Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/a6zpgLyLqoSD67XgE-J6abjvphs.roa
File: a6zpgLyLqoSD67XgE-J6abjvphs.roa (raw, json)
Hash identifier: RyHasDZ7F+Dn9b7JbckbYiQSFKigRh80H4aVvq0gxYI=
Subject key identifier: 6B:AC:E9:80:BC:8B:AA:84:83:EB:B5:E0:13:E2:7A:69:B8:EF:A6:1B
Certificate issuer: /CN=5dc67c6be367ab9e941d1427d050449447b8865c
Certificate serial: 01856DCAFE9A3F3FAE993DE18D7FD50D43C1
Authority key identifier: 5D:C6:7C:6B:E3:67:AB:9E:94:1D:14:27:D0:50:44:94:47:B8:86:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XcZ8a-Nnq56UHRQn0FBElEe4hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/a6zpgLyLqoSD67XgE-J6abjvphs.roa
Signing time: Sun 01 Jan 2023 14:44:58 +0000
ROA not before: Sun 01 Jan 2023 14:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 193.218.204.0/24 maxlen: 24
193.218.222.0/24 maxlen: 24
193.219.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:fe:9a:3f:3f:ae:99:3d:e1:8d:7f:d5:0d:43:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dc67c6be367ab9e941d1427d050449447b8865c
Validity
Not Before: Jan 1 14:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bace980bc8baa8483ebb5e013e27a69b8efa61b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6f:8e:39:96:08:cb:1c:49:6a:35:ac:69:f2:
1e:33:b1:45:e5:15:3f:93:3e:2f:7c:ca:1d:72:15:
97:f5:cf:84:d0:5f:7b:80:a8:d0:a7:50:6e:fd:46:
9f:11:b2:56:55:19:97:4e:4f:92:27:0a:71:48:dd:
3b:3b:99:3b:37:ed:de:c6:1d:e6:63:f1:4c:c0:37:
04:dc:80:7f:76:fa:b9:97:1a:6b:46:da:b0:d2:9e:
05:13:3b:02:4b:2c:d8:90:42:f1:bb:62:71:b6:af:
20:ed:68:9e:d7:14:0f:ab:80:a2:71:9d:29:ce:b2:
2c:33:57:79:34:65:5e:a8:66:03:5e:18:ae:46:7c:
dc:8c:23:59:e1:17:d4:be:69:a4:0c:1c:15:03:2f:
a7:9d:1f:43:a1:c9:21:05:1d:b5:ef:41:42:93:ea:
c1:2e:33:87:7e:71:d8:25:dc:30:08:64:96:53:e9:
46:20:19:4e:37:26:63:7a:20:4a:0a:e3:c6:d6:0a:
ef:59:d7:35:15:a1:a6:3a:ca:87:b1:87:97:87:07:
cb:4b:c0:fc:3c:e4:4a:13:0d:56:cf:28:f4:39:9c:
0d:8e:0a:ff:a8:2c:98:d9:b2:fb:66:b4:3c:ab:0c:
5c:c6:7d:04:7d:03:7b:3d:c0:ab:dd:1c:65:2b:10:
e3:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:AC:E9:80:BC:8B:AA:84:83:EB:B5:E0:13:E2:7A:69:B8:EF:A6:1B
X509v3 Authority Key Identifier:
keyid:5D:C6:7C:6B:E3:67:AB:9E:94:1D:14:27:D0:50:44:94:47:B8:86:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XcZ8a-Nnq56UHRQn0FBElEe4hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/a6zpgLyLqoSD67XgE-J6abjvphs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/76275a-6f41-4804-837b-89799deadc47/1/XcZ8a-Nnq56UHRQn0FBElEe4hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.204.0/24
193.218.222.0/24
193.219.0.0/24
Signature Algorithm: sha256WithRSAEncryption
15:71:8f:e5:92:83:aa:e1:46:41:d0:9f:d7:69:42:88:17:1d:
c0:8e:b2:de:be:9f:42:a1:56:cf:84:52:c9:1d:38:6b:8d:ee:
ac:a7:df:84:06:ee:d8:62:84:ce:8f:35:57:59:ff:19:78:29:
d9:5a:e2:e6:0b:a3:83:87:61:9d:1d:0b:6b:dd:73:e6:64:5a:
b1:8a:a1:1e:61:d3:96:db:d0:05:b4:27:5d:63:b8:c8:87:f5:
99:c2:5e:d1:6d:21:54:b8:40:33:76:ad:d0:6d:10:be:c5:01:
6b:60:8e:17:4f:08:bf:a4:00:68:9e:bb:f9:75:d1:a9:b3:3b:
53:57:79:90:a6:b3:64:fb:ab:45:85:7a:eb:94:1f:1f:20:fa:
c2:14:c0:0e:5f:a1:de:c7:d3:37:c5:12:f4:7b:c9:45:37:2b:
df:b9:36:bf:fd:7f:7f:e3:6a:24:db:3f:f1:2b:83:1f:44:99:
ef:fc:33:af:cd:00:4d:68:0e:42:38:05:9e:37:25:07:c3:3d:
03:4c:5c:a8:b5:23:c9:bc:2a:03:93:65:1c:a0:de:5e:a5:1f:
25:70:07:59:a4:c0:ce:64:2c:51:4d:9f:60:96:7c:e4:c8:4d:
c8:77:0b:e7:66:6c:ab:4b:f5:80:f9:43:44:fc:4d:e3:ce:a1:
6d:85:ae:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtyv6aPz+umT3hjX/VDUPBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYzY3YzZiZTM2N2FiOWU5NDFkMTQyN2QwNTA0NDk0NDdi
ODg2NWMwHhcNMjMwMTAxMTQ0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmFjZTk4MGJjOGJhYTg0ODNlYmI1ZTAxM2UyN2E2OWI4ZWZhNjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2+OOZYIyxxJajWsafIeM7FF5RU/
kz4vfModchWX9c+E0F97gKjQp1Bu/UafEbJWVRmXTk+SJwpxSN07O5k7N+3exh3m
Y/FMwDcE3IB/dvq5lxprRtqw0p4FEzsCSyzYkELxu2Jxtq8g7Wie1xQPq4CicZ0p
zrIsM1d5NGVeqGYDXhiuRnzcjCNZ4RfUvmmkDBwVAy+nnR9DockhBR2170FCk+rB
LjOHfnHYJdwwCGSWU+lGIBlONyZjeiBKCuPG1grvWdc1FaGmOsqHsYeXhwfLS8D8
PORKEw1Wzyj0OZwNjgr/qCyY2bL7ZrQ8qwxcxn0EfQN7PcCr3RxlKxDjswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGus6YC8i6qEg+u14BPiemm476YbMB8GA1UdIwQY
MBaAFF3GfGvjZ6uelB0UJ9BQRJRHuIZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGNaOGEtTm5xNTZVSFJRbjBGQkVsRWU0aGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83NjI3NWEtNmY0MS00ODA0LTgzN2It
ODk3OTlkZWFkYzQ3LzEvYTZ6cGdMeUxxb1NENjdYZ0UtSjZhYmp2cGhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83NjI3NWEtNmY0MS00ODA0LTgzN2ItODk3OTlkZWFkYzQ3
LzEvWGNaOGEtTm5xNTZVSFJRbjBGQkVsRWU0aGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwdrMAwQA
wdreAwQAwdsAMA0GCSqGSIb3DQEBCwUAA4IBAQAVcY/lkoOq4UZB0J/XaUKIFx3A
jrLevp9CoVbPhFLJHThrje6sp9+EBu7YYoTOjzVXWf8ZeCnZWuLmC6ODh2GdHQtr
3XPmZFqxiqEeYdOW29AFtCddY7jIh/WZwl7RbSFUuEAzdq3QbRC+xQFrYI4XTwi/
pABonrv5ddGpsztTV3mQprNk+6tFhXrrlB8fIPrCFMAOX6Hex9M3xRL0e8lFNyvf
uTa//X9/42ok2z/xK4MfRJnv/DOvzQBNaA5COAWeNyUHwz0DTFyotSPJvCoDk2Uc
oN5epR8lcAdZpMDOZCxRTZ9glnzkyE3IdwvnZmyrS/WA+UNE/E3jzqFtha4a
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:03 2025 by rpki-client