Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/8ecXt08fyXL_b_WncKthpfx7ntY.roa
File: 8ecXt08fyXL_b_WncKthpfx7ntY.roa (raw, json)
Hash identifier: FO+OboRSboYWpmJ9PCSSOlF7NfwsHr6Djp7LlU1Znfc=
Subject key identifier: F1:E7:17:B7:4F:1F:C9:72:FF:6F:F5:A7:70:AB:61:A5:FC:7B:9E:D6
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 018BD851800B72345FF013FC34F7D3D435C3
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/8ecXt08fyXL_b_WncKthpfx7ntY.roa
Signing time: Thu 16 Nov 2023 13:28:21 +0000
ROA not before: Thu 16 Nov 2023 13:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50469
IP address blocks: 82.206.24.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:51:80:0b:72:34:5f:f0:13:fc:34:f7:d3:d4:35:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Nov 16 13:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1e717b74f1fc972ff6ff5a770ab61a5fc7b9ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bf:00:26:d3:b1:3f:c1:f0:31:fc:03:19:e6:
98:be:81:e1:62:53:05:bf:91:39:c6:f2:af:05:15:
1a:65:a3:27:d9:3e:60:71:4f:38:0d:62:59:e7:97:
0f:a6:b1:ee:f8:ed:09:4f:ba:09:88:8d:4e:52:9d:
16:a7:55:05:f1:a4:96:10:d4:69:1f:2d:5f:a8:68:
b9:b7:85:e6:4f:25:b8:f9:c6:34:b0:28:9d:ab:16:
a9:16:e9:b5:b1:67:7f:40:e0:57:c1:7e:2c:cc:7a:
57:05:e5:20:7c:8c:1a:e2:07:54:9a:92:17:c0:ec:
d1:37:41:6c:f8:24:0a:5c:a6:48:92:2b:92:48:9b:
0c:4c:ec:64:75:f0:1e:1e:f4:09:63:f3:17:b0:7c:
d7:e0:3b:fa:ca:85:29:cd:fd:46:7c:6c:35:d5:a2:
6e:c4:6f:c8:13:b3:af:b1:5f:7f:3d:ee:21:88:c4:
9e:2c:7f:b3:19:0f:67:8f:7d:e1:a7:2e:74:ab:d4:
41:a9:e7:8d:be:7e:27:17:e6:b8:7b:69:be:a7:4e:
19:09:b3:00:66:1f:e4:f4:d4:9a:d7:31:78:41:4e:
17:53:98:1c:bb:0e:68:85:3c:53:6b:55:c6:10:2d:
fe:6c:6e:86:ca:65:a3:8a:88:a4:e6:d8:4f:e3:76:
8d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E7:17:B7:4F:1F:C9:72:FF:6F:F5:A7:70:AB:61:A5:FC:7B:9E:D6
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/8ecXt08fyXL_b_WncKthpfx7ntY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.24.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:d1:0c:fb:96:22:1a:5c:79:66:dd:8f:c9:0a:c3:e2:fd:14:
8a:80:5f:b8:ac:e4:f7:78:4e:ea:31:6e:36:a9:8e:88:71:6c:
bc:93:fd:df:b0:ed:12:5a:8a:40:ce:c8:95:39:66:64:1e:44:
84:bf:50:b4:cb:f1:f4:1b:94:3f:77:f9:9a:04:be:35:1c:c5:
b5:f0:5a:eb:32:4e:4d:06:a0:6f:3e:a9:a7:20:70:d1:0f:36:
e1:77:d3:c2:7d:1a:c9:f0:6c:25:fb:65:0f:08:b7:36:3e:15:
ef:17:e6:3e:f8:a6:23:2c:18:d7:e9:97:bd:f5:55:5b:1d:21:
36:7b:c8:b8:d5:68:35:39:9d:e6:d7:15:b9:17:b7:96:74:ed:
ac:17:57:21:8e:74:9d:1a:87:8d:54:ae:f7:c1:42:db:ca:be:
e8:cc:1e:79:19:2e:ab:c4:86:8e:d6:8f:ef:d0:fd:f7:d0:b5:
2d:53:56:81:5c:76:35:7c:1a:0a:67:42:fa:5a:5a:72:a6:25:
36:07:52:13:a1:c8:38:a1:29:76:4b:cd:87:18:88:f6:61:b1:
21:b8:9e:de:c6:1c:ec:32:28:cf:54:65:85:fb:76:e7:47:6b:
2d:f4:04:8a:b1:de:35:c7:ac:c4:2b:45:61:af:0b:ad:5d:33:
bc:8a:57:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvYUYALcjRf8BP8NPfT1DXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjMxMTE2MTMyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWU3MTdiNzRmMWZjOTcyZmY2ZmY1YTc3MGFiNjFhNWZjN2I5ZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL8AJtOxP8HwMfwDGeaYvoHhYlMF
v5E5xvKvBRUaZaMn2T5gcU84DWJZ55cPprHu+O0JT7oJiI1OUp0Wp1UF8aSWENRp
Hy1fqGi5t4XmTyW4+cY0sCidqxapFum1sWd/QOBXwX4szHpXBeUgfIwa4gdUmpIX
wOzRN0Fs+CQKXKZIkiuSSJsMTOxkdfAeHvQJY/MXsHzX4Dv6yoUpzf1GfGw11aJu
xG/IE7OvsV9/Pe4hiMSeLH+zGQ9nj33hpy50q9RBqeeNvn4nF+a4e2m+p04ZCbMA
Zh/k9NSa1zF4QU4XU5gcuw5ohTxTa1XGEC3+bG6GymWjioik5thP43aNUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPHnF7dPH8ly/2/1p3CrYaX8e57WMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvOGVjWHQwOGZ5WExfYl9XbmNLdGhwZng3bnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUs4YMA0G
CSqGSIb3DQEBCwUAA4IBAQBK0Qz7liIaXHlm3Y/JCsPi/RSKgF+4rOT3eE7qMW42
qY6IcWy8k/3fsO0SWopAzsiVOWZkHkSEv1C0y/H0G5Q/d/maBL41HMW18FrrMk5N
BqBvPqmnIHDRDzbhd9PCfRrJ8Gwl+2UPCLc2PhXvF+Y++KYjLBjX6Ze99VVbHSE2
e8i41Wg1OZ3m1xW5F7eWdO2sF1chjnSdGoeNVK73wULbyr7ozB55GS6rxIaO1o/v
0P330LUtU1aBXHY1fBoKZ0L6WlpypiU2B1ITocg4oSl2S82HGIj2YbEhuJ7exhzs
MijPVGWF+3bnR2st9ASKsd41x6zEK0VhrwutXTO8ileG
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:54 2025 by rpki-client