrcjoIkNayWA23QGA3sM9RsqMOA+UC+0ycXdXsdzLgOO9g2LqBnvl
bsEs+gorUZtb8M1WGSoNr5SkLKPtak/k9XNnMbU/FwSsxCOHiJsK9D2OtVlTQkF4
1Zc=
-----END CERTIFICATE-----
Generated at Tue Apr 29 00:17:57 2025 by rpki-client