Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/d6jCkDVpc7YD0bTysOhVvtV9mm8.roa
File: d6jCkDVpc7YD0bTysOhVvtV9mm8.roa (raw, json)
Hash identifier: gHN/C8qKA8MCqBwTcqNL5GNPMPnbEjWX/TjD65Ytkas=
Subject key identifier: 77:A8:C2:90:35:69:73:B6:03:D1:B4:F2:B0:E8:55:BE:D5:7D:9A:6F
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018953C2A393818E47CC2C5611AA0095D647
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/d6jCkDVpc7YD0bTysOhVvtV9mm8.roa
Signing time: Fri 14 Jul 2023 09:36:52 +0000
ROA not before: Fri 14 Jul 2023 09:36:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 176.46.144.0/20 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:53:c2:a3:93:81:8e:47:cc:2c:56:11:aa:00:95:d6:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jul 14 09:36:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77a8c290356973b603d1b4f2b0e855bed57d9a6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:db:38:fc:bb:bf:d8:94:ef:a7:22:88:6f:7e:
c2:94:cf:b8:6b:5d:14:bf:f1:81:e1:af:c8:f1:65:
6c:58:d8:14:12:cb:58:03:ae:9a:18:4c:63:a1:40:
43:ed:28:bc:95:8e:dd:a0:63:cb:64:d8:e2:7f:c8:
59:b8:66:7b:12:c2:bb:b8:8e:52:7e:54:3e:0b:b5:
a9:b1:b7:be:6b:a3:4b:62:f2:4f:dd:4c:e0:e7:24:
75:c0:05:17:b9:16:be:99:a6:8c:aa:bc:d4:d5:68:
f0:a8:51:d8:19:ba:06:83:0a:70:35:55:b7:f5:6a:
9b:06:5d:d8:2d:c1:3e:01:2e:c7:2e:03:3b:9f:2d:
0e:8e:36:ad:e6:d0:72:fc:83:78:05:96:c0:e1:13:
9b:27:4d:b3:16:28:6b:03:42:2e:35:c7:f3:4e:56:
95:50:d4:ba:76:1b:af:c3:0e:8c:83:d6:de:cd:a0:
d5:5a:3b:a7:b0:1d:0c:52:00:09:96:f0:29:32:0c:
0a:02:c4:c9:c1:15:4c:82:28:9b:0e:a3:60:aa:86:
57:10:51:ac:5d:b6:1e:65:70:fb:4f:1b:98:4b:0b:
1a:94:1b:df:32:2a:90:ca:7a:49:b6:23:82:73:17:
59:62:55:62:81:f0:85:30:5c:b3:e3:d6:72:2b:f6:
b3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A8:C2:90:35:69:73:B6:03:D1:B4:F2:B0:E8:55:BE:D5:7D:9A:6F
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/d6jCkDVpc7YD0bTysOhVvtV9mm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.164.0/24
94.74.171.0/24
176.46.144.0/20
Signature Algorithm: sha256WithRSAEncryption
92:de:60:ed:bd:cc:43:6d:7b:0f:cb:9e:21:73:ff:19:ca:20:
66:52:16:33:dc:6d:2a:5b:6a:8a:75:11:c1:dc:0e:b0:ac:5f:
2c:3c:97:55:68:ef:1a:10:93:bc:b5:23:8a:79:21:02:59:5b:
bc:ef:21:03:b4:38:e8:7b:80:be:25:0c:7f:3b:cc:41:49:3b:
50:b3:af:2e:27:d4:76:dc:36:4c:af:f0:f3:eb:4e:9b:43:0c:
ba:b9:9f:3c:f8:3f:1c:0d:ab:da:2d:98:19:bb:42:6e:b0:56:
45:37:24:b4:9c:eb:9b:bc:78:22:0f:19:57:d5:00:bb:a3:e0:
c4:e9:49:a3:e8:72:27:04:2e:ff:41:ae:ae:c3:ab:c0:3b:a4:
34:ee:5f:5e:5b:5f:d7:26:c2:4d:88:6d:46:0a:36:34:7b:43:
49:74:f6:f1:b3:b7:14:a8:4d:6f:a3:99:c5:4f:36:50:fd:6c:
a8:71:b9:0a:ad:6f:10:7e:8b:66:31:80:94:28:77:dd:32:1e:
7f:ec:22:25:5a:19:2e:d3:64:bf:f0:c3:da:cd:b5:4f:cc:2b:
60:9d:9b:4e:12:14:41:52:78:43:f3:b9:71:da:12:2c:8e:bf:
e0:92:20:81:6c:ff:7d:5c:ce:e9:a7:c7:f3:8c:92:dc:81:4e:
a1:23:7e:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlTwqOTgY5HzCxWEaoAldZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwNzE0MDkzNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2E4YzI5MDM1Njk3M2I2MDNkMWI0ZjJiMGU4NTViZWQ1N2Q5YTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuds4/Lu/2JTvpyKIb37ClM+4a10U
v/GB4a/I8WVsWNgUEstYA66aGExjoUBD7Si8lY7doGPLZNjif8hZuGZ7EsK7uI5S
flQ+C7Wpsbe+a6NLYvJP3Uzg5yR1wAUXuRa+maaMqrzU1WjwqFHYGboGgwpwNVW3
9WqbBl3YLcE+AS7HLgM7ny0Ojjat5tBy/IN4BZbA4RObJ02zFihrA0IuNcfzTlaV
UNS6dhuvww6Mg9bezaDVWjunsB0MUgAJlvApMgwKAsTJwRVMgiibDqNgqoZXEFGs
XbYeZXD7TxuYSwsalBvfMiqQynpJtiOCcxdZYlVigfCFMFyz49ZyK/azqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHeowpA1aXO2A9G08rDoVb7VfZpvMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvZDZqQ2tEVnBjN1lEMGJUeXNPaFZ2dFY5bW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXkqkAwQA
XkqrAwQEsC6QMA0GCSqGSIb3DQEBCwUAA4IBAQCS3mDtvcxDbXsPy54hc/8ZyiBm
UhYz3G0qW2qKdRHB3A6wrF8sPJdVaO8aEJO8tSOKeSECWVu87yEDtDjoe4C+JQx/
O8xBSTtQs68uJ9R23DZMr/Dz606bQwy6uZ88+D8cDavaLZgZu0JusFZFNyS0nOub
vHgiDxlX1QC7o+DE6Umj6HInBC7/Qa6uw6vAO6Q07l9eW1/XJsJNiG1GCjY0e0NJ
dPbxs7cUqE1vo5nFTzZQ/WyocbkKrW8QfotmMYCUKHfdMh5/7CIlWhku02S/8MPa
zbVPzCtgnZtOEhRBUnhD87lx2hIsjr/gkiCBbP99XM7pp8fzjJLcgU6hI353
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:06 2025 by rpki-client