Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/s6GGHkwnCJMd-G5nNGDq8P9crvc.roa
File: s6GGHkwnCJMd-G5nNGDq8P9crvc.roa (raw, json)
Hash identifier: l0NIQ/eg4QfZuQmUPaKF4OCcBnTHj+M0P4tcXGMCPe8=
Subject key identifier: B3:A1:86:1E:4C:27:08:93:1D:F8:6E:67:34:60:EA:F0:FF:5C:AE:F7
Certificate issuer: /CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Certificate serial: 01856C9CD52895F3FFA60C25AF267509951E
Authority key identifier: 92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/s6GGHkwnCJMd-G5nNGDq8P9crvc.roa
Signing time: Sun 01 Jan 2023 09:14:55 +0000
ROA not before: Sun 01 Jan 2023 09:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202934
IP address blocks: 213.59.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:d5:28:95:f3:ff:a6:0c:25:af:26:75:09:95:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Validity
Not Before: Jan 1 09:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3a1861e4c2708931df86e673460eaf0ff5caef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:dc:20:fe:dd:db:c5:c2:e4:06:94:89:b0:04:
bf:10:17:56:7a:71:d3:a3:4d:ee:19:81:09:06:e4:
7e:b0:7e:08:a4:97:f2:0a:6c:a5:0c:2c:c1:51:67:
29:bb:ed:51:28:46:cb:e2:96:d6:aa:90:05:4d:b1:
0c:fb:0c:cc:af:2f:9e:97:68:2d:cc:ad:59:72:9b:
09:b9:c8:df:b5:59:ab:35:18:a5:be:7a:69:a9:62:
fc:e2:53:6f:b6:9f:38:dd:19:7c:fc:6f:f5:02:2b:
3f:5d:23:23:ec:ef:ce:0e:01:eb:12:fa:54:6e:42:
86:d5:d0:3f:67:c4:54:ad:17:1a:f3:e5:35:2e:7a:
d1:25:70:d5:79:d7:77:95:35:72:83:a0:55:db:ad:
31:f4:b5:0f:8c:de:b7:ff:91:65:6c:e7:e3:b7:c6:
73:3c:a3:ce:76:b3:6b:fc:1a:2c:21:d5:a2:5f:ee:
ab:f5:b1:44:07:2b:37:51:5f:c6:09:f7:e7:bb:38:
92:57:5d:90:c9:76:ce:0a:ff:00:ce:38:74:6a:16:
eb:7f:5f:49:00:80:51:47:5b:fb:90:64:d2:9c:cf:
8e:11:42:bf:5d:d6:67:89:26:8e:cb:b4:ec:05:aa:
6f:ad:8a:f9:6e:4f:89:21:c8:0e:59:81:90:ce:c1:
84:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A1:86:1E:4C:27:08:93:1D:F8:6E:67:34:60:EA:F0:FF:5C:AE:F7
X509v3 Authority Key Identifier:
keyid:92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/s6GGHkwnCJMd-G5nNGDq8P9crvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/kvSxwL-61GuBHu5Wihj7qhSp1oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.59.185.0/24
Signature Algorithm: sha256WithRSAEncryption
11:d7:ae:67:4d:38:12:8e:9c:fa:a6:ab:32:74:7b:b2:84:37:
c0:37:69:3a:8e:a8:91:70:89:32:80:75:58:d7:88:14:75:c4:
06:b9:dc:1d:a3:23:a8:cb:ce:24:79:a7:94:4b:11:ec:fa:57:
96:5d:0c:5c:ab:88:48:a7:df:e8:19:d7:f3:4c:50:e5:8d:49:
9b:9e:d3:8b:fc:38:8d:c8:46:e7:78:c1:d3:f6:ba:08:53:a8:
d5:2b:16:e9:e6:e5:b5:01:dc:b8:d4:d2:43:b0:7f:1e:d3:36:
b0:f8:56:e9:11:6b:bd:af:a7:80:87:25:f5:c9:34:0d:2e:00:
af:cf:fd:d7:ae:8c:f8:32:c5:ab:68:ea:81:3a:b7:6b:63:ff:
ed:fa:2b:71:1f:e1:40:1a:c3:bb:d2:86:4f:49:c3:4e:bf:c6:
a6:f1:56:5f:1b:a8:cc:7e:b6:8d:b1:42:aa:2b:08:b3:13:1e:
d6:62:e8:f4:51:e7:c9:15:3d:a8:44:00:9c:85:a2:d7:45:74:
f6:fc:3e:34:c3:15:ab:c7:1d:b0:46:a8:ec:6a:b6:81:e9:fa:
76:15:2f:8a:2e:a8:38:54:72:48:6c:0f:56:8a:d6:d1:6c:7b:
cb:48:f0:a0:7c:7f:07:1f:7d:85:7a:c1:23:71:6d:78:b3:e1:
55:eb:c3:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnNUolfP/pgwlryZ1CZUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZjRiMWMwYmZiYWQ0NmI4MTFlZWU1NjhhMThmYmFhMTRh
OWQ2ODcwHhcNMjMwMTAxMDkxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2ExODYxZTRjMjcwODkzMWRmODZlNjczNDYwZWFmMGZmNWNhZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdwg/t3bxcLkBpSJsAS/EBdWenHT
o03uGYEJBuR+sH4IpJfyCmylDCzBUWcpu+1RKEbL4pbWqpAFTbEM+wzMry+el2gt
zK1ZcpsJucjftVmrNRilvnppqWL84lNvtp843Rl8/G/1Ais/XSMj7O/ODgHrEvpU
bkKG1dA/Z8RUrRca8+U1LnrRJXDVedd3lTVyg6BV260x9LUPjN63/5FlbOfjt8Zz
PKPOdrNr/BosIdWiX+6r9bFEBys3UV/GCffnuziSV12QyXbOCv8Azjh0ahbrf19J
AIBRR1v7kGTSnM+OEUK/XdZniSaOy7TsBapvrYr5bk+JIcgOWYGQzsGEGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOhhh5MJwiTHfhuZzRg6vD/XK73MB8GA1UdIwQY
MBaAFJL0scC/utRrgR7uVooY+6oUqdaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMt
YTA4NGY3NmM4ZTJiLzEvczZHR0hrd25DSk1kLUc1bk5HRHE4UDljcnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMtYTA4NGY3NmM4ZTJi
LzEva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Tu5MA0G
CSqGSIb3DQEBCwUAA4IBAQAR165nTTgSjpz6pqsydHuyhDfAN2k6jqiRcIkygHVY
14gUdcQGudwdoyOoy84keaeUSxHs+leWXQxcq4hIp9/oGdfzTFDljUmbntOL/DiN
yEbneMHT9roIU6jVKxbp5uW1Ady41NJDsH8e0zaw+FbpEWu9r6eAhyX1yTQNLgCv
z/3Xroz4MsWraOqBOrdrY//t+itxH+FAGsO70oZPScNOv8am8VZfG6jMfraNsUKq
KwizEx7WYuj0UefJFT2oRACchaLXRXT2/D40wxWrxx2wRqjsaraB6fp2FS+KLqg4
VHJIbA9WitbRbHvLSPCgfH8HH32FesEjcW14s+FV68NO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:39 2025 by rpki-client