Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/p7ypwZVDLG7LpEFOgtn2vn-xwAY.roa
File: p7ypwZVDLG7LpEFOgtn2vn-xwAY.roa (raw, json)
Hash identifier: fwIZ0ySmD2Lu+/OHBe42h7p5WKKywmKBkxqxvXhyjSI=
Subject key identifier: A7:BC:A9:C1:95:43:2C:6E:CB:A4:41:4E:82:D9:F6:BE:7F:B1:C0:06
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 01860BC25CDA723D452E37F360BDE2A0ACE2
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/p7ypwZVDLG7LpEFOgtn2vn-xwAY.roa
Signing time: Wed 01 Feb 2023 06:55:32 +0000
ROA not before: Wed 01 Feb 2023 06:55:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61209
IP address blocks: 92.114.20.0/24 maxlen: 24
92.114.20.0/23 maxlen: 23
92.114.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0b:c2:5c:da:72:3d:45:2e:37:f3:60:bd:e2:a0:ac:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Feb 1 06:55:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7bca9c195432c6ecba4414e82d9f6be7fb1c006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:35:84:67:29:ec:ad:2c:3a:98:f5:fe:cb:b1:
41:31:1e:6c:b0:fe:88:c1:8a:33:84:a9:4c:2b:d5:
d2:f2:a2:d0:f9:db:92:70:6e:0d:47:a9:e3:b0:0a:
ae:21:41:d4:d0:51:4b:a9:0a:a1:da:55:e6:36:89:
75:15:45:3d:b1:f0:f9:85:39:0f:b4:9b:cd:76:d0:
55:7d:98:6e:41:d0:24:a6:91:0b:d6:4f:9e:0f:b5:
ef:ff:0a:a1:86:45:83:20:1f:5d:ec:7c:8c:e2:8e:
38:f3:86:ae:81:f6:ac:ff:8e:7d:a6:19:a3:ed:0d:
2f:6d:2e:50:aa:52:ba:75:b2:4d:69:18:f0:15:b5:
27:f8:2e:3c:db:8c:37:d1:17:cc:29:14:8f:19:4b:
55:5d:54:3a:4c:9f:75:7e:3a:85:d6:3f:85:4c:9f:
94:af:88:4d:91:c0:c9:96:31:8f:a0:0b:7c:23:cd:
6f:c7:07:cd:09:6f:7d:88:cf:1d:61:35:99:cb:db:
43:c0:8b:fe:e4:d1:80:0f:f1:c1:ff:58:bf:80:d4:
19:c9:23:b3:6f:eb:88:7f:36:26:8c:6e:65:fe:28:
5c:fd:ea:81:31:0b:cb:dd:6b:9f:cf:95:33:13:dc:
35:93:1e:a2:61:f2:74:30:c1:5f:de:97:a8:cd:bb:
f2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:BC:A9:C1:95:43:2C:6E:CB:A4:41:4E:82:D9:F6:BE:7F:B1:C0:06
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/p7ypwZVDLG7LpEFOgtn2vn-xwAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.114.20.0/23
Signature Algorithm: sha256WithRSAEncryption
54:c3:a3:8c:02:33:56:76:a3:14:92:a3:6e:f6:5c:cb:6c:f5:
8e:ae:57:ad:cf:06:62:da:c4:0b:76:16:fc:44:48:ca:d1:fa:
fc:1d:2d:01:b9:a6:fb:f2:e4:d4:aa:ad:7c:d1:7d:10:f2:79:
87:30:d7:cd:2a:51:a5:11:2d:0d:ab:1e:53:d4:bd:2f:f3:47:
63:fd:e2:cb:a0:20:d4:5c:0f:53:e8:e0:11:01:62:7b:33:df:
44:31:ac:62:44:86:23:ae:1f:51:15:d7:37:10:4e:55:52:63:
ba:56:30:c7:28:62:72:63:5f:ce:14:5f:a6:28:2b:44:92:4b:
b4:13:ec:0f:6f:23:f7:39:48:f8:92:8d:e5:e3:d6:a8:fd:ce:
a1:6f:0d:fc:04:42:db:42:4c:3a:64:95:79:ec:24:93:2c:be:
56:08:96:36:73:d2:be:82:db:2e:13:5d:33:85:b3:c4:70:09:
6e:a0:25:c3:63:69:f8:62:e1:58:da:a7:2c:b6:e9:55:23:9e:
7e:bc:8d:88:8a:3d:e6:81:08:ec:3d:3d:c6:bc:e6:8b:f9:cc:
ad:bd:54:3a:14:ad:a3:a3:d4:12:c0:ca:af:42:e6:ae:16:5d:
d5:1e:ed:14:ed:d8:f0:1d:4f:c3:87:24:26:e9:f6:84:5b:85:
77:93:a9:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYLwlzacj1FLjfzYL3ioKziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjMwMjAxMDY1NTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2JjYTljMTk1NDMyYzZlY2JhNDQxNGU4MmQ5ZjZiZTdmYjFjMDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzWEZynsrSw6mPX+y7FBMR5ssP6I
wYozhKlMK9XS8qLQ+duScG4NR6njsAquIUHU0FFLqQqh2lXmNol1FUU9sfD5hTkP
tJvNdtBVfZhuQdAkppEL1k+eD7Xv/wqhhkWDIB9d7HyM4o4484augfas/459phmj
7Q0vbS5QqlK6dbJNaRjwFbUn+C4824w30RfMKRSPGUtVXVQ6TJ91fjqF1j+FTJ+U
r4hNkcDJljGPoAt8I81vxwfNCW99iM8dYTWZy9tDwIv+5NGAD/HB/1i/gNQZySOz
b+uIfzYmjG5l/ihc/eqBMQvL3Wufz5UzE9w1kx6iYfJ0MMFf3peozbvyHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKe8qcGVQyxuy6RBToLZ9r5/scAGMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvcDd5cHdaVkRMRzdMcEVGT2d0bjJ2bi14d0FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXHIUMA0G
CSqGSIb3DQEBCwUAA4IBAQBUw6OMAjNWdqMUkqNu9lzLbPWOrletzwZi2sQLdhb8
REjK0fr8HS0Buab78uTUqq180X0Q8nmHMNfNKlGlES0Nqx5T1L0v80dj/eLLoCDU
XA9T6OARAWJ7M99EMaxiRIYjrh9RFdc3EE5VUmO6VjDHKGJyY1/OFF+mKCtEkku0
E+wPbyP3OUj4ko3l49ao/c6hbw38BELbQkw6ZJV57CSTLL5WCJY2c9K+gtsuE10z
hbPEcAluoCXDY2n4YuFY2qcstulVI55+vI2Iij3mgQjsPT3GvOaL+cytvVQ6FK2j
o9QSwMqvQuauFl3VHu0U7djwHU/DhyQm6faEW4V3k6me
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:48 2025 by rpki-client