Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/5645d2-7224-4d10-82bf-3e75051b8eac/1/6DJPV1QdNl8T3HDn0RVYn-KikV0.roa
File: 6DJPV1QdNl8T3HDn0RVYn-KikV0.roa (raw, json)
Hash identifier: cYHsw2oj/iPV4Hk6pNQqlp2NHwXDM25M+3qPnEnViLU=
Subject key identifier: E8:32:4F:57:54:1D:36:5F:13:DC:70:E7:D1:15:58:9F:E2:A2:91:5D
Certificate issuer: /CN=0781ee869d2e1c200ff8c697e2d37eaa42940a36
Certificate serial: 020F3452
Authority key identifier: 07:81:EE:86:9D:2E:1C:20:0F:F8:C6:97:E2:D3:7E:AA:42:94:0A:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B4Huhp0uHCAP-MaX4tN-qkKUCjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/5645d2-7224-4d10-82bf-3e75051b8eac/1/6DJPV1QdNl8T3HDn0RVYn-KikV0.roa
Signing time: Sat 01 Jan 2022 02:51:32 +0000
ROA not before: Sat 01 Jan 2022 02:51:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51075
IP address blocks: 193.168.219.0/24 maxlen: 24
2a10:f7c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34550866 (0x20f3452)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0781ee869d2e1c200ff8c697e2d37eaa42940a36
Validity
Not Before: Jan 1 02:51:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8324f57541d365f13dc70e7d115589fe2a2915d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ae:3c:7a:a4:d8:9f:11:af:00:4d:cc:94:ee:
c3:cf:e8:c6:a2:71:1b:47:b8:01:c0:06:9e:46:ac:
f9:87:fa:65:00:ce:2e:0b:d5:4b:5b:00:03:e7:1a:
91:7c:b4:91:c5:56:0d:fa:6c:59:b4:17:77:81:60:
f0:ff:b9:d3:27:a6:8c:3b:96:d0:5c:63:f2:21:c5:
f0:55:6d:2d:31:22:1d:64:62:b5:54:e9:9c:0c:3f:
db:ec:b8:67:46:a8:6b:97:ff:b0:f4:db:2a:a4:d0:
08:5d:74:77:3b:8c:2d:d2:d2:33:27:cc:3a:7a:87:
15:fc:7c:69:37:f9:7a:5d:e6:aa:c2:27:51:b0:a1:
08:d5:80:1a:5d:17:f3:de:22:99:9a:31:73:c0:8f:
6e:6c:d0:62:53:0e:84:6a:62:f7:d6:16:92:38:36:
1b:12:7f:cc:b5:8c:58:1d:a1:c2:89:0e:f1:b1:db:
a0:e1:cc:3c:af:79:cd:00:04:4a:b0:68:97:da:cf:
0e:cf:11:ea:52:2e:81:11:43:61:7f:a3:23:8e:6d:
23:a5:04:f1:9c:4c:82:3c:0a:e1:2a:66:5a:c1:cf:
2e:4d:cf:a3:74:f7:12:56:34:11:f4:4c:46:9b:16:
be:8a:d8:c6:08:0d:d8:c7:10:44:b4:66:41:01:85:
8a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:32:4F:57:54:1D:36:5F:13:DC:70:E7:D1:15:58:9F:E2:A2:91:5D
X509v3 Authority Key Identifier:
keyid:07:81:EE:86:9D:2E:1C:20:0F:F8:C6:97:E2:D3:7E:AA:42:94:0A:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B4Huhp0uHCAP-MaX4tN-qkKUCjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/5645d2-7224-4d10-82bf-3e75051b8eac/1/6DJPV1QdNl8T3HDn0RVYn-KikV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/5645d2-7224-4d10-82bf-3e75051b8eac/1/B4Huhp0uHCAP-MaX4tN-qkKUCjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.219.0/24
IPv6:
2a10:f7c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:80:db:21:5b:14:72:16:82:4d:53:64:7b:d4:dc:86:01:34:
d7:20:2a:72:20:70:b4:b5:2f:93:18:9b:53:2a:6b:0f:1d:57:
4a:eb:56:81:d3:72:49:0e:48:98:6a:cc:d0:76:c1:09:8e:c7:
fa:af:c3:89:f2:5a:d0:74:50:c7:35:35:87:c7:2a:9b:ca:78:
bc:50:76:06:2b:52:16:6f:36:16:a3:81:53:77:71:23:f2:c8:
e1:24:e6:eb:05:3b:35:25:6b:e1:58:f5:87:d9:57:e3:b0:92:
0f:20:58:4e:d5:29:23:13:9b:49:ac:3a:06:e2:ef:72:e7:f9:
5e:71:13:d5:b8:a6:08:45:e5:82:6a:01:e7:c8:df:66:a5:58:
aa:7b:05:cf:96:50:fb:7e:49:4f:93:8e:b9:5c:cb:3b:b5:2f:
31:9d:db:fb:a5:93:85:91:44:60:a4:67:d9:17:fd:f9:e4:f1:
56:28:42:4c:d6:28:e5:89:40:8c:4c:f9:22:93:3c:74:cd:9c:
89:50:f7:7b:48:b4:cf:3d:a3:f8:40:8c:22:48:61:62:bc:40:
77:4c:d8:15:a2:53:64:49:81:a2:d0:be:76:dd:76:66:e4:ce:
bd:ed:1e:ec:7a:81:24:80:60:79:27:de:ef:0c:c2:43:d4:f7:
72:bb:22:c3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAg80UjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NzgxZWU4NjlkMmUxYzIwMGZmOGM2OTdlMmQzN2VhYTQyOTQwYTM2MB4XDTIyMDEw
MTAyNTEzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTgzMjRmNTc1NDFk
MzY1ZjEzZGM3MGU3ZDExNTU4OWZlMmEyOTE1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI2uPHqk2J8RrwBNzJTuw8/oxqJxG0e4AcAGnkas+Yf6ZQDO
LgvVS1sAA+cakXy0kcVWDfpsWbQXd4Fg8P+50yemjDuW0Fxj8iHF8FVtLTEiHWRi
tVTpnAw/2+y4Z0aoa5f/sPTbKqTQCF10dzuMLdLSMyfMOnqHFfx8aTf5el3mqsIn
UbChCNWAGl0X894imZoxc8CPbmzQYlMOhGpi99YWkjg2GxJ/zLWMWB2hwokO8bHb
oOHMPK95zQAESrBol9rPDs8R6lIugRFDYX+jI45tI6UE8ZxMgjwK4SpmWsHPLk3P
o3T3ElY0EfRMRpsWvorYxggN2McQRLRmQQGFivsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBToMk9XVB02XxPccOfRFVif4qKRXTAfBgNVHSMEGDAWgBQHge6GnS4cIA/4
xpfi036qQpQKNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0I0SHVocDB1SENBUC1NYVg0dE4tcWtLVUNqWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNTY0NWQyLTcyMjQtNGQxMC04MmJmLTNlNzUwNTFiOGVhYy8x
LzZESlBWMVFkTmw4VDNIRG4wUlZZbi1LaWtWMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
NTY0NWQyLTcyMjQtNGQxMC04MmJmLTNlNzUwNTFiOGVhYy8xL0I0SHVocDB1SENB
UC1NYVg0dE4tcWtLVUNqWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMGo2zANBAIAAjAHAwUDKhD3wDAN
BgkqhkiG9w0BAQsFAAOCAQEAAIDbIVsUchaCTVNke9TchgE01yAqciBwtLUvkxib
UyprDx1XSutWgdNySQ5ImGrM0HbBCY7H+q/DifJa0HRQxzU1h8cqm8p4vFB2BitS
Fm82FqOBU3dxI/LI4STm6wU7NSVr4Vj1h9lX47CSDyBYTtUpIxObSaw6BuLvcuf5
XnET1bimCEXlgmoB58jfZqVYqnsFz5ZQ+35JT5OOuVzLO7UvMZ3b+6WThZFEYKRn
2Rf9+eTxVihCTNYo5YlAjEz5IpM8dM2ciVD3e0i0zz2j+ECMIkhhYrxAd0zYFaJT
ZEmBotC+dt12ZuTOve0e7HqBJIBgeSfe7wzCQ9T3crsiww==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:59 2025 by rpki-client