Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/X6AiAYWvwnai7Chi3nFME-QphCs.roa
File: X6AiAYWvwnai7Chi3nFME-QphCs.roa (raw, json)
Hash identifier: 7xca/7gP/7gzxatWoRj6wOAizsoQSbLUEFjcCVK9RxM=
Subject key identifier: 5F:A0:22:01:85:AF:C2:76:A2:EC:28:62:DE:71:4C:13:E4:29:84:2B
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 018B232568481CCA521CBEE670B8DB4759B0
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/X6AiAYWvwnai7Chi3nFME-QphCs.roa
Signing time: Thu 12 Oct 2023 09:08:55 +0000
ROA not before: Thu 12 Oct 2023 09:08:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6810
IP address blocks: 85.130.192.0/19 maxlen: 24
85.130.192.0/18 maxlen: 24
85.130.128.0/18 maxlen: 24
31.168.36.0/23 maxlen: 24
109.67.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:25:68:48:1c:ca:52:1c:be:e6:70:b8:db:47:59:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Oct 12 09:08:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fa0220185afc276a2ec2862de714c13e429842b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b5:3d:04:ac:c0:24:32:9a:f8:2b:9f:22:d6:
8f:1c:84:5e:b4:55:55:e4:c9:75:40:80:3c:bd:d5:
0b:fe:a3:46:68:f9:da:dc:de:81:93:36:ae:53:bd:
0a:9a:b2:07:e1:b7:de:03:72:35:5d:63:24:e2:27:
65:8b:32:e6:ba:66:f9:12:d5:f4:e8:e7:a6:71:a2:
9b:78:47:22:78:1e:05:07:f7:dc:cd:a1:b7:bb:0c:
38:11:04:75:82:75:69:86:d4:18:e1:85:f7:9e:67:
1f:a2:8e:47:9e:3f:e4:03:4e:9b:31:3d:32:76:48:
3b:83:8a:15:6d:40:e1:c2:34:e9:b0:67:b1:2a:41:
9e:61:1c:db:a7:63:28:a1:8c:9d:05:95:12:d1:51:
56:13:fe:a7:48:1f:f5:f7:47:77:10:90:39:87:44:
e1:4a:11:62:e4:80:06:80:b0:4d:0c:c2:3f:67:a3:
22:11:9a:f9:41:ca:37:61:c0:c6:22:0d:93:54:6d:
81:8f:99:cf:4b:93:9e:06:79:a6:ad:3d:f9:bc:16:
37:7d:f4:cb:fa:d6:f0:9b:b0:5f:4a:44:03:d5:63:
9b:f6:02:69:86:51:3e:14:cd:62:b7:a9:bf:b9:a4:
4f:4e:bd:8b:a1:d7:0a:4a:e2:77:35:d6:6e:3c:3f:
60:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A0:22:01:85:AF:C2:76:A2:EC:28:62:DE:71:4C:13:E4:29:84:2B
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/X6AiAYWvwnai7Chi3nFME-QphCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.168.36.0/23
85.130.128.0/17
109.67.128.0/18
Signature Algorithm: sha256WithRSAEncryption
86:b8:d3:c4:16:06:31:57:0f:d3:89:37:70:19:88:d5:51:1a:
29:cb:d8:7a:42:5f:39:84:d8:90:83:2b:f4:44:49:e1:60:e0:
a1:20:d0:26:70:2c:b1:f3:68:c6:be:50:e8:ea:00:f4:0c:9d:
85:7a:79:4e:50:f5:51:6c:8f:7d:0a:4b:7c:51:e0:fe:83:d7:
a4:e6:c6:45:03:14:97:ab:55:23:a6:e6:15:b9:ac:2f:28:b9:
34:53:d8:7f:ea:17:9a:e7:c5:62:81:a0:5c:cc:45:ac:8b:cb:
eb:ae:a8:bd:3a:b1:30:89:5e:a4:9d:78:35:a6:f6:07:d2:d1:
fb:24:1b:37:c6:a6:48:de:23:00:df:3a:65:bd:01:15:32:d1:
6b:f7:49:b6:9b:48:07:b2:52:55:3e:97:83:d6:33:8c:92:a0:
71:4d:d3:76:94:74:26:ce:cb:9e:1a:60:3f:5b:6e:47:67:7f:
a1:68:4a:89:76:18:9c:c7:83:d1:ec:95:11:3d:75:8f:56:2f:
40:95:d8:c7:85:53:e0:17:19:c8:99:fa:4d:37:48:9e:6a:6a:
74:ba:10:87:c5:ce:cc:51:da:11:83:c9:ee:e9:a3:ca:94:89:
8a:b9:a0:f9:f0:fe:9d:df:e5:6d:64:65:c9:1b:52:3e:c6:6e:
71:41:72:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsjJWhIHMpSHL7mcLjbR1mwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjMxMDEyMDkwODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmEwMjIwMTg1YWZjMjc2YTJlYzI4NjJkZTcxNGMxM2U0Mjk4NDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbU9BKzAJDKa+CufItaPHIRetFVV
5Ml1QIA8vdUL/qNGaPna3N6BkzauU70KmrIH4bfeA3I1XWMk4idlizLmumb5EtX0
6OemcaKbeEcieB4FB/fczaG3uww4EQR1gnVphtQY4YX3nmcfoo5Hnj/kA06bMT0y
dkg7g4oVbUDhwjTpsGexKkGeYRzbp2MooYydBZUS0VFWE/6nSB/190d3EJA5h0Th
ShFi5IAGgLBNDMI/Z6MiEZr5Qco3YcDGIg2TVG2Bj5nPS5OeBnmmrT35vBY3ffTL
+tbwm7BfSkQD1WOb9gJphlE+FM1it6m/uaRPTr2LodcKSuJ3NdZuPD9gzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF+gIgGFr8J2ouwoYt5xTBPkKYQrMB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvWDZBaUFZV3Z3bmFpN0NoaTNuRk1FLVFwaENzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH6gkAwQH
VYKAAwQGbUOAMA0GCSqGSIb3DQEBCwUAA4IBAQCGuNPEFgYxVw/TiTdwGYjVURop
y9h6Ql85hNiQgyv0REnhYOChINAmcCyx82jGvlDo6gD0DJ2FenlOUPVRbI99Ckt8
UeD+g9ek5sZFAxSXq1UjpuYVuawvKLk0U9h/6hea58VigaBczEWsi8vrrqi9OrEw
iV6knXg1pvYH0tH7JBs3xqZI3iMA3zplvQEVMtFr90m2m0gHslJVPpeD1jOMkqBx
TdN2lHQmzsueGmA/W25HZ3+haEqJdhicx4PR7JURPXWPVi9AldjHhVPgFxnImfpN
N0ieamp0uhCHxc7MUdoRg8nu6aPKlImKuaD58P6d3+VtZGXJG1I+xm5xQXIB
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:54:17 2025 by rpki-client