Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/6b850a-4f12-4206-a50f-5d58711f3662/1/7KvhoNL57Nl42KME9PdqyJCFqto.roa
File: 7KvhoNL57Nl42KME9PdqyJCFqto.roa (raw, json)
Hash identifier: k897nVY4lNIrFg3QVbtLE1NabO4lBejw4FpOyTQJMn4=
Subject key identifier: EC:AB:E1:A0:D2:F9:EC:D9:78:D8:A3:04:F4:F7:6A:C8:90:85:AA:DA
Certificate issuer: /CN=d3e8d4cb8e442ec38a6bc3fa400a2a517cee0d1e
Certificate serial: 01856F391EE502C208DFBD80D6B898905CC6
Authority key identifier: D3:E8:D4:CB:8E:44:2E:C3:8A:6B:C3:FA:40:0A:2A:51:7C:EE:0D:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-jUy45ELsOKa8P6QAoqUXzuDR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/6b850a-4f12-4206-a50f-5d58711f3662/1/7KvhoNL57Nl42KME9PdqyJCFqto.roa
Signing time: Sun 01 Jan 2023 21:24:52 +0000
ROA not before: Sun 01 Jan 2023 21:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60563
IP address blocks: 185.29.84.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:1e:e5:02:c2:08:df:bd:80:d6:b8:98:90:5c:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e8d4cb8e442ec38a6bc3fa400a2a517cee0d1e
Validity
Not Before: Jan 1 21:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecabe1a0d2f9ecd978d8a304f4f76ac89085aada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:68:96:0b:22:41:a7:8c:04:a8:f9:ba:22:05:
94:71:5c:12:33:85:c1:ae:25:7f:4d:6d:d9:77:59:
58:62:ea:cc:d6:c6:b8:df:0d:e2:49:bf:d3:6a:e4:
59:df:b1:9c:fc:c4:c6:7f:6d:44:32:ec:da:85:c7:
51:44:34:83:2b:97:4a:c8:67:a6:02:e8:1f:08:05:
f3:73:bb:12:77:21:90:47:91:65:56:de:bd:a6:89:
f2:4d:85:ec:30:e9:2e:3c:40:84:48:96:e0:92:fc:
ec:94:14:1f:1b:48:3c:eb:90:3f:6b:28:62:9c:78:
b2:8a:b7:61:f7:2c:3e:cc:f4:77:8e:38:fa:87:ee:
c3:e1:55:42:d5:60:5d:63:24:7a:b2:f5:a6:b7:5f:
60:68:dc:da:89:6b:68:08:3d:2d:5f:ba:4a:ab:f9:
ab:22:c1:c5:b2:8f:52:54:4c:d6:75:77:48:79:d8:
38:d6:c4:e2:62:89:11:57:00:81:a0:73:66:1a:c6:
b9:9b:f7:e3:01:3c:47:3a:76:e7:4f:1f:d4:4a:08:
62:fe:07:27:82:65:50:8b:5a:06:10:13:e7:68:54:
39:de:63:16:62:af:84:ea:f2:3c:74:16:8f:04:b2:
65:c2:5f:9e:ca:4e:b7:a6:2c:c8:72:7e:37:61:71:
a4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:AB:E1:A0:D2:F9:EC:D9:78:D8:A3:04:F4:F7:6A:C8:90:85:AA:DA
X509v3 Authority Key Identifier:
keyid:D3:E8:D4:CB:8E:44:2E:C3:8A:6B:C3:FA:40:0A:2A:51:7C:EE:0D:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-jUy45ELsOKa8P6QAoqUXzuDR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/6b850a-4f12-4206-a50f-5d58711f3662/1/7KvhoNL57Nl42KME9PdqyJCFqto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/6b850a-4f12-4206-a50f-5d58711f3662/1/0-jUy45ELsOKa8P6QAoqUXzuDR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.84.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:3a:47:16:9b:75:26:4a:70:da:d2:de:f7:aa:a8:82:b0:59:
d0:e4:50:66:41:18:e2:67:be:c8:74:d9:4f:95:c2:81:d2:73:
03:1a:0b:93:45:e6:4c:f9:60:19:cb:2a:c1:c1:7d:7d:9a:38:
6a:7b:c2:be:c0:7e:9a:3a:bf:2e:63:60:af:02:b2:d4:a4:91:
9d:19:9b:d8:55:56:21:56:8f:40:05:b3:f8:d3:30:3e:87:de:
ef:a9:cf:3a:ed:8f:11:34:8b:e9:6f:15:48:6f:50:87:ef:da:
b2:31:05:3c:4f:f7:7b:19:50:e2:42:09:c4:78:fd:a0:ff:47:
63:e4:ba:80:ca:a7:31:2c:7d:bf:3c:36:ee:fe:0a:ad:4e:07:
c2:03:17:3d:c8:fb:de:e1:e7:2a:5d:2f:ab:da:ee:34:0b:24:
15:0b:0d:e6:4c:bc:b7:53:8d:b8:7e:36:79:75:92:6b:f3:73:
7f:8f:ba:5b:b6:38:75:3f:74:d6:5d:cd:af:c5:a2:cb:93:5d:
fe:74:ad:d7:9c:97:a5:e6:6a:42:81:41:e1:3a:ca:f6:fa:de:
43:74:42:f2:ef:20:39:4e:a7:fe:cc:e1:34:b1:95:00:79:05:
d3:37:29:f2:bb:c4:72:d7:c5:63:4e:17:e9:7f:01:cb:9d:45:
ac:af:f3:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOR7lAsII372A1riYkFzGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZThkNGNiOGU0NDJlYzM4YTZiYzNmYTQwMGEyYTUxN2Nl
ZTBkMWUwHhcNMjMwMTAxMjEyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2FiZTFhMGQyZjllY2Q5NzhkOGEzMDRmNGY3NmFjODkwODVhYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2iWCyJBp4wEqPm6IgWUcVwSM4XB
riV/TW3Zd1lYYurM1sa43w3iSb/TauRZ37Gc/MTGf21EMuzahcdRRDSDK5dKyGem
AugfCAXzc7sSdyGQR5FlVt69ponyTYXsMOkuPECESJbgkvzslBQfG0g865A/ayhi
nHiyirdh9yw+zPR3jjj6h+7D4VVC1WBdYyR6svWmt19gaNzaiWtoCD0tX7pKq/mr
IsHFso9SVEzWdXdIedg41sTiYokRVwCBoHNmGsa5m/fjATxHOnbnTx/USghi/gcn
gmVQi1oGEBPnaFQ53mMWYq+E6vI8dBaPBLJlwl+eyk63pizIcn43YXGkYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOyr4aDS+ezZeNijBPT3asiQharaMB8GA1UdIwQY
MBaAFNPo1MuORC7DimvD+kAKKlF87g0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1qVXk0NUVMc09LYThQNlFBb3FVWHp1RFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi82Yjg1MGEtNGYxMi00MjA2LWE1MGYt
NWQ1ODcxMWYzNjYyLzEvN0t2aG9OTDU3Tmw0MktNRTlQZHF5SkNGcXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi82Yjg1MGEtNGYxMi00MjA2LWE1MGYtNWQ1ODcxMWYzNjYy
LzEvMC1qVXk0NUVMc09LYThQNlFBb3FVWHp1RFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuR1UMA0G
CSqGSIb3DQEBCwUAA4IBAQA7OkcWm3UmSnDa0t73qqiCsFnQ5FBmQRjiZ77IdNlP
lcKB0nMDGguTReZM+WAZyyrBwX19mjhqe8K+wH6aOr8uY2CvArLUpJGdGZvYVVYh
Vo9ABbP40zA+h97vqc867Y8RNIvpbxVIb1CH79qyMQU8T/d7GVDiQgnEeP2g/0dj
5LqAyqcxLH2/PDbu/gqtTgfCAxc9yPve4ecqXS+r2u40CyQVCw3mTLy3U424fjZ5
dZJr83N/j7pbtjh1P3TWXc2vxaLLk13+dK3XnJel5mpCgUHhOsr2+t5DdELy7yA5
Tqf+zOE0sZUAeQXTNynyu8Ry18VjThfpfwHLnUWsr/OG
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:05:49 2025 by rpki-client