Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/aKcSAQNzYv6Srs2lOp957CAGfMk.roa
File: aKcSAQNzYv6Srs2lOp957CAGfMk.roa (raw, json)
Hash identifier: 6EKqYOvsIEL9YW80H7seVMsLaVwyxBMrE/FE+D/XOeE=
Subject key identifier: 68:A7:12:01:03:73:62:FE:92:AE:CD:A5:3A:9F:79:EC:20:06:7C:C9
Certificate issuer: /CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Certificate serial: 018B01D16BD5BC3048167E5EBEB89613AFDB
Authority key identifier: C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/aKcSAQNzYv6Srs2lOp957CAGfMk.roa
Signing time: Thu 05 Oct 2023 21:49:43 +0000
ROA not before: Thu 05 Oct 2023 21:49:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58007
IP address blocks: 82.117.245.0/24 maxlen: 24
194.8.28.0/24 maxlen: 24
2a13:4380::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:01:d1:6b:d5:bc:30:48:16:7e:5e:be:b8:96:13:af:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Validity
Not Before: Oct 5 21:49:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68a71201037362fe92aecda53a9f79ec20067cc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:85:a0:be:ee:9d:7c:b0:25:f4:fd:f7:fc:4f:
dc:1a:9b:ef:43:75:d2:30:10:aa:76:7f:21:66:70:
19:89:73:75:9f:19:40:5d:fc:47:e2:a9:9b:4a:6a:
1d:9c:10:22:82:f0:05:22:5e:a0:10:f8:92:9b:28:
8a:4c:61:1f:f6:44:11:8e:85:19:ca:e8:90:00:dd:
d5:95:4c:db:a2:ac:36:cc:f2:2e:99:e5:95:87:b0:
64:43:72:06:73:c4:73:17:cc:64:97:a1:99:ac:5a:
37:dd:a1:00:67:09:66:85:4e:97:8e:e8:6b:f0:20:
15:15:4f:ab:3c:21:15:22:a4:73:da:46:2b:33:fb:
8e:12:f7:3d:c2:e3:16:55:8c:8d:f5:53:c2:37:f0:
78:e4:94:db:99:36:43:eb:ca:9e:b8:32:1d:a8:9a:
6c:52:70:f6:ca:d0:ab:65:ef:ba:66:f0:31:d6:f0:
8e:4e:c5:53:32:15:fb:5c:18:1b:2f:f9:81:14:a3:
84:29:3a:05:aa:30:55:92:6d:ac:eb:6a:29:50:aa:
e5:be:df:57:46:f9:be:8b:0f:9d:77:b7:ed:d2:34:
71:b9:67:d3:f4:85:79:cd:41:4f:5e:cf:84:f5:97:
54:f6:c7:06:b3:4e:1a:2f:0b:06:bd:21:a7:f0:af:
b1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A7:12:01:03:73:62:FE:92:AE:CD:A5:3A:9F:79:EC:20:06:7C:C9
X509v3 Authority Key Identifier:
keyid:C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/aKcSAQNzYv6Srs2lOp957CAGfMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.117.245.0/24
194.8.28.0/24
IPv6:
2a13:4380::/32
Signature Algorithm: sha256WithRSAEncryption
9a:eb:12:72:3f:91:62:c5:6f:cf:a6:31:9a:44:8d:19:d0:59:
6a:ee:8c:9c:40:0a:6b:d8:9f:0a:eb:34:af:0b:5f:15:57:9a:
a0:da:0e:22:57:a3:c4:ab:f3:5c:40:df:ac:46:83:4a:25:fc:
d5:7c:51:91:98:76:f5:8d:37:4b:25:ec:67:7b:6f:2d:d5:68:
c8:74:e1:7e:cb:a5:13:fb:20:c8:18:5c:ac:e3:9e:8c:24:c1:
4d:e6:bd:e8:c8:f1:86:14:89:9e:cb:af:ee:8e:f6:08:eb:20:
73:8c:92:05:8e:dc:1f:16:98:26:32:e5:7f:d2:50:59:00:37:
ce:d1:42:b5:cc:c2:b3:9d:69:ad:e7:75:3b:51:3d:f6:45:7b:
b8:a8:24:b7:b9:45:0b:8e:0e:f0:ba:f3:62:89:3c:31:0e:36:
37:d2:d9:3f:e6:c1:75:43:75:36:db:ae:eb:f9:26:8f:07:6e:
ea:1b:e0:a9:55:d5:71:89:f3:7a:48:ed:a0:57:3d:91:a1:4d:
db:df:07:f3:ed:ce:f3:b5:02:94:b4:de:f9:c3:a9:f0:70:a2:
09:d5:9f:a4:55:ef:d4:7c:f6:c3:37:3f:1c:32:73:6a:98:2b:
02:3d:84:92:fa:42:26:d7:30:25:f3:bf:c6:6b:78:5d:29:b2:
4e:3c:8c:af
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYsB0WvVvDBIFn5evriWE6/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NDZjNGJlZmUwZmJiZTM2MjRiZDc0ODI5NmI1ZmUyZTdl
YzJkNjgwHhcNMjMxMDA1MjE0OTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGE3MTIwMTAzNzM2MmZlOTJhZWNkYTUzYTlmNzllYzIwMDY3Y2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIWgvu6dfLAl9P33/E/cGpvvQ3XS
MBCqdn8hZnAZiXN1nxlAXfxH4qmbSmodnBAigvAFIl6gEPiSmyiKTGEf9kQRjoUZ
yuiQAN3VlUzboqw2zPIumeWVh7BkQ3IGc8RzF8xkl6GZrFo33aEAZwlmhU6Xjuhr
8CAVFU+rPCEVIqRz2kYrM/uOEvc9wuMWVYyN9VPCN/B45JTbmTZD68qeuDIdqJps
UnD2ytCrZe+6ZvAx1vCOTsVTMhX7XBgbL/mBFKOEKToFqjBVkm2s62opUKrlvt9X
Rvm+iw+dd7ft0jRxuWfT9IV5zUFPXs+E9ZdU9scGs04aLwsGvSGn8K+xLQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGinEgEDc2L+kq7NpTqfeewgBnzJMB8GA1UdIwQY
MBaAFMlGxL7+D7vjYkvXSClrX+Ln7C1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODkt
NmJiYjI3MDgxZGUyLzEvYUtjU0FRTnpZdjZTcnMybE9wOTU3Q0FHZk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODktNmJiYjI3MDgxZGUy
LzEveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUnX1AwQA
wggcMA0EAgACMAcDBQAqE0OAMA0GCSqGSIb3DQEBCwUAA4IBAQCa6xJyP5FixW/P
pjGaRI0Z0Flq7oycQApr2J8K6zSvC18VV5qg2g4iV6PEq/NcQN+sRoNKJfzVfFGR
mHb1jTdLJexne28t1WjIdOF+y6UT+yDIGFys456MJMFN5r3oyPGGFImey6/ujvYI
6yBzjJIFjtwfFpgmMuV/0lBZADfO0UK1zMKznWmt53U7UT32RXu4qCS3uUULjg7w
uvNiiTwxDjY30tk/5sF1Q3U2267r+SaPB27qG+CpVdVxifN6SO2gVz2RoU3b3wfz
7c7ztQKUtN75w6nwcKIJ1Z+kVe/UfPbDNz8cMnNqmCsCPYSS+kIm1zAl87/Ga3hd
KbJOPIyv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:48 2025 by rpki-client