Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/dqvnKeVOJ6JHepjBHtxEbYMskRQ.roa
File: dqvnKeVOJ6JHepjBHtxEbYMskRQ.roa (raw, json)
Hash identifier: J2lRwbwFoGINhiK+18iwmY0HL2ZgjAIavcOKeye2HF0=
Subject key identifier: 76:AB:E7:29:E5:4E:27:A2:47:7A:98:C1:1E:DC:44:6D:83:2C:91:14
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018572BA6564B4EDB4FBBA87FD3B25E3FC0C
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/dqvnKeVOJ6JHepjBHtxEbYMskRQ.roa
Signing time: Mon 02 Jan 2023 13:44:56 +0000
ROA not before: Mon 02 Jan 2023 13:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211614
IP address blocks: 213.252.243.0/24 maxlen: 24
84.15.125.0/24 maxlen: 24
84.15.127.0/24 maxlen: 24
84.15.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:65:64:b4:ed:b4:fb:ba:87:fd:3b:25:e3:fc:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 2 13:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76abe729e54e27a2477a98c11edc446d832c9114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ea:17:0d:25:2c:70:19:e9:39:f0:22:f1:25:
b8:7f:73:5e:d4:4d:34:ca:dc:a9:5b:50:95:df:37:
de:40:0a:1d:c6:3b:ba:a7:28:73:37:2e:30:d2:f6:
f4:3d:eb:e9:e1:71:1a:60:dd:5b:37:0d:d5:c9:0c:
96:f2:18:4e:b2:58:60:98:a0:56:73:1f:76:fb:1a:
a1:c4:fd:45:84:30:5e:06:fb:84:8c:9a:5b:d2:06:
f2:c2:08:55:08:33:7d:79:7d:5f:2e:2d:5b:f3:3c:
ad:4e:64:12:4d:a8:18:fa:5f:dd:ec:21:a9:2e:fc:
4c:ef:de:84:5e:e7:5e:84:ad:7d:c3:36:f8:7d:d2:
ac:95:b0:3e:13:0e:25:70:07:8b:e1:57:60:c9:6b:
0c:39:fc:f2:c9:a6:98:fc:94:f9:54:4b:09:0d:6a:
69:e9:28:a6:66:2f:e4:e7:78:c2:4f:14:56:7b:70:
fa:e5:78:0b:18:cd:85:07:33:ed:c6:90:ca:0a:f4:
d7:0e:c3:63:30:d4:3d:6e:7f:5a:2f:0a:7b:9d:b8:
2d:7e:d0:f4:b5:a2:8f:b1:da:39:8a:e3:b8:89:dd:
25:df:4a:d2:b2:93:39:33:cb:1c:0f:11:44:fa:f0:
67:14:9f:93:ec:ff:61:33:cc:1e:80:a9:5b:07:a7:
14:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:AB:E7:29:E5:4E:27:A2:47:7A:98:C1:1E:DC:44:6D:83:2C:91:14
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/dqvnKeVOJ6JHepjBHtxEbYMskRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.15.125.0-84.15.127.255
213.252.243.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:07:b5:15:39:63:0c:ad:db:72:5a:03:74:8a:85:47:58:4d:
c1:59:48:58:f3:dd:d6:af:98:04:22:8f:94:25:5b:25:71:ae:
ef:63:62:04:bf:94:d8:c2:32:2c:1b:f5:72:12:4d:9f:43:64:
1a:e5:16:f5:3f:05:76:49:51:d6:9d:4b:92:58:b1:c6:1f:a6:
e2:e3:60:75:35:00:df:bb:1c:2f:21:81:18:35:1b:1d:a7:6a:
da:f9:54:ce:a2:c7:56:42:27:36:1a:e7:1a:95:08:50:b4:6e:
d3:83:e0:a6:c2:bd:ef:46:5a:b6:80:57:73:93:6e:5e:d4:e4:
26:e1:e8:11:2b:bb:6f:0a:19:69:80:fa:82:75:e0:67:f0:c9:
a7:36:2b:71:0a:28:83:9f:38:76:9a:59:23:7e:c8:93:de:bd:
db:91:ab:04:4b:98:08:0e:3f:b1:a1:1c:d6:98:fd:41:40:a9:
7d:16:4a:8d:dc:3f:9f:2a:f5:08:fe:b8:1f:e0:5e:5c:7b:04:
26:b8:ec:7b:5f:63:a1:d9:1d:95:56:cd:68:da:78:aa:00:60:
a3:2e:87:fe:c8:99:52:b5:20:d8:f5:fd:4a:8b:35:31:04:0e:
e4:04:03:6b:3b:23:78:9e:ca:b0:a8:e2:bf:40:e4:70:bf:ed:
16:83:ba:82
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVyumVktO20+7qH/Tsl4/wMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjMwMTAyMTM0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmFiZTcyOWU1NGUyN2EyNDc3YTk4YzExZWRjNDQ2ZDgzMmM5MTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeoXDSUscBnpOfAi8SW4f3Ne1E00
ytypW1CV3zfeQAodxju6pyhzNy4w0vb0Pevp4XEaYN1bNw3VyQyW8hhOslhgmKBW
cx92+xqhxP1FhDBeBvuEjJpb0gbywghVCDN9eX1fLi1b8zytTmQSTagY+l/d7CGp
LvxM796EXudehK19wzb4fdKslbA+Ew4lcAeL4VdgyWsMOfzyyaaY/JT5VEsJDWpp
6SimZi/k53jCTxRWe3D65XgLGM2FBzPtxpDKCvTXDsNjMNQ9bn9aLwp7nbgtftD0
taKPsdo5iuO4id0l30rSspM5M8scDxFE+vBnFJ+T7P9hM8wegKlbB6cUVQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHar5ynlTieiR3qYwR7cRG2DLJEUMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvZHF2bktlVk9KNkpIZXBqQkh0eEViWU1za1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABUD30D
BAdUDwADBADV/PMwDQYJKoZIhvcNAQELBQADggEBAA0HtRU5Ywyt23JaA3SKhUdY
TcFZSFjz3davmAQij5QlWyVxru9jYgS/lNjCMiwb9XISTZ9DZBrlFvU/BXZJUdad
S5JYscYfpuLjYHU1AN+7HC8hgRg1Gx2natr5VM6ix1ZCJzYa5xqVCFC0btOD4KbC
ve9GWraAV3OTbl7U5Cbh6BEru28KGWmA+oJ14Gfwyac2K3EKKIOfOHaaWSN+yJPe
vduRqwRLmAgOP7GhHNaY/UFAqX0WSo3cP58q9Qj+uB/gXlx7BCa47HtfY6HZHZVW
zWjaeKoAYKMuh/7ImVK1INj1/UqLNTEEDuQEA2s7I3ieyrCo4r9A5HC/7RaDuoI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:15 2025 by rpki-client