Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4dc795-8956-4408-a5cc-b54bcae17d40/1/EVkQ9JX6YjS9Xq4RaE3By9xzBTQ.roa
File: EVkQ9JX6YjS9Xq4RaE3By9xzBTQ.roa (raw, json)
Hash identifier: Y3BuiLB3irXi5cn+ZRAV3ud/j5aT8YO7iOEsrWY/ajE=
Subject key identifier: 11:59:10:F4:95:FA:62:34:BD:5E:AE:11:68:4D:C1:CB:DC:73:05:34
Certificate issuer: /CN=a93f3231c787f71dd2484ee002da73a7175bd249
Certificate serial: 01856C41468F3165EEE5CA0DEE7E607E6AF1
Authority key identifier: A9:3F:32:31:C7:87:F7:1D:D2:48:4E:E0:02:DA:73:A7:17:5B:D2:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qT8yMceH9x3SSE7gAtpzpxdb0kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4dc795-8956-4408-a5cc-b54bcae17d40/1/EVkQ9JX6YjS9Xq4RaE3By9xzBTQ.roa
Signing time: Sun 01 Jan 2023 07:34:55 +0000
ROA not before: Sun 01 Jan 2023 07:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209620
IP address blocks: 78.31.196.0/22 maxlen: 24
2a06:6880::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:46:8f:31:65:ee:e5:ca:0d:ee:7e:60:7e:6a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a93f3231c787f71dd2484ee002da73a7175bd249
Validity
Not Before: Jan 1 07:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=115910f495fa6234bd5eae11684dc1cbdc730534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:39:6b:16:ff:49:7f:44:10:34:c4:4d:79:39:
03:2c:27:3f:60:59:38:de:4b:00:ea:f7:b3:11:37:
16:d1:98:7d:84:b2:1f:94:db:05:4a:47:49:98:80:
a1:c1:b6:05:37:b3:12:a3:b1:d8:25:ab:be:8f:6a:
61:1b:a2:20:af:c2:f9:61:72:47:50:dd:48:9b:6a:
a7:33:54:e4:9e:dc:96:d7:0a:97:f9:d1:eb:75:8f:
93:78:b0:f0:ff:2a:57:dd:84:69:62:94:66:2d:2c:
9a:6a:d2:8d:46:ac:8a:78:b6:b7:5f:13:ae:ef:1e:
d5:0c:da:96:8c:c3:3a:9e:fc:6f:f8:26:c5:ae:4f:
61:15:5b:58:bc:10:86:ab:8e:17:98:71:5d:21:1f:
31:aa:c9:3d:78:cc:0d:10:d1:21:6f:26:1e:e7:de:
30:ab:5f:42:83:0d:da:0f:5e:9d:8e:ff:d9:98:bd:
c9:03:48:82:4c:c4:a6:65:8a:09:99:4a:7d:8b:a1:
7d:82:a9:19:02:84:63:16:52:c4:66:b2:cc:d1:05:
60:bc:1f:74:48:a2:73:98:b2:37:db:d9:dc:ce:ca:
e4:f0:d9:00:38:4c:14:5f:5d:d0:b6:bb:42:07:d9:
f1:84:62:17:41:f6:17:20:08:fe:9c:d9:22:ae:38:
65:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:59:10:F4:95:FA:62:34:BD:5E:AE:11:68:4D:C1:CB:DC:73:05:34
X509v3 Authority Key Identifier:
keyid:A9:3F:32:31:C7:87:F7:1D:D2:48:4E:E0:02:DA:73:A7:17:5B:D2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qT8yMceH9x3SSE7gAtpzpxdb0kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4dc795-8956-4408-a5cc-b54bcae17d40/1/EVkQ9JX6YjS9Xq4RaE3By9xzBTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4dc795-8956-4408-a5cc-b54bcae17d40/1/qT8yMceH9x3SSE7gAtpzpxdb0kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.196.0/22
IPv6:
2a06:6880::/29
Signature Algorithm: sha256WithRSAEncryption
2d:bc:3a:1a:1b:b6:b5:97:83:10:e9:d2:80:09:9d:3a:f7:99:
5f:9f:19:7f:c3:25:84:82:59:c6:44:f9:a3:bf:7a:a6:0d:f8:
ea:f8:a1:f3:40:2d:55:20:e8:44:04:48:89:ff:39:13:0b:22:
aa:96:3e:50:7a:ef:ad:1f:d0:cb:2d:ed:5a:15:cb:6f:16:59:
fe:27:24:dc:b3:15:d7:af:7e:b2:44:b7:ad:89:f6:e5:da:e9:
91:60:ff:4a:83:6a:cf:07:2a:70:9c:35:54:91:7a:b8:e4:6b:
99:cc:a7:5c:e8:58:c0:0d:13:0e:b8:f7:4f:e1:d7:66:b7:c1:
93:50:e9:e6:e1:69:ee:5c:91:99:9c:16:e6:ea:37:6e:4c:27:
30:87:c9:49:d0:9e:73:c1:46:ae:fe:59:c9:49:b5:14:05:97:
27:9d:a4:f2:14:5e:3e:19:b8:24:10:91:14:d0:72:0a:ae:03:
f2:b2:ce:6f:80:0a:00:eb:36:dd:41:fd:64:1d:68:25:8a:2e:
cc:c5:7f:c0:26:7a:61:9f:9a:9c:10:18:6e:ab:f1:60:e6:f3:
65:a5:7d:7e:b1:ab:90:7f:40:aa:e9:86:86:00:d0:d4:77:b3:
cb:91:80:d5:ea:fe:46:c4:29:be:96:eb:98:ce:de:49:3d:42:
1a:42:68:9a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsQUaPMWXu5coN7n5gfmrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5M2YzMjMxYzc4N2Y3MWRkMjQ4NGVlMDAyZGE3M2E3MTc1
YmQyNDkwHhcNMjMwMTAxMDczNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTU5MTBmNDk1ZmE2MjM0YmQ1ZWFlMTE2ODRkYzFjYmRjNzMwNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjlrFv9Jf0QQNMRNeTkDLCc/YFk4
3ksA6vezETcW0Zh9hLIflNsFSkdJmIChwbYFN7MSo7HYJau+j2phG6Igr8L5YXJH
UN1Im2qnM1TkntyW1wqX+dHrdY+TeLDw/ypX3YRpYpRmLSyaatKNRqyKeLa3XxOu
7x7VDNqWjMM6nvxv+CbFrk9hFVtYvBCGq44XmHFdIR8xqsk9eMwNENEhbyYe594w
q19Cgw3aD16djv/ZmL3JA0iCTMSmZYoJmUp9i6F9gqkZAoRjFlLEZrLM0QVgvB90
SKJzmLI329nczsrk8NkAOEwUX13QtrtCB9nxhGIXQfYXIAj+nNkirjhltQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBFZEPSV+mI0vV6uEWhNwcvccwU0MB8GA1UdIwQY
MBaAFKk/MjHHh/cd0khO4ALac6cXW9JJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVQ4eU1jZUg5eDNTU0U3Z0F0cHpweGRiMGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80ZGM3OTUtODk1Ni00NDA4LWE1Y2Mt
YjU0YmNhZTE3ZDQwLzEvRVZrUTlKWDZZalM5WHE0UmFFM0J5OXh6QlRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80ZGM3OTUtODk1Ni00NDA4LWE1Y2MtYjU0YmNhZTE3ZDQw
LzEvcVQ4eU1jZUg5eDNTU0U3Z0F0cHpweGRiMGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCTh/EMA0E
AgACMAcDBQMqBmiAMA0GCSqGSIb3DQEBCwUAA4IBAQAtvDoaG7a1l4MQ6dKACZ06
95lfnxl/wyWEglnGRPmjv3qmDfjq+KHzQC1VIOhEBEiJ/zkTCyKqlj5Qeu+tH9DL
Le1aFctvFln+JyTcsxXXr36yRLetifbl2umRYP9Kg2rPBypwnDVUkXq45GuZzKdc
6FjADRMOuPdP4ddmt8GTUOnm4WnuXJGZnBbm6jduTCcwh8lJ0J5zwUau/lnJSbUU
BZcnnaTyFF4+GbgkEJEU0HIKrgPyss5vgAoA6zbdQf1kHWglii7MxX/AJnphn5qc
EBhuq/Fg5vNlpX1+sauQf0Cq6YaGANDUd7PLkYDV6v5GxCm+luuYzt5JPUIaQmia
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:37 2025 by rpki-client