Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/m7ySG26pzXvRQg5iUQkCA81Sbvc.roa
File: m7ySG26pzXvRQg5iUQkCA81Sbvc.roa (raw, json)
Hash identifier: ru94t6KJf9yeK9s2PK9ZnqGsUB+zSay0DY+16QXveLs=
Subject key identifier: 9B:BC:92:1B:6E:A9:CD:7B:D1:42:0E:62:51:09:02:03:CD:52:6E:F7
Certificate issuer: /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial: 0185C0C64D088FD88CA25A676E999D0436CD
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/m7ySG26pzXvRQg5iUQkCA81Sbvc.roa
Signing time: Tue 17 Jan 2023 17:28:19 +0000
ROA not before: Tue 17 Jan 2023 17:28:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42846
IP address blocks: 104.247.162.0/24 maxlen: 24
104.247.161.0/24 maxlen: 24
104.247.160.0/24 maxlen: 24
104.247.165.0/24 maxlen: 24
104.247.164.0/24 maxlen: 24
104.247.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c0:c6:4d:08:8f:d8:8c:a2:5a:67:6e:99:9d:04:36:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Validity
Not Before: Jan 17 17:28:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bbc921b6ea9cd7bd1420e6251090203cd526ef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8f:f0:df:c7:7d:1b:00:a3:07:91:34:a0:3e:
11:6a:91:f6:68:4f:99:4c:03:46:d4:07:f9:13:c6:
06:46:c6:f3:c7:6b:e3:21:62:ec:33:4a:71:f7:5c:
11:a0:d7:6c:61:44:7c:f2:53:57:67:04:3b:7c:01:
64:43:0e:7d:c4:58:5a:9b:7b:32:5a:6c:34:83:49:
d4:19:49:b4:18:16:0d:1d:9c:e9:52:59:d0:bb:d7:
2f:58:19:79:35:9f:05:f6:10:ce:3c:4a:de:e0:25:
21:3a:75:b9:c3:60:3d:95:59:12:46:0c:4a:9c:cb:
15:2e:e7:b8:26:30:90:c6:58:eb:c1:7b:9f:2f:03:
e7:73:ac:7e:c9:68:27:a7:6c:57:8c:5a:4e:7c:43:
f8:4b:de:c1:da:00:8c:ad:7e:c3:b8:cf:ce:ff:e0:
8b:5c:09:27:fd:78:68:da:5f:84:ff:d9:4c:1f:15:
32:a6:da:7d:c2:05:a0:7b:e6:bc:5d:7f:fa:c2:fe:
6f:b1:4f:94:de:e5:81:61:b6:6c:9a:61:a4:3e:67:
73:f2:c6:e8:91:f5:b9:fc:f4:35:57:27:cb:00:ff:
65:0c:b4:dc:10:df:0a:3d:99:7e:61:79:b1:7a:85:
b6:b6:32:f9:35:10:89:c5:fc:a5:5c:6e:5f:a6:5a:
af:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:BC:92:1B:6E:A9:CD:7B:D1:42:0E:62:51:09:02:03:CD:52:6E:F7
X509v3 Authority Key Identifier:
keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/m7ySG26pzXvRQg5iUQkCA81Sbvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.247.160.0-104.247.165.255
Signature Algorithm: sha256WithRSAEncryption
8b:89:0d:0d:dd:96:67:df:e1:0b:10:55:56:c6:1f:53:3f:9d:
9c:37:c4:b0:1d:89:a1:43:12:d3:4b:11:c0:9e:36:2e:7f:17:
10:78:85:1f:09:b6:7f:62:f7:5e:4a:8d:15:5c:ce:78:14:95:
f4:4c:48:31:f4:13:d6:49:9f:fa:55:99:1b:e1:e4:e4:b2:0f:
5f:ce:30:9c:27:14:15:7e:bb:07:7e:3b:1f:e3:52:c4:ee:51:
55:93:5a:d3:b5:bf:28:06:82:0a:16:94:92:dc:65:0e:5b:25:
8a:63:51:7c:fd:41:06:78:d9:ff:76:e9:d1:9d:3b:87:53:13:
5b:d4:b6:7a:dd:b4:4e:d7:79:84:0b:07:0c:94:63:60:86:d3:
70:66:b6:a0:fa:77:9b:6b:26:be:6f:d9:da:09:77:a6:c6:36:
9f:74:37:8e:47:28:89:8d:21:a4:a0:7b:a8:9b:83:72:3d:7a:
65:a7:c9:74:a2:2a:3b:09:f1:a4:59:28:a5:7c:08:28:8e:7a:
76:a9:55:eb:c0:50:9d:d9:54:39:e7:9a:f0:84:d9:89:c1:e7:
34:91:d0:82:f0:71:f7:fa:87:a6:f9:5c:fd:1d:fd:c5:3c:07:
e6:58:1c:c3:0e:e9:ed:c1:bf:d5:89:00:72:eb:0d:ed:ad:44:
70:86:9c:cf
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYXAxk0Ij9iMolpnbpmdBDbNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjMwMTE3MTcyODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmJjOTIxYjZlYTljZDdiZDE0MjBlNjI1MTA5MDIwM2NkNTI2ZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI/w38d9GwCjB5E0oD4RapH2aE+Z
TANG1Af5E8YGRsbzx2vjIWLsM0px91wRoNdsYUR88lNXZwQ7fAFkQw59xFham3sy
Wmw0g0nUGUm0GBYNHZzpUlnQu9cvWBl5NZ8F9hDOPEre4CUhOnW5w2A9lVkSRgxK
nMsVLue4JjCQxljrwXufLwPnc6x+yWgnp2xXjFpOfEP4S97B2gCMrX7DuM/O/+CL
XAkn/Xho2l+E/9lMHxUyptp9wgWge+a8XX/6wv5vsU+U3uWBYbZsmmGkPmdz8sbo
kfW5/PQ1VyfLAP9lDLTcEN8KPZl+YXmxeoW2tjL5NRCJxfylXG5fplqvlwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJu8khtuqc170UIOYlEJAgPNUm73MB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvbTd5U0cyNnB6WHZSUWc1aVVRa0NBODFTYnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVo96AD
BAFo96QwDQYJKoZIhvcNAQELBQADggEBAIuJDQ3dlmff4QsQVVbGH1M/nZw3xLAd
iaFDEtNLEcCeNi5/FxB4hR8Jtn9i915KjRVczngUlfRMSDH0E9ZJn/pVmRvh5OSy
D1/OMJwnFBV+uwd+Ox/jUsTuUVWTWtO1vygGggoWlJLcZQ5bJYpjUXz9QQZ42f92
6dGdO4dTE1vUtnrdtE7XeYQLBwyUY2CG03BmtqD6d5trJr5v2doJd6bGNp90N45H
KImNIaSge6ibg3I9emWnyXSiKjsJ8aRZKKV8CCiOenapVevAUJ3ZVDnnmvCE2YnB
5zSR0ILwcff6h6b5XP0d/cU8B+ZYHMMO6e3Bv9WJAHLrDe2tRHCGnM8=
-----END CERTIFICATE-----
Generated at Sat May 10 21:20:05 2025 by rpki-client