Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/6JAQtAqMHxcqCW2uy17Y-h4rZZ8.roa
File: 6JAQtAqMHxcqCW2uy17Y-h4rZZ8.roa (raw, json)
Hash identifier: NP2+Cn33EJVDjv81cWeqDwP43gpkpxnE4Fqj2v5/ON4=
Subject key identifier: E8:90:10:B4:0A:8C:1F:17:2A:09:6D:AE:CB:5E:D8:FA:1E:2B:65:9F
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 018B4753F5A9F2A7CA179E9F294081FB5637
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/6JAQtAqMHxcqCW2uy17Y-h4rZZ8.roa
Signing time: Thu 19 Oct 2023 09:46:06 +0000
ROA not before: Thu 19 Oct 2023 09:46:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198710
IP address blocks: 81.209.132.0/24 maxlen: 24
81.209.151.0/24 maxlen: 24
81.209.159.0/24 maxlen: 24
81.209.154.0/23 maxlen: 24
83.125.106.0/23 maxlen: 23
83.125.108.0/24 maxlen: 24
80.86.180.0/24 maxlen: 24
80.86.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:53:f5:a9:f2:a7:ca:17:9e:9f:29:40:81:fb:56:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Oct 19 09:46:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e89010b40a8c1f172a096daecb5ed8fa1e2b659f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:19:cb:5a:b3:22:2e:a2:37:b2:c4:56:02:96:
05:c1:a8:0d:88:57:fb:ad:de:e1:9b:7f:f5:55:0b:
14:e5:de:86:34:00:82:33:6a:cc:be:6d:90:8e:2d:
4c:df:c5:f8:54:6d:36:36:f4:9b:7e:be:c5:d6:59:
ac:5d:3f:47:0f:8a:eb:30:6d:6b:59:d5:29:46:61:
6f:f8:2b:65:62:1a:e9:6b:8a:8b:d2:5c:ac:3f:f9:
5d:7c:78:62:67:5b:8c:c6:85:8d:24:1e:95:bf:4d:
76:f4:f2:33:b6:81:5e:01:81:c1:ce:e7:89:06:14:
f8:86:62:9d:c2:33:0a:dc:9d:fb:7d:11:85:29:e5:
f2:02:e0:b8:01:03:e8:6a:05:9f:66:ba:c6:ff:dd:
49:ee:2b:50:90:bd:82:4c:c5:6f:03:ca:60:b7:35:
cd:55:7a:0b:4f:53:f6:31:ab:07:f7:9f:74:32:3d:
23:6b:03:0a:38:fb:32:36:53:b6:3b:8f:eb:ab:01:
c4:3b:b8:ad:fc:cd:f0:8d:ef:2d:15:8b:fb:f8:83:
df:ef:59:a1:8c:9d:f0:28:cc:17:b9:ed:8b:8b:75:
93:53:39:49:8a:fa:f6:a8:47:97:18:84:42:21:36:
21:66:95:4b:58:6c:1f:95:cb:6e:03:87:42:91:a4:
c9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:90:10:B4:0A:8C:1F:17:2A:09:6D:AE:CB:5E:D8:FA:1E:2B:65:9F
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/6JAQtAqMHxcqCW2uy17Y-h4rZZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.180.0/24
80.86.186.0/24
81.209.132.0/24
81.209.151.0/24
81.209.154.0/23
81.209.159.0/24
83.125.106.0-83.125.108.255
Signature Algorithm: sha256WithRSAEncryption
48:2b:30:20:55:1d:c3:57:2a:c2:a0:a3:57:8a:29:f0:8f:0b:
be:e8:23:12:1b:28:d7:e5:66:31:80:2d:11:08:88:f6:0f:5d:
e1:e7:26:b6:a2:ec:41:6b:39:e9:a3:c7:75:62:84:69:86:f8:
eb:fd:0c:d1:f2:e5:75:51:51:c4:23:f1:26:1a:2d:3c:ad:5b:
cc:2e:68:b5:db:25:6f:13:d6:da:d2:b9:40:b5:8d:a0:e0:cf:
b9:07:bb:cc:ea:37:7e:5b:73:00:aa:49:d2:8a:41:97:d8:52:
ec:43:6c:05:fb:71:9f:37:84:a9:fa:ce:ed:83:40:d4:e7:b2:
d2:4e:0a:03:5b:43:42:4d:98:4a:49:20:ec:49:f1:c1:fd:b0:
7c:e4:27:08:c2:db:bc:6d:59:01:39:d5:e2:6a:3a:14:8e:c9:
61:bf:bb:65:75:38:41:41:d7:23:90:ed:90:d3:6d:31:8b:f8:
e8:c6:f7:3a:31:07:5f:a3:f0:fb:f3:9e:6b:69:57:35:b7:8b:
e1:62:ee:f1:82:67:2a:7e:80:08:eb:c6:cc:8b:7f:1e:89:ce:
80:4b:29:e6:ab:74:59:75:90:4c:f7:8e:3d:68:aa:d0:f3:36:
a0:44:e9:a7:a7:0b:83:4a:02:f9:76:4d:cf:f9:fd:05:63:d4:
89:89:e8:8e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYtHU/Wp8qfKF56fKUCB+1Y3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjMxMDE5MDk0NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODkwMTBiNDBhOGMxZjE3MmEwOTZkYWVjYjVlZDhmYTFlMmI2NTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRnLWrMiLqI3ssRWApYFwagNiFf7
rd7hm3/1VQsU5d6GNACCM2rMvm2Qji1M38X4VG02NvSbfr7F1lmsXT9HD4rrMG1r
WdUpRmFv+CtlYhrpa4qL0lysP/ldfHhiZ1uMxoWNJB6Vv0129PIztoFeAYHBzueJ
BhT4hmKdwjMK3J37fRGFKeXyAuC4AQPoagWfZrrG/91J7itQkL2CTMVvA8pgtzXN
VXoLT1P2MasH9590Mj0jawMKOPsyNlO2O4/rqwHEO7it/M3wje8tFYv7+IPf71mh
jJ3wKMwXue2Li3WTUzlJivr2qEeXGIRCITYhZpVLWGwflctuA4dCkaTJaQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOiQELQKjB8XKgltrste2PoeK2WfMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvNkpBUXRBcU1IeGNxQ1cydXkxN1ktaDRyWlo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAUFa0AwQA
UFa6AwQAUdGEAwQAUdGXAwQBUdGaAwQAUdGfMAwDBAFTfWoDBABTfWwwDQYJKoZI
hvcNAQELBQADggEBAEgrMCBVHcNXKsKgo1eKKfCPC77oIxIbKNflZjGALREIiPYP
XeHnJrai7EFrOemjx3VihGmG+Ov9DNHy5XVRUcQj8SYaLTytW8wuaLXbJW8T1trS
uUC1jaDgz7kHu8zqN35bcwCqSdKKQZfYUuxDbAX7cZ83hKn6zu2DQNTnstJOCgNb
Q0JNmEpJIOxJ8cH9sHzkJwjC27xtWQE51eJqOhSOyWG/u2V1OEFB1yOQ7ZDTbTGL
+OjG9zoxB1+j8PvznmtpVzW3i+Fi7vGCZyp+gAjrxsyLfx6JzoBLKeardFl1kEz3
jj1oqtDzNqBE6aenC4NKAvl2Tc/5/QVj1ImJ6I4=
-----END CERTIFICATE-----
Generated at Wed Apr 16 14:16:24 2025 by rpki-client