Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/6z8n6EO-v83W71oqc2MvnSgUp1A.roa
File: 6z8n6EO-v83W71oqc2MvnSgUp1A.roa (raw, json)
Hash identifier: fejMbw/3zRXMeOnpaGgm2o6Wq32RBdTksJmC1/sC+kg=
Subject key identifier: EB:3F:27:E8:43:BE:BF:CD:D6:EF:5A:2A:73:63:2F:9D:28:14:A7:50
Certificate issuer: /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial: 093B45F8
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/6z8n6EO-v83W71oqc2MvnSgUp1A.roa
Signing time: Sat 01 Jan 2022 06:02:12 +0000
ROA not before: Sat 01 Jan 2022 06:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47952
IP address blocks: 91.194.52.0/24 maxlen: 24
91.194.54.0/24 maxlen: 24
185.201.213.0/24 maxlen: 24
185.201.212.0/24 maxlen: 24
185.201.214.0/24 maxlen: 24
185.201.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154879480 (0x93b45f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Validity
Not Before: Jan 1 06:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb3f27e843bebfcdd6ef5a2a73632f9d2814a750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:23:ab:ba:05:8e:f7:6c:01:13:6b:5c:b5:ff:
21:ef:48:cc:83:e0:23:37:8e:99:88:d3:b1:4b:0e:
ef:b2:3e:73:08:06:48:2b:8f:37:a2:18:5f:b7:14:
ab:07:4b:ab:d3:7c:8e:3c:d8:c5:59:d2:31:90:e9:
91:7f:3f:e3:07:f6:44:92:81:df:63:2a:7a:d7:6f:
19:28:ba:7f:4c:4d:e9:76:36:6b:6a:f1:e6:54:15:
1d:37:33:68:b2:ce:5c:79:f6:7c:59:80:93:50:bf:
ac:64:de:78:a6:72:b8:e5:10:36:07:f1:26:be:58:
91:77:52:1d:b7:27:9e:32:af:ff:32:ed:eb:7f:83:
53:ec:71:a2:98:89:24:aa:65:08:78:a5:85:5f:71:
4e:3e:0b:f7:ce:b2:39:b2:ba:31:62:cd:83:4c:9b:
75:56:45:ac:bc:1e:f4:bd:9e:53:71:ca:20:14:36:
e2:f2:d3:d4:58:3e:c7:0e:30:11:77:2e:b7:ce:9a:
d0:c9:bc:f2:72:cf:fb:a6:b4:1b:f0:6c:af:27:02:
24:b5:ef:32:69:b5:63:04:6e:35:aa:66:23:50:03:
e2:69:01:a7:d4:c1:01:41:a4:fb:91:35:49:d0:5b:
8d:8b:0a:e8:55:f5:2f:fc:e5:14:2c:57:bf:69:cb:
af:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:3F:27:E8:43:BE:BF:CD:D6:EF:5A:2A:73:63:2F:9D:28:14:A7:50
X509v3 Authority Key Identifier:
keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/6z8n6EO-v83W71oqc2MvnSgUp1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.52.0/24
91.194.54.0/24
185.201.212.0/22
Signature Algorithm: sha256WithRSAEncryption
44:73:67:9d:b3:b3:72:3f:a4:e7:0c:67:eb:9c:e1:ed:b4:56:
1c:75:ac:4a:02:50:01:f5:cc:61:7c:9e:65:36:a2:26:9e:50:
cb:03:79:41:56:d3:89:ac:2b:19:49:ba:77:02:94:6c:7e:36:
e2:93:0f:90:6a:f5:83:ca:a6:38:45:23:58:a4:ae:02:d3:ed:
f5:7a:0e:81:57:b8:9b:79:09:44:2d:73:4e:ad:c3:34:78:0f:
03:18:78:4c:bb:e8:2a:d0:f4:05:c5:39:96:d6:35:44:70:27:
39:ae:cf:6c:fd:17:0b:70:3a:9b:39:ac:65:f6:e5:17:f4:42:
5b:2f:8c:75:66:c3:7e:2a:69:e1:b5:88:65:21:6b:e3:55:5e:
98:ad:fd:82:01:1d:61:be:8d:b1:80:64:43:4c:b4:98:e8:60:
0c:a6:31:bc:e9:d7:de:ca:03:77:93:a3:c8:3a:b6:a9:03:b4:
21:24:9a:10:17:f9:a1:1b:d0:89:34:f5:5b:87:ad:1c:fe:8e:
55:1a:7e:df:6a:48:bf:26:de:da:73:d2:33:33:68:a6:49:e7:
2a:2f:1e:86:9f:d2:af:48:79:83:4c:eb:22:7e:06:fb:7b:f2:
3d:6e:63:5e:4f:20:3b:8f:f2:7f:79:83:de:5f:04:46:86:a7:
0a:a8:00:80
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECTtF+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NjMwYjczYjUxY2JjNTM4MGRkNGFkYjNkNWFhZmY0ZDdhMzM0YzVlMB4XDTIyMDEw
MTA2MDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWIzZjI3ZTg0M2Jl
YmZjZGQ2ZWY1YTJhNzM2MzJmOWQyODE0YTc1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPsjq7oFjvdsARNrXLX/Ie9IzIPgIzeOmYjTsUsO77I+cwgG
SCuPN6IYX7cUqwdLq9N8jjzYxVnSMZDpkX8/4wf2RJKB32MqetdvGSi6f0xN6XY2
a2rx5lQVHTczaLLOXHn2fFmAk1C/rGTeeKZyuOUQNgfxJr5YkXdSHbcnnjKv/zLt
63+DU+xxopiJJKplCHilhV9xTj4L986yObK6MWLNg0ybdVZFrLwe9L2eU3HKIBQ2
4vLT1Fg+xw4wEXcut86a0Mm88nLP+6a0G/BsrycCJLXvMmm1YwRuNapmI1AD4mkB
p9TBAUGk+5E1SdBbjYsK6FX1L/zlFCxXv2nLr98CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTrPyfoQ76/zdbvWipzYy+dKBSnUDAfBgNVHSMEGDAWgBS2MLc7UcvFOA3U
rbPVqv9NejNMXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RqQzNPMUhMeFRnTjFLMnoxYXJfVFhvelRGNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvNDc0OGM3LWNkOWUtNDAxZS1hOGE0LTBkNDhlNjg5NWYxMi8x
LzZ6OG42RU8tdjgzVzcxb3FjMk12blNnVXAxQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
NDc0OGM3LWNkOWUtNDAxZS1hOGE0LTBkNDhlNjg5NWYxMi8xL3RqQzNPMUhMeFRn
TjFLMnoxYXJfVFhvelRGNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFvCNAMEAFvCNgMEArnJ1DANBgkq
hkiG9w0BAQsFAAOCAQEARHNnnbOzcj+k5wxn65zh7bRWHHWsSgJQAfXMYXyeZTai
Jp5QywN5QVbTiawrGUm6dwKUbH424pMPkGr1g8qmOEUjWKSuAtPt9XoOgVe4m3kJ
RC1zTq3DNHgPAxh4TLvoKtD0BcU5ltY1RHAnOa7PbP0XC3A6mzmsZfblF/RCWy+M
dWbDfipp4bWIZSFr41VemK39ggEdYb6NsYBkQ0y0mOhgDKYxvOnX3soDd5OjyDq2
qQO0ISSaEBf5oRvQiTT1W4etHP6OVRp+32pIvybe2nPSMzNopknnKi8ehp/Sr0h5
g0zrIn4G+3vyPW5jXk8gO4/yf3mD3l8ERoanCqgAgA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:26:55 2025 by rpki-client