Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/6aCtI7gECXPFGli8ZcyAHcSBWdQ.roa
File: 6aCtI7gECXPFGli8ZcyAHcSBWdQ.roa (raw, json)
Hash identifier: kyjzFu6dJLcdmtvJV8LwkcInFH3VqSIYEyS8tvXIW6M=
Subject key identifier: E9:A0:AD:23:B8:04:09:73:C5:1A:58:BC:65:CC:80:1D:C4:81:59:D4
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0185730CCF561EBFDDD147474A7553EE97C7
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/6aCtI7gECXPFGli8ZcyAHcSBWdQ.roa
Signing time: Mon 02 Jan 2023 15:14:57 +0000
ROA not before: Mon 02 Jan 2023 15:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56804
IP address blocks: 62.0.4.0/24 maxlen: 24
147.234.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:cf:56:1e:bf:dd:d1:47:47:4a:75:53:ee:97:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9a0ad23b8040973c51a58bc65cc801dc48159d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:63:9e:f6:5e:63:76:45:2c:e7:8a:58:ba:54:
48:25:d7:9f:b6:aa:62:9c:ca:18:2c:6c:e5:00:19:
6d:36:62:d7:cd:79:31:73:4b:8a:1c:89:2f:a9:12:
4d:12:ad:ee:60:16:bd:27:bd:bb:ac:f7:9f:8d:54:
17:d9:d6:f9:d9:22:57:14:ac:40:3d:53:08:b8:6a:
ab:90:38:b2:04:81:8a:7a:4b:f7:47:44:ad:8a:fe:
07:67:d8:4a:e8:7b:80:86:74:4b:42:73:bb:0e:c8:
90:75:fd:b8:5b:12:08:8b:55:ce:a5:3a:91:76:24:
be:87:8a:b8:66:b5:ab:d2:b4:20:1e:85:a7:78:45:
e8:3b:19:a9:4b:c7:27:c8:ff:6d:07:aa:7f:d6:82:
40:8e:4a:b9:f2:06:d3:94:bd:a8:05:11:51:56:d2:
cd:a6:07:a6:1f:a1:88:36:a8:08:9b:1c:0b:68:fe:
ca:6c:2c:89:1f:85:e6:27:9e:e4:66:a1:e6:35:5c:
ff:bf:d7:88:07:9e:73:a8:b7:f1:f9:4e:03:8d:c2:
b1:89:d3:74:53:04:b6:9c:7a:53:61:44:93:67:80:
16:79:f8:92:bb:ab:81:e5:49:37:3a:e7:35:57:6b:
b4:6a:a7:ec:a2:a5:cd:49:79:cf:8a:f0:cb:31:ee:
77:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A0:AD:23:B8:04:09:73:C5:1A:58:BC:65:CC:80:1D:C4:81:59:D4
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/6aCtI7gECXPFGli8ZcyAHcSBWdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.0.4.0/24
147.234.42.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:8a:16:54:e1:6b:92:16:0d:21:b2:cc:e1:54:dc:b2:97:90:
aa:53:7e:4d:1e:e2:b5:95:fc:a6:e0:55:7b:a5:c7:40:fa:9b:
85:a5:9e:3c:af:1f:66:55:ca:d9:be:0d:6b:aa:4e:87:73:7d:
cf:55:75:27:0c:87:0e:78:9e:b2:4a:9b:88:0c:b8:29:0b:4d:
e3:73:33:a6:a7:68:6d:40:33:a3:e0:7c:5a:15:6d:30:ee:99:
42:1a:95:3b:09:2f:20:b3:d6:bf:ed:b3:80:12:0d:3a:e9:b5:
8f:a8:6a:bd:95:a5:38:7b:2f:d9:db:a7:f6:1a:00:2f:b4:d5:
50:e4:d8:9c:c5:30:0d:1c:dd:d4:75:cc:95:34:f1:2a:7f:6d:
77:66:a8:1f:14:45:96:3a:a7:b8:99:d7:b8:4e:f0:7c:a7:70:
4a:00:80:3c:19:ea:e8:59:da:7a:6e:da:94:95:b5:e1:d5:82:
ec:f9:11:e6:56:4b:85:09:f7:d9:42:27:70:2b:28:49:7d:cb:
5c:f4:fc:9d:5f:18:91:26:b3:d6:5c:df:fe:3b:19:20:8e:5f:
45:2d:c4:c4:59:d0:30:44:80:1e:62:4d:28:55:9e:3b:f4:92:
62:ed:8c:a9:81:3e:7b:79:ad:ec:8c:41:17:3f:5c:de:fe:93:
33:66:d5:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzDM9WHr/d0UdHSnVT7pfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMwMTAyMTUxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWEwYWQyM2I4MDQwOTczYzUxYTU4YmM2NWNjODAxZGM0ODE1OWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWOe9l5jdkUs54pYulRIJdeftqpi
nMoYLGzlABltNmLXzXkxc0uKHIkvqRJNEq3uYBa9J727rPefjVQX2db52SJXFKxA
PVMIuGqrkDiyBIGKekv3R0Stiv4HZ9hK6HuAhnRLQnO7DsiQdf24WxIIi1XOpTqR
diS+h4q4ZrWr0rQgHoWneEXoOxmpS8cnyP9tB6p/1oJAjkq58gbTlL2oBRFRVtLN
pgemH6GINqgImxwLaP7KbCyJH4XmJ57kZqHmNVz/v9eIB55zqLfx+U4DjcKxidN0
UwS2nHpTYUSTZ4AWefiSu6uB5Uk3Ouc1V2u0aqfsoqXNSXnPivDLMe53PwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOmgrSO4BAlzxRpYvGXMgB3EgVnUMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvNmFDdEk3Z0VDWFBGR2xpOFpjeUFIY1NCV2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPgAEAwQA
k+oqMA0GCSqGSIb3DQEBCwUAA4IBAQDGihZU4WuSFg0hsszhVNyyl5CqU35NHuK1
lfym4FV7pcdA+puFpZ48rx9mVcrZvg1rqk6Hc33PVXUnDIcOeJ6ySpuIDLgpC03j
czOmp2htQDOj4HxaFW0w7plCGpU7CS8gs9a/7bOAEg066bWPqGq9laU4ey/Z26f2
GgAvtNVQ5NicxTANHN3UdcyVNPEqf213ZqgfFEWWOqe4mde4TvB8p3BKAIA8Gero
Wdp6btqUlbXh1YLs+RHmVkuFCffZQidwKyhJfctc9PydXxiRJrPWXN/+Oxkgjl9F
LcTEWdAwRIAeYk0oVZ479JJi7YypgT57ea3sjEEXP1ze/pMzZtWp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:27 2025 by rpki-client