Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/6qO-UReruKkAnjem70B76-G3Vj8.roa
File: 6qO-UReruKkAnjem70B76-G3Vj8.roa (raw, json)
Hash identifier: 2Cxdvi+ovTYkchNynKue0WxCWJb9Hv1Ux71vJ33oIJA=
Subject key identifier: EA:A3:BE:51:17:AB:B8:A9:00:9E:37:A6:EF:40:7B:EB:E1:B7:56:3F
Certificate issuer: /CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Certificate serial: 01857015334FC4C3A3F71E7A633964B83168
Authority key identifier: 34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/6qO-UReruKkAnjem70B76-G3Vj8.roa
Signing time: Mon 02 Jan 2023 01:25:15 +0000
ROA not before: Mon 02 Jan 2023 01:25:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201986
IP address blocks: 178.219.56.0/21 maxlen: 21
178.219.58.0/23 maxlen: 23
194.61.88.0/22 maxlen: 24
109.68.127.0/24 maxlen: 24
185.150.164.0/22 maxlen: 22
185.150.166.0/24 maxlen: 24
185.150.164.0/23 maxlen: 23
185.150.167.0/24 maxlen: 24
185.57.68.0/22 maxlen: 22
2a02:5960::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:33:4f:c4:c3:a3:f7:1e:7a:63:39:64:b8:31:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Validity
Not Before: Jan 2 01:25:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eaa3be5117abb8a9009e37a6ef407bebe1b7563f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:dc:3d:32:ef:47:4a:f6:d6:32:56:fd:30:cb:
d8:78:4a:a6:8e:0c:ff:aa:08:c9:f7:bf:b0:cd:63:
ff:38:71:1d:9e:61:4f:df:9d:95:88:f0:b8:b1:7d:
0a:85:9f:a4:47:a8:5c:16:00:d6:48:ee:71:a0:c8:
a2:f8:77:63:95:43:af:dd:ae:05:ec:60:f9:4f:35:
67:b1:15:7b:a1:5d:ab:fd:54:d0:3a:6d:c3:5d:72:
7a:a2:41:a0:3e:be:13:7a:90:23:c0:e5:b9:10:63:
22:da:b9:c8:69:22:7b:59:40:62:4c:0f:24:84:28:
74:0e:f2:84:51:08:0e:49:c9:0b:89:9e:24:ac:8b:
31:e4:51:e0:db:74:db:8b:45:9a:4b:7c:bb:39:e7:
1d:49:cc:3c:96:f7:2c:92:20:a6:34:17:03:36:7f:
7f:9c:ae:a8:ae:4f:3e:75:7c:62:27:9e:ab:fa:65:
93:10:b1:21:1d:e1:1c:66:d7:17:a1:98:46:0b:c3:
aa:34:6a:d1:ff:1e:83:b3:0c:73:70:ed:ad:1a:b6:
fa:44:8b:3a:59:a5:75:94:93:b7:06:27:a3:64:a0:
2f:d2:01:31:43:a5:30:f4:68:2f:b1:50:eb:c3:33:
8d:56:01:5c:1b:b7:5b:71:92:50:f8:0b:e4:b7:77:
68:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:A3:BE:51:17:AB:B8:A9:00:9E:37:A6:EF:40:7B:EB:E1:B7:56:3F
X509v3 Authority Key Identifier:
keyid:34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/6qO-UReruKkAnjem70B76-G3Vj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.127.0/24
178.219.56.0/21
185.57.68.0/22
185.150.164.0/22
194.61.88.0/22
IPv6:
2a02:5960::/32
Signature Algorithm: sha256WithRSAEncryption
5e:f5:26:41:2f:89:2f:64:c6:20:af:a9:dd:2e:ed:a9:65:d0:
b7:36:a7:46:c9:f5:c4:0a:3e:58:ec:69:f0:7e:47:f0:8f:0a:
3c:0c:b3:96:57:06:92:01:8f:48:af:6a:50:51:93:ef:35:29:
f6:bc:79:1a:44:30:8f:fa:06:1f:57:b0:82:34:c8:60:ff:02:
39:53:6b:3a:20:f4:d2:e3:13:ca:26:9b:8c:d5:d8:6a:5a:63:
16:66:0c:dc:d8:8f:6a:7b:86:3c:d8:a9:db:dc:ac:5e:e2:8a:
9f:be:ed:1f:4c:3a:f5:47:40:6c:40:d5:c8:51:1c:c6:1c:b0:
d1:8e:ac:5f:8d:55:db:4a:f4:92:f5:4f:10:92:f3:95:b0:47:
5d:61:22:24:ed:60:aa:34:69:29:2e:ea:54:46:2a:c7:1a:6f:
49:97:9d:a4:72:89:25:fd:1c:a6:8a:dc:d0:75:fc:1d:1b:21:
da:9f:97:89:72:76:37:15:a8:f4:df:35:14:29:55:c4:16:8c:
b1:0f:70:b7:7c:b2:bb:cf:37:e6:75:09:50:e8:3f:89:32:51:
45:e4:d4:bb:4e:b9:22:3d:c6:0e:34:a9:b6:81:34:77:b8:9e:
93:5a:7b:50:1d:39:84:85:de:97:01:d2:1e:1f:24:c1:fc:8d:
cf:e1:17:95
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVwFTNPxMOj9x56YzlkuDFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZDBlYzdhYzRjMzkxZTRlY2JhOWQwYTM3NDkxOTFiMThl
YmY5MzQwHhcNMjMwMTAyMDEyNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWEzYmU1MTE3YWJiOGE5MDA5ZTM3YTZlZjQwN2JlYmUxYjc1NjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNw9Mu9HSvbWMlb9MMvYeEqmjgz/
qgjJ97+wzWP/OHEdnmFP352ViPC4sX0KhZ+kR6hcFgDWSO5xoMii+HdjlUOv3a4F
7GD5TzVnsRV7oV2r/VTQOm3DXXJ6okGgPr4TepAjwOW5EGMi2rnIaSJ7WUBiTA8k
hCh0DvKEUQgOSckLiZ4krIsx5FHg23Tbi0WaS3y7OecdScw8lvcskiCmNBcDNn9/
nK6ork8+dXxiJ56r+mWTELEhHeEcZtcXoZhGC8OqNGrR/x6DswxzcO2tGrb6RIs6
WaV1lJO3BiejZKAv0gExQ6Uw9GgvsVDrwzONVgFcG7dbcZJQ+Avkt3dojQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOqjvlEXq7ipAJ43pu9Ae+vht1Y/MB8GA1UdIwQY
MBaAFDTQ7HrEw5Hk7LqdCjdJGRsY6/k0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUt
YjdjMjY5NmJhZTUwLzEvNnFPLVVSZXJ1S2tBbmplbTcwQjc2LUczVmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUw
LzEvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAbUR/AwQD
sts4AwQCuTlEAwQCuZakAwQCwj1YMA0EAgACMAcDBQAqAllgMA0GCSqGSIb3DQEB
CwUAA4IBAQBe9SZBL4kvZMYgr6ndLu2pZdC3NqdGyfXECj5Y7Gnwfkfwjwo8DLOW
VwaSAY9Ir2pQUZPvNSn2vHkaRDCP+gYfV7CCNMhg/wI5U2s6IPTS4xPKJpuM1dhq
WmMWZgzc2I9qe4Y82Knb3Kxe4oqfvu0fTDr1R0BsQNXIURzGHLDRjqxfjVXbSvSS
9U8QkvOVsEddYSIk7WCqNGkpLupURirHGm9Jl52kcokl/RymitzQdfwdGyHan5eJ
cnY3Faj03zUUKVXEFoyxD3C3fLK7zzfmdQlQ6D+JMlFF5NS7TrkiPcYONKm2gTR3
uJ6TWntQHTmEhd6XAdIeHyTB/I3P4ReV
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:24 2025 by rpki-client