Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/57cd72-33e4-42dd-9f22-baf4e0b4a69e/1/aNcpQXys-Zfk6fptaK-XhHUaCkM.roa
File: aNcpQXys-Zfk6fptaK-XhHUaCkM.roa (raw, json)
Hash identifier: UjnIDdW7UzpyHvezmkj1y5p92JdqoLld08U+ZMBSULg=
Subject key identifier: 68:D7:29:41:7C:AC:F9:97:E4:E9:FA:6D:68:AF:97:84:75:1A:0A:43
Certificate issuer: /CN=6f9e9696dccf6c1a432090408514aecdc3f60739
Certificate serial: 018A8E2788D0DFE84F833E71546691439507
Authority key identifier: 6F:9E:96:96:DC:CF:6C:1A:43:20:90:40:85:14:AE:CD:C3:F6:07:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b56WltzPbBpDIJBAhRSuzcP2Bzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/57cd72-33e4-42dd-9f22-baf4e0b4a69e/1/aNcpQXys-Zfk6fptaK-XhHUaCkM.roa
Signing time: Wed 13 Sep 2023 10:47:50 +0000
ROA not before: Wed 13 Sep 2023 10:47:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8308
IP address blocks: 194.92.0.0/16 maxlen: 16
2a0a:3a40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:27:88:d0:df:e8:4f:83:3e:71:54:66:91:43:95:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f9e9696dccf6c1a432090408514aecdc3f60739
Validity
Not Before: Sep 13 10:47:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68d729417cacf997e4e9fa6d68af9784751a0a43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c7:c1:17:d7:74:75:57:06:c6:c8:05:f0:c8:
f0:b2:e9:7b:8c:79:14:80:5b:98:78:f5:f0:04:38:
46:58:11:f6:69:d9:f6:b0:65:e4:2d:cc:3f:20:92:
db:51:35:e1:fd:66:b3:71:8c:0c:fb:84:a9:c7:f5:
11:7f:6d:5d:9f:22:d0:3e:05:94:4c:4e:bd:fc:be:
10:60:bc:c0:fb:38:72:76:b1:8d:07:ab:30:86:8f:
46:5e:c0:14:b4:ee:f1:8a:00:48:41:26:49:87:fa:
82:d7:41:7b:68:44:26:6b:ed:24:57:35:90:fd:6c:
36:09:79:32:e6:c5:fa:ea:5a:53:74:45:02:10:b2:
8f:77:43:84:3d:5e:8f:db:c8:6c:97:58:3e:ba:7e:
28:3c:ed:7e:1c:1a:c9:1e:19:c2:65:80:a9:6a:5d:
30:87:58:11:99:cb:36:7f:04:ec:57:50:6e:e3:be:
fa:b5:84:aa:ec:31:46:1c:39:94:c2:9b:72:42:38:
ad:be:74:df:6d:15:b2:82:9f:5e:99:0d:cb:e0:3c:
84:ce:5b:f0:e2:e3:bd:22:ee:66:19:7b:6c:d5:b4:
23:9a:4f:a9:68:fc:f2:96:7e:d2:56:9b:93:7c:68:
31:a1:a7:0d:ad:c0:80:67:8e:c2:fb:b0:a5:24:06:
7c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D7:29:41:7C:AC:F9:97:E4:E9:FA:6D:68:AF:97:84:75:1A:0A:43
X509v3 Authority Key Identifier:
keyid:6F:9E:96:96:DC:CF:6C:1A:43:20:90:40:85:14:AE:CD:C3:F6:07:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b56WltzPbBpDIJBAhRSuzcP2Bzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/57cd72-33e4-42dd-9f22-baf4e0b4a69e/1/aNcpQXys-Zfk6fptaK-XhHUaCkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/57cd72-33e4-42dd-9f22-baf4e0b4a69e/1/b56WltzPbBpDIJBAhRSuzcP2Bzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.92.0.0/16
IPv6:
2a0a:3a40::/32
Signature Algorithm: sha256WithRSAEncryption
85:58:be:5b:8e:a4:7d:3b:25:35:3c:7c:6f:d7:e6:5c:45:62:
c1:85:0a:07:4a:37:91:c0:df:25:c0:cd:83:bf:ca:60:aa:d6:
97:b9:6c:f1:9b:8e:0f:2b:25:94:98:53:2a:9f:84:3c:78:84:
b2:cb:77:00:bb:c2:49:26:45:f1:39:3d:0a:34:e7:b8:5b:46:
b7:08:6c:cd:b6:57:0c:8a:27:40:a7:ae:fb:8e:f1:f7:25:95:
19:45:ac:92:83:a9:86:46:84:18:f0:54:f8:2f:e5:57:87:1a:
72:e0:ff:e4:bf:04:65:4d:c9:3c:31:c2:3b:55:a5:41:66:f4:
04:b1:a7:bd:ea:5d:3b:20:6a:0a:9a:cb:06:58:62:70:b4:e5:
49:a2:27:51:14:cb:3b:eb:b7:49:db:ec:56:70:28:58:b9:95:
43:3e:11:3a:73:98:3a:8d:29:1a:e0:82:62:7f:18:2b:ee:21:
4f:03:2b:af:66:a1:7b:05:9f:d3:25:c0:70:6c:b8:3b:ae:3d:
ae:19:dd:93:71:3d:d9:4c:13:44:af:3c:b4:48:6c:22:64:7d:
d0:ad:dc:d8:34:35:f4:11:02:7a:0e:99:9b:b6:6a:d0:32:da:
c6:79:49:89:2e:7a:df:89:48:e0:18:54:4e:7e:9d:19:46:f1:
d5:0d:25:ba
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYqOJ4jQ3+hPgz5xVGaRQ5UHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmOWU5Njk2ZGNjZjZjMWE0MzIwOTA0MDg1MTRhZWNkYzNm
NjA3MzkwHhcNMjMwOTEzMTA0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGQ3Mjk0MTdjYWNmOTk3ZTRlOWZhNmQ2OGFmOTc4NDc1MWEwYTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMfBF9d0dVcGxsgF8Mjwsul7jHkU
gFuYePXwBDhGWBH2adn2sGXkLcw/IJLbUTXh/WazcYwM+4Spx/URf21dnyLQPgWU
TE69/L4QYLzA+zhydrGNB6swho9GXsAUtO7xigBIQSZJh/qC10F7aEQma+0kVzWQ
/Ww2CXky5sX66lpTdEUCELKPd0OEPV6P28hsl1g+un4oPO1+HBrJHhnCZYCpal0w
h1gRmcs2fwTsV1Bu4776tYSq7DFGHDmUwptyQjitvnTfbRWygp9emQ3L4DyEzlvw
4uO9Iu5mGXts1bQjmk+paPzyln7SVpuTfGgxoacNrcCAZ47C+7ClJAZ8VQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGjXKUF8rPmX5On6bWivl4R1GgpDMB8GA1UdIwQY
MBaAFG+elpbcz2waQyCQQIUUrs3D9gc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjU2V2x0elBiQnBESUpCQWhSU3V6Y1AyQnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS81N2NkNzItMzNlNC00MmRkLTlmMjIt
YmFmNGUwYjRhNjllLzEvYU5jcFFYeXMtWmZrNmZwdGFLLVhoSFVhQ2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS81N2NkNzItMzNlNC00MmRkLTlmMjItYmFmNGUwYjRhNjll
LzEvYjU2V2x0elBiQnBESUpCQWhSU3V6Y1AyQnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDALBAIAATAFAwMAwlwwDQQC
AAIwBwMFACoKOkAwDQYJKoZIhvcNAQELBQADggEBAIVYvluOpH07JTU8fG/X5lxF
YsGFCgdKN5HA3yXAzYO/ymCq1pe5bPGbjg8rJZSYUyqfhDx4hLLLdwC7wkkmRfE5
PQo057hbRrcIbM22VwyKJ0CnrvuO8fcllRlFrJKDqYZGhBjwVPgv5VeHGnLg/+S/
BGVNyTwxwjtVpUFm9ASxp73qXTsgagqaywZYYnC05UmiJ1EUyzvrt0nb7FZwKFi5
lUM+ETpzmDqNKRrggmJ/GCvuIU8DK69moXsFn9MlwHBsuDuuPa4Z3ZNxPdlME0Sv
PLRIbCJkfdCt3Ng0NfQRAnoOmZu2atAy2sZ5SYkuet+JSOAYVE5+nRlG8dUNJbo=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:37:37 2025 by rpki-client