Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/6lh5SOv0GCTGyjF13_0t1vt2hPY.roa
File: 6lh5SOv0GCTGyjF13_0t1vt2hPY.roa (raw, json)
Hash identifier: u7oPJgTb59z56cOe/SPKmVz7X9ppXe10a4I8/oAkF10=
Subject key identifier: EA:58:79:48:EB:F4:18:24:C6:CA:31:75:DF:FD:2D:D6:FB:76:84:F6
Certificate issuer: /CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Certificate serial: 01856F1DAF0F4C3C94D0988436D56E0737C8
Authority key identifier: 9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/6lh5SOv0GCTGyjF13_0t1vt2hPY.roa
Signing time: Sun 01 Jan 2023 20:54:54 +0000
ROA not before: Sun 01 Jan 2023 20:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8735
IP address blocks: 193.188.250.0/24 maxlen: 24
194.8.96.0/19 maxlen: 25
194.145.64.0/19 maxlen: 25
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:af:0f:4c:3c:94:d0:98:84:36:d5:6e:07:37:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5de490ff874e9689cecf726cbb4e2f51f6c731
Validity
Not Before: Jan 1 20:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea587948ebf41824c6ca3175dffd2dd6fb7684f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9a:7c:d5:90:0d:26:cf:e2:49:ca:28:cb:1a:
fd:3f:ab:2d:44:8a:1e:aa:18:83:fd:0b:94:e8:be:
97:dd:3e:66:f2:56:5c:f0:5f:78:fd:ff:84:61:e5:
94:f1:d6:6b:2e:6d:21:8e:76:66:67:7c:b1:7b:97:
e9:2d:49:af:13:17:2e:fd:5b:49:5a:88:76:15:61:
8a:ee:fd:9b:c1:2e:07:1a:80:10:73:bd:de:c4:47:
ac:e7:9f:01:3c:b3:a0:48:ba:ec:04:be:e3:46:f4:
30:fc:48:43:1e:56:c7:b7:23:10:bf:9c:b1:11:d7:
cc:2c:cf:ec:5d:5c:23:17:d3:c5:d8:7c:0e:4e:8f:
67:da:24:1d:64:49:59:71:a8:c5:88:ff:14:80:66:
40:39:2a:1f:de:6d:a2:d8:bd:59:38:03:22:a3:7b:
58:4f:70:ff:51:24:a3:6c:f3:1f:9d:11:90:c4:c7:
b5:21:5c:32:f5:fc:24:93:00:ad:75:17:f7:43:ad:
f5:6f:36:9e:9c:d4:8f:ed:6e:27:2c:16:c2:5a:e1:
42:55:55:c3:1e:45:49:6a:75:19:ef:99:95:c9:03:
69:fd:2e:56:57:06:f3:b8:c5:1f:33:82:fd:aa:8a:
d3:66:f9:c5:7c:88:6d:b9:2e:08:d9:36:db:b4:2d:
eb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:58:79:48:EB:F4:18:24:C6:CA:31:75:DF:FD:2D:D6:FB:76:84:F6
X509v3 Authority Key Identifier:
keyid:9D:5D:E4:90:FF:87:4E:96:89:CE:CF:72:6C:BB:4E:2F:51:F6:C7:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nV3kkP-HTpaJzs9ybLtOL1H2xzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/6lh5SOv0GCTGyjF13_0t1vt2hPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/745bdb-104b-49c7-99d5-cec33ba1bdf5/1/nV3kkP-HTpaJzs9ybLtOL1H2xzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.188.250.0/24
194.8.96.0/19
194.145.64.0/19
Signature Algorithm: sha256WithRSAEncryption
53:b9:25:6e:c6:87:88:d5:90:23:4e:b4:7e:48:a9:c4:c1:ba:
e6:8a:b9:ee:90:d7:14:9a:24:cd:d9:2e:2f:32:00:df:44:cb:
2b:1f:2e:09:7f:f2:0e:c6:92:6e:40:39:81:61:64:da:a0:35:
54:13:f1:4b:4c:32:af:db:41:32:4f:52:4a:c0:f5:d5:e3:2a:
dd:27:ef:49:3c:b3:65:16:7a:e9:0f:86:40:61:94:a4:5a:7f:
2c:fa:f1:04:b5:79:cf:0a:60:d4:44:c4:24:db:ca:22:7e:18:
e5:93:49:cb:41:ea:e8:5e:70:9c:be:fa:d0:41:9b:59:ee:14:
bf:b1:62:9c:8e:ba:bb:36:66:89:48:18:78:3b:ef:98:90:57:
ab:ed:7c:42:38:7f:b5:81:20:24:ed:8e:06:55:af:8e:5f:17:
7a:6b:91:62:86:76:86:47:69:e5:a5:8a:40:b6:40:a6:c3:1d:
8a:10:f1:ed:ea:bf:ec:6a:7b:ca:8a:61:a0:ad:5b:a1:c0:b9:
07:ee:20:c1:47:c1:f8:eb:16:62:2d:71:2a:46:56:5b:4a:25:
37:9d:57:8f:90:ad:62:4d:8e:4b:de:86:5e:59:41:cc:81:bc:
fe:95:ff:cb:2e:d7:24:c0:3f:ff:dd:ef:d3:08:13:8f:5d:76:
fc:26:5b:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvHa8PTDyU0JiENtVuBzfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNWRlNDkwZmY4NzRlOTY4OWNlY2Y3MjZjYmI0ZTJmNTFm
NmM3MzEwHhcNMjMwMTAxMjA1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTU4Nzk0OGViZjQxODI0YzZjYTMxNzVkZmZkMmRkNmZiNzY4NGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5p81ZANJs/iScooyxr9P6stRIoe
qhiD/QuU6L6X3T5m8lZc8F94/f+EYeWU8dZrLm0hjnZmZ3yxe5fpLUmvExcu/VtJ
Woh2FWGK7v2bwS4HGoAQc73exEes558BPLOgSLrsBL7jRvQw/EhDHlbHtyMQv5yx
EdfMLM/sXVwjF9PF2HwOTo9n2iQdZElZcajFiP8UgGZAOSof3m2i2L1ZOAMio3tY
T3D/USSjbPMfnRGQxMe1IVwy9fwkkwCtdRf3Q631bzaenNSP7W4nLBbCWuFCVVXD
HkVJanUZ75mVyQNp/S5WVwbzuMUfM4L9qorTZvnFfIhtuS4I2TbbtC3r5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOpYeUjr9Bgkxsoxdd/9Ldb7doT2MB8GA1UdIwQY
MBaAFJ1d5JD/h06Wic7Pcmy7Ti9R9scxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUt
Y2VjMzNiYTFiZGY1LzEvNmxoNVNPdjBHQ1RHeWpGMTNfMHQxdnQyaFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83NDViZGItMTA0Yi00OWM3LTk5ZDUtY2VjMzNiYTFiZGY1
LzEvblYza2tQLUhUcGFKenM5eWJMdE9MMUgyeHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwbz6AwQF
wghgAwQFwpFAMA0GCSqGSIb3DQEBCwUAA4IBAQBTuSVuxoeI1ZAjTrR+SKnEwbrm
irnukNcUmiTN2S4vMgDfRMsrHy4Jf/IOxpJuQDmBYWTaoDVUE/FLTDKv20EyT1JK
wPXV4yrdJ+9JPLNlFnrpD4ZAYZSkWn8s+vEEtXnPCmDURMQk28oifhjlk0nLQero
XnCcvvrQQZtZ7hS/sWKcjrq7NmaJSBh4O++YkFer7XxCOH+1gSAk7Y4GVa+OXxd6
a5FihnaGR2nlpYpAtkCmwx2KEPHt6r/sanvKimGgrVuhwLkH7iDBR8H46xZiLXEq
RlZbSiU3nVePkK1iTY5L3oZeWUHMgbz+lf/LLtckwD//3e/TCBOPXXb8Jlvm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:44 2025 by rpki-client