Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/6CviDBBVmdTnNjYBNH9h87Y6qKg.roa
File: 6CviDBBVmdTnNjYBNH9h87Y6qKg.roa (raw, json)
Hash identifier: ZQdyIRc/0YrhwqLfjMBWyKiCRhlvECm7VnVhM24Vw7w=
Subject key identifier: E8:2B:E2:0C:10:55:99:D4:E7:36:36:01:34:7F:61:F3:B6:3A:A8:A8
Certificate issuer: /CN=b45e62270d20f9467a6afc78963dbcfb80fbf52a
Certificate serial: 0183C24EF1CC9AC8A5F1FEFA0C141C7426B5
Authority key identifier: B4:5E:62:27:0D:20:F9:46:7A:6A:FC:78:96:3D:BC:FB:80:FB:F5:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tF5iJw0g-UZ6avx4lj28-4D79So.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/6CviDBBVmdTnNjYBNH9h87Y6qKg.roa
Signing time: Mon 10 Oct 2022 14:31:36 +0000
ROA not before: Mon 10 Oct 2022 14:31:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2607
IP address blocks: 193.87.0.0/16 maxlen: 17
194.160.0.0/16 maxlen: 17
2001:4118::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:4e:f1:cc:9a:c8:a5:f1:fe:fa:0c:14:1c:74:26:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45e62270d20f9467a6afc78963dbcfb80fbf52a
Validity
Not Before: Oct 10 14:31:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e82be20c105599d4e7363601347f61f3b63aa8a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:23:21:e0:86:f6:6d:a9:18:18:a5:49:aa:81:
66:f2:c4:49:10:57:66:ef:b8:2f:2b:64:8c:c1:3e:
32:bc:a8:c3:5f:38:32:05:fb:cd:13:70:a1:23:06:
e3:63:ad:b9:b1:d0:f5:c9:e3:95:31:65:14:bd:75:
a9:9b:c0:7f:ad:c6:47:62:21:a0:1a:ec:63:34:d0:
63:ba:2a:80:28:87:b8:16:a5:a0:4f:c8:48:f8:49:
4f:7a:fb:f1:21:fc:17:ed:f0:35:a3:79:4e:ec:c8:
22:59:e1:e1:5b:07:2e:eb:64:83:3a:08:e5:18:9e:
53:67:01:87:26:8a:3d:57:68:85:f6:73:37:3a:ee:
d1:fd:cf:91:69:7f:3b:f0:99:8d:5e:fa:5b:c8:72:
e1:7d:2a:4c:fe:7a:d6:aa:49:5c:94:ae:43:66:71:
4d:1e:31:3d:11:17:4a:a4:34:42:c3:2a:3c:96:21:
73:f8:ff:8e:02:a7:5a:2a:f1:0c:11:ae:1d:0e:15:
c6:d6:eb:f6:d9:6c:48:2a:32:35:68:ab:58:d1:25:
e0:2e:4b:d6:46:db:57:8d:1f:0a:45:fc:b2:c4:21:
ab:1a:f5:ad:1f:11:a0:9a:2a:5a:07:e9:45:e9:ed:
95:86:bf:1c:f3:f5:12:cd:f2:36:f4:8d:2e:07:1b:
e3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:2B:E2:0C:10:55:99:D4:E7:36:36:01:34:7F:61:F3:B6:3A:A8:A8
X509v3 Authority Key Identifier:
keyid:B4:5E:62:27:0D:20:F9:46:7A:6A:FC:78:96:3D:BC:FB:80:FB:F5:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tF5iJw0g-UZ6avx4lj28-4D79So.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/6CviDBBVmdTnNjYBNH9h87Y6qKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.87.0.0/16
194.160.0.0/16
IPv6:
2001:4118::/32
Signature Algorithm: sha256WithRSAEncryption
87:4d:59:b2:64:1d:a9:e2:eb:9a:44:e5:e2:3d:c8:5c:ad:5c:
9f:13:1e:74:89:15:28:f7:79:23:51:c6:34:02:cf:90:7d:18:
98:70:11:28:f8:4a:7a:45:a6:2d:ca:b1:ca:13:48:18:ca:e4:
30:c1:be:5e:64:be:eb:22:4a:f8:44:47:7c:59:a9:8d:ea:d5:
e4:fa:dd:59:89:18:cc:95:14:08:bd:a7:fc:ba:07:8b:96:4d:
87:ad:f0:bb:95:58:f2:d4:d5:c4:24:1c:0b:c6:5d:58:9f:61:
ba:71:04:1c:3b:41:33:8f:1a:fb:cc:25:27:23:2d:2a:f2:73:
94:a5:09:c7:41:2c:4f:63:fc:4a:c9:e6:af:a8:1a:5f:4f:bb:
b0:49:bd:06:3f:09:15:ad:5b:0d:e4:12:59:36:c4:6e:5a:5d:
b7:e9:38:42:b4:a0:7b:f3:17:2e:a2:cf:56:06:0d:98:8e:1d:
52:72:92:ea:ad:3d:52:d3:54:39:ea:bd:18:cc:f6:95:62:98:
c9:fa:a5:38:22:7b:55:1f:c5:bf:5c:af:92:14:bf:1f:ca:a0:
91:25:1e:94:38:d2:02:b1:9f:93:17:e3:4f:0e:4d:c2:17:24:
3b:da:a9:0c:95:9d:d0:3f:f7:6e:ab:33:73:b6:0d:85:cd:10:
d5:03:97:30
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYPCTvHMmsil8f76DBQcdCa1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NWU2MjI3MGQyMGY5NDY3YTZhZmM3ODk2M2RiY2ZiODBm
YmY1MmEwHhcNMjIxMDEwMTQzMTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODJiZTIwYzEwNTU5OWQ0ZTczNjM2MDEzNDdmNjFmM2I2M2FhOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiMh4Ib2bakYGKVJqoFm8sRJEFdm
77gvK2SMwT4yvKjDXzgyBfvNE3ChIwbjY625sdD1yeOVMWUUvXWpm8B/rcZHYiGg
GuxjNNBjuiqAKIe4FqWgT8hI+ElPevvxIfwX7fA1o3lO7MgiWeHhWwcu62SDOgjl
GJ5TZwGHJoo9V2iF9nM3Ou7R/c+RaX878JmNXvpbyHLhfSpM/nrWqklclK5DZnFN
HjE9ERdKpDRCwyo8liFz+P+OAqdaKvEMEa4dDhXG1uv22WxIKjI1aKtY0SXgLkvW
RttXjR8KRfyyxCGrGvWtHxGgmipaB+lF6e2Vhr8c8/USzfI29I0uBxvjfwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFOgr4gwQVZnU5zY2ATR/YfO2OqioMB8GA1UdIwQY
MBaAFLReYicNIPlGemr8eJY9vPuA+/UqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEY1aUp3MGctVVo2YXZ4NGxqMjgtNEQ3OVNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9lY2I0NWUtMmRiNi00YjU0LWJjOTEt
MDU5NjI5NmYxMmRlLzEvNkN2aURCQlZtZFRuTmpZQk5IOWg4N1k2cUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9lY2I0NWUtMmRiNi00YjU0LWJjOTEtMDU5NjI5NmYxMmRl
LzEvdEY1aUp3MGctVVo2YXZ4NGxqMjgtNEQ3OVNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAQBAIAATAKAwMAwVcDAwDC
oDANBAIAAjAHAwUAIAFBGDANBgkqhkiG9w0BAQsFAAOCAQEAh01ZsmQdqeLrmkTl
4j3IXK1cnxMedIkVKPd5I1HGNALPkH0YmHARKPhKekWmLcqxyhNIGMrkMMG+XmS+
6yJK+ERHfFmpjerV5PrdWYkYzJUUCL2n/LoHi5ZNh63wu5VY8tTVxCQcC8ZdWJ9h
unEEHDtBM48a+8wlJyMtKvJzlKUJx0EsT2P8Ssnmr6gaX0+7sEm9Bj8JFa1bDeQS
WTbEblpdt+k4QrSge/MXLqLPVgYNmI4dUnKS6q09UtNUOeq9GMz2lWKYyfqlOCJ7
VR/Fv1yvkhS/H8qgkSUelDjSArGfkxfjTw5NwhckO9qpDJWd0D/3bqszc7YNhc0Q
1QOXMA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:29 2025 by rpki-client