Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/6vPoUESrbVN4clDJSL4gKtADVxI.roa
File: 6vPoUESrbVN4clDJSL4gKtADVxI.roa (raw, json)
Hash identifier: Ic5G9WwbKWwLBQO6mJFUhwx6V3kmao9xr2qoQmS+z2o=
Subject key identifier: EA:F3:E8:50:44:AB:6D:53:78:72:50:C9:48:BE:20:2A:D0:03:57:12
Certificate issuer: /CN=b9e273c8ba0b0afb205d00b3170e69b816743397
Certificate serial: 01856C782B2DA35CCB775476C20F7A16FA85
Authority key identifier: B9:E2:73:C8:BA:0B:0A:FB:20:5D:00:B3:17:0E:69:B8:16:74:33:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueJzyLoLCvsgXQCzFw5puBZ0M5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/6vPoUESrbVN4clDJSL4gKtADVxI.roa
Signing time: Sun 01 Jan 2023 08:34:52 +0000
ROA not before: Sun 01 Jan 2023 08:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24776
IP address blocks: 194.29.206.0/24 maxlen: 24
194.187.192.0/22 maxlen: 22
217.25.176.0/20 maxlen: 20
213.161.192.0/19 maxlen: 19
194.3.136.0/24 maxlen: 24
194.2.74.0/24 maxlen: 24
2001:1650::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:2b:2d:a3:5c:cb:77:54:76:c2:0f:7a:16:fa:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e273c8ba0b0afb205d00b3170e69b816743397
Validity
Not Before: Jan 1 08:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eaf3e85044ab6d53787250c948be202ad0035712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:98:9f:34:a3:03:95:af:86:6d:64:d7:6c:58:
76:6e:50:3a:0a:79:87:36:da:7d:bd:2a:ec:3d:11:
97:ad:ee:fc:11:0d:0c:59:5f:b2:f2:ee:4e:b4:27:
49:02:04:77:e1:18:8c:66:be:ca:24:2e:ee:e9:99:
e7:45:4e:56:72:50:94:45:e2:4e:c6:77:44:17:c2:
e3:4d:d7:6e:0c:13:17:fa:c8:18:de:70:0d:be:e6:
3f:94:24:36:91:21:0e:5f:94:a8:7d:6d:d0:15:ec:
15:07:42:15:85:4b:6a:99:db:f9:d8:fe:7c:b9:a3:
69:71:1b:b6:5e:d5:a1:5b:f7:15:ac:a7:ff:c7:c4:
db:96:3c:a7:ec:eb:2e:ef:63:08:00:24:ce:91:87:
d5:4d:f8:ce:e5:0d:99:32:24:f9:9a:a5:18:15:57:
e9:de:88:ca:10:60:b2:c1:65:e4:3e:74:91:f3:f5:
35:ae:7d:44:77:4e:5d:6a:99:5a:2c:dc:a6:c5:35:
f6:9d:fc:f5:44:a0:20:e4:24:8d:c6:29:c0:8d:02:
a6:08:72:88:1d:ef:2d:0c:e3:6d:79:33:ce:79:e0:
9b:b3:5d:43:cf:af:e4:20:c5:78:a3:58:81:0d:1b:
fb:cb:85:0a:fb:10:52:4b:cf:69:f4:f2:0c:c5:a2:
a3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:F3:E8:50:44:AB:6D:53:78:72:50:C9:48:BE:20:2A:D0:03:57:12
X509v3 Authority Key Identifier:
keyid:B9:E2:73:C8:BA:0B:0A:FB:20:5D:00:B3:17:0E:69:B8:16:74:33:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueJzyLoLCvsgXQCzFw5puBZ0M5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/6vPoUESrbVN4clDJSL4gKtADVxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7781fe-1304-43f8-b77c-3d96bd3e7853/1/ueJzyLoLCvsgXQCzFw5puBZ0M5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.2.74.0/24
194.3.136.0/24
194.29.206.0/24
194.187.192.0/22
213.161.192.0/19
217.25.176.0/20
IPv6:
2001:1650::/32
Signature Algorithm: sha256WithRSAEncryption
42:5c:2d:44:63:cc:23:7b:0f:e0:cf:b9:55:25:c6:ec:1c:a1:
60:b5:4c:f7:1d:b3:a8:56:53:fe:b8:f3:78:c5:6c:e6:9b:7a:
f0:03:f6:50:24:4d:96:72:32:59:bf:70:0d:85:9c:06:8b:f0:
d4:9d:31:0a:10:f8:8c:c0:4e:69:2d:22:49:04:8a:c7:23:db:
fd:0b:8c:09:a5:f8:8d:b5:04:3e:ca:b9:bc:f2:35:f9:b5:83:
16:fc:af:09:1f:24:2c:72:82:6d:21:0f:63:1d:ee:29:ff:46:
89:b3:7c:8e:43:a1:8a:5d:89:5e:6d:e6:0a:2a:0d:51:57:8f:
81:10:0f:d8:08:e1:58:57:1c:24:d9:c3:a0:0e:78:90:d9:6e:
db:1a:33:44:ca:1f:c6:3e:3f:2a:42:ce:a0:90:a5:59:f8:15:
ea:16:c2:64:36:3b:45:d0:dd:18:e5:ec:c0:c3:f9:3b:e0:49:
30:68:8c:64:d1:d9:69:62:54:ae:4d:01:14:e3:b1:89:27:53:
15:c7:2a:86:2f:31:13:5e:52:97:05:fb:b3:0e:35:50:77:85:
28:e1:af:89:f6:30:c1:1d:46:d0:de:84:dc:5e:b2:5c:3a:89:
3d:dc:1c:1f:c3:64:09:f6:50:30:03:06:59:03:49:1d:2b:47:
bc:4f:2d:83
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVseCsto1zLd1R2wg96FvqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTI3M2M4YmEwYjBhZmIyMDVkMDBiMzE3MGU2OWI4MTY3
NDMzOTcwHhcNMjMwMTAxMDgzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWYzZTg1MDQ0YWI2ZDUzNzg3MjUwYzk0OGJlMjAyYWQwMDM1NzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5ifNKMDla+GbWTXbFh2blA6CnmH
Ntp9vSrsPRGXre78EQ0MWV+y8u5OtCdJAgR34RiMZr7KJC7u6ZnnRU5WclCUReJO
xndEF8LjTdduDBMX+sgY3nANvuY/lCQ2kSEOX5SofW3QFewVB0IVhUtqmdv52P58
uaNpcRu2XtWhW/cVrKf/x8Tbljyn7Osu72MIACTOkYfVTfjO5Q2ZMiT5mqUYFVfp
3ojKEGCywWXkPnSR8/U1rn1Ed05daplaLNymxTX2nfz1RKAg5CSNxinAjQKmCHKI
He8tDONteTPOeeCbs11Dz6/kIMV4o1iBDRv7y4UK+xBSS89p9PIMxaKjBwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOrz6FBEq21TeHJQyUi+ICrQA1cSMB8GA1UdIwQY
MBaAFLnic8i6Cwr7IF0AsxcOabgWdDOXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVKenlMb0xDdnNnWFFDekZ3NXB1QlowTTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83NzgxZmUtMTMwNC00M2Y4LWI3N2Mt
M2Q5NmJkM2U3ODUzLzEvNnZQb1VFU3JiVk40Y2xESlNMNGdLdEFEVnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83NzgxZmUtMTMwNC00M2Y4LWI3N2MtM2Q5NmJkM2U3ODUz
LzEvdWVKenlMb0xDdnNnWFFDekZ3NXB1QlowTTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAwgJKAwQA
wgOIAwQAwh3OAwQCwrvAAwQF1aHAAwQE2RmwMA0EAgACMAcDBQAgARZQMA0GCSqG
SIb3DQEBCwUAA4IBAQBCXC1EY8wjew/gz7lVJcbsHKFgtUz3HbOoVlP+uPN4xWzm
m3rwA/ZQJE2WcjJZv3ANhZwGi/DUnTEKEPiMwE5pLSJJBIrHI9v9C4wJpfiNtQQ+
yrm88jX5tYMW/K8JHyQscoJtIQ9jHe4p/0aJs3yOQ6GKXYlebeYKKg1RV4+BEA/Y
COFYVxwk2cOgDniQ2W7bGjNEyh/GPj8qQs6gkKVZ+BXqFsJkNjtF0N0Y5ezAw/k7
4EkwaIxk0dlpYlSuTQEU47GJJ1MVxyqGLzETXlKXBfuzDjVQd4Uo4a+J9jDBHUbQ
3oTcXrJcOok93Bwfw2QJ9lAwAwZZA0kdK0e8Ty2D
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:37 2025 by rpki-client