Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/2z_kRevZHsCeN2GfwGitYvlZDQc.roa
File: 2z_kRevZHsCeN2GfwGitYvlZDQc.roa (raw, json)
Hash identifier: DsjfmSLIM8Cl/qiIdTQChQIUWRoS6ri8VnykvfDAqts=
Subject key identifier: DB:3F:E4:45:EB:D9:1E:C0:9E:37:61:9F:C0:68:AD:62:F9:59:0D:07
Certificate issuer: /CN=6821c8ff0437f7edd829166fde03446f86109d80
Certificate serial: 18357B2E
Authority key identifier: 68:21:C8:FF:04:37:F7:ED:D8:29:16:6F:DE:03:44:6F:86:10:9D:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCHI_wQ39-3YKRZv3gNEb4YQnYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/2z_kRevZHsCeN2GfwGitYvlZDQc.roa
Signing time: Sat 01 Jan 2022 07:56:22 +0000
ROA not before: Sat 01 Jan 2022 07:56:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57498
IP address blocks: 91.227.42.0/24 maxlen: 24
91.221.74.0/23 maxlen: 23
194.187.30.0/24 maxlen: 24
194.187.31.0/24 maxlen: 24
2001:678:b8c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 406158126 (0x18357b2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6821c8ff0437f7edd829166fde03446f86109d80
Validity
Not Before: Jan 1 07:56:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db3fe445ebd91ec09e37619fc068ad62f9590d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:88:d9:78:01:f7:c5:cb:6f:c0:6e:d2:c6:9a:
c6:a7:d1:c1:02:35:ad:48:5a:2c:80:69:3e:b8:4b:
0a:ce:37:e4:4e:4b:70:8b:52:20:46:04:b9:ce:2b:
05:34:30:c8:31:29:c8:6a:b7:65:66:16:4f:ba:50:
72:32:b2:88:f2:68:34:ec:00:7c:9c:32:50:d7:b7:
3b:51:bf:22:b2:49:23:a9:47:7f:7e:14:18:f7:b7:
6c:41:52:0a:f6:63:ea:6b:90:24:3e:ec:35:bf:d7:
fc:12:40:f4:57:4c:44:d2:5c:e9:ed:eb:91:02:90:
64:85:de:35:8e:4f:e6:59:4d:35:70:f4:a9:67:d5:
10:c2:35:c9:81:fc:ef:bd:5c:06:38:32:fc:ea:6d:
0c:5f:f8:6b:14:da:d4:01:0b:5f:bd:ed:9c:22:99:
bc:11:d5:9b:7b:25:ad:22:13:b5:3c:ba:0a:3d:e5:
22:06:25:99:f7:1f:ac:24:56:74:ae:a5:09:8d:d2:
f0:4c:07:b1:5d:b5:70:b2:a7:a0:f4:c1:ac:25:99:
14:4c:3d:ac:03:63:bd:e3:13:a5:d6:6d:02:f5:e7:
26:dd:f3:4c:34:83:cb:b0:04:22:31:bf:ec:ca:28:
f5:5f:11:4b:b5:0a:5b:b4:22:f9:b4:57:21:80:58:
9d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3F:E4:45:EB:D9:1E:C0:9E:37:61:9F:C0:68:AD:62:F9:59:0D:07
X509v3 Authority Key Identifier:
keyid:68:21:C8:FF:04:37:F7:ED:D8:29:16:6F:DE:03:44:6F:86:10:9D:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCHI_wQ39-3YKRZv3gNEb4YQnYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/2z_kRevZHsCeN2GfwGitYvlZDQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/aCHI_wQ39-3YKRZv3gNEb4YQnYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.74.0/23
91.227.42.0/24
194.187.30.0/23
IPv6:
2001:678:b8c::/48
Signature Algorithm: sha256WithRSAEncryption
a4:9c:9a:ec:c7:28:ad:ae:c1:79:4f:3b:58:1a:ea:aa:c7:2b:
9a:47:06:23:60:d6:4a:64:3f:71:57:85:70:9a:e2:f2:03:5c:
f2:dc:ab:35:a5:36:8a:23:75:26:9b:da:28:a7:f6:28:a9:2c:
59:ed:ee:90:01:44:fb:a8:4e:b2:59:55:00:c2:eb:d9:1d:51:
e7:64:1d:b7:12:53:4b:4b:34:d3:5c:29:e6:32:e1:c7:53:03:
22:23:c9:f7:32:97:bc:8a:9d:bd:74:f4:b9:a3:84:12:d6:dc:
4d:aa:a2:9d:1d:5c:19:9d:be:99:4a:73:55:f8:a0:60:41:d4:
a5:19:1b:76:a7:53:5e:d2:22:e5:74:3f:22:a7:3a:15:d8:55:
95:46:94:ec:f5:66:26:7c:63:e2:0c:23:88:4a:3f:33:0d:ea:
95:fc:86:63:be:17:52:53:ea:15:db:06:eb:79:6a:a1:36:82:
13:c7:f3:73:0a:44:59:41:be:35:ad:d5:f7:49:a2:3f:ef:90:
36:fc:09:94:f5:f6:c0:91:dc:7e:4d:d0:f3:75:b2:d0:7f:7f:
4b:e3:45:8b:c5:bd:22:78:73:df:b9:96:33:c3:6d:a8:d8:82:
2c:42:9f:c0:2c:30:85:b1:07:4a:3b:24:9f:9f:36:3e:4a:45:
6a:b6:d2:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEGDV7LjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ODIxYzhmZjA0MzdmN2VkZDgyOTE2NmZkZTAzNDQ2Zjg2MTA5ZDgwMB4XDTIyMDEw
MTA3NTYyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGIzZmU0NDVlYmQ5
MWVjMDllMzc2MTlmYzA2OGFkNjJmOTU5MGQwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+I2XgB98XLb8Bu0saaxqfRwQI1rUhaLIBpPrhLCs435E5L
cItSIEYEuc4rBTQwyDEpyGq3ZWYWT7pQcjKyiPJoNOwAfJwyUNe3O1G/IrJJI6lH
f34UGPe3bEFSCvZj6muQJD7sNb/X/BJA9FdMRNJc6e3rkQKQZIXeNY5P5llNNXD0
qWfVEMI1yYH8771cBjgy/OptDF/4axTa1AELX73tnCKZvBHVm3slrSITtTy6Cj3l
IgYlmfcfrCRWdK6lCY3S8EwHsV21cLKnoPTBrCWZFEw9rANjveMTpdZtAvXnJt3z
TDSDy7AEIjG/7Moo9V8RS7UKW7Qi+bRXIYBYnXECAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTbP+RF69kewJ43YZ/AaK1i+VkNBzAfBgNVHSMEGDAWgBRoIcj/BDf37dgp
Fm/eA0RvhhCdgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FDSElfd1EzOS0zWUtSWnYzZ05FYjRZUW5ZQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmMvMTNiMTQ0LWJlMTYtNDkyMi1hOTgzLTI1YWU5MjkzZjZiNC8x
LzJ6X2tSZXZaSHNDZU4yR2Z3R2l0WXZsWkRRYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMv
MTNiMTQ0LWJlMTYtNDkyMi1hOTgzLTI1YWU5MjkzZjZiNC8xL2FDSElfd1EzOS0z
WUtSWnYzZ05FYjRZUW5ZQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAVvdSgMEAFvjKgMEAcK7HjAPBAIA
AjAJAwcAIAEGeAuMMA0GCSqGSIb3DQEBCwUAA4IBAQCknJrsxyitrsF5TztYGuqq
xyuaRwYjYNZKZD9xV4VwmuLyA1zy3Ks1pTaKI3Umm9oop/YoqSxZ7e6QAUT7qE6y
WVUAwuvZHVHnZB23ElNLSzTTXCnmMuHHUwMiI8n3Mpe8ip29dPS5o4QS1txNqqKd
HVwZnb6ZSnNV+KBgQdSlGRt2p1Ne0iLldD8ipzoV2FWVRpTs9WYmfGPiDCOISj8z
DeqV/IZjvhdSU+oV2wbreWqhNoITx/NzCkRZQb41rdX3SaI/75A2/AmU9fbAkdx+
TdDzdbLQf39L40WLxb0ieHPfuZYzw22o2IIsQp/ALDCFsQdKOySfnzY+SkVqttIr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:21 2025 by rpki-client