Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/6co74AcxNWrK6U9-TrPixKqqgRA.roa
File: 6co74AcxNWrK6U9-TrPixKqqgRA.roa (raw, json)
Hash identifier: zN2+PGmJzGVBlbziu3x7a6VbG0t8t20nQ9RjB3RsPvg=
Subject key identifier: E9:CA:3B:E0:07:31:35:6A:CA:E9:4F:7E:4E:B3:E2:C4:AA:AA:81:10
Certificate issuer: /CN=a2074339bb216b85bdc83d61778821adf9149d56
Certificate serial: 01856DC1AD3FABCBA2CC7D48C4BC88E2E68F
Authority key identifier: A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/6co74AcxNWrK6U9-TrPixKqqgRA.roa
Signing time: Sun 01 Jan 2023 14:34:47 +0000
ROA not before: Sun 01 Jan 2023 14:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48200
IP address blocks: 84.39.96.0/20 maxlen: 32
194.62.23.0/24 maxlen: 32
2a01:b1c0::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:ad:3f:ab:cb:a2:cc:7d:48:c4:bc:88:e2:e6:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2074339bb216b85bdc83d61778821adf9149d56
Validity
Not Before: Jan 1 14:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9ca3be00731356acae94f7e4eb3e2c4aaaa8110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8c:44:a0:03:4e:f7:f2:1b:93:cd:7f:e9:d8:
48:04:e5:80:33:cd:f1:d4:3a:45:f1:f4:2a:44:8b:
13:bf:e2:df:66:5d:8d:66:62:ce:26:26:90:1c:90:
5c:6a:74:61:78:ff:e2:ca:f7:4f:60:f8:cf:4b:76:
e3:cb:f4:bc:c6:6d:dd:15:c9:72:70:26:27:67:55:
a2:df:86:56:14:c7:89:63:b7:7e:f8:f9:28:6c:bf:
2b:1b:2d:7d:bd:de:4e:fc:22:17:f0:c4:2c:a1:b9:
f0:a6:11:70:52:5d:bb:1d:e8:e6:8a:49:f5:12:99:
ea:e2:41:af:a1:00:53:d9:3a:ec:9e:2c:4f:5d:0f:
ec:0d:af:5c:71:c3:57:88:96:4f:dc:a7:b8:f1:84:
fe:a1:1f:d8:79:90:9f:5f:32:30:04:f3:6c:12:e0:
64:80:1e:5d:90:e1:c8:4f:2a:89:45:14:84:18:56:
1d:e3:37:1d:0d:78:40:fb:1d:2d:fe:55:c7:f1:77:
21:a3:9a:83:c2:cc:16:25:07:17:fb:48:2c:67:d8:
b8:d7:52:80:66:2b:61:8d:7d:f5:47:28:16:4e:a7:
40:b8:c3:bd:64:af:18:2d:45:8e:a9:cb:8d:be:29:
20:9b:3a:fc:e6:7e:b7:7d:90:9f:cb:b6:b0:22:39:
9b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:CA:3B:E0:07:31:35:6A:CA:E9:4F:7E:4E:B3:E2:C4:AA:AA:81:10
X509v3 Authority Key Identifier:
keyid:A2:07:43:39:BB:21:6B:85:BD:C8:3D:61:77:88:21:AD:F9:14:9D:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogdDObsha4W9yD1hd4ghrfkUnVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/6co74AcxNWrK6U9-TrPixKqqgRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/571b34-acf9-4ebf-988b-0feb66e7f28a/1/ogdDObsha4W9yD1hd4ghrfkUnVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.96.0/20
194.62.23.0/24
IPv6:
2a01:b1c0::/29
Signature Algorithm: sha256WithRSAEncryption
58:e6:9c:03:c9:ba:83:b3:f1:07:71:86:b8:23:86:3a:e6:c3:
82:ec:5c:b4:e0:09:21:90:2a:36:b8:98:d8:22:ef:16:3b:ed:
6f:1b:39:4f:05:23:e2:7c:ff:62:db:a0:39:19:be:5a:e1:c9:
2d:a2:96:70:52:23:a1:a0:53:ae:7e:15:33:2e:6c:8f:4e:00:
ae:bc:cc:6e:b0:a4:99:b3:9e:47:53:0e:0a:bc:53:99:6e:18:
97:f8:9a:4a:0b:87:2d:5e:7b:ff:94:3e:81:a5:26:57:46:70:
5e:f7:0b:f7:6f:22:9e:5e:b7:ca:a8:6b:2b:15:7f:52:2f:c5:
1d:a0:11:3c:dd:3a:6c:3f:3f:1d:77:87:33:3d:d8:d0:2c:c9:
1a:e3:91:10:8c:4b:5c:e7:1c:05:ba:ae:c3:16:ac:ac:46:1f:
3f:e0:5e:ce:21:c2:f8:8c:87:74:99:58:91:82:e0:20:01:2b:
c4:f1:ac:bb:9f:dc:1e:56:f4:6f:20:4a:81:1c:81:64:b6:49:
6c:c3:7d:16:8e:36:7d:b3:15:9b:26:58:38:08:61:a6:d9:d0:
88:bc:ab:b1:7b:36:26:cb:5e:e6:8d:74:c4:c1:30:1f:01:6c:
a8:11:fd:25:01:71:b3:55:49:2d:0e:06:48:8a:35:c8:de:51:
0e:3c:36:d6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtwa0/q8uizH1IxLyI4uaPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDc0MzM5YmIyMTZiODViZGM4M2Q2MTc3ODgyMWFkZjkx
NDlkNTYwHhcNMjMwMTAxMTQzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWNhM2JlMDA3MzEzNTZhY2FlOTRmN2U0ZWIzZTJjNGFhYWE4MTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoxEoANO9/Ibk81/6dhIBOWAM83x
1DpF8fQqRIsTv+LfZl2NZmLOJiaQHJBcanRheP/iyvdPYPjPS3bjy/S8xm3dFcly
cCYnZ1Wi34ZWFMeJY7d++PkobL8rGy19vd5O/CIX8MQsobnwphFwUl27Hejmikn1
Epnq4kGvoQBT2TrsnixPXQ/sDa9cccNXiJZP3Ke48YT+oR/YeZCfXzIwBPNsEuBk
gB5dkOHITyqJRRSEGFYd4zcdDXhA+x0t/lXH8Xcho5qDwswWJQcX+0gsZ9i411KA
ZithjX31RygWTqdAuMO9ZK8YLUWOqcuNvikgmzr85n63fZCfy7awIjmbGQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOnKO+AHMTVqyulPfk6z4sSqqoEQMB8GA1UdIwQY
MBaAFKIHQzm7IWuFvcg9YXeIIa35FJ1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dkRE9ic2hhNFc5eUQxaGQ0Z2hyZmtVblZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy81NzFiMzQtYWNmOS00ZWJmLTk4OGIt
MGZlYjY2ZTdmMjhhLzEvNmNvNzRBY3hOV3JLNlU5LVRyUGl4S3FxZ1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy81NzFiMzQtYWNmOS00ZWJmLTk4OGItMGZlYjY2ZTdmMjhh
LzEvb2dkRE9ic2hhNFc5eUQxaGQ0Z2hyZmtVblZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEVCdgAwQA
wj4XMA0EAgACMAcDBQMqAbHAMA0GCSqGSIb3DQEBCwUAA4IBAQBY5pwDybqDs/EH
cYa4I4Y65sOC7Fy04AkhkCo2uJjYIu8WO+1vGzlPBSPifP9i26A5Gb5a4cktopZw
UiOhoFOufhUzLmyPTgCuvMxusKSZs55HUw4KvFOZbhiX+JpKC4ctXnv/lD6BpSZX
RnBe9wv3byKeXrfKqGsrFX9SL8UdoBE83TpsPz8dd4czPdjQLMka45EQjEtc5xwF
uq7DFqysRh8/4F7OIcL4jId0mViRguAgASvE8ay7n9weVvRvIEqBHIFktklsw30W
jjZ9sxWbJlg4CGGm2dCIvKuxezYmy17mjXTEwTAfAWyoEf0lAXGzVUktDgZIijXI
3lEOPDbW
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:37:53 2025 by rpki-client