Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/eCJkj7-7fxgABoyvcTWV1AmgStk.roa
File: eCJkj7-7fxgABoyvcTWV1AmgStk.roa (raw, json)
Hash identifier: 6LoJUt5ZhH+VmfVR7VWQ22Kby9k/s7RPMOxYHowXpvE=
Subject key identifier: 78:22:64:8F:BF:BB:7F:18:00:06:8C:AF:71:35:95:D4:09:A0:4A:D9
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01856F42AF0F6CBC46C390A8D8F3B3AD0BE8
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/eCJkj7-7fxgABoyvcTWV1AmgStk.roa
Signing time: Sun 01 Jan 2023 21:35:19 +0000
ROA not before: Sun 01 Jan 2023 21:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212843
IP address blocks: 212.86.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:af:0f:6c:bc:46:c3:90:a8:d8:f3:b3:ad:0b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 21:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7822648fbfbb7f1800068caf713595d409a04ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:14:64:f1:46:d7:a4:63:e9:0a:52:dd:68:4a:
89:70:7d:07:04:39:ad:f7:f9:f8:87:dd:91:fb:66:
90:3a:df:6a:1a:d4:95:b2:65:59:60:c7:2d:87:32:
1f:78:ea:6d:dd:6c:49:e7:92:cb:58:b5:29:39:d4:
2e:3d:c2:87:23:71:b1:bb:14:83:cc:87:f2:99:99:
09:e1:3f:c5:7f:2c:24:92:ec:c4:55:51:86:53:bc:
3e:e8:de:76:dd:33:f7:cc:36:c8:b6:21:69:7b:ad:
fa:86:3b:10:4c:f0:71:ea:31:da:0f:5a:25:61:59:
2b:dc:c1:a5:b3:d8:dc:e9:45:d0:99:7c:cd:53:fd:
e6:e6:90:b8:7e:4a:35:22:1b:17:ca:54:e4:bd:09:
1c:c4:aa:f0:83:4f:69:af:d9:5e:18:f1:7b:52:03:
dd:28:42:e4:1e:36:90:e3:63:16:6c:5e:ec:8f:e4:
d9:0d:86:fd:b7:7f:9d:b7:2d:cd:eb:cf:af:94:ee:
7d:05:ac:c9:0e:f6:83:92:23:f8:d1:b5:73:f8:e5:
13:e8:87:0e:c7:29:8a:f5:49:69:a1:75:57:17:89:
f9:57:95:f8:2e:69:6c:b6:b3:99:34:39:6a:44:fe:
c2:15:1c:f6:b1:87:9b:2a:94:2a:f1:dd:b0:7c:02:
b3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:22:64:8F:BF:BB:7F:18:00:06:8C:AF:71:35:95:D4:09:A0:4A:D9
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/eCJkj7-7fxgABoyvcTWV1AmgStk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.86.97.0/24
Signature Algorithm: sha256WithRSAEncryption
71:3a:d8:f5:24:37:a0:09:13:bb:66:c7:2f:d8:99:21:79:6d:
85:f9:02:e4:6b:4a:d5:3d:ef:08:ed:0e:59:7e:37:b7:65:7d:
59:c6:4b:c5:39:ff:1f:5d:60:df:a8:58:21:01:8a:3e:41:5a:
9c:f9:5b:e2:7b:92:ab:ab:0b:1b:2c:74:77:33:d1:27:f8:d8:
0a:56:f8:75:3b:95:ab:e5:90:92:b1:e8:23:31:d8:31:d8:5a:
e4:9d:ba:85:3c:ba:ca:d0:2c:2c:7d:06:e7:2e:1b:0e:ca:c9:
4d:c2:c5:e1:1f:41:6f:f9:12:23:c0:c0:2a:e5:44:7b:98:d2:
92:23:73:ff:5a:fe:45:62:ff:a6:82:24:f3:17:d5:9d:f7:e0:
b5:3c:0a:a7:e9:8a:f1:45:95:a9:09:77:f1:f3:7e:2f:fa:6a:
2f:40:f4:b3:d1:b9:f6:a6:7d:6a:27:25:14:3c:e4:73:97:de:
6e:f4:d2:da:24:f3:da:6d:32:e5:33:08:71:47:6a:46:1a:ee:
79:04:51:2e:ed:1b:27:7c:2f:be:38:60:71:35:1a:48:f0:39:
59:ad:db:3e:e5:eb:19:1b:92:b5:09:0e:19:4e:58:8f:69:e6:
81:2b:28:f2:92:f9:0b:62:66:85:bd:c3:d9:f4:0d:a5:ac:63:
2e:ef:11:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQq8PbLxGw5Co2POzrQvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwMTAxMjEzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODIyNjQ4ZmJmYmI3ZjE4MDAwNjhjYWY3MTM1OTVkNDA5YTA0YWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBRk8UbXpGPpClLdaEqJcH0HBDmt
9/n4h92R+2aQOt9qGtSVsmVZYMcthzIfeOpt3WxJ55LLWLUpOdQuPcKHI3GxuxSD
zIfymZkJ4T/FfywkkuzEVVGGU7w+6N523TP3zDbItiFpe636hjsQTPBx6jHaD1ol
YVkr3MGls9jc6UXQmXzNU/3m5pC4fko1IhsXylTkvQkcxKrwg09pr9leGPF7UgPd
KELkHjaQ42MWbF7sj+TZDYb9t3+dty3N68+vlO59BazJDvaDkiP40bVz+OUT6IcO
xymK9UlpoXVXF4n5V5X4LmlstrOZNDlqRP7CFRz2sYebKpQq8d2wfAKzkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHgiZI+/u38YAAaMr3E1ldQJoErZMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvZUNKa2o3LTdmeGdBQm95dmNUV1YxQW1nU3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1FZhMA0G
CSqGSIb3DQEBCwUAA4IBAQBxOtj1JDegCRO7Zscv2JkheW2F+QLka0rVPe8I7Q5Z
fje3ZX1ZxkvFOf8fXWDfqFghAYo+QVqc+Vvie5KrqwsbLHR3M9En+NgKVvh1O5Wr
5ZCSsegjMdgx2FrknbqFPLrK0CwsfQbnLhsOyslNwsXhH0Fv+RIjwMAq5UR7mNKS
I3P/Wv5FYv+mgiTzF9Wd9+C1PAqn6YrxRZWpCXfx834v+movQPSz0bn2pn1qJyUU
PORzl95u9NLaJPPabTLlMwhxR2pGGu55BFEu7RsnfC++OGBxNRpI8DlZrds+5esZ
G5K1CQ4ZTliPaeaBKyjykvkLYmaFvcPZ9A2lrGMu7xGI
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:53 2025 by rpki-client