Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/6TF8kTX5J-xHvjE-ap7Q3yn0gtQ.roa
File: 6TF8kTX5J-xHvjE-ap7Q3yn0gtQ.roa (raw, json)
Hash identifier: f5FhBsvYpvcEhpPT1HoIKbJfZNm+XBAKmr6NnzAhmG4=
Subject key identifier: E9:31:7C:91:35:F9:27:EC:47:BE:31:3E:6A:9E:D0:DF:29:F4:82:D4
Certificate issuer: /CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Certificate serial: 01857295E4FB5CB3EDA82479D379678D9F00
Authority key identifier: 5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/6TF8kTX5J-xHvjE-ap7Q3yn0gtQ.roa
Signing time: Mon 02 Jan 2023 13:05:04 +0000
ROA not before: Mon 02 Jan 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8330
IP address blocks: 91.198.81.0/24 maxlen: 24
5.57.88.0/21 maxlen: 21
193.203.5.0/24 maxlen: 24
195.35.120.0/24 maxlen: 24
2001:7f8:17::/48 maxlen: 48
2a00:eb20:abcd::/48 maxlen: 48
2a00:eb20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:e4:fb:5c:b3:ed:a8:24:79:d3:79:67:8d:9f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Validity
Not Before: Jan 2 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9317c9135f927ec47be313e6a9ed0df29f482d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:be:e8:5d:cb:e0:07:d2:8a:12:ee:0c:18:24:
8a:d8:98:82:2b:5d:09:7e:8b:e3:ec:76:30:71:26:
c2:ab:3e:79:83:fd:4d:57:e1:eb:a4:52:f5:f7:d2:
f6:a0:ac:ce:b8:dd:74:2e:98:5d:d0:af:bf:78:c7:
66:17:0a:79:67:c5:c8:8f:71:64:3d:53:63:f4:c8:
8e:96:cd:64:84:18:62:c7:56:1a:c6:d9:1a:3c:55:
2a:87:c6:c8:9b:cd:be:68:93:9f:92:65:31:66:3e:
81:2f:a5:7d:5f:f9:43:08:5c:c4:2f:b8:a4:43:58:
d6:30:19:56:f1:71:8e:f2:b6:52:74:34:2f:8f:b0:
57:2e:22:82:dc:5e:6f:0f:c6:93:29:b1:4e:c8:fa:
a9:db:e1:d7:74:4c:63:6e:54:5f:b4:86:56:ff:76:
01:97:56:1d:46:90:27:06:0e:2e:b6:69:04:6f:dd:
96:fb:f7:cb:0f:c7:39:14:fd:33:e7:91:20:93:58:
6d:99:98:86:82:99:2e:72:d2:4d:c1:e7:d5:68:f6:
e4:4b:ba:fb:cb:60:e2:f3:6b:1a:d2:12:ab:e8:ea:
47:61:da:66:a4:81:1a:b3:3a:1d:bd:b9:fd:27:91:
74:25:69:dd:7e:81:fc:14:f9:0a:bf:08:83:e5:9f:
13:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:31:7C:91:35:F9:27:EC:47:BE:31:3E:6A:9E:D0:DF:29:F4:82:D4
X509v3 Authority Key Identifier:
keyid:5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/6TF8kTX5J-xHvjE-ap7Q3yn0gtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.88.0/21
91.198.81.0/24
193.203.5.0/24
195.35.120.0/24
IPv6:
2001:7f8:17::/48
2a00:eb20::/32
Signature Algorithm: sha256WithRSAEncryption
6a:d5:38:a8:11:d4:5a:0b:46:73:e0:fc:bc:7f:ea:97:a1:2a:
7a:1f:58:15:94:e0:4e:c0:18:1a:ab:68:b2:74:09:a5:73:13:
d9:8b:51:9d:5f:f5:58:f8:9f:74:e2:6c:07:5b:51:b9:d2:2f:
3c:a9:7b:0e:c4:e2:d4:0a:87:ec:59:35:60:50:31:d6:33:d9:
51:62:68:40:65:1e:b5:f2:83:92:ca:04:74:f9:4f:3c:34:37:
e1:85:6f:c5:11:28:30:36:2c:31:02:66:85:fc:d9:82:93:7b:
23:ee:4c:3f:22:71:a2:ca:ba:89:a6:b0:28:ce:fd:a8:75:d2:
09:96:59:21:92:df:49:bd:7b:c6:22:ae:93:f9:0a:45:f1:94:
0c:c0:b8:f0:5d:b0:86:9a:08:f1:af:00:19:c6:1a:22:bf:a8:
64:71:a4:15:bd:94:58:0d:90:0f:e2:68:cd:c5:76:71:82:90:
d1:66:69:0f:e8:ed:78:c9:6d:2e:d8:3b:6d:67:ca:d1:17:e1:
a0:58:a8:85:13:7a:20:5d:d8:47:04:d8:6f:59:79:c9:3a:cf:
13:5c:1f:5d:51:bb:a5:37:f4:84:66:22:dd:f9:6e:63:20:0c:
88:f2:5e:36:f0:69:92:bc:61:af:d4:3c:6e:20:99:97:ee:c3:
74:e0:3a:ff
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVyleT7XLPtqCR503lnjZ8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGQwN2I0NWY3ZDgzMTI0YzlmOGMwZmFjMDNiZWMwMjQ2
OGIzN2UwHhcNMjMwMTAyMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTMxN2M5MTM1ZjkyN2VjNDdiZTMxM2U2YTllZDBkZjI5ZjQ4MmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5b7oXcvgB9KKEu4MGCSK2JiCK10J
fovj7HYwcSbCqz55g/1NV+HrpFL199L2oKzOuN10Lphd0K+/eMdmFwp5Z8XIj3Fk
PVNj9MiOls1khBhix1YaxtkaPFUqh8bIm82+aJOfkmUxZj6BL6V9X/lDCFzEL7ik
Q1jWMBlW8XGO8rZSdDQvj7BXLiKC3F5vD8aTKbFOyPqp2+HXdExjblRftIZW/3YB
l1YdRpAnBg4utmkEb92W+/fLD8c5FP0z55Egk1htmZiGgpkuctJNwefVaPbkS7r7
y2Di82sa0hKr6OpHYdpmpIEaszodvbn9J5F0JWndfoH8FPkKvwiD5Z8TowIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOkxfJE1+SfsR74xPmqe0N8p9ILUMB8GA1UdIwQY
MBaAFF6NB7RffYMSTJ+MD6wDvsAkaLN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQt
NmM4ZmQ4NGJiNWY1LzEvNlRGOGtUWDVKLXhIdmpFLWFwN1EzeW4wZ3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQtNmM4ZmQ4NGJiNWY1
LzEvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQDBTlYAwQA
W8ZRAwQAwcsFAwQAwyN4MBYEAgACMBADBwAgAQf4ABcDBQAqAOsgMA0GCSqGSIb3
DQEBCwUAA4IBAQBq1TioEdRaC0Zz4Py8f+qXoSp6H1gVlOBOwBgaq2iydAmlcxPZ
i1GdX/VY+J904mwHW1G50i88qXsOxOLUCofsWTVgUDHWM9lRYmhAZR618oOSygR0
+U88NDfhhW/FESgwNiwxAmaF/NmCk3sj7kw/InGiyrqJprAozv2oddIJllkhkt9J
vXvGIq6T+QpF8ZQMwLjwXbCGmgjxrwAZxhoiv6hkcaQVvZRYDZAP4mjNxXZxgpDR
ZmkP6O14yW0u2DttZ8rRF+GgWKiFE3ogXdhHBNhvWXnJOs8TXB9dUbulN/SEZiLd
+W5jIAyI8l428GmSvGGv1DxuIJmX7sN04Dr/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:38 2025 by rpki-client