Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/t39897dLHZnRfJ3HU2nA2gtexS4.roa
File: t39897dLHZnRfJ3HU2nA2gtexS4.roa (raw, json)
Hash identifier: hk1+Y1YgIJ0seO9HJGICggLx65Q6hj/3HrzflAZH1go=
Subject key identifier: B7:7F:7C:F7:B7:4B:1D:99:D1:7C:9D:C7:53:69:C0:DA:0B:5E:C5:2E
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 018AA72E2AD45822D03D2785410F9EE902F3
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/t39897dLHZnRfJ3HU2nA2gtexS4.roa
Signing time: Mon 18 Sep 2023 07:25:35 +0000
ROA not before: Mon 18 Sep 2023 07:25:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25311
IP address blocks: 86.105.206.0/23 maxlen: 24
195.182.220.0/23 maxlen: 24
2a03:9c20:2002::/48 maxlen: 56
2a03:9c20:3000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:2e:2a:d4:58:22:d0:3d:27:85:41:0f:9e:e9:02:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Sep 18 07:25:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b77f7cf7b74b1d99d17c9dc75369c0da0b5ec52e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:85:78:74:e4:32:6e:28:ae:6e:79:56:ab:14:
fb:07:90:df:7a:b9:45:37:72:9b:cc:1b:32:b6:53:
29:63:f6:cb:90:c5:f8:97:2d:dd:9d:f0:24:bf:29:
7e:0b:62:f0:2d:95:9d:da:35:7c:28:e2:2f:bf:11:
2d:79:68:e4:7d:43:30:a9:a9:d8:f3:92:39:f0:c2:
b8:fe:05:ac:85:9c:1c:2b:5b:16:6e:20:9b:43:9a:
e0:a4:2f:86:03:c7:b8:94:d0:a5:b9:87:bf:82:34:
84:0b:7f:bd:b7:2f:8e:fb:94:3f:e1:8c:20:02:e8:
00:3b:c9:7c:d1:68:0d:56:49:9f:a5:1a:f6:52:92:
d0:e1:73:b8:e7:d3:a6:5c:bf:ea:ab:a0:8c:14:d9:
27:ba:f9:8b:f7:4d:29:d6:a6:45:17:d4:db:f8:6d:
ba:7b:cb:57:f6:6d:36:19:e2:0c:f5:82:05:6f:aa:
e7:61:84:93:f2:0c:dd:97:ea:bb:34:0e:94:0e:54:
8f:b0:d2:17:dd:34:c8:f0:41:10:94:34:de:cc:d4:
3a:90:32:44:71:16:16:d6:4f:3c:5a:2f:cf:9b:82:
d7:1c:16:04:ec:c1:ae:f5:4e:a5:db:9b:df:fe:a9:
77:ab:22:25:85:51:7e:3f:46:e1:d3:f4:0f:71:63:
f3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:7F:7C:F7:B7:4B:1D:99:D1:7C:9D:C7:53:69:C0:DA:0B:5E:C5:2E
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/t39897dLHZnRfJ3HU2nA2gtexS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.206.0/23
195.182.220.0/23
IPv6:
2a03:9c20:2002::/48
2a03:9c20:3000::/36
Signature Algorithm: sha256WithRSAEncryption
11:4f:2f:32:0a:60:ff:e3:54:70:e8:5a:62:ea:c2:3f:1d:07:
bb:e8:61:f7:f2:fa:7d:2d:d0:70:7b:a2:7d:d9:cd:6c:21:6f:
ee:5a:8e:82:e7:3e:4e:e2:fa:b5:00:ba:b7:6c:81:48:fc:13:
0e:3a:9c:b9:c8:0d:af:f9:a3:8e:50:00:04:0b:f6:fe:a3:bb:
9d:bc:96:f9:6f:7a:c0:ba:cc:7e:3e:87:0b:31:e5:94:6f:f3:
f1:82:cf:26:04:42:e3:36:03:e4:04:ff:ac:8b:6b:16:9b:5b:
1e:99:e1:56:96:96:dc:cd:ab:f3:28:9a:51:ea:10:2f:8e:e7:
ff:b2:78:b4:09:1a:6d:a4:5f:d3:68:05:1e:69:fc:d7:6f:f6:
d6:99:76:a6:eb:16:35:a2:b3:ff:3c:db:42:6a:31:1c:f2:68:
c9:4f:83:cb:b1:21:6f:dd:3a:8a:6c:0b:31:c4:f4:97:d2:c0:
02:e2:24:d2:4d:cc:55:4b:d7:4a:a9:d6:1c:00:78:0d:f6:2d:
91:0d:29:8a:71:c4:9b:32:d2:dd:12:d7:35:ab:b2:2d:bc:78:
ea:96:c0:f9:1f:88:94:a0:22:90:81:5e:2f:63:ca:98:6b:47:
4a:9b:c2:0c:d3:c3:b3:70:2b:f5:68:a5:7c:20:02:14:f6:ee:
65:bd:30:dd
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYqnLirUWCLQPSeFQQ+e6QLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjMwOTE4MDcyNTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzdmN2NmN2I3NGIxZDk5ZDE3YzlkYzc1MzY5YzBkYTBiNWVjNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44V4dOQybiiubnlWqxT7B5DferlF
N3KbzBsytlMpY/bLkMX4ly3dnfAkvyl+C2LwLZWd2jV8KOIvvxEteWjkfUMwqanY
85I58MK4/gWshZwcK1sWbiCbQ5rgpC+GA8e4lNCluYe/gjSEC3+9ty+O+5Q/4Ywg
AugAO8l80WgNVkmfpRr2UpLQ4XO459OmXL/qq6CMFNknuvmL900p1qZFF9Tb+G26
e8tX9m02GeIM9YIFb6rnYYST8gzdl+q7NA6UDlSPsNIX3TTI8EEQlDTezNQ6kDJE
cRYW1k88Wi/Pm4LXHBYE7MGu9U6l25vf/ql3qyIlhVF+P0bh0/QPcWPzoQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFLd/fPe3Sx2Z0Xydx1NpwNoLXsUuMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvdDM5ODk3ZExIWm5SZkozSFUybkEyZ3RleFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQBVmnOAwQB
w7bcMBcEAgACMBEDBwAqA5wgIAIDBgQqA5wgMDANBgkqhkiG9w0BAQsFAAOCAQEA
EU8vMgpg/+NUcOhaYurCPx0Hu+hh9/L6fS3QcHuifdnNbCFv7lqOguc+TuL6tQC6
t2yBSPwTDjqcucgNr/mjjlAABAv2/qO7nbyW+W96wLrMfj6HCzHllG/z8YLPJgRC
4zYD5AT/rItrFptbHpnhVpaW3M2r8yiaUeoQL47n/7J4tAkabaRf02gFHmn812/2
1pl2pusWNaKz/zzbQmoxHPJoyU+Dy7Ehb906imwLMcT0l9LAAuIk0k3MVUvXSqnW
HAB4DfYtkQ0pinHEmzLS3RLXNauyLbx46pbA+R+IlKAikIFeL2PKmGtHSpvCDNPD
s3Ar9WilfCACFPbuZb0w3Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:17 2025 by rpki-client