Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/t8FPHoBMYbI_fy_X9jIptgudIOE.roa
File: t8FPHoBMYbI_fy_X9jIptgudIOE.roa (raw, json)
Hash identifier: ze3xT7QAu9hcKOMG9MopMfzObYnaLcQBybRubiYh5mY=
Subject key identifier: B7:C1:4F:1E:80:4C:61:B2:3F:7F:2F:D7:F6:32:29:B6:0B:9D:20:E1
Certificate issuer: /CN=d1d30b774b280c37e1c5ed5d8a69cb9af648b065
Certificate serial: 01856D0AC003ACBF0CABEC86C2F2B38D45B8
Authority key identifier: D1:D3:0B:77:4B:28:0C:37:E1:C5:ED:5D:8A:69:CB:9A:F6:48:B0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0dMLd0soDDfhxe1dimnLmvZIsGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/t8FPHoBMYbI_fy_X9jIptgudIOE.roa
Signing time: Sun 01 Jan 2023 11:14:59 +0000
ROA not before: Sun 01 Jan 2023 11:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62121
IP address blocks: 91.209.39.0/24 maxlen: 24
193.46.69.0/24 maxlen: 24
195.242.130.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:c0:03:ac:bf:0c:ab:ec:86:c2:f2:b3:8d:45:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1d30b774b280c37e1c5ed5d8a69cb9af648b065
Validity
Not Before: Jan 1 11:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7c14f1e804c61b23f7f2fd7f63229b60b9d20e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:45:d6:c5:73:49:98:c5:5c:12:61:58:80:fb:
f2:80:38:d3:99:55:da:63:37:2a:a9:38:33:04:28:
86:67:fe:56:69:7e:27:a2:7b:6d:32:fa:df:a6:e0:
2c:1c:77:15:a2:e8:2a:19:f6:50:a7:b9:de:3f:60:
30:61:0b:12:3c:1a:c8:8c:56:3d:49:c5:58:25:39:
04:0b:e6:d1:af:e3:87:a9:31:98:4d:88:a6:80:01:
f9:c6:42:d0:9d:41:29:3c:ce:e5:4b:2a:c7:84:fb:
13:2e:19:36:87:da:77:39:6b:49:cd:48:3b:41:27:
a6:06:c3:a6:18:36:64:95:98:d7:97:cd:58:64:11:
ab:b0:a6:c3:72:29:d1:c3:70:d9:11:2f:a5:10:76:
1a:f9:5a:d5:cb:4b:53:f7:13:02:3f:2d:59:6f:52:
a1:bc:93:fe:a9:9c:78:e9:85:20:74:e2:79:02:fa:
f9:74:11:2b:4b:9f:4c:be:19:5f:60:b2:6a:2f:c5:
3f:33:45:57:c2:b9:b4:af:10:58:18:71:6d:03:98:
e6:2e:b8:55:f6:3e:80:59:fb:64:ed:a5:30:ef:29:
8e:38:f5:50:b1:eb:e8:0c:5c:55:f3:fa:9a:60:12:
8d:a9:72:73:1b:31:41:52:b0:b3:27:ed:70:b6:2b:
2f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C1:4F:1E:80:4C:61:B2:3F:7F:2F:D7:F6:32:29:B6:0B:9D:20:E1
X509v3 Authority Key Identifier:
keyid:D1:D3:0B:77:4B:28:0C:37:E1:C5:ED:5D:8A:69:CB:9A:F6:48:B0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dMLd0soDDfhxe1dimnLmvZIsGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/t8FPHoBMYbI_fy_X9jIptgudIOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/0dMLd0soDDfhxe1dimnLmvZIsGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.39.0/24
193.46.69.0/24
195.242.130.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:f0:90:43:0d:2b:fd:de:75:8e:db:5f:16:2c:cc:13:62:dd:
5a:04:58:8f:d3:17:e9:df:c0:3f:d0:41:71:96:7e:d8:49:b2:
78:cc:70:2a:ef:c3:46:1b:dd:6c:cb:4f:27:32:d9:91:5b:ed:
6b:9c:95:83:f1:3e:23:94:74:ea:10:02:a6:f4:a2:02:06:59:
eb:14:14:8a:7f:6a:e6:f2:a8:8b:d7:1b:92:c3:29:0e:63:72:
92:7f:68:fe:5d:b0:63:77:1f:d9:4b:ec:60:d1:5f:a1:be:4a:
3f:7b:a8:38:9f:d5:0e:03:4d:a5:b4:f8:30:3f:52:62:0a:25:
9f:f7:6a:a5:7b:26:77:4a:40:b9:f8:55:5e:4b:3a:8d:4f:4d:
fa:d4:63:1b:83:5a:dd:ec:cc:72:59:7b:74:72:90:d8:e1:0b:
46:de:89:65:da:c2:84:89:fe:1f:86:8b:ba:b2:54:24:ec:d6:
a5:c7:25:29:c1:d5:f7:88:f0:87:33:af:bd:93:bd:0f:94:51:
82:f8:99:d8:45:c5:36:d5:cc:3d:54:f7:94:65:40:23:9c:a4:
24:d6:35:e7:98:fe:42:c1:57:47:95:c6:96:e9:74:7c:94:67:
8d:a9:1b:18:78:40:ed:fe:3f:48:0d:08:f9:a9:e1:40:e7:90:
45:69:d9:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtCsADrL8Mq+yGwvKzjUW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZDMwYjc3NGIyODBjMzdlMWM1ZWQ1ZDhhNjljYjlhZjY0
OGIwNjUwHhcNMjMwMTAxMTExNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2MxNGYxZTgwNGM2MWIyM2Y3ZjJmZDdmNjMyMjliNjBiOWQyMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20XWxXNJmMVcEmFYgPvygDjTmVXa
YzcqqTgzBCiGZ/5WaX4nonttMvrfpuAsHHcVougqGfZQp7neP2AwYQsSPBrIjFY9
ScVYJTkEC+bRr+OHqTGYTYimgAH5xkLQnUEpPM7lSyrHhPsTLhk2h9p3OWtJzUg7
QSemBsOmGDZklZjXl81YZBGrsKbDcinRw3DZES+lEHYa+VrVy0tT9xMCPy1Zb1Kh
vJP+qZx46YUgdOJ5Avr5dBErS59MvhlfYLJqL8U/M0VXwrm0rxBYGHFtA5jmLrhV
9j6AWftk7aUw7ymOOPVQsevoDFxV8/qaYBKNqXJzGzFBUrCzJ+1wtisvqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLfBTx6ATGGyP38v1/YyKbYLnSDhMB8GA1UdIwQY
MBaAFNHTC3dLKAw34cXtXYppy5r2SLBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGRNTGQwc29ERGZoeGUxZGltbkxtdlpJc0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9iMDY5ZjktZjE0Ni00MjQ3LWJhY2Mt
YmU2MzA0YzI1MmM3LzEvdDhGUEhvQk1ZYklfZnlfWDlqSXB0Z3VkSU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9iMDY5ZjktZjE0Ni00MjQ3LWJhY2MtYmU2MzA0YzI1MmM3
LzEvMGRNTGQwc29ERGZoeGUxZGltbkxtdlpJc0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9EnAwQA
wS5FAwQBw/KCMA0GCSqGSIb3DQEBCwUAA4IBAQAN8JBDDSv93nWO218WLMwTYt1a
BFiP0xfp38A/0EFxln7YSbJ4zHAq78NGG91sy08nMtmRW+1rnJWD8T4jlHTqEAKm
9KICBlnrFBSKf2rm8qiL1xuSwykOY3KSf2j+XbBjdx/ZS+xg0V+hvko/e6g4n9UO
A02ltPgwP1JiCiWf92qleyZ3SkC5+FVeSzqNT0361GMbg1rd7MxyWXt0cpDY4QtG
3oll2sKEif4fhou6slQk7NalxyUpwdX3iPCHM6+9k70PlFGC+JnYRcU21cw9VPeU
ZUAjnKQk1jXnmP5CwVdHlcaW6XR8lGeNqRsYeEDt/j9IDQj5qeFA55BFadlv
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:55 2025 by rpki-client