Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Rnj8re-B5qGXM8k7al3kCcAjRt8.roa
File: Rnj8re-B5qGXM8k7al3kCcAjRt8.roa (raw, json)
Hash identifier: r0vhPpK6ck3dEUbtr2HbALZ4MsFAE7FpPSinpqhg93Y=
Subject key identifier: 46:78:FC:AD:EF:81:E6:A1:97:33:C9:3B:6A:5D:E4:09:C0:23:46:DF
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018BADF6D9512DEA17BDAE31D2F90A5CB208
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Rnj8re-B5qGXM8k7al3kCcAjRt8.roa
Signing time: Wed 08 Nov 2023 08:05:17 +0000
ROA not before: Wed 08 Nov 2023 08:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210423
IP address blocks: 217.61.81.0/24 maxlen: 24
84.236.234.0/23 maxlen: 23
95.178.112.0/22 maxlen: 22
84.232.35.0/24 maxlen: 24
94.24.46.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ad:f6:d9:51:2d:ea:17:bd:ae:31:d2:f9:0a:5c:b2:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Nov 8 08:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4678fcadef81e6a19733c93b6a5de409c02346df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2d:3f:e3:68:19:f1:48:bc:22:b6:c5:11:10:
4d:52:d7:9a:5d:5d:11:86:49:f2:ce:b9:6f:8e:bc:
62:5c:7b:83:30:ea:96:66:c2:a0:22:9d:64:9a:75:
df:32:a1:d7:05:71:65:ea:6b:1d:11:8e:57:60:7e:
93:74:f8:58:3d:b7:9a:7e:63:a1:d6:22:39:33:dc:
bb:c5:42:ee:cf:b5:ea:1b:85:ce:9f:57:0f:b1:d1:
fe:a7:9b:dd:e0:70:31:9c:c1:a6:9e:58:e2:cd:05:
e5:79:79:b3:ef:8d:20:34:95:9d:d6:f3:41:4d:55:
c0:be:7c:bf:99:84:fd:a7:80:a2:a9:de:0f:9f:3f:
d7:d4:c1:79:a9:09:d9:c5:d7:76:13:be:c4:e4:6c:
09:c1:cf:b0:68:6a:08:1e:f5:18:e4:10:cf:50:b9:
88:1b:41:80:ad:07:7d:0b:75:bd:c0:57:8b:1e:38:
e7:13:07:64:a1:b7:a0:62:dd:1a:07:f8:8c:62:38:
eb:f6:18:a6:16:6c:82:25:84:f7:c5:94:30:6d:75:
e1:ec:8b:1c:3f:d3:6d:d9:9f:59:81:07:4e:91:3b:
93:8d:e0:c4:27:20:4b:54:0f:3c:05:f2:62:ac:46:
f5:fc:c1:27:88:a1:2c:4f:d8:f5:69:53:ae:1f:ed:
52:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:78:FC:AD:EF:81:E6:A1:97:33:C9:3B:6A:5D:E4:09:C0:23:46:DF
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Rnj8re-B5qGXM8k7al3kCcAjRt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.35.0/24
84.236.234.0/23
94.24.46.0/23
95.178.112.0/22
217.61.81.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:49:b4:f5:54:08:9d:4c:30:12:99:a8:0c:eb:94:3f:4e:66:
7a:76:7e:cf:db:e4:77:9a:2b:71:ec:1c:43:32:68:24:d0:1a:
6b:d0:5d:bf:f2:bf:be:78:c8:fb:45:1f:61:20:8c:2c:c0:c5:
9d:5c:1a:50:c3:e0:38:b4:25:c5:59:10:fd:98:e7:23:08:f6:
9e:a8:de:13:0b:79:83:e5:96:86:aa:fd:8d:ed:89:14:8b:32:
df:59:57:13:70:ca:bd:75:ed:5a:23:41:73:f4:17:3d:4a:c6:
b2:a5:06:36:70:d1:48:08:dc:10:78:13:c8:a9:8f:27:13:da:
51:59:c0:06:bb:f0:d9:b7:f3:aa:a1:2c:8c:70:85:69:e7:2b:
0b:99:9a:be:fd:fd:c0:59:69:cf:d0:ce:4c:7b:f9:79:c6:f4:
30:3a:71:8f:a7:98:94:6e:57:b1:8e:3b:f7:f3:ca:32:15:3f:
ad:72:94:d7:83:31:ae:24:20:4a:a2:4f:4a:d7:27:20:bd:c2:
1e:91:b6:78:ca:6e:b2:da:90:32:8d:38:e6:cc:30:01:48:dd:
b1:7b:d1:8c:ca:ea:e3:34:77:27:ff:28:2b:92:0a:c1:4a:03:
11:90:4d:9b:97:31:af:87:f8:05:ff:d0:f5:be:27:3f:37:73:
a3:38:b1:0c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYut9tlRLeoXva4x0vkKXLIIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMxMTA4MDgwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njc4ZmNhZGVmODFlNmExOTczM2M5M2I2YTVkZTQwOWMwMjM0NmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3y0/42gZ8Ui8IrbFERBNUteaXV0R
hknyzrlvjrxiXHuDMOqWZsKgIp1kmnXfMqHXBXFl6msdEY5XYH6TdPhYPbeafmOh
1iI5M9y7xULuz7XqG4XOn1cPsdH+p5vd4HAxnMGmnljizQXleXmz740gNJWd1vNB
TVXAvny/mYT9p4Ciqd4Pnz/X1MF5qQnZxdd2E77E5GwJwc+waGoIHvUY5BDPULmI
G0GArQd9C3W9wFeLHjjnEwdkobegYt0aB/iMYjjr9himFmyCJYT3xZQwbXXh7Isc
P9Nt2Z9ZgQdOkTuTjeDEJyBLVA88BfJirEb1/MEniKEsT9j1aVOuH+1SWQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEZ4/K3vgeahlzPJO2pd5AnAI0bfMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvUm5qOHJlLUI1cUdYTThrN2FsM2tDY0FqUnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVOgjAwQB
VOzqAwQBXhguAwQCX7JwAwQA2T1RMA0GCSqGSIb3DQEBCwUAA4IBAQCfSbT1VAid
TDASmagM65Q/TmZ6dn7P2+R3mitx7BxDMmgk0Bpr0F2/8r++eMj7RR9hIIwswMWd
XBpQw+A4tCXFWRD9mOcjCPaeqN4TC3mD5ZaGqv2N7YkUizLfWVcTcMq9de1aI0Fz
9Bc9SsaypQY2cNFICNwQeBPIqY8nE9pRWcAGu/DZt/OqoSyMcIVp5ysLmZq+/f3A
WWnP0M5Me/l5xvQwOnGPp5iUblexjjv388oyFT+tcpTXgzGuJCBKok9K1ycgvcIe
kbZ4ym6y2pAyjTjmzDABSN2xe9GMyurjNHcn/ygrkgrBSgMRkE2blzGvh/gF/9D1
vic/N3OjOLEM
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:38:34 2025 by rpki-client