Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/e3267b-f780-4187-8057-75f4fca86ae4/1/R6slhv9FEXB7x6KcIZj0EJbN74A.roa
File: R6slhv9FEXB7x6KcIZj0EJbN74A.roa (raw, json)
Hash identifier: 5t+oCOCkD9XDvvo9E8+b2UbLSdLrUW4fnO7QWZZQ27g=
Subject key identifier: 47:AB:25:86:FF:45:11:70:7B:C7:A2:9C:21:98:F4:10:96:CD:EF:80
Certificate issuer: /CN=59785a21e2d07c68ff317558c69ef118cc75805a
Certificate serial: 01856C1CC490F29CBB26F7C770C6077042F9
Authority key identifier: 59:78:5A:21:E2:D0:7C:68:FF:31:75:58:C6:9E:F1:18:CC:75:80:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXhaIeLQfGj_MXVYxp7xGMx1gFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/e3267b-f780-4187-8057-75f4fca86ae4/1/R6slhv9FEXB7x6KcIZj0EJbN74A.roa
Signing time: Sun 01 Jan 2023 06:55:02 +0000
ROA not before: Sun 01 Jan 2023 06:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25206
IP address blocks: 83.97.64.0/21 maxlen: 24
84.201.192.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:c4:90:f2:9c:bb:26:f7:c7:70:c6:07:70:42:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59785a21e2d07c68ff317558c69ef118cc75805a
Validity
Not Before: Jan 1 06:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47ab2586ff4511707bc7a29c2198f41096cdef80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7c:d2:9a:9f:8b:89:55:fe:1f:7b:9a:50:f0:
b5:71:6c:d0:fe:24:92:45:94:f8:6e:b7:7f:7e:be:
e5:34:89:a3:fe:24:9c:fc:8d:a5:2f:1f:cd:6e:54:
90:c1:0d:0c:6b:38:77:47:8b:00:fd:77:cd:0c:78:
57:fe:9f:20:92:88:36:b2:7e:47:c8:2f:ca:57:f6:
e7:51:35:e9:1b:58:e7:72:bb:4c:fc:b9:ec:14:dd:
fe:24:41:8a:1f:95:2a:ed:97:68:33:14:9b:72:30:
bd:f8:e4:70:60:6b:20:48:8c:8e:21:0c:1d:5d:20:
f5:33:ca:a7:c3:41:af:b7:09:84:bd:07:f1:7e:f6:
f5:b9:97:f1:c9:45:6d:19:35:48:db:f2:96:22:2d:
44:e1:8f:83:3f:1e:8c:8b:be:9f:08:8f:c7:03:c3:
85:bb:54:f3:73:e6:3f:c8:8d:51:bb:23:9d:f0:37:
98:14:9a:fd:6f:3f:a7:c9:2b:85:ff:bd:4c:e2:7d:
b2:a9:06:ef:d5:fa:ef:69:6d:7f:fe:37:a2:c7:60:
74:75:8a:7f:9a:70:a6:6a:20:57:f2:64:0b:6d:84:
3e:4e:20:67:ec:3a:ca:14:46:12:14:42:e1:ea:e1:
9c:45:5d:70:d5:da:a1:66:11:8f:d0:bb:11:36:93:
9d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AB:25:86:FF:45:11:70:7B:C7:A2:9C:21:98:F4:10:96:CD:EF:80
X509v3 Authority Key Identifier:
keyid:59:78:5A:21:E2:D0:7C:68:FF:31:75:58:C6:9E:F1:18:CC:75:80:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXhaIeLQfGj_MXVYxp7xGMx1gFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/e3267b-f780-4187-8057-75f4fca86ae4/1/R6slhv9FEXB7x6KcIZj0EJbN74A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/e3267b-f780-4187-8057-75f4fca86ae4/1/WXhaIeLQfGj_MXVYxp7xGMx1gFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.64.0/21
84.201.192.0/20
Signature Algorithm: sha256WithRSAEncryption
51:bd:2c:54:6a:c0:2f:e5:00:6d:32:ac:f9:82:cb:df:b1:7d:
eb:97:60:b6:b2:3c:6e:15:48:a9:2c:11:fd:7a:ba:a5:b9:c4:
1e:d3:ed:28:c7:b8:6c:eb:2c:a6:3b:24:b4:aa:c1:93:b8:cb:
32:f0:4d:dd:f0:dd:4d:64:94:34:7c:d9:32:66:a9:2f:58:1f:
bd:5a:0a:de:9f:89:3e:bf:cd:d3:12:09:06:10:0f:ef:7b:f1:
bb:0d:59:89:c4:40:96:4c:1a:61:29:95:4e:66:b8:8d:b3:4d:
67:48:fd:c5:15:c7:69:f0:e7:9b:fb:11:f3:9d:e8:3c:fc:94:
33:72:79:38:67:8c:2e:2d:e3:1f:be:92:90:b9:89:9c:49:6c:
3a:46:60:46:c8:29:2f:0d:21:95:04:90:03:31:51:27:fb:69:
a7:8c:ed:a4:f4:4e:64:44:01:b7:2d:42:d9:4b:56:e5:e8:9b:
d8:ff:79:8d:db:b1:73:ce:f9:75:76:cb:f5:82:c0:ca:ba:de:
0a:29:d6:e0:2c:74:3e:ad:2d:a7:13:43:e7:26:0a:50:09:f4:
aa:34:46:a3:ad:80:9c:20:ab:4b:3b:75:ec:4e:28:a7:c4:fa:
5a:3a:e8:41:0a:6c:a1:3e:bb:47:49:b7:bb:22:6b:3d:6a:fd:
b8:12:74:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsHMSQ8py7JvfHcMYHcEL5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5Nzg1YTIxZTJkMDdjNjhmZjMxNzU1OGM2OWVmMTE4Y2M3
NTgwNWEwHhcNMjMwMTAxMDY1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2FiMjU4NmZmNDUxMTcwN2JjN2EyOWMyMTk4ZjQxMDk2Y2RlZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHzSmp+LiVX+H3uaUPC1cWzQ/iSS
RZT4brd/fr7lNImj/iSc/I2lLx/NblSQwQ0Mazh3R4sA/XfNDHhX/p8gkog2sn5H
yC/KV/bnUTXpG1jncrtM/LnsFN3+JEGKH5Uq7ZdoMxSbcjC9+ORwYGsgSIyOIQwd
XSD1M8qnw0GvtwmEvQfxfvb1uZfxyUVtGTVI2/KWIi1E4Y+DPx6Mi76fCI/HA8OF
u1Tzc+Y/yI1RuyOd8DeYFJr9bz+nySuF/71M4n2yqQbv1frvaW1//jeix2B0dYp/
mnCmaiBX8mQLbYQ+TiBn7DrKFEYSFELh6uGcRV1w1dqhZhGP0LsRNpOdHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEerJYb/RRFwe8einCGY9BCWze+AMB8GA1UdIwQY
MBaAFFl4WiHi0Hxo/zF1WMae8RjMdYBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hoYUllTFFmR2pfTVhWWXhwN3hHTXgxZ0ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lMzI2N2ItZjc4MC00MTg3LTgwNTct
NzVmNGZjYTg2YWU0LzEvUjZzbGh2OUZFWEI3eDZLY0laajBFSmJONzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lMzI2N2ItZjc4MC00MTg3LTgwNTctNzVmNGZjYTg2YWU0
LzEvV1hoYUllTFFmR2pfTVhWWXhwN3hHTXgxZ0ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDU2FAAwQE
VMnAMA0GCSqGSIb3DQEBCwUAA4IBAQBRvSxUasAv5QBtMqz5gsvfsX3rl2C2sjxu
FUipLBH9erqlucQe0+0ox7hs6yymOyS0qsGTuMsy8E3d8N1NZJQ0fNkyZqkvWB+9
Wgren4k+v83TEgkGEA/ve/G7DVmJxECWTBphKZVOZriNs01nSP3FFcdp8Oeb+xHz
neg8/JQzcnk4Z4wuLeMfvpKQuYmcSWw6RmBGyCkvDSGVBJADMVEn+2mnjO2k9E5k
RAG3LULZS1bl6JvY/3mN27Fzzvl1dsv1gsDKut4KKdbgLHQ+rS2nE0PnJgpQCfSq
NEajrYCcIKtLO3XsTiinxPpaOuhBCmyhPrtHSbe7Ims9av24EnQb
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:00:40 2025 by rpki-client