Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/cpsi7GvaCvVJGj6GswrbwMKktIE.roa
File: cpsi7GvaCvVJGj6GswrbwMKktIE.roa (raw, json)
Hash identifier: DOWPk7sdSk8CwbgRBkfqkxVCHn7HrhKlQ46JCvUAAZg=
Subject key identifier: 72:9B:22:EC:6B:DA:0A:F5:49:1A:3E:86:B3:0A:DB:C0:C2:A4:B4:81
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 01865F1158BDA6A87A1EE4CCABE017403839
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/cpsi7GvaCvVJGj6GswrbwMKktIE.roa
Signing time: Fri 17 Feb 2023 11:10:17 +0000
ROA not before: Fri 17 Feb 2023 11:10:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207021
IP address blocks: 2001:678:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:11:58:bd:a6:a8:7a:1e:e4:cc:ab:e0:17:40:38:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Feb 17 11:10:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=729b22ec6bda0af5491a3e86b30adbc0c2a4b481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3d:37:8a:16:45:7c:1a:aa:09:c5:d7:7f:78:
57:32:62:c2:58:1a:c1:78:37:0e:01:2e:66:19:71:
e5:8f:ea:ac:07:46:24:a4:15:5e:37:2e:3e:0f:c3:
bf:26:01:a8:8d:85:72:97:7c:41:52:0b:60:11:3f:
cb:ab:44:98:b7:c3:97:a0:02:50:23:6e:d5:19:49:
c9:ba:7c:ea:55:bf:1c:29:1c:74:6e:d0:27:5f:f5:
d3:42:10:0a:18:4c:ae:9d:0f:a9:39:c5:73:ec:9c:
2d:3c:cb:09:cb:bd:3a:96:1e:28:bd:84:17:e5:18:
07:87:22:67:1e:a9:4f:6f:49:3c:6b:96:7b:c6:3a:
ff:62:31:b2:a9:d7:71:b3:5f:87:1d:0d:ac:3d:24:
b7:71:ed:dc:6f:60:78:d6:3f:e0:93:57:af:77:32:
b6:63:6e:a3:c2:af:2a:45:02:b2:b6:4e:11:e6:26:
1d:6a:7e:09:3e:ed:5b:93:e8:5d:a4:7b:38:47:81:
73:a1:6d:ce:ff:60:4d:0b:3b:16:6f:b0:ef:2d:81:
28:1a:82:ac:56:ae:d1:64:ef:ce:a2:44:42:42:52:
a7:2e:a2:e5:bf:89:76:9b:70:a9:c7:5b:42:0a:9a:
aa:01:2a:a6:f0:d4:66:ec:d8:f8:b1:c0:a6:fb:b9:
0b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:9B:22:EC:6B:DA:0A:F5:49:1A:3E:86:B3:0A:DB:C0:C2:A4:B4:81
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/cpsi7GvaCvVJGj6GswrbwMKktIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:20::/48
Signature Algorithm: sha256WithRSAEncryption
7d:44:8a:7f:ab:8d:0e:44:8d:24:ce:6a:20:d6:75:74:07:38:
cd:16:c2:31:0e:89:37:3a:a3:13:c3:6c:d8:b3:a9:0e:62:fe:
35:a3:0d:f8:05:95:b7:a3:b8:da:b8:67:45:fe:5f:a2:bc:2d:
28:f7:f3:62:9d:f5:98:68:6a:bf:f8:54:8a:62:ea:cf:af:f4:
8e:13:ed:81:3e:52:52:97:22:10:11:2d:34:32:e7:f7:14:86:
10:ae:03:e3:12:70:25:79:ba:83:d2:ed:a5:38:7a:f1:01:80:
24:ed:10:1c:1f:c8:18:8c:1c:3d:42:3e:41:59:10:f5:36:03:
81:61:4e:70:d1:6b:e6:57:e7:db:48:0e:83:ad:ed:61:86:82:
60:32:71:e3:e4:d3:08:7c:e8:94:c8:11:42:36:6e:f9:cd:f6:
56:fc:0f:56:71:6d:14:9f:bd:93:40:8f:08:a0:5d:9b:72:ba:
47:d6:cf:42:20:93:2e:37:03:dc:e7:3d:7c:99:44:cb:10:fd:
99:1d:84:60:88:46:f6:ab:1a:fc:f4:e9:9d:82:0c:1f:ac:d1:
2c:a8:f8:97:55:42:09:99:52:ae:86:3e:ae:25:f0:56:a7:50:
13:ce:f9:37:91:f9:d1:28:ba:62:a7:c5:cf:d3:3d:9f:b7:5e:
a6:ed:60:1c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYZfEVi9pqh6HuTMq+AXQDg5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjMwMjE3MTExMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjliMjJlYzZiZGEwYWY1NDkxYTNlODZiMzBhZGJjMGMyYTRiNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj03ihZFfBqqCcXXf3hXMmLCWBrB
eDcOAS5mGXHlj+qsB0YkpBVeNy4+D8O/JgGojYVyl3xBUgtgET/Lq0SYt8OXoAJQ
I27VGUnJunzqVb8cKRx0btAnX/XTQhAKGEyunQ+pOcVz7JwtPMsJy706lh4ovYQX
5RgHhyJnHqlPb0k8a5Z7xjr/YjGyqddxs1+HHQ2sPSS3ce3cb2B41j/gk1evdzK2
Y26jwq8qRQKytk4R5iYdan4JPu1bk+hdpHs4R4FzoW3O/2BNCzsWb7DvLYEoGoKs
Vq7RZO/OokRCQlKnLqLlv4l2m3Cpx1tCCpqqASqm8NRm7Nj4scCm+7kLdQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHKbIuxr2gr1SRo+hrMK28DCpLSBMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvY3BzaTdHdmFDdlZKR2o2R3N3cmJ3TUtrdElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAAg
MA0GCSqGSIb3DQEBCwUAA4IBAQB9RIp/q40ORI0kzmog1nV0BzjNFsIxDok3OqMT
w2zYs6kOYv41ow34BZW3o7jauGdF/l+ivC0o9/NinfWYaGq/+FSKYurPr/SOE+2B
PlJSlyIQES00Muf3FIYQrgPjEnAlebqD0u2lOHrxAYAk7RAcH8gYjBw9Qj5BWRD1
NgOBYU5w0WvmV+fbSA6Dre1hhoJgMnHj5NMIfOiUyBFCNm75zfZW/A9WcW0Un72T
QI8IoF2bcrpH1s9CIJMuNwPc5z18mUTLEP2ZHYRgiEb2qxr89OmdggwfrNEsqPiX
VUIJmVKuhj6uJfBWp1ATzvk3kfnRKLpip8XP0z2ft16m7WAc
-----END CERTIFICATE-----
Generated at Wed May 14 11:27:32 2025 by rpki-client