Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/b8Ce6hJOo1NMA4bQVK-MpxBSi1M.roa
File: b8Ce6hJOo1NMA4bQVK-MpxBSi1M.roa (raw, json)
Hash identifier: Snna4w3p7aS5VA0oSu7TtipUWAgp/nzoRowc2P2XlTU=
Subject key identifier: 6F:C0:9E:EA:12:4E:A3:53:4C:03:86:D0:54:AF:8C:A7:10:52:8B:53
Certificate issuer: /CN=95fd03b5f35b317b4d32ff1a4b2c17bb376c21e1
Certificate serial: 02E73881
Authority key identifier: 95:FD:03:B5:F3:5B:31:7B:4D:32:FF:1A:4B:2C:17:BB:37:6C:21:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lf0DtfNbMXtNMv8aSywXuzdsIeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/b8Ce6hJOo1NMA4bQVK-MpxBSi1M.roa
Signing time: Sat 01 Jan 2022 13:03:12 +0000
ROA not before: Sat 01 Jan 2022 13:03:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34154
IP address blocks: 193.17.230.0/24 maxlen: 24
217.71.216.0/21 maxlen: 24
195.160.196.0/22 maxlen: 24
185.121.196.0/22 maxlen: 24
2a00:1fe8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48707713 (0x2e73881)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95fd03b5f35b317b4d32ff1a4b2c17bb376c21e1
Validity
Not Before: Jan 1 13:03:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6fc09eea124ea3534c0386d054af8ca710528b53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:82:ce:94:3f:b6:c0:0b:35:ff:00:8e:7e:8a:
04:87:38:2e:52:99:47:0f:06:46:b9:f7:c5:f6:f6:
7b:ca:91:44:68:33:a5:d8:0d:ea:4b:6d:f1:44:b1:
60:4e:cc:88:4c:d7:19:2d:bf:8d:61:e8:25:9e:0b:
58:83:84:66:33:e1:6c:3d:1f:61:c0:fb:f8:39:bb:
3f:63:f4:05:68:24:06:1b:4a:34:7e:89:0f:8f:dc:
96:b3:80:7e:c3:71:1d:26:fd:f4:e4:27:5f:cf:a2:
82:25:e7:d4:20:55:cb:e9:b3:55:c7:b1:a7:6d:2d:
d3:a2:ad:48:dc:32:b4:5a:96:62:c2:64:11:4d:11:
2e:d8:1c:06:f4:c8:85:61:f2:55:a7:3c:69:4e:b9:
ec:63:4f:7a:23:ee:e2:40:a9:ca:0d:0d:9e:6a:75:
4a:fc:92:a1:cd:a1:29:c0:91:64:70:e1:d5:9c:9f:
e1:ca:0f:ae:d2:ee:8c:df:49:28:db:10:32:b8:5f:
00:8d:e6:c7:c6:f2:6b:dd:26:61:32:b5:30:b8:82:
60:0a:d0:ef:82:e4:87:ce:c7:7a:26:a5:64:a1:20:
fe:29:10:a9:49:4b:04:47:66:3a:cc:61:b6:e2:bc:
bc:3a:0d:14:d5:f4:e8:b8:e4:f8:64:60:60:0f:2a:
aa:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C0:9E:EA:12:4E:A3:53:4C:03:86:D0:54:AF:8C:A7:10:52:8B:53
X509v3 Authority Key Identifier:
keyid:95:FD:03:B5:F3:5B:31:7B:4D:32:FF:1A:4B:2C:17:BB:37:6C:21:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lf0DtfNbMXtNMv8aSywXuzdsIeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/b8Ce6hJOo1NMA4bQVK-MpxBSi1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.196.0/22
193.17.230.0/24
195.160.196.0/22
217.71.216.0/21
IPv6:
2a00:1fe8::/32
Signature Algorithm: sha256WithRSAEncryption
89:6d:36:83:16:25:64:b8:cd:ec:e1:4a:c5:fa:eb:b5:71:b9:
61:23:eb:90:8e:1f:f7:4f:fb:30:2c:f5:63:cd:60:bd:27:14:
52:e4:b0:9a:77:93:55:d2:61:a2:58:c9:23:54:43:f2:de:b4:
e3:68:eb:3a:0f:26:51:c7:8b:2f:27:a0:83:8e:56:b4:04:43:
ea:34:67:67:9b:84:61:37:f7:9c:fa:27:a6:7e:a9:2c:64:a5:
6f:38:e1:ca:7f:43:e2:08:cf:34:1b:ab:ad:d8:fd:b7:ad:5d:
f6:31:94:bc:8a:9f:8f:58:4e:aa:1c:16:76:d8:f0:c7:ec:5f:
ba:b7:59:a0:36:02:35:e2:61:03:73:57:bd:60:f1:33:df:68:
59:ba:fa:53:77:5e:d8:12:34:78:60:fb:2f:63:53:e3:0c:45:
15:e9:bc:7f:ec:91:c0:6a:01:a5:84:68:19:89:ee:47:6c:e7:
60:52:95:15:ba:46:78:66:52:af:2c:23:37:f2:10:49:be:20:
93:ed:41:4c:2f:e1:3c:f9:36:91:50:52:ba:f8:9d:1f:4d:27:
9c:de:8c:8f:2a:e2:28:39:ff:41:fe:d9:35:f2:7c:87:d2:00:
ee:c3:b9:4f:02:c4:90:30:38:01:10:10:9c:f7:a3:61:8e:95:
62:ce:4d:bd
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEAuc4gTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NWZkMDNiNWYzNWIzMTdiNGQzMmZmMWE0YjJjMTdiYjM3NmMyMWUxMB4XDTIyMDEw
MTEzMDMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmZjMDllZWExMjRl
YTM1MzRjMDM4NmQwNTRhZjhjYTcxMDUyOGI1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWCzpQ/tsALNf8Ajn6KBIc4LlKZRw8GRrn3xfb2e8qRRGgz
pdgN6ktt8USxYE7MiEzXGS2/jWHoJZ4LWIOEZjPhbD0fYcD7+Dm7P2P0BWgkBhtK
NH6JD4/clrOAfsNxHSb99OQnX8+igiXn1CBVy+mzVcexp20t06KtSNwytFqWYsJk
EU0RLtgcBvTIhWHyVac8aU657GNPeiPu4kCpyg0Nnmp1SvySoc2hKcCRZHDh1Zyf
4coPrtLujN9JKNsQMrhfAI3mx8bya90mYTK1MLiCYArQ74Lkh87HeialZKEg/ikQ
qUlLBEdmOsxhtuK8vDoNFNX06Ljk+GRgYA8qqk0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRvwJ7qEk6jU0wDhtBUr4ynEFKLUzAfBgNVHSMEGDAWgBSV/QO181sxe00y
/xpLLBe7N2wh4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xmMER0Zk5iTVh0Tk12OGFTeXdYdXpkc0llRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZjlkMGU5LWJkYTQtNDJiMi04ZTdhLWQ2MGY0NGE5MzRiMS8x
L2I4Q2U2aEpPbzFOTUE0YlFWSy1NcHhCU2kxTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZjlkMGU5LWJkYTQtNDJiMi04ZTdhLWQ2MGY0NGE5MzRiMS8xL2xmMER0Zk5iTVh0
Tk12OGFTeXdYdXpkc0llRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEArl5xAMEAMER5gMEAsOgxAMEA9lH
2DANBAIAAjAHAwUAKgAf6DANBgkqhkiG9w0BAQsFAAOCAQEAiW02gxYlZLjN7OFK
xfrrtXG5YSPrkI4f90/7MCz1Y81gvScUUuSwmneTVdJholjJI1RD8t6042jrOg8m
UceLLyegg45WtARD6jRnZ5uEYTf3nPonpn6pLGSlbzjhyn9D4gjPNBurrdj9t61d
9jGUvIqfj1hOqhwWdtjwx+xfurdZoDYCNeJhA3NXvWDxM99oWbr6U3de2BI0eGD7
L2NT4wxFFem8f+yRwGoBpYRoGYnuR2znYFKVFbpGeGZSrywjN/IQSb4gk+1BTC/h
PPk2kVBSuvidH00nnN6MjyriKDn/Qf7ZNfJ8h9IA7sO5TwLEkDA4ARAQnPejYY6V
Ys5NvQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:28 2025 by rpki-client