Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/N7fR-S2BgJjYFRzH6mHkwiAOlw8.roa
File: N7fR-S2BgJjYFRzH6mHkwiAOlw8.roa (raw, json)
Hash identifier: 3okFp6AGckX0fJarkv4w9HBAHVl4DAVRr7pvgZKqQro=
Subject key identifier: 37:B7:D1:F9:2D:81:80:98:D8:15:1C:C7:EA:61:E4:C2:20:0E:97:0F
Certificate issuer: /CN=7ca04cc67ef96d9022f3d0bfc51eadb4a4b63ee6
Certificate serial: 0187E3B3C9A1BB0918B1C747FE205FCD1E9A
Authority key identifier: 7C:A0:4C:C6:7E:F9:6D:90:22:F3:D0:BF:C5:1E:AD:B4:A4:B6:3E:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKBMxn75bZAi89C_xR6ttKS2PuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/N7fR-S2BgJjYFRzH6mHkwiAOlw8.roa
Signing time: Wed 03 May 2023 22:20:23 +0000
ROA not before: Wed 03 May 2023 22:20:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197792
IP address blocks: 159.255.40.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e3:b3:c9:a1:bb:09:18:b1:c7:47:fe:20:5f:cd:1e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca04cc67ef96d9022f3d0bfc51eadb4a4b63ee6
Validity
Not Before: May 3 22:20:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37b7d1f92d818098d8151cc7ea61e4c2200e970f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f7:60:f7:35:08:85:4f:41:76:90:e3:d8:ab:
66:0b:87:d0:cd:9a:40:d1:63:2f:d8:05:de:4b:f0:
af:fc:50:c7:48:1b:77:72:c5:ef:86:37:2e:ae:dd:
33:66:16:74:cc:d0:bf:d6:6a:92:af:14:b5:91:c1:
85:56:88:ae:65:88:06:18:ed:ea:11:79:63:96:99:
73:42:15:0d:74:2d:cd:67:c0:64:70:4f:7d:7e:94:
76:5d:7e:d9:13:a4:cb:1d:1a:99:6e:06:37:ff:57:
f6:fb:2a:66:6c:f2:c6:8a:4e:95:9d:47:58:2e:0a:
c5:cb:d4:15:00:a7:80:58:4d:3e:e7:a1:19:49:a9:
0d:a5:cc:03:64:7b:ab:ee:44:32:e1:db:df:47:05:
7f:d8:b6:8b:42:a5:ac:c0:d3:23:a2:a3:a8:fa:c6:
36:07:c7:9f:a2:11:7e:e8:24:2a:e7:56:2b:12:f1:
8c:0e:4f:74:b6:7c:c9:11:eb:fe:b0:79:48:77:51:
65:17:2b:e3:4e:4d:88:d9:09:a9:30:2a:af:ac:60:
dc:0d:9e:c1:9a:36:ac:ae:f8:1b:ee:20:9d:a8:f3:
9f:d1:4f:6c:d4:4a:49:d9:67:98:5c:cb:57:27:7e:
fb:0e:36:e8:30:97:29:a6:ab:12:0c:3e:8d:57:e7:
da:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:B7:D1:F9:2D:81:80:98:D8:15:1C:C7:EA:61:E4:C2:20:0E:97:0F
X509v3 Authority Key Identifier:
keyid:7C:A0:4C:C6:7E:F9:6D:90:22:F3:D0:BF:C5:1E:AD:B4:A4:B6:3E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKBMxn75bZAi89C_xR6ttKS2PuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/N7fR-S2BgJjYFRzH6mHkwiAOlw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/fKBMxn75bZAi89C_xR6ttKS2PuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.40.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:89:02:35:2f:57:0a:c5:4f:f7:cd:99:90:f5:c4:31:bb:a6:
17:bc:b6:8f:05:e4:a1:2d:1e:18:2d:48:e0:37:ce:ed:42:8c:
c1:7d:b0:be:b1:39:13:a4:17:d2:17:b7:87:24:9a:3f:27:65:
17:6b:5f:38:05:f6:2a:d4:7c:08:5e:46:dc:e1:6c:65:bb:15:
05:53:2f:b4:37:c1:fb:a0:a3:90:d3:b0:51:cb:87:6d:c8:13:
5a:7a:d8:d1:7b:48:aa:ba:c6:da:f5:bd:be:49:77:e7:e8:95:
60:50:3e:7e:b4:27:12:f8:38:1f:c5:1b:f8:3e:13:cc:17:30:
df:e8:73:b3:2c:92:b6:90:f7:88:35:5f:3d:ea:c1:a2:62:ee:
4c:57:91:bb:38:fa:a5:b6:50:22:fa:8d:39:da:ae:67:16:a5:
01:49:1c:f4:e8:b5:06:f0:fe:30:41:95:28:46:6e:72:23:bb:
27:b5:01:9c:03:0e:70:48:3d:a7:d1:c2:ca:bd:d8:ce:58:1f:
95:15:76:29:92:40:67:0a:73:9a:4b:f6:93:ea:c7:16:5b:69:
2c:8a:04:5c:63:2e:68:af:e8:f6:86:9b:b6:fa:d3:28:73:0a:
92:58:11:1d:d9:d0:14:99:3e:20:25:05:59:a0:f3:15:84:6e:
b0:68:e6:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfjs8mhuwkYscdH/iBfzR6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTA0Y2M2N2VmOTZkOTAyMmYzZDBiZmM1MWVhZGI0YTRi
NjNlZTYwHhcNMjMwNTAzMjIyMDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2I3ZDFmOTJkODE4MDk4ZDgxNTFjYzdlYTYxZTRjMjIwMGU5NzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPdg9zUIhU9BdpDj2KtmC4fQzZpA
0WMv2AXeS/Cv/FDHSBt3csXvhjcurt0zZhZ0zNC/1mqSrxS1kcGFVoiuZYgGGO3q
EXljlplzQhUNdC3NZ8BkcE99fpR2XX7ZE6TLHRqZbgY3/1f2+ypmbPLGik6VnUdY
LgrFy9QVAKeAWE0+56EZSakNpcwDZHur7kQy4dvfRwV/2LaLQqWswNMjoqOo+sY2
B8efohF+6CQq51YrEvGMDk90tnzJEev+sHlId1FlFyvjTk2I2QmpMCqvrGDcDZ7B
mjasrvgb7iCdqPOf0U9s1EpJ2WeYXMtXJ377DjboMJcppqsSDD6NV+faXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDe30fktgYCY2BUcx+ph5MIgDpcPMB8GA1UdIwQY
MBaAFHygTMZ++W2QIvPQv8UerbSktj7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktCTXhuNzViWkFpODlDX3hSNnR0S1MyUHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85Yjk0ZTItZDIxZC00ZDgxLThhZWEt
YTU1NjhlMGZiYjZkLzEvTjdmUi1TMkJnSmpZRlJ6SDZtSGt3aUFPbHc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85Yjk0ZTItZDIxZC00ZDgxLThhZWEtYTU1NjhlMGZiYjZk
LzEvZktCTXhuNzViWkFpODlDX3hSNnR0S1MyUHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDn/8oMA0G
CSqGSIb3DQEBCwUAA4IBAQBuiQI1L1cKxU/3zZmQ9cQxu6YXvLaPBeShLR4YLUjg
N87tQozBfbC+sTkTpBfSF7eHJJo/J2UXa184BfYq1HwIXkbc4WxluxUFUy+0N8H7
oKOQ07BRy4dtyBNaetjRe0iqusba9b2+SXfn6JVgUD5+tCcS+DgfxRv4PhPMFzDf
6HOzLJK2kPeINV896sGiYu5MV5G7OPqltlAi+o052q5nFqUBSRz06LUG8P4wQZUo
Rm5yI7sntQGcAw5wSD2n0cLKvdjOWB+VFXYpkkBnCnOaS/aT6scWW2ksigRcYy5o
r+j2hpu2+tMocwqSWBEd2dAUmT4gJQVZoPMVhG6waOZ8
-----END CERTIFICATE-----
Generated at Mon May 12 00:05:56 2025 by rpki-client