Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/nL3rKxHoI28Tm0NBC5u8sqdVVM4.roa
File: nL3rKxHoI28Tm0NBC5u8sqdVVM4.roa (raw, json)
Hash identifier: FBYF+/r7+9ZaGDLegt5qx/kXWRppz7xvW/FPKCe974M=
Subject key identifier: 9C:BD:EB:2B:11:E8:23:6F:13:9B:43:41:0B:9B:BC:B2:A7:55:54:CE
Certificate issuer: /CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Certificate serial: 018BEBF67CAAF0553386670E175C9C86BD5A
Authority key identifier: 70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/nL3rKxHoI28Tm0NBC5u8sqdVVM4.roa
Signing time: Mon 20 Nov 2023 09:01:21 +0000
ROA not before: Mon 20 Nov 2023 09:01:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 62.106.81.0/24 maxlen: 24
146.19.149.0/24 maxlen: 24
185.230.246.0/24 maxlen: 24
91.246.36.0/24 maxlen: 24
176.116.10.0/24 maxlen: 24
188.244.125.0/24 maxlen: 24
193.243.186.0/24 maxlen: 24
212.18.119.0/24 maxlen: 24
194.150.79.0/24 maxlen: 24
213.173.38.0/24 maxlen: 24
77.75.229.0/24 maxlen: 24
79.110.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:eb:f6:7c:aa:f0:55:33:86:67:0e:17:5c:9c:86:bd:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Validity
Not Before: Nov 20 09:01:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cbdeb2b11e8236f139b43410b9bbcb2a75554ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ac:fa:87:e9:55:e4:c2:0f:01:17:76:ee:7f:
74:22:2a:33:76:29:66:d0:34:95:19:e5:7c:b3:43:
d9:9d:7b:69:db:bf:6c:09:bc:3f:9d:92:d1:4b:30:
80:8b:d8:8d:bc:ea:f3:71:9e:8e:0f:da:c5:a5:1b:
d4:c5:a3:85:16:0f:a4:ce:8a:91:df:ea:43:82:b0:
80:73:9a:27:b3:70:d1:e2:12:4f:6f:30:99:b8:60:
77:27:fd:e9:9d:e3:eb:92:26:b5:ad:df:83:2a:c5:
df:b4:ec:9a:42:33:c0:fe:35:85:30:37:50:a5:4a:
f8:8f:2c:00:38:38:44:92:18:bd:c9:c7:79:dd:5d:
d5:bd:9d:a3:2f:0a:37:68:0e:e9:e4:33:d8:90:3d:
62:dc:e6:c2:c7:2d:ac:42:65:c7:7b:88:93:17:6e:
ab:bf:79:d4:8b:61:15:38:41:e6:6d:ab:ba:fc:e3:
3a:b0:97:e2:0b:28:00:5c:28:4e:da:9f:06:9c:c9:
38:9c:c5:0f:84:b3:89:2b:9d:69:ec:d8:d1:43:22:
93:76:6f:68:d5:ad:0a:0b:ea:21:83:f8:35:a6:11:
69:74:86:8f:bc:70:68:a1:90:c0:1f:c4:01:f8:2d:
b9:78:91:c4:7d:06:5a:63:e5:4c:7b:5c:69:0a:9d:
88:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:BD:EB:2B:11:E8:23:6F:13:9B:43:41:0B:9B:BC:B2:A7:55:54:CE
X509v3 Authority Key Identifier:
keyid:70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/nL3rKxHoI28Tm0NBC5u8sqdVVM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.81.0/24
77.75.229.0/24
79.110.224.0/24
91.246.36.0/24
146.19.149.0/24
176.116.10.0/24
185.230.246.0/24
188.244.125.0/24
193.243.186.0/24
194.150.79.0/24
212.18.119.0/24
213.173.38.0/24
Signature Algorithm: sha256WithRSAEncryption
27:f1:31:45:f3:90:c8:82:ab:91:d4:db:23:b1:6d:7c:be:df:
b1:82:a5:6c:c2:1a:95:8e:01:a8:78:c1:8d:6f:ca:d9:cd:9d:
34:6f:f2:59:e6:b1:fa:aa:d6:4b:4b:9d:f8:15:24:89:5e:14:
40:81:70:22:27:1b:2a:ad:37:95:bd:53:c3:cb:d8:41:7d:3d:
a3:14:70:7e:57:af:b3:49:7b:7c:1d:90:ee:1e:ae:17:08:33:
7c:c9:a3:55:e8:37:f4:32:cc:47:2b:e8:e4:90:1d:99:a2:83:
d5:90:8e:f1:45:6c:02:a7:c8:19:5e:70:ad:fe:54:cd:04:61:
b7:b3:73:1c:6d:b9:b2:fa:e9:97:7b:32:e3:52:df:70:c3:c1:
55:9b:3f:ca:72:28:91:e8:8a:ea:f9:3d:80:88:68:73:f5:aa:
27:96:19:3a:0e:2a:44:42:c9:ac:fa:da:bc:67:08:ae:58:52:
74:1f:23:a6:6f:ec:b4:53:46:2e:cc:57:2a:2e:2a:7d:32:20:
a2:c9:41:f3:9e:3a:24:7b:ce:88:4c:81:d1:39:1f:7a:49:fe:
19:9c:c1:f8:33:a0:05:bb:10:c7:b4:e4:af:1d:e8:c0:29:59:
99:1a:04:6d:5d:05:de:87:ec:52:21:44:37:fa:c4:ac:6b:cf:
f3:45:8c:60
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYvr9nyq8FUzhmcOF1ychr1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQzYWJiYjQ3OGI3NGVmMmFkZWY5YmI3YzQzMzZlMzQx
MTFkNTEwHhcNMjMxMTIwMDkwMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2JkZWIyYjExZTgyMzZmMTM5YjQzNDEwYjliYmNiMmE3NTU1NGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKz6h+lV5MIPARd27n90Iiozdilm
0DSVGeV8s0PZnXtp279sCbw/nZLRSzCAi9iNvOrzcZ6OD9rFpRvUxaOFFg+kzoqR
3+pDgrCAc5ons3DR4hJPbzCZuGB3J/3pnePrkia1rd+DKsXftOyaQjPA/jWFMDdQ
pUr4jywAODhEkhi9ycd53V3VvZ2jLwo3aA7p5DPYkD1i3ObCxy2sQmXHe4iTF26r
v3nUi2EVOEHmbau6/OM6sJfiCygAXChO2p8GnMk4nMUPhLOJK51p7NjRQyKTdm9o
1a0KC+ohg/g1phFpdIaPvHBooZDAH8QB+C25eJHEfQZaY+VMe1xpCp2I9QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJy96ysR6CNvE5tDQQubvLKnVVTOMB8GA1UdIwQY
MBaAFHBtOru0eLdO8q3vm7fEM240ER1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYt
YTQyMTNjOTNmMWY3LzEvbkwzckt4SG9JMjhUbTBOQkM1dThzcWRWVk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYtYTQyMTNjOTNmMWY3
LzEvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAPmpRAwQA
TUvlAwQAT27gAwQAW/YkAwQAkhOVAwQAsHQKAwQAueb2AwQAvPR9AwQAwfO6AwQA
wpZPAwQA1BJ3AwQA1a0mMA0GCSqGSIb3DQEBCwUAA4IBAQAn8TFF85DIgquR1Nsj
sW18vt+xgqVswhqVjgGoeMGNb8rZzZ00b/JZ5rH6qtZLS534FSSJXhRAgXAiJxsq
rTeVvVPDy9hBfT2jFHB+V6+zSXt8HZDuHq4XCDN8yaNV6Df0MsxHK+jkkB2ZooPV
kI7xRWwCp8gZXnCt/lTNBGG3s3Mcbbmy+umXezLjUt9ww8FVmz/KciiR6Irq+T2A
iGhz9aonlhk6DipEQsms+tq8ZwiuWFJ0HyOmb+y0U0YuzFcqLip9MiCiyUHznjok
e86ITIHROR96Sf4ZnMH4M6AFuxDHtOSvHejAKVmZGgRtXQXeh+xSIUQ3+sSsa8/z
RYxg
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:12 2025 by rpki-client