Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/6KJqixENDnU_yKPbr7girzMOodw.roa
File: 6KJqixENDnU_yKPbr7girzMOodw.roa (raw, json)
Hash identifier: 1SNDWPx5sH+/UQw7LUj26625GrZa1oz1KUCu8Mrx8bI=
Subject key identifier: E8:A2:6A:8B:11:0D:0E:75:3F:C8:A3:DB:AF:B8:22:AF:33:0E:A1:DC
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 018572FA62559FAB7553065CE8FE1ED1705B
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/6KJqixENDnU_yKPbr7girzMOodw.roa
Signing time: Mon 02 Jan 2023 14:54:49 +0000
ROA not before: Mon 02 Jan 2023 14:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31216
IP address blocks: 89.30.68.0/22 maxlen: 24
89.30.0.0/17 maxlen: 24
83.243.16.0/21 maxlen: 24
194.126.217.0/24 maxlen: 24
2a01:8200::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:62:55:9f:ab:75:53:06:5c:e8:fe:1e:d1:70:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Jan 2 14:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8a26a8b110d0e753fc8a3dbafb822af330ea1dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:df:55:73:b5:1d:e7:00:51:7a:ca:b5:af:39:
a4:04:41:3b:92:ad:58:45:8b:28:7b:3c:92:25:66:
d8:3b:5a:cc:a4:7a:a4:9a:99:58:08:36:38:bf:30:
6d:ae:7e:54:b8:1c:65:81:cf:5a:8e:32:66:b4:6c:
ee:8d:36:ca:f6:a4:4e:fd:16:ea:be:45:8a:ac:ac:
02:69:37:34:ae:d3:80:95:7a:d5:bf:ac:ae:2c:e5:
34:c5:d3:3b:f7:62:29:59:d6:f7:78:5b:52:0b:12:
20:9b:bb:12:74:7b:2d:71:f4:37:06:e9:5f:79:53:
c2:96:1b:42:33:cf:d1:93:bd:34:e2:7a:a7:27:97:
73:ee:8c:95:64:11:a1:29:4b:f8:77:ca:da:6f:6e:
11:a1:c5:01:5a:e2:d6:12:ee:ef:84:8f:60:ac:48:
04:80:1f:ad:df:be:9d:c1:de:83:5c:5a:ba:ee:14:
db:ac:b3:e8:d9:fa:fb:5f:c8:dc:3e:c2:4c:b7:3e:
a3:84:f6:13:5c:0d:67:0d:58:88:7b:60:93:85:f4:
3e:34:9d:fc:18:a3:58:32:2d:9d:f2:bf:c7:22:ef:
2f:6c:b6:f4:31:20:fc:e4:6e:41:4e:b5:33:c8:07:
41:c5:3e:94:02:2b:1f:ba:58:ff:49:c6:d2:41:6a:
6e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A2:6A:8B:11:0D:0E:75:3F:C8:A3:DB:AF:B8:22:AF:33:0E:A1:DC
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/6KJqixENDnU_yKPbr7girzMOodw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.243.16.0/21
89.30.0.0/17
194.126.217.0/24
IPv6:
2a01:8200::/32
Signature Algorithm: sha256WithRSAEncryption
46:3f:cb:86:95:af:58:4f:08:ef:9f:f5:7b:d5:f2:00:a1:23:
58:34:0a:8e:78:4f:a3:53:ed:22:22:13:01:69:ab:f1:ae:cf:
68:b5:ad:c1:0d:57:01:0b:75:75:13:a3:0c:03:b8:8f:bb:0c:
ab:69:cc:00:8a:63:6d:c7:6a:f1:4a:18:e1:46:f3:3e:ce:0d:
48:e0:c6:ec:94:cf:78:04:06:ed:6c:57:e4:4d:fa:a0:2d:b4:
b5:97:08:97:cd:c7:35:bc:d7:34:f4:e0:a2:8b:f2:3d:89:a1:
df:84:84:81:8a:83:6a:7a:18:5a:7a:a3:a4:82:5c:db:1e:98:
76:1f:99:d3:0c:96:d4:3b:3e:f7:91:56:84:c1:0a:4e:99:3b:
f1:23:ed:83:e0:87:60:61:70:68:be:03:57:94:23:5a:74:17:
37:80:42:55:1c:9f:4f:04:3e:df:fd:d6:a5:e0:d5:9b:fc:ef:
19:b1:fc:d8:dc:b4:0e:32:12:9a:51:b5:9a:5d:6b:1a:0e:70:
23:b3:76:63:dc:79:b8:73:b0:d0:eb:2e:e8:2a:26:3c:f7:58:
93:e7:dd:31:a8:2b:7d:fb:25:3e:17:6b:c2:ad:6d:c4:8d:4f:
39:11:a4:b8:bb:53:12:3b:a5:e1:f4:75:fc:e9:9b:21:81:54:
01:ab:58:cf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVy+mJVn6t1UwZc6P4e0XBbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjMwMTAyMTQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGEyNmE4YjExMGQwZTc1M2ZjOGEzZGJhZmI4MjJhZjMzMGVhMWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk99Vc7Ud5wBResq1rzmkBEE7kq1Y
RYsoezySJWbYO1rMpHqkmplYCDY4vzBtrn5UuBxlgc9ajjJmtGzujTbK9qRO/Rbq
vkWKrKwCaTc0rtOAlXrVv6yuLOU0xdM792IpWdb3eFtSCxIgm7sSdHstcfQ3Bulf
eVPClhtCM8/Rk7004nqnJ5dz7oyVZBGhKUv4d8rab24RocUBWuLWEu7vhI9grEgE
gB+t376dwd6DXFq67hTbrLPo2fr7X8jcPsJMtz6jhPYTXA1nDViIe2CThfQ+NJ38
GKNYMi2d8r/HIu8vbLb0MSD85G5BTrUzyAdBxT6UAisfulj/ScbSQWpudQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOiiaosRDQ51P8ij26+4Iq8zDqHcMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvNktKcWl4RU5EblVfeUtQYnI3Z2lyek1Pb2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDU/MQAwQH
WR4AAwQAwn7ZMA0EAgACMAcDBQAqAYIAMA0GCSqGSIb3DQEBCwUAA4IBAQBGP8uG
la9YTwjvn/V71fIAoSNYNAqOeE+jU+0iIhMBaavxrs9ota3BDVcBC3V1E6MMA7iP
uwyracwAimNtx2rxShjhRvM+zg1I4MbslM94BAbtbFfkTfqgLbS1lwiXzcc1vNc0
9OCii/I9iaHfhISBioNqehhaeqOkglzbHph2H5nTDJbUOz73kVaEwQpOmTvxI+2D
4IdgYXBovgNXlCNadBc3gEJVHJ9PBD7f/dal4NWb/O8ZsfzY3LQOMhKaUbWaXWsa
DnAjs3Zj3Hm4c7DQ6y7oKiY891iT590xqCt9+yU+F2vCrW3EjU85EaS4u1MSO6Xh
9HX86ZshgVQBq1jP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:05 2025 by rpki-client